Security & Testing Claude 技能

Kubernetes Security Policies

Implements production-grade Kubernetes security through NetworkPolicies, Pod Security Standards, and robust RBAC configurations.

Screen Reader Testing

Validates web application accessibility by providing specialized guidance and command references for major screen readers like VoiceOver, NVDA, and JAWS.

SAST Security Configuration

Configures and automates Static Application Security Testing (SAST) tools to detect and remediate vulnerabilities in application code.

GDPR Compliance & Data Handling

Implements GDPR-compliant data processing, granular consent management systems, and automated privacy controls within your applications.

JavaScript Testing Patterns

Implements comprehensive testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

Memory Safety Patterns

Implements robust memory-safe programming patterns and resource management across Rust, C++, and C.

Data Quality Frameworks

Implements robust data validation using Great Expectations, dbt tests, and data contracts to ensure reliable data pipelines.

Attack Tree Construction

Visualizes and analyzes potential security threat paths through systematic attack tree modeling and risk assessment.

STRIDE Threat Modeling Patterns

Implements the STRIDE methodology to systematically identify, categorize, and mitigate security threats in system architectures.

Web3 Smart Contract Testing

Tests smart contracts comprehensively using Hardhat and Foundry frameworks to ensure security, gas efficiency, and protocol reliability.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, and advanced mocking techniques.

WCAG Accessibility Audit & Compliance

Conducts comprehensive WCAG 2.2 accessibility audits and provides actionable remediation strategies for web content.

Secrets Management for CI/CD

Implements secure storage, rotation, and management of sensitive credentials across various CI/CD platforms and cloud providers.

Temporal Python Testing

Streamlines the testing of Temporal workflows in Python using pytest, time-skipping, and determinism validation strategies.

Systematic Debugging Strategies

Applies systematic debugging techniques, profiling tools, and root cause analysis to resolve complex software issues across any technology stack.

mTLS Configuration & Management

Configures and manages mutual TLS (mTLS) for zero-trust service-to-service communication across cloud-native environments.

Attack Tree Construction

Visualizes and analyzes complex threat paths using systematic attack tree modeling to identify security vulnerabilities and prioritize defensive measures.

JavaScript Testing Patterns

Implements comprehensive testing strategies using Jest, Vitest, and Testing Library for robust JavaScript and TypeScript application development.

Threat Mitigation Mapping

Maps identified security threats to specific controls and mitigations to facilitate effective risk treatment and security architecture planning.

STRIDE Threat Modeling Analysis

Identifies system vulnerabilities and security threats using the STRIDE methodology to strengthen architectural design and documentation.

Temporal Python Testing

Implements robust testing strategies for Temporal workflows using pytest, time-skipping, and activity mocking to ensure reliability and determinism.

Screen Reader Testing

Validates web application accessibility by providing comprehensive testing protocols and commands for major screen readers like VoiceOver, NVDA, and JAWS.

mTLS Configuration

Implements and manages mutual TLS for secure, zero-trust service-to-service communication within cloud-native environments.

ShellCheck Configuration

Optimizes shell script quality and portability using comprehensive static analysis and configuration patterns.

Code Review Excellence

Enhances the code review process through structured feedback frameworks, systematic analysis phases, and language-specific security and performance checklists.

Solidity Security

Implements secure smart contract development patterns and identifies critical vulnerabilities in Solidity code to ensure robust blockchain applications.

Memory Safety Patterns

Implements cross-language memory management techniques like RAII and ownership to prevent leaks, data races, and memory bugs in systems programming.

Data Quality Frameworks

Implements production-grade data validation using Great Expectations, dbt tests, and data contracts to ensure reliable and trustworthy data pipelines.

GDPR Data Handling

Implements GDPR-compliant data processing workflows, including consent management, data subject rights, and privacy-by-design architectures.

Error Handling Patterns

Implements resilient software patterns across multiple programming languages including exceptions, result types, and graceful degradation.