Security & Testing Claude 技能

TLA+ Formal Specification

Architects and verifies complex distributed systems and concurrent algorithms using the TLA+ formal specification language.

Inspequte Rule Recovery

Resumes and completes JVM static analysis rule implementations that failed initial CI validation.

Security Auditor

Conducts comprehensive security audits, vulnerability assessments, and DevSecOps integrations to ensure robust application and infrastructure compliance.

AI-DLC Quality Backpressure

Enforces automated quality gates using Stop hooks to ensure AI-generated code passes tests, linting, and type checks before proceeding.

TDD Red Phase Workflow

Generates comprehensive failing tests to define expected behavior and edge cases during the TDD red phase.

Property-Based Testing for Claude Code

Implements robust property-based testing patterns to verify code invariants and detect edge cases across multiple languages.

IDAPython Scripting & Reverse Engineering

Automates IDA Pro reverse engineering tasks using modern Python APIs for disassembly, decompilation, and binary analysis.

GitLab Stack Secrets Manager

Manages secure Docker secrets for GitLab stack projects by enforcing proper storage, permissions, and migration from environment variables.

Electron E2E Testing & Automation

Automates and debugs Electron desktop applications using Chrome DevTools Protocol for comprehensive end-to-end testing of both renderer and main processes.

Quality Engineering Strategy

Implement comprehensive quality engineering practices across the software lifecycle, from automated testing to production observability.

Paranoid Security Auditor

Conducts rigorous, grounded security and quality audits of codebases, architectures, and deployments with built-in PII and injection guardrails.

Ansible Testing & Linting

Automates Ansible playbook validation through comprehensive linting, syntax checking, and idempotency testing strategies.

Descope Authentication

Integrates secure, passwordless authentication and user management into web applications using Descope SDKs and Flows.

Secure Flow

Integrates secure-by-default coding practices, threat modeling, and vulnerability remediation into the software development lifecycle.

Technical Debt Patterns for Rails

Identifies, categorizes, and prioritizes technical debt in Ruby on Rails applications using enterprise-grade metrics and detection patterns.

Secret Detection & Credential Scanning

Protects repositories by automatically detecting leaked secrets, API keys, and credentials using Gitleaks integration.

Web Application Testing

Automates local web application testing and UI verification using Playwright to ensure frontend quality and functionality.

Systematic Debugging Strategies

Master systematic debugging techniques and root cause analysis to efficiently track down bugs across any technology stack.

Secure Auth Implementation Patterns

Implements robust authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and Role-Based Access Control.

Skillpack Maintenance

Maintains and enhances existing skill packs through systematic domain analysis, structural reviews, and behavioral gauntlet testing using subagents.

Skill Review

Conducts comprehensive 9-phase audits of Claude skills to ensure documentation accuracy, code consistency, and compliance with the latest API standards.

Design by Contract

Automates the planning, implementation, and verification of formal software contracts across multiple programming languages to ensure runtime correctness.

Hardened Rust Development

Implements a validation-first development workflow for Rust projects requiring formal verification, safety proofs, and rigorous concurrency testing.

Web Application Testing

Automates end-to-end testing and UI debugging for local web applications using Python and Playwright.

Security Scan

Performs deep, whole-codebase security audits using extensive context windows to detect vulnerabilities, logic flaws, and cross-module data flow issues.

Advanced Error Resolution

Diagnoses software errors through root cause analysis and automates verified bug fixes using Codex delegation.

Systematic Debugging

Enforces a rigorous, four-phase debugging framework to identify root causes and implement verified fixes without trial-and-error thrashing.

Debugging Strategies

Employs systematic methodologies and advanced profiling tools to identify, isolate, and resolve complex software bugs across multiple tech stacks.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and fixtures to ensure code reliability and high coverage.

Hook Development for Claude Code

Automates and secures Claude Code workflows using event-driven hooks for tool validation and session management.