Security & Testing Claude 技能

CORS Configuration Validator

Validates and secures Cloudflare Workers CORS configurations to ensure proper header handling and cross-origin security.

Burp Suite Security Testing

Conducts professional-grade web application security audits and penetration testing using the Burp Suite ecosystem.

Sniper Code Quality Check

Validates code quality and applies precision fixes using an isolated, 6-phase automated workflow.

Incident Response Playbook Creator

Generates comprehensive, NIST-aligned incident response playbooks for 11 critical security scenarios including ransomware, cloud breaches, and AI attacks.

Cynara Policy Validator

Validates Cynara privilege access control policies to ensure secure and compliant Tizen application environments.

Spec-to-Code Compliance

Verifies that blockchain protocol implementations strictly adhere to their technical specifications and whitepapers during security audits.

CodeQL Static Analysis

Performs deep semantic code analysis to detect security vulnerabilities, track data flow, and conduct comprehensive security audits.

LibFuzzer Security Testing

Automates the discovery of software vulnerabilities using coverage-guided fuzzing patterns and security best practices.

Sharp Edges Security Auditor

Identifies error-prone API designs and dangerous configuration patterns to prevent security vulnerabilities and misuse.

Tizen SMACK Label Orchestrator

Coordinates mandatory access control labels and process isolation for Tizen applications and kernel security.

Narya Formal Proofs

Mechanically verifies event-sourced systems by generating cryptographic proof certificates for consistency, determinism, and data integrity.

Requirement Clarification

Ensures implementation accuracy by prompting for clarification whenever task requirements are ambiguous or underspecified.

Constant Time Analysis

Identifies timing side-channel vulnerabilities and non-constant-time operations in cryptographic implementations across multiple programming languages.

Write Test Plan

Generates comprehensive, structured test plans to ensure software quality and prevent regressions across multiple testing domains.

Wycheproof Cryptographic Testing

Hardens cryptographic implementations by applying Google's Wycheproof test vectors to detect known vulnerabilities and edge-cases.

Security Checklist

Provides a comprehensive security review framework and detailed checklists for auditing web application features and architectural changes.

Ruzzy Rust Fuzzing

Automates Rust vulnerability discovery using the Ruzzy fuzzing framework to identify security flaws and crashes.

ERT Emacs Testing

Provides comprehensive guidance and implementation patterns for testing Emacs Lisp code using the built-in ERT framework.

Tizen Sandbox Escape Detector

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities to ensure robust process isolation.

Tizen Certification Coordinator

Orchestrates the Tizen certification lifecycle by coordinating TCT test execution, security policy auditing, and compliance documentation.

React Test Coverage Optimizer

Identifies test gaps and generates comprehensive unit, integration, and E2E tests to ensure high-quality React applications.

Substrate Vulnerability Scanner

Identifies seven critical security vulnerabilities in Substrate and Polkadot pallets during the development and auditing process.

Property-Based Testing

Implements advanced property-based testing strategies to ensure code correctness and security through comprehensive input exploration and invariant validation.

Smack Policy Auditor

Audits SMACK policy files for label conflicts, correctness, and mandatory access control compliance in Tizen environments.

Audit Context Builder

Performs granular, line-by-line code analysis to establish deep architectural context for security audits and bug hunting.

E2E Testing & Visual Debugging

Automates the Playwright end-to-end testing lifecycle with LLM-powered visual analysis and actionable fix recommendations.

React TDD Feature Scaffolder

Generates complete, production-ready React features using a strict Test-Driven Development workflow and feature-based architecture.

Constant-Time Testing

Verifies cryptographic implementations and sensitive code paths for timing side channels to prevent data leakage.

OSS-Fuzz Integration

Integrates Claude Code with OSS-Fuzz to automate continuous fuzzing and identify memory safety vulnerabilities in open-source projects.

Cosmos Vulnerability Scanner

Scans Cosmos SDK blockchains and CosmWasm contracts to detect consensus-critical vulnerabilities and security flaws.