Security & Testing Claude 技能

Secure Coding & Security Auditing

Enforces rigorous secure coding practices and automates vulnerability checks using CodeGuard integration to protect applications against OWASP Top 10 threats.

Prompt Library

Provides a comprehensive collection of over 18 optimized prompt templates and executable agents for specialized cognitive tasks.

Production Code Audit & Hardening

Transforms entire codebases into production-grade, enterprise-level systems through autonomous deep-scanning and systematic optimization.

Visual Regression Cinema

Automates the creation of visual filmstrips and pixel-diff comparisons from browser interaction videos to detect UI regressions.

Anti-Reversing & JS Deobfuscation Master

Provides a comprehensive framework for identifying, deobfuscating, and analyzing protected JavaScript code and malware samples.

Systematic Debugging Framework

Implements a disciplined, four-phase debugging methodology to identify root causes and ensure robust, verified technical fixes.

Security Vulnerability Scanner

Identifies and reports security vulnerabilities in code, dependencies, and configurations using automated CVE detection and static analysis.

Visual & Structural A/B Compare

Performs automated visual and structural comparisons between web pages using pixel diffing and accessibility tree analysis.

Container Security Scanner

Scans containerized environments and Kubernetes clusters for vulnerabilities to ensure security compliance and automated threat detection.

GDPR Compliance Scanner

Scans applications and data systems to identify potential GDPR compliance violations and provide actionable remediation guidance.

Data Encryption Tool

Protects sensitive information by providing seamless data encryption and decryption capabilities using industry-standard algorithms.

Automation Workflow Validator

Validates and audits automation workflow JSON files for Power Automate, n8n, Make, and Zapier to ensure deployment readiness.

API Fuzzer

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, input validation flaws, and edge-case failures.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified code implementation.

Pentest Command Reference

Provides a comprehensive library of penetration testing commands and workflows for security professionals using industry-standard tools.

Agent Evaluation

Evaluates and benchmarks LLM agents using statistical testing, behavioral contracts, and reliability metrics to ensure production readiness.

IDOR Vulnerability Testing

Conducts comprehensive security audits to identify and remediate Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Access Control Auditor

Identifies security vulnerabilities and misconfigurations in IAM policies, ACLs, and permission systems to ensure robust access management.

SOC 2 Audit Helper

Streamlines SOC 2 audit preparation by automating evidence gathering, Trust Service Criteria assessments, and compliance gap analysis.

Pentest Command Reference

Provides a comprehensive library of essential penetration testing commands for network scanning, exploitation, and vulnerability assessments.

SMTP Security Penetration Testing

Conducts thorough security assessments of SMTP servers to identify vulnerabilities like open relays, user enumeration, and weak authentication.

Real-World Verification Plans

Automates the creation and execution of real-world verification plans to ensure code works in production-like environments without mocks.

Quality Gate Compliance

Enforces a rigorous 8-point quality assurance checklist for every AI-generated code change to ensure architectural consistency and security.

Verification Guardrail

Enforces a strict, evidence-based verification protocol to ensure all code changes, builds, and tests pass before marking tasks as complete.

Form Debugger & Auditor

Audits web forms for accessibility, validation, security, and autocomplete compatibility using Playwright automation.

Load Test Runner

Generates and executes comprehensive load testing scripts to validate application performance and identify architectural bottlenecks.

Dependency Checker

Scans project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple programming languages.

Unit Test Generator

Generates comprehensive unit tests across multiple languages and frameworks to ensure code reliability and coverage.

Go Testing Expert

Generates and guides Go testing strategies using a pyramid approach with a focus on in-memory dependencies and 100% coverage for leaf types.

Compliance Report Generator

Automates the creation of security compliance reports and audit documentation for standards like PCI DSS, HIPAA, and SOC 2.