Security & Testing Claude 技能

Self-Review Protocol

Ensures code quality and compliance through a standardized two-pass verification and quality assurance process.

KlingAI Compliance Review

Conducts comprehensive security audits and regulatory compliance reviews for Kling AI video generation integrations.

Quality Gates Manager

Enforces Definition of Done criteria by validating required checks and recording outcomes before task completion.

Security Review & Vulnerability Audit

Performs comprehensive security audits and vulnerability checks based on OWASP standards and industry best practices.

Hookify Rule Writing

Configures custom guardrails and automated notifications for Claude Code by defining event-driven patterns.

Verification Loop

Executes a rigorous six-stage verification workflow to ensure code quality, security, and type safety within the Claude Code environment.

Privacy Review & Secret Scanner

Audits git repositories for sensitive data exposure to prevent accidental leaks of API keys, passwords, and credentials.

Bitwarden for Claude Code

Manages secure passwords, secrets, and vault items directly through Claude Code using the Bitwarden CLI.

Network 101: Service Lab Configuration

Configures and tests core network services like HTTP, HTTPS, SNMP, and SMB for penetration testing labs and security research.

Command Guard

Enforces security policies and prevents destructive command execution by validating actions against local configuration files.

Testing Validator

Validates the functional integrity of Claude Code skills through automated example execution and systematic testing operations.

Python Testing Strategy

Standardizes Python testing workflows using pytest with structured file naming, coverage goals, and API-first testing patterns.

Code Review Excellence

Enhances the code review process with systematic checklists, constructive feedback patterns, and language-specific best practices to improve code quality.

Agent Performance Evaluation

Builds robust evaluation frameworks and multi-dimensional rubrics to measure AI agent quality, accuracy, and efficiency.

Autonomous Error Recoverer

Automates the detection, classification, and resolution of errors encountered during AI-driven development sessions.

API Fuzzing & Bug Bounty Security

Performs comprehensive API security assessments using advanced fuzzing, IDOR exploitation, and GraphQL vulnerability discovery techniques.

.NET Test Triage

Streamlines .NET test failure analysis by capturing errors and generating focused rerun filters.

Broken Authentication Security Testing

Identifies and exploits authentication and session management vulnerabilities in web applications to prevent unauthorized access and account takeovers.

IDOR Vulnerability Testing Skill

Provides a systematic framework for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Wireshark Traffic Analysis

Performs comprehensive network packet capture, filtering, and protocol analysis for troubleshooting and security investigations.

Jomonsho Release Preflight

Automates and standardizes the release verification process for Jomonsho projects through tiered linting, type-checking, and multi-level testing.

Rigorous Task Verification

Enforces an empirical evidence-first workflow by requiring command execution and output validation before any task is claimed as complete.

RSpec Matchers

Provides expert guidance on Ruby testing assertions, expectations, and the creation of custom RSpec matchers.

OWASP Security Review

Conducts comprehensive code security audits and provides remediation guidance based on the OWASP Cheat Sheet Series.

Security Scanning Tools

Provides expert guidance and command-line patterns for network discovery, vulnerability assessment, and security auditing across diverse environments.

Pentest Commands Reference

Provides a comprehensive command reference for penetration testing tools including network scanning, exploitation, and vulnerability assessment.

SSH Penetration Testing

Conducts comprehensive security assessments of SSH services including enumeration, credential attacks, and vulnerability exploitation.

Browser E2E Tester

Verifies feature implementation through automated browser-based end-to-end testing and acceptance criteria validation.

SQL Injection Security Testing

Conducts comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws in web applications.

Privilege Escalation Methods

Provides specialized techniques and command patterns for escalating system privileges from low-level access to root or administrator status.