Security & Testing Claude 技能

Multi-System SSO Authentication

Implements secure enterprise Single Sign-On across multiple identity providers using JWT RS256 token validation, backward verification, and cross-system permission mapping.

Global Error Handling

Implements robust error management strategies including centralized handling, graceful degradation, and user-friendly messaging to ensure application stability and security.

Quality Gates

Automates code quality validation by detecting project stacks and executing standardized formatting, linting, type-checking, and testing workflows.

Async Testing Expert

Implements comprehensive async Python testing patterns using pytest for FastAPI applications and database interactions.

Condition-Based Test Waiting

Eliminates flaky tests and race conditions by replacing arbitrary timeouts with smart condition-based polling.

Global Truth Safety

Ensures technical accuracy and radical candor by delivering verified code, surfacing risks immediately, and making evidence-based assertions.

Test Plan Generator

Generates intelligent, non-redundant test plans by analyzing code changes to ensure comprehensive coverage without over-testing.

E2E Testing Patterns

Implements and optimizes end-to-end testing suites using Playwright and Cypress best practices to ensure application reliability.

Test Executor

Executes tests adaptively across any framework or language, analyzes failures, and generates detailed diagnostic reports to facilitate rapid iteration.

TDD Issues Workflow

Executes a systematic Test-Driven Development workflow to resolve software issues with strict coverage requirements and browser-based verification.

Core Development Standards

Enforces standardized development principles across security, testing, performance, and documentation to ensure high-quality software engineering.

Systematic Debugging Framework

Enforces a rigorous four-phase debugging methodology to identify root causes and ensure stable, verified code fixes.

Testing Anti-Patterns Guard

Prevents common software testing mistakes by enforcing strict TDD principles and identifying fragile mock implementations.

Defense-in-Depth Validation

Implements multi-layered data validation patterns to eliminate bugs by making them structurally impossible across entry points, business logic, and environment guards.

Input Validation Scanner

Scans source code for security vulnerabilities by identifying improper input sanitization and validation patterns.

Accessibility Markup Checker

Audits and remediates web accessibility issues by mapping W3C and markuplint reports from build outputs back to Astro source components.

Web Application Testing Toolkit

Automates and tests local web applications using Playwright with integrated server lifecycle management.

Systematic Debugging

Resolves complex software anomalies using a rigorous 7-step methodology inspired by medical differential diagnosis and evidence-based reasoning.

XSS Vulnerability Scanner

Scans source code to identify and remediate reflected, stored, and DOM-based Cross-Site Scripting (XSS) vulnerabilities.

SSL Certificate Manager

Manages and monitors SSL/TLS certificates to ensure secure connections and prevent service downtime from expirations.

Smart Source Reviewer

Analyzes code diffs to identify bugs, regressions, and design system inconsistencies in Astro and TypeScript projects.

Universal Validator

Validates Claude Code skills and plugins using deterministic evidence bundles and strict schema enforcement.

Next.js Supabase Auth

Implements secure, production-ready authentication using Supabase and the Next.js App Router architecture.

Frontend Accessibility

Implements semantic HTML, keyboard navigation, and ARIA standards to ensure web applications are inclusive and WCAG-compliant.

Full-Stack Test Maintenance

Synchronizes test suites with source code changes across .NET and React Native projects to prevent regressions and broken builds.

Smoke Test Runner

Executes automated smoke test suites to verify critical application health and core functionality instantly.

Load Test Runner

Generates and executes automated load tests and performance benchmarks using industry-standard tools like k6 and JMeter.

.NET Backend Testing

Implements standardized testing patterns for .NET backend services using xUnit, Moq, and FluentAssertions.

Test Report Generator

Generates comprehensive test reports and coverage analysis across multiple frameworks to provide insights into software quality and testing trends.

Verification Before Completion

Enforces rigorous evidence-based reporting and mandatory verification commands before any task is marked as complete.