Security & Testing Claude 技能

Python Anti-Pattern Review

Identifies and resolves common Python coding mistakes, architectural flaws, and performance bottlenecks using a comprehensive best-practices checklist.

Conductor Workflow Patterns

Implements a rigorous Test-Driven Development (TDD) workflow and phase-based verification protocol for systematic software development.

Protocol Reverse Engineering

Analyzes and documents network protocols through traffic capture, packet dissection, and binary structure identification.

Memory Forensics Mastery

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility 3 and advanced detection patterns.

Anti-Reversing Techniques

Analyzes and bypasses software protection mechanisms, including anti-debugging, obfuscation, and VM detection.

Binary Analysis & Reverse Engineering

Analyzes compiled binaries and assembly code to reconstruct program logic and identify implementation patterns.

Agent System Evaluation

Builds robust evaluation frameworks and multi-dimensional rubrics to systematically measure the performance and reliability of AI agent systems.

Web Application Testing

Automates local web application testing and browser interaction using Playwright scripts and server lifecycle management.

Secrets Management for CI/CD

Implements secure storage, rotation, and management of sensitive credentials across various CI/CD platforms and cloud providers.

JavaScript Testing Patterns

Implements comprehensive testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

GDPR Compliance & Data Handling

Implements GDPR-compliant data processing, granular consent management systems, and automated privacy controls within your applications.

Authentication Implementation Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, session management, and role-based access control.

mTLS Configuration & Management

Configures and manages mutual TLS (mTLS) for zero-trust service-to-service communication across cloud-native environments.

Solidity Smart Contract Security

Secures Ethereum smart contracts by implementing industry-standard protection patterns and identifying common vulnerabilities during the development process.

Temporal Python Testing

Streamlines the testing of Temporal workflows in Python using pytest, time-skipping, and determinism validation strategies.

WCAG Accessibility Audit & Compliance

Conducts comprehensive WCAG 2.2 accessibility audits and provides actionable remediation strategies for web content.

Screen Reader Testing

Validates web application accessibility by providing specialized guidance and command references for major screen readers like VoiceOver, NVDA, and JAWS.

STRIDE Threat Modeling Patterns

Implements the STRIDE methodology to systematically identify, categorize, and mitigate security threats in system architectures.

Threat Mitigation Mapping

Maps identified security threats to specific technical controls and mitigations to automate risk treatment and defense-in-depth planning.

SAST Security Configuration

Configures and automates Static Application Security Testing (SAST) tools to detect and remediate vulnerabilities in application code.

Kubernetes Security Policies

Implements production-grade Kubernetes security through NetworkPolicies, Pod Security Standards, and robust RBAC configurations.

Systematic Debugging Strategies

Applies systematic debugging techniques, profiling tools, and root cause analysis to resolve complex software issues across any technology stack.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, and advanced mocking techniques.

Security Requirement Extraction

Transforms threat analysis and business context into actionable security requirements, user stories, and test cases.

Memory Safety Patterns

Implements robust memory-safe programming patterns and resource management across Rust, C++, and C.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Web3 Smart Contract Testing

Tests smart contracts comprehensively using Hardhat and Foundry frameworks to ensure security, gas efficiency, and protocol reliability.

Data Quality Frameworks

Implements robust data validation using Great Expectations, dbt tests, and data contracts to ensure reliable data pipelines.

Attack Tree Construction

Visualizes and analyzes potential security threat paths through systematic attack tree modeling and risk assessment.

Error Handling Patterns

Implements resilient software patterns across multiple programming languages including exceptions, result types, and graceful degradation.