Security & Testing Claude 技能

Systematic Debugging Framework

Resolves complex technical issues using a rigorous four-phase methodology focused on root-cause identification rather than quick fixes.

Fail2Ban SWAG Manager

Manages Fail2Ban intrusion prevention within SWAG reverse proxy containers to secure homelab infrastructure and web services.

SDK Testing Setup

Configures automated contract testing, Arazzo workflows, and integration tests for Speakeasy-generated SDKs.

PopKit Validation Engine

Validates Claude Code plugin integrity and applies safe automatic fixes for structure, agents, and skill configurations.

PopKit Security Assessment

Automates security audits for Claude Code plugins using vulnerability patterns, secret scanning, and OWASP-aligned checklists.

PopKit Anthropic Compliance Assessment

Validates PopKit plugins against official Claude Code patterns and Anthropic engineering standards through automated script-based checks.

Scientific Python Testing

Implements robust testing for scientific Python packages using pytest best practices and community-standard guidelines.

CW-Validate Implementation Validator

Validates software implementations against structured specifications using six mandatory quality gates and automated proof verification.

Test-Driven Development (TDD) Mastery

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, bug-free production code through test-first development.

Security Architecture Navigator

Routes users to specialized security architecture skills including threat modeling, compliance mapping, and secure design patterns.

Pop Sandbox Manager

Provides secure, ephemeral E2B sandboxes for isolated code execution and multi-agent swarm orchestration within Claude Code.

Security Analyst

Performs expert-level security audits, vulnerability assessments, and compliance mapping using industry standards like OWASP and CVSS v3.1.

Test Skill

Verifies the functionality of the OpenCode Skills Plugin API through script execution, file reading, and skill discovery.

Inspequte Rule Verifier

Performs objective, isolated verification of static analysis rule changes against specifications to ensure compliance and stability.

Inspequte Rule Specification Generator

Generates and refines standardized static analysis rule specifications for the Inspequte JVM analysis tool.

Codex CLI Automation & Testing

Integrates the Codex CLI with Claude Code to automate testing, debugging, and complex code analysis using gpt-5-codex.

Invalid Name Test Fixture

Provides a malformed skill configuration to test naming convention validation and linting logic within Claude Code.

Valid Skill Test Fixture

Provides a standardized skill template used for validating and testing Claude Code plugin integrations.

System Architect

Evaluates architectural quality, catalogs technical debt, and generates risk-based improvement roadmaps for legacy and complex codebases.

Patch Engineer

Evaluates and improves security patches with senior-level expertise in vulnerability remediation, secure coding patterns, and regression prevention.

Security Custom Rules

Empowers developers to design, validate, and implement tailored security linting rules using Semgrep and Bandit syntax.

Neovim Config Auditor

Audits and optimizes Neovim configurations by detecting deprecated APIs, validating best practices, and performing health checks.

Local Service Integration Testing

Enforces integration testing against real local services like databases, caches, and queues to catch bugs that mocks miss.

Review Gate

Enforces strict compliance standards by blocking pull request creation until all code review requirements and security checks are satisfied.

Security Review Expert

Conducts mandatory OWASP-aligned security audits for sensitive code changes involving authentication, APIs, and databases.

Property Testing with fast-check

Implements property-based testing to validate complex business logic invariants across all possible input ranges.

Claude SDK Debugger

Diagnoses and resolves complex Claude Agent SDK errors, TypedDict contract mismatches, and MCP server serialization failures.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality code through mandatory failing tests before implementation.

ExUnit Test Framework

Streamlines Elixir testing by automating ExUnit test generation and execution with structured JSON reporting.

Verification Before Completion

Enforces rigorous evidence-based reporting by requiring fresh verification command output before any task is marked as finished.