Security & Testing Claude 技能

Vulnerability Scanner & Security Auditor

Identifies and reports security vulnerabilities, CVEs, and insecure configurations across codebases and dependencies.

Realistic Test Data Generator

Generates realistic, schema-compliant synthetic data sets for software testing, database seeding, and performance analysis.

Test Double Generator

Generates mocks, stubs, and spies for unit testing by automatically analyzing code dependencies and framework requirements.

Test Data Generator

Generates realistic, schema-compliant test data including user profiles, product catalogs, and transactional records for software testing and development.

Automated Test Doubles Generator

Generates mocks, stubs, spies, and fakes automatically to streamline unit testing and dependency isolation across various testing frameworks.

Test Environment Manager

Automates the setup and management of isolated, reproducible test environments using Docker Compose and Testcontainers.

Bats Shell Testing Patterns

Implements comprehensive unit testing for shell scripts using the Bash Automated Testing System (Bats) framework.

XSS Vulnerability Scanner

Scans web applications for reflected, stored, and DOM-based Cross-Site Scripting (XSS) vulnerabilities to ensure robust frontend security.

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection in application code.

Smoke Test Runner

Executes automated verification suites to ensure application health and core functionality after deployments or configuration changes.

Session Security Auditor

Identifies session management vulnerabilities and security flaws within your codebase to ensure robust user authentication and protection.

SOC2 Compliance & Audit Helper

Simplifies SOC2 audit preparation by automating evidence collection, identifying compliance gaps, and generating readiness reports.

SOC2 Audit Helper

Streamlines SOC2 compliance by automating evidence gathering, identifying security control gaps, and generating readiness reports.

Secret Scanner & Credential Guard

Scans codebases for exposed API keys, passwords, and sensitive credentials using pattern matching and entropy analysis to prevent security breaches.

Better Auth Integration

Implements comprehensive, framework-agnostic authentication and authorization workflows for TypeScript applications using Better Auth.

Security Vulnerability & Penetration Tester

Automates comprehensive security vulnerability testing and penetration scans to identify OWASP Top 10 flaws and injection risks.

Session Security Checker

Audits and analyzes codebase session management to identify vulnerabilities like session fixation and improper expiration policies.

ATDD Assistant

Guides teams through the Acceptance Test-Driven Development workflow by defining testable criteria and streamlining specification workshops.

Security Misconfiguration Finder

Identifies and remediates security vulnerabilities in infrastructure-as-code, application configurations, and system settings.

Security Incident Responder

Provides structured guidance and specialized playbooks for managing, investigating, and remediating cybersecurity breaches and attacks.

Security Misconfiguration Auditor

Identifies and remediates potential security vulnerabilities in infrastructure-as-code, application configurations, and system settings.

XSS Vulnerability Scanner

Scans and identifies Reflected, Stored, and DOM-based XSS vulnerabilities within web applications and codebases.

Secrets Manager Integrator

Automates the secure integration and configuration of secrets management tools like HashiCorp Vault and AWS Secrets Manager into your infrastructure.

Automated Security Vulnerability Scanner

Automates security vulnerability testing for applications and APIs to identify OWASP Top 10 risks and critical software flaws.

PCI DSS Compliance Validator

Automates the assessment of codebases and cloud infrastructure to ensure compliance with Payment Card Industry Data Security Standards.

Web Penetration Testing Adapter

Automates comprehensive security audits for web applications and APIs to identify OWASP Top 10 vulnerabilities and suggest remediation steps.

Automated Penetration Testing

Automates web application security audits to identify OWASP Top 10 vulnerabilities and generate comprehensive penetration testing reports.

Overnight Development & TDD Automation

Automates autonomous software development sessions by enforcing test-driven development through integrated Git hooks.

PCI DSS Compliance Validator

Evaluates codebases and infrastructure configurations to identify security vulnerabilities and ensure compliance with Payment Card Industry (PCI DSS) standards.

Overnight Development Automation

Automates software development cycles using Git hooks to enforce test-driven development (TDD) and ensure code quality autonomously.