Security & Testing Claude 技能

Kubernetes Security Policies

Implements production-grade Kubernetes security using NetworkPolicies, RBAC, and Pod Security Standards.

CI/CD Secrets Management

Implements secure handling, storage, and rotation of sensitive credentials across major CI/CD platforms and cloud providers.

ShellCheck Script Quality

Configures and optimizes ShellCheck static analysis to ensure high-quality, portable, and error-free shell scripts.

Test-Driven Development (TDD) Workflow

Implements a robust Red-Green-Refactor cycle for building high-quality Rust and TypeScript applications.

Solidity Security Master

Implements industry-standard security patterns and audits Solidity smart contracts to prevent vulnerabilities and optimize gas usage.

Kubernetes Security Policies

Implement defense-in-depth Kubernetes security through network policies, RBAC configurations, and pod security standards.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve original triggers rather than symptoms.

PCI Compliance & Secure Payments

Implements PCI DSS requirements to secure payment card data and maintain industry-standard payment processing security.

Debugging Strategies

Provides systematic techniques and diagnostic tools to identify, isolate, and resolve complex software bugs across various technology stacks.

Clerk Organization Management

Implements multi-tenant SaaS features and role-based access control (RBAC) using Clerk.

Vercel AI SDK Testing Patterns

Provides robust testing templates and mock provider implementations for Vercel AI SDK applications to ensure reliable AI integration.

Clerk Auth Components

Simplifies the integration and customization of Clerk authentication interfaces using pre-built templates and advanced theming patterns.

Clerk Session Management

Streamlines Clerk authentication workflows including JWT verification, custom claims configuration, and multi-session management.

Supabase Auth Configuration

Streamlines the setup and configuration of Supabase authentication providers, JWT settings, and secure PKCE authentication flows.

Clerk Middleware Protection

Implements secure route guards and authorization patterns using Clerk middleware for Next.js applications.

Codex-AI Advanced Code Intelligence

Automates deep code reviews, algorithm design, and architectural analysis using high-reasoning Codex models.

Error Handling Patterns

Implements robust error handling strategies across multiple programming languages to build resilient, fault-tolerant applications.

Web Application Testing

Automates the testing and debugging of local web applications using Playwright scripts and integrated server management.

Requirement-Aware Test Coverage Reporter

Generates comprehensive test coverage reports that map code execution to specific project requirements and identify critical testing gaps.

Code Principles Validator

Validates and enforces seven core engineering principles to ensure code quality, test coverage, and architectural integrity.

AISDLC Code Quality Principles

Validates code compliance against seven core engineering principles including TDD, modularity, and technical debt reduction.

Requirements Quality Validator

Validates software requirement documentation for clarity, testability, and traceability before moving to the design phase.

Kiro Spec Detector

Identifies modified Kiro specification files by comparing current branch changes against a base branch for optimized testing.

TDD Red Phase Actuator

Automates the initial stage of Test-Driven Development by generating failing test cases from requirements before implementation begins.

Solidity Security & Smart Contract Auditing

Implements industry-standard security patterns and audits smart contracts to prevent critical blockchain vulnerabilities.

Requirement Traceability & SDLC Mapping

Standardizes requirement tracking across the software development lifecycle using structured REQ-* key patterns and validation rules.

Automated Test Coverage Generator

Automatically generates comprehensive unit, edge, and boundary tests to resolve code coverage gaps and validate business requirements.

Code Health Auditor

Analyzes codebases to identify technical debt, test coverage gaps, and refactoring opportunities across multiple languages.

PICT Test Designer

Generates optimized pairwise test suites by analyzing requirements and code logic using the PICT methodology.