Security & Testing Claude 技能

SOC2 Audit & Compliance Helper

Automates evidence gathering and gap analysis to streamline SOC2 audit preparation and security compliance workflows.

Web Application Testing

Automates local web application testing and UI verification using Playwright for robust frontend debugging and end-to-end testing.

Senior QA Engineering Toolkit

Implements comprehensive quality assurance strategies, automated test suites, and coverage analysis for modern web applications.

Testing Anti-Patterns & Best Practices

Eliminates brittle test suites and improves code quality by identifying and correcting common mocking and TDD anti-patterns.

Systematic Debugging

Eliminates trial-and-error debugging by enforcing a rigorous, root-cause-first methodology for all technical issues.

Silent Failure Reviewer

Audits frontend codebases to detect and remediate swallowed exceptions and silent error handling patterns.

E2E Group Chat Testing

Provides a comprehensive Playwright test suite for validating group chat features, including messages, threads, reactions, and mentions.

Reviewing Silent Failures

Identifies and mitigates silent failures, swallowed errors, and unhandled exceptions in frontend codebases.

SQL Injection Security Detector

Scans application source code to identify, analyze, and remediate SQL injection vulnerabilities in database queries.

Data Privacy Scanner

Scans codebases and configuration files to identify PII leaks, compliance risks, and potential data privacy vulnerabilities.

API Fuzz Tester

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, input validation failures, and unexpected behaviors.

Security Code Review Agent

Conducts comprehensive security audits and vulnerability assessments to identify risks like SQL injection, XSS, and insecure dependencies.

CSRF Protection Validator

Validates web application endpoints for Cross-Site Request Forgery (CSRF) vulnerabilities and security gaps.

E2E Livestream Testing

Implements a comprehensive Playwright test suite for livestreaming workflows, including stream creation, playback, and chat, using API mocking to eliminate infrastructure dependencies.

Skill Composition & Integration Tester

Automates the integration testing and validation of the entire skill catalog through dependency-aware sandbox composition.

Video Room E2E Testing

Generates a comprehensive Playwright test suite for video conferencing features, covering API routes, prejoin UI, and in-room controls.

Web Application Testing

Automates local web application testing and browser interaction using Playwright and lifecycle management scripts.

Web Application Testing Toolkit

Facilitates end-to-end testing and browser automation for local web applications using Playwright and Python.

BDD Requirements Manager

Generates standardized BDD requirements in Gherkin format with deep domain integration and automated documentation.

Vue.js Testing Best Practices

Implement robust test suites for Vue.js applications using Vitest, Vue Test Utils, and Playwright with industry-standard patterns.

Overnight Development Automation

Automates autonomous software development cycles using Git hooks to strictly enforce test-driven development (TDD).

1Password Environment Sync

Securely synchronizes environment variables from 1Password vaults directly into local .env files.

Claude Plugin Security Scanner

Scans Claude Code plugins and skills for malicious code or deceptive instructions before installation or execution.

Binary Analysis & Reverse Engineering

Analyzes binary files and firmware to extract strings, identify file signatures, and explore raw data using industry-standard tools.

Plugin Security Scanner

Scans Claude Code plugins and skills to detect malicious code, deceptive instructions, and unauthorized credential access.

better-auth Authentication Setup

Configures a complete, secure authentication system using better-auth with social login, RBAC, and Drizzle ORM integration.

E2E Testing with Playwright

Streamlines the setup of comprehensive end-to-end testing suites for Next.js applications using Playwright and GitHub Actions.

Code Review Checklist

Automates structured code reviews by evaluating security, performance, correctness, and maintainability against industry best practices.

Cargo Nextest Rust Test Runner

Optimizes Rust testing workflows with high-performance parallel execution, advanced filtering, and resilient CI integration.

Advanced Pytest Testing

Implements sophisticated Python testing patterns including scoped fixtures, parallel execution, and async support for robust application suites.