Security & Testing Claude 技能

Semgrep Security & Static Analysis

Performs rapid security scanning and pattern-based vulnerability detection using Semgrep and Trail of Bits security rules.

Burp Suite Project Parser

Searches and extracts security data from Burp Suite project files using regex patterns and command-line tools.

CodeQL Security Analysis

Performs deep static analysis and interprocedural taint tracking to detect complex security vulnerabilities across multi-function code paths.

libFuzzer C/C++ Security Testing

Implements coverage-guided fuzzing for C/C++ projects using the LLVM-integrated libFuzzer toolchain.

SARIF Analysis & Parsing

Parse and process Static Analysis Results Interchange Format (SARIF) files to automate security audits and vulnerability management.

Spec-to-Code Compliance Checker

Verifies that blockchain codebases align perfectly with their whitepapers and technical specifications through rigorous semantic mapping.

Sharp Edges Security Analysis

Identifies security footguns and error-prone API designs to ensure software is secure by default.

Security Fix Review

Verifies that git commits correctly address security audit findings without introducing new bugs or regressions.

Session Security Auditor

Analyzes web application session management to identify and mitigate critical security vulnerabilities.

Vulnerability Scanner

Identifies security vulnerabilities in codebase, dependencies, and configurations to ensure robust application security.

Vercel Data Compliance & Privacy

Implements PII handling, data retention policies, and GDPR/CCPA compliance patterns for Vercel-based applications.

Python Unittest Creator

Generates production-ready Python unit tests and test configurations using industry-standard best practices.

XSS Vulnerability Scanner

Scans web application code to detect and remediate reflected, stored, and DOM-based cross-site scripting vulnerabilities.

Secret Scanner

Detects and remediates exposed secrets, API keys, and credentials within your codebase to prevent security breaches.

API Fuzzing & Security Testing

Automates API fuzz testing to proactively identify security vulnerabilities, edge cases, and unexpected system crashes.

Performance Test Suite

Executes comprehensive load, stress, and benchmark tests to evaluate system stability and resource efficiency.

CSRF Security Validator

Automates the identification and remediation of Cross-Site Request Forgery (CSRF) vulnerabilities across web applications and API endpoints.

Plugin Auditor

Audits AI assistant code plugins for security vulnerabilities, best practices, and standard compliance.

Code Injection Detector

Identifies and remediates code injection vulnerabilities using industry-standard security patterns and automated scanning.

Snapshot Test Manager

Automates the creation, validation, and management of UI component snapshots for robust regression testing.

SOC2 Compliance Checker

Automates the evaluation of system configurations and codebases against SOC2 security and compliance standards.

Infrastructure Compliance Checker

Analyzes cloud infrastructure configurations to ensure alignment with SOC2, HIPAA, and PCI-DSS industry standards.

Test Workflow Orchestrator

Orchestrates complex test execution graphs with parallel processing and intelligent test selection to optimize software quality cycles.

Mobile App Testing Automation

Automates the creation and execution of end-to-end mobile tests for iOS and Android using industry-standard frameworks.

Security Header Analyzer

Analyzes HTTP security headers to identify vulnerabilities and provide actionable recommendations for website hardening.

Performance Test Suite

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks and optimize performance.

Performance Test Suite

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks.

Regression Test Tracker

Tracks and executes regression tests to ensure code stability and prevent functional regressions during development.

Test Data Generator

Generates realistic, schema-aligned test data for software development, including user profiles, product catalogs, and transactional records.

Database Test Manager

Automates database testing workflows by generating realistic test data, managing transaction rollbacks, and validating schema integrity.