Security & Testing Claude 技能

Quality Gate Skill

Executes a comprehensive, non-destructive quality gate including linting, formatting, type safety, tests, and security checks for your codebase.

Security Requirement Extraction

Transforms threat models and business context into actionable security requirements, user stories, and test specifications.

Claude Configuration Reviewer

Reviews Claude configuration files for security vulnerabilities, structural integrity, and prompt engineering best practices.

Sample Skill

Walks through a sample workflow for creating and running unit tests.

Iterative Code Review With Codex

Guides an iterative code review process by collaborating with external AI models to resolve pull request comments.

Bats Shell Testing Patterns

Provides comprehensive patterns and best practices for writing automated unit tests for shell scripts using the Bats framework.

Web Application Testing

Tests local web applications using Playwright scripts with automated server lifecycle management and DOM inspection capabilities.

Skill Invocation Test

Verifies active skill invocation capabilities by triggering a specific response when a secret codeword is detected.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers to streamline software testing workflows.

Integration Test Runner

Automates the setup, execution, and cleanup of integration test suites including database orchestration and service management.

GCP Project Auditor

Conducts comprehensive security and compliance audits of Google Cloud Platform projects to identify misconfigurations and excessive permissions.

Validation Phase

Validates implementation quality through tiered build checks, automated acceptance criteria verification, and agent-driven code reviews.

Complete Skill Validation

Validates skill parsing capabilities by providing a fully populated template with diverse tool permissions.

Skill Isolation Tester

Validates Claude Code skills in isolated environments like Git worktrees, Docker containers, or VMs to ensure portability and catch environment-specific bugs before public release.

Double Check

Ensures task completion and production readiness through rigorous multi-angle verification and objective goal alignment.

Bible Widget Testing Assistant

Automates the validation and testing of embeddable Bible widgets, ensuring accurate scripture reference parsing and audio integration.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure reliable user journeys and zero regressions.

Next.js Better-Auth Integration

Integrates the better-auth framework into Next.js applications using pre-configured middleware, API routes, and UI components.

TDD Cycle Management

Guides the implementation of software features using a rigorous Red-Green-Refactor test-driven development workflow.

Nixtla Test Generator

Generates comprehensive pytest suites from functional requirements to automate test scaffolding for Nixtla-based plugins and pipelines.

Splunk Security & RBAC Management

Automates Splunk security operations including JWT token management, role-based access control verification, and ACL configuration.

Security Test Scanner

Automates comprehensive security vulnerability scans and penetration tests for applications and APIs using OWASP standards.

Form Validation

Implements robust, schema-first form validation using Zod while applying optimal UX timing patterns and user-centric error messaging.

STEEB Task Debugger

Diagnoses and resolves task management issues in the STEEB application, including state synchronization errors, UI inconsistencies, and Firestore integration failures.

Global Validation

Enforces robust input validation and sanitization standards to ensure data integrity and security across application logic and API endpoints.

Web App Testing Toolkit

Facilitates end-to-end testing and interaction with local web applications using Playwright and automated server management.

Test Orchestrator

Configures project-specific testing infrastructure, frameworks, and strategy documentation to establish a robust quality assurance foundation.

Test Data Generator

Generates realistic, schema-compliant test data to populate databases and simulate user behavior for comprehensive software testing.

Defense-in-Depth Validation

Implements multi-tiered data validation strategies to prevent deep execution failures and make software bugs structurally impossible.

The Oracle

Conducts multi-source research across codebases and the web to provide deep architectural analysis and complex debugging solutions.