Security & Testing Claude 技能

Automation Strategy

12

Plans and optimizes test automation efforts using ROI analysis, framework evaluation, and architectural best practices.

360° Codebase Quality Auditor

12

Performs comprehensive codebase quality audits across 12 categories and automates technical debt tracking via Linear integration.

Skill Testing with Subagents

12

Applies the Red-Green-Refactor cycle to process documentation by running baseline tests without a skill, identifying loopholes, and iteratively hardening instructions against agent rationalization.

Secure Coding

12

Implements modern secure development practices and mitigates vulnerabilities using OWASP Top 10 2025 and CWE Top 25 standards.

Skill Evaluator

12

Analyzes Claude skills across security, quality, utility, and compliance dimensions to provide detailed safety reports and improvement recommendations.

GameDay Planning

12

Facilitates the planning, execution, and analysis of GameDay exercises to strengthen system resilience and incident response readiness.

Gherkin BDD Authoring

12

Authors high-quality Gherkin acceptance criteria and BDD feature files for executable specifications.

Python License Finder

12

Identifies license information for Python packages by analyzing PyPI metadata and verifying source code repositories.

Mojo Memory Safety Checker

12

Validates Mojo code for memory safety violations, ownership issues, and pointer-related bugs to ensure high-performance reliability.

Mojo Code Quality & Linting

12

Runs comprehensive linting suites including Mojo formatting, Markdown validation, and pre-commit hooks to ensure high code quality standards.

Nette Testing

12

Streamlines the creation and execution of PHP unit tests using the Nette Tester framework and conventions.

Test Data Strategy

12

Plans and manages comprehensive test data strategies including synthetic generation, anonymization, and environment-specific provisioning.

Zero Trust Architecture

12

Architects and evaluates modern security systems using the "never trust, always verify" framework for identity-based protection.

Acceptance Criteria Authoring

12

Generates clear, testable acceptance criteria using Given-When-Then format and INVEST principles for Behavior-Driven Development (BDD).

Vulnerability Management

12

Manages the end-to-end security vulnerability lifecycle from discovery and risk-based prioritization to remediation and disclosure.

Contract Test Design

12

Architects consumer-driven contract testing strategies using Pact to ensure API stability and prevent breaking changes.

Authentication Patterns & Security

12

Implements industry-standard authentication flows including JWT, OAuth 2.0, and Passkeys while ensuring security best practices.

Agent JSON Validation & Security

12

Secures and validates agent success criteria through centralized JSON parsing and defensive injection prevention.

Secure Cryptography Guide

12

Implement and audit cryptographic operations using industry-standard algorithms, secure hashing, and key management patterns.

Design Spec Auditor

12

Verifies that code implementations align with technical design specifications to ensure architectural compliance and consistency.

Security Frameworks Compliance

12

Guides software development and infrastructure alignment with ISO 27001, SOC 2, NIST CSF 2.0, and CIS Controls.

Supply Chain Security Expert

12

Secures software development lifecycles by generating SBOMs, implementing SLSA frameworks, and scanning for dependency vulnerabilities.

Mock Data Generation

12

Generates realistic, domain-specific mock data and test fixtures using Faker.js and factory patterns.

Container Security

12

Secures containerized applications and Kubernetes clusters through automated hardening, scanning, and policy enforcement.

Syrupy Pytest Snapshot Testing

12

Simplifies snapshot testing in Python by asserting the immutability of complex data structures and managing snapshot files within pytest.

Data Classification & Compliance

12

Implements comprehensive data classification frameworks and lifecycle management policies to ensure regulatory compliance and data security.

Threat Modeling & Security Design

12

Conducts systematic security assessments using STRIDE and DREAD methodologies to identify and mitigate software vulnerabilities during design.

DevSecOps Practices

12

Integrates automated security scanning, vulnerability management, and shift-left principles directly into your software development lifecycle.

API Testing with Vitest

12

Writes and executes comprehensive API tests for Hono-based backend services using the Vitest framework.

.NET Architectural Fitness Functions

12

Enforces .NET architectural boundaries and layer constraints using NetArchTest and ArchUnitNET validation rules.