Security & Testing Claude 技能

E2E Testing Patterns

Implements robust end-to-end testing strategies using Playwright and Cypress to ensure application reliability and prevent regressions.

JavaScript Testing Patterns

Implements comprehensive testing strategies using Jest and Vitest to ensure robust JavaScript and TypeScript application quality.

Solidity Security Master

Audits and implements secure Solidity smart contract patterns to prevent common blockchain vulnerabilities and optimize gas usage.

Kubernetes Security Policies

Implement and enforce production-grade security standards across Kubernetes clusters including NetworkPolicy, RBAC, and Pod Security Standards.

Automated Test Report Generator

Generates comprehensive test reports with coverage metrics and trend analysis across HTML, PDF, and JSON formats.

Vulnerability Scanner & Security Auditor

Identifies and reports security vulnerabilities, CVEs, and insecure configurations across codebases and dependencies.

Python Testing Patterns

Implements professional-grade Python testing suites using pytest, advanced mocking, and test-driven development best practices.

PCI Compliance & Security

Implements PCI DSS standards and secure payment handling protocols to protect cardholder data in web applications.

CSRF Protection Validator

Validates web application endpoints for Cross-Site Request Forgery (CSRF) vulnerabilities and security gaps.

Session Security Auditor

Identifies session management vulnerabilities and security flaws within your codebase to ensure robust user authentication and protection.

Smoke Test Runner

Executes automated verification suites to ensure application health and core functionality after deployments or configuration changes.

SOC2 Compliance & Audit Helper

Simplifies SOC2 audit preparation by automating evidence collection, identifying compliance gaps, and generating readiness reports.

Security Code Review Agent

Conducts comprehensive security audits and vulnerability assessments to identify risks like SQL injection, XSS, and insecure dependencies.

Dependency Guardian

Manages project dependencies with automated security scanning, intelligent update orchestration, and license compliance audits.

Session Security Checker

Audits and analyzes codebase session management to identify vulnerabilities like session fixation and improper expiration policies.

SOC2 Audit Helper

Streamlines SOC2 compliance by automating evidence gathering, identifying security control gaps, and generating readiness reports.

Security Misconfiguration Auditor

Identifies and remediates potential security vulnerabilities in infrastructure-as-code, application configurations, and system settings.

Security Misconfiguration Finder

Identifies and remediates security vulnerabilities in infrastructure-as-code, application configurations, and system settings.

API Fuzz Tester

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, input validation failures, and unexpected behaviors.

Automated Security Vulnerability Scanner

Automates security vulnerability testing for applications and APIs to identify OWASP Top 10 risks and critical software flaws.

Security Incident Responder

Provides structured guidance and specialized playbooks for managing, investigating, and remediating cybersecurity breaches and attacks.

Security Vulnerability & Penetration Tester

Automates comprehensive security vulnerability testing and penetration scans to identify OWASP Top 10 flaws and injection risks.

Test Data Generator

Generates realistic, schema-compliant test data including user profiles, product catalogs, and transactional records for software testing and development.

Penetration Testing & Security Auditing

Automates web application security assessments to identify vulnerabilities and generate comprehensive penetration test reports.

Web Penetration Tester

Automates security assessments and vulnerability scans for web applications and APIs to identify OWASP Top 10 threats.

Regression Test Tracker

Tracks and automates regression testing suites to ensure code stability and prevent unintended regressions during development.

Defense-in-Depth Validation

Implements multi-layered data validation across system boundaries to eliminate bugs structurally and ensure software integrity.

Secrets Manager Integrator

Automates the secure integration and configuration of secrets management tools like HashiCorp Vault and AWS Secrets Manager into your infrastructure.

Security Incident Responder

Guides users through the security incident response lifecycle to effectively contain, investigate, and remediate cyber attacks.

Realistic Test Data Generator

Generates realistic, schema-compliant synthetic data sets for software testing, database seeding, and performance analysis.