Security & Testing Claude 技能

API Fuzzer

Automates API fuzzing to identify security vulnerabilities, edge cases, and potential system crashes through specialized testing patterns.

Gemini Code Analyzer

Leverages Gemini's 1 million token context window to perform deep architectural analysis, pattern detection, and security audits across massive codebases.

AI Pilot: Code Elicitation & Self-Review

Empowers AI agents to self-review and correct code using 75 specialized techniques before final validation.

Network Mock Server

Creates a flexible API mocking layer to intercept, record, and modify network requests for deterministic frontend testing.

GPG Multi-Key Management

Manages complex GPG signing workflows across multiple identities, environments, and automation pipelines.

Leverage Point Audit

Audits codebases against the 12 leverage points framework to optimize them for autonomous agentic coding.

Test Suite Setup

Configures standardized test validation commands and feedback loops for any software project type.

Rails Error Prevention

Prevents common Ruby on Rails runtime errors and architectural pitfalls through proactive checklists and verification strategies.

Gemini Policy Engine Builder

Configures and manages secure tool execution policies for Gemini CLI using TOML-based rules and priority tiers.

Patch Design

Generates minimal, surgical patch plans to resolve specific bugs and blockers without scope creep.

Compliance Management Analyst

Facilitates end-to-end security compliance for GDPR, SOC 2, and ISO 27001 through automated checklists and audit preparation guidance.

Backend Bugfix & Testing

Resolves backend test failures and debugs Python, FastAPI, and SQLAlchemy errors using a structured TDD workflow.

Secrets Manager Integrator

Automates the setup and configuration of secrets management tools like HashiCorp Vault and AWS Secrets Manager for secure infrastructure.

IDOR Vulnerability Testing

Conducts comprehensive security audits to identify and remediate Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

SMTP Security Penetration Testing

Conducts thorough security assessments of SMTP servers to identify vulnerabilities like open relays, user enumeration, and weak authentication.

Smoke Test Runner

Executes automated smoke tests to verify critical application health and core functionality instantly.

Agent Evaluation

Evaluates and benchmarks LLM agents using statistical testing, behavioral contracts, and reliability metrics to ensure production readiness.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified code implementation.

E2E Test Loop for Playwright

Automates the creation and execution of end-to-end browser tests using Playwright and the page object pattern.

Test-Driven Development (TDD)

Enforces a rigorous Red-Green-Refactor cycle to ensure all production code is preceded by a failing test.

Chrome Extension Debugging Guide

Provides comprehensive strategies and code patterns for troubleshooting Chrome Extension service workers, content scripts, and communication layers.

Chrome Extension Security Expert

Implements robust security patterns and Manifest V3 best practices for Chrome extension development.

OAPS Hook Rule Writing

Streamlines the creation, debugging, and management of automated guardrails and workflows for the OAPS planning system.

Plugin Verification

Validates Claude extensions and plugins to ensure structural integrity, schema compliance, and CI/CD readiness.

Web3 Smart Contract Testing

Automates and optimizes smart contract testing using Hardhat and Foundry to ensure security, reliability, and gas efficiency.

TDD Methodology

Enforces a strict Red-Green-Refactor cycle to ensure code quality through test-driven development within Claude Code.

Web Application Testing

Tests local web applications using Playwright scripts with automated server lifecycle management and DOM inspection capabilities.

PopKit Security Assessment

Validates software security posture through automated secret scanning and OWASP-aligned vulnerability patterns.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers to streamline software testing workflows.

Sandbox Test Runner

Executes interactive sandbox tests for Claude Code skills and commands in isolated environments to validate functionality and prevent regressions.