Security & Testing Claude 技能

Docker Security Hardening

Secures Docker containers and images through hardening, vulnerability scanning, and CIS benchmark compliance.

Documentation Test Generator

Automatically extracts code examples from documentation and converts them into verified Vitest tests to ensure content accuracy.

Runtime Standards Compliance

Enforces and audits the 2026 Universal Agentic Runtime standards for Claude Code plugin components.

Code Quality & Standards Protocol

Enforces universal engineering standards for TDD, security, and code quality across debugging, implementation, and review workflows.

Auditing & Security

Scans code for sensitive secrets and performs comprehensive security audits to prevent vulnerabilities and data leaks.

End-to-End Testing Orchestrator

Orchestrates comprehensive end-to-end testing workflows by coordinating browser automation with real-time server verification.

Python Type Safety Validator

Automatically validates Python type safety by running Pyrefly or Mypy whenever files are modified.

API Security Patterns

Implements robust API security architectures using OWASP-aligned patterns for authentication, authorization, and data protection.

Global Security Standards

Enforces global security coding standards and best practices to ensure repository-wide code integrity and protection.

Code Quality & Linting

Ensures code integrity and standard compliance by automating linting, type-checking, and static analysis across development workflows.

Cross-Platform Gleam Debugger

Diagnoses and resolves behavioral inconsistencies between Erlang and JavaScript targets in cross-platform Gleam projects.

Web Application Testing Toolkit

Automates local web application testing and browser interaction using Playwright and integrated server management utilities.

Skill Description Evaluator

Automates multi-model skill description analysis using structured, sequential thinking to generate ratings and recommendations.

Security Review & Best Practices

Audits code for vulnerabilities and enforces industry-standard security patterns for authentication, data handling, and API development.

Verification Loop

Automates a multi-phase verification process to ensure code quality through builds, type checking, testing, and security scans.

Cross-AI Code Verifier

Verifies code quality and logic by cross-referencing implementation details across multiple AI models including GPT and Gemini.

Configuration Audit

Performs automated daily configuration audits and provides actionable improvement suggestions for your project environment.

Security Review & Audit

Performs comprehensive security audits and provides implementation patterns to protect applications against common vulnerabilities and data exposure.

Eval Harness

Verifies code integrity and quality through automated testing, linting, and build validation.

JavaScript Unit Test Implementation

Automates the creation, configuration, and coverage analysis of Jest unit tests for JavaScript applications.

Plan Marshall Quality Verification

Automates comprehensive quality checks, build verification, and error remediation loops within the Plan Marshall workflow.

Better Auth Implementation

Implements secure, framework-agnostic authentication and authorization systems using the Better Auth TypeScript framework.

JS Test Maintainer

Orchestrates systematic JavaScript test quality improvements and coverage enhancements while strictly maintaining production code integrity.

Java Code Analysis Suite

Orchestrates parallel analysis agents to assess Java code quality, test coverage, and standards compliance in a single command.

NRPG Platform Workflow Guardrails

Enforces repository-specific security conventions and multi-tenant privacy standards for the NRPG platform.

The Grimes Grind: Hardened Code Review

Systematically identifies and destroys flaws in code, architecture, and plans through a disciplined falsification process.

Workflow Verifier

Validates AI-driven coding workflows using a hybrid system of automated scripts and LLM-as-judge assessments to ensure reliability.

JS Test Coverage Generator

Generates and analyzes JavaScript test coverage reports to identify untested code paths and improve application reliability.

Naive-Then-Optimize Coding Strategy

Implements a robust workflow that prioritizes algorithmic correctness through naive implementations before applying performance optimizations.

Test-First Development

Implements Test-Driven Development patterns to enable LLM self-correction and autonomous iteration through feedback loops.