Security & Testing Claude 技能

Condition-Based Waiting

Replaces arbitrary test timeouts with intelligent condition polling to eliminate flaky test behavior and race conditions.

Testing & Test Writing

Develops strategic, behavior-focused unit and end-to-end tests using Vitest and Playwright to ensure robust application functionality and reliability.

Enterprise Clerk Auth Platform

Implements enterprise-grade authentication and user management using Clerk, featuring AI-driven architecture and multi-platform support.

Python Testing Expert

Automates the creation of high-quality Python test suites using the pytest ecosystem, async patterns, and advanced mocking.

Testing Anti-Pattern Guard

Prevents common testing mistakes like mocking internal behavior and polluting production code with test-only methods.

Python Testing

Implements robust Python testing suites using pytest, focusing on isolated test design, mocking external dependencies, and asynchronous execution patterns.

Frontend Quality Assurance

Automates comprehensive UI testing and bug discovery using browser automation to ensure high-quality frontend deployments.

Debugging Assistant

Diagnoses and resolves software bugs by analyzing stack traces, identifying root causes, and implementing production-ready fixes.

Frontend Accessibility

Implements inclusive user interfaces using semantic HTML, WCAG-compliant color contrast, and robust keyboard navigation.

Security Pro Pack

Conducts professional security audits, vulnerability scans, and compliance checks across codebases and infrastructure configurations.

Global Coding Style

Enforces consistent formatting, naming conventions, and type safety across PHP and TypeScript environments while automating code quality standards.

Global Validation

Implements comprehensive, multi-layered input validation and sanitization to ensure data integrity and prevent security vulnerabilities across all application entry points.

Testing Basics

Implements industry-standard testing patterns and best practices to ensure code reliability and quality across any development framework.

Report Bug

Generates and submits professionally formatted GitHub Issues directly from the development environment, complete with reproduction steps, technical analysis, and recommended E2E tests.

Code Quality Gate

Enforces Python code quality standards by automating linting, formatting, and static type checking before commits or pull requests.

Web Application Testing

Automates end-to-end testing and UI debugging for local web applications using Playwright and server lifecycle management.

LangGraph SITNOVA Security Automation

Implements stateful AI operator flows for automated security gate systems using the LangGraph framework and real-time OCR integrations.

QA Plan Generator

Transforms automated QA findings and screenshots into actionable developer tasks with clear acceptance criteria.

Probitas E2E Test Writer

Automates the creation and editing of end-to-end (E2E) testing scenarios for the Probitas ecosystem using a specialized AI agent.

Story-Driven Acceptance Testing

Guides Product Owners through manual verification steps to validate features before they are merged into production.

AI Code Reviewer

Performs systematic code audits to identify security vulnerabilities, logic bugs, and maintainability issues with actionable feedback.

Web App Testing & Playwright Automation

Automates local web application testing and frontend verification using Playwright and managed server lifecycles.

TDD Discipline

Enforces a strict Red-Green-Refactor cycle by requiring a failing test before any production code is implemented.

Chaos Engineering Toolkit

Designs and executes controlled failure experiments to validate system resilience and recovery mechanisms.

Test Fixing & Debugging

Systematically identifies and resolves failing tests using smart error grouping and prioritized fixing strategies.

Defense-in-Depth Validation

Implements multi-layered data validation strategies across execution paths to make bugs structurally impossible.

TDD Workflow

Implements a rigorous Red-Green-Refactor cycle to ensure high-quality, verified code across the software development lifecycle.

Deep System Analysis

Conducts systematic investigations into codebases to identify root causes, architectural patterns, and performance bottlenecks.

Authentication & Identity Management

Implements secure authentication and authorization systems including JWT, OAuth2, OIDC, and role-based access control.

Web3 Smart Contract Testing

Provides comprehensive frameworks and patterns for testing Solidity smart contracts using Hardhat and Foundry.