Security & Testing Claude 技能

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

Test Specialist

Implements comprehensive testing strategies and systematic bug analysis for JavaScript and TypeScript applications.

Security Requirement Extractor

Transforms threat models and business logic into actionable security requirements, user stories, and test specifications.

Bats Testing Patterns

Implements robust unit testing for shell scripts using the Bash Automated Testing System (Bats) framework.

Threat Mitigation Mapping

Maps identified security threats to specific controls and mitigations to strengthen system defenses and prioritize remediation.

SaaS Testing Toolkit

Automates the writing, execution, and analysis of unit, integration, and end-to-end tests for modern SaaS applications.

Security Scan & Audit

Executes comprehensive security audits and secret detection to identify vulnerabilities before production deployments.

Next.js Supabase Auth

Implements secure, production-ready Supabase authentication flows for Next.js App Router using the @supabase/ssr package.

Playwright Page Object Model (POM) Guide

Implements maintainable and reusable Playwright E2E tests using the Page Object Model pattern.

Temporal Python Testing

Streamlines the testing of Temporal workflows and activities in Python using pytest, time-skipping, and determinism validation.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is validated by failing tests before implementation.

QA Expert

Establishes professional software quality assurance processes using Google Testing Standards and OWASP security best practices.

Rigorous Verification Guard

Enforces evidence-based reporting by requiring fresh verification evidence before any claims of task completion or success.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure code reliability by requiring failing tests before any implementation code is written.

Test-Driven Development (TDD)

Implements a rigorous Red-Green-Refactor workflow to build robust features and fix bugs through behavior-driven testing.

Memory Forensics Mastery

Provides comprehensive guidance for acquiring, analyzing, and extracting forensic artifacts from volatile system memory across multiple operating systems.

TDD Workflow Manager

Implements a rigorous red-green-refactor loop focused on behavioral testing and vertical slicing for robust software development.

PICT Test Designer

Generates optimized pairwise test cases using the PICT methodology to ensure maximum coverage with minimal test scenarios.

Web App Testing Toolkit

Facilitates end-to-end testing and UI debugging of local web applications using Playwright and automated server management.

STRIDE Security Threat Analysis

Systematically identifies security threats using the STRIDE methodology to enhance application resilience and compliance.

Web3 Smart Contract Testing

Automates and optimizes smart contract testing using Hardhat and Foundry to ensure secure, gas-efficient blockchain deployments.

MCP OAuth Integration

Secures Model Context Protocol (MCP) servers with production-ready OAuth 2.1 authorization using Scalekit.

Modular SSO & Enterprise Auth

Integrates complete enterprise SSO and authentication flows using Scalekit to handle SAML, OIDC, and modular user session management.

TDD Workflow

Enforces rigorous test-driven development practices with comprehensive coverage requirements across unit, integration, and E2E tests.

Scalekit Full-Stack Auth

Implements secure, multi-language authentication flows using Scalekit for robust user management and session handling.

Automated Code Review & Verification

Performs systematic code reviews by combining automated verification, task completion checks, and quality audits to ensure production-readiness.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and test-driven development best practices.

GDPR Compliance & Data Privacy

Implements GDPR-compliant data handling including consent management, data subject rights, and privacy-by-design patterns.

Kubernetes Security Policies

Secures Kubernetes clusters by implementing network isolation, RBAC, and pod security standards.

PCI Compliance & Secure Payments

Implements PCI DSS security standards and best practices for secure payment card data handling and processing.