Security & Testing Claude 技能

Integration Test Runner

Automates the setup, execution, and cleanup of integration test suites including database orchestration and service management.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers to streamline software testing workflows.

Web Application Testing

Tests local web applications using Playwright scripts with automated server lifecycle management and DOM inspection capabilities.

Bats Shell Testing Patterns

Provides comprehensive patterns and best practices for writing automated unit tests for shell scripts using the Bats framework.

Test Environment Manager

Orchestrates and manages isolated, reproducible test environments using Docker Compose and Testcontainers.

Session Security Checker

Audits and secures session management implementations within your codebase to prevent vulnerabilities like session fixation and hijacking.

Precommit Build Validator

Validates code changes by running precommit checks, automated builds, and battery-aware test suites.

Intelligent Bug Diagnosis & Fix

Diagnoses and resolves runtime errors by aligning source code with project contracts and architectural context.

Testing Guidelines

Enforces rigorous testing standards including strict assertions, minimal mocking, and clear naming conventions for high-quality test suites.

Security Headers Analyzer

Analyzes website HTTP security headers to identify vulnerabilities and provide actionable improvement recommendations.

Input Validation Scanner

Scans source code to detect and mitigate input validation vulnerabilities like SQL injection and XSS.

Access Control Auditor

Audits access control configurations to identify security vulnerabilities, misconfigurations, and privilege escalation risks in IAM policies and network ACLs.

CSRF Protection Validator

Audits web application endpoints and cookie configurations to detect and remediate Cross-Site Request Forgery (CSRF) vulnerabilities.

Test Doubles Generator

Automates the creation of mocks, stubs, spies, and fakes to isolate dependencies and accelerate unit testing workflows.

Mutation Test Runner

Validates test suite quality by introducing code mutations and measuring the detection effectiveness of existing test cases.

Performance Test Suite

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks and optimize application performance.

Security Misconfiguration Finder

Audits infrastructure-as-code and application configurations to proactively identify and remediate security vulnerabilities.

Database Security Scanner

Performs comprehensive security audits and vulnerability assessments for PostgreSQL and MySQL databases using OWASP guidelines.

Security & Authentication Specialist

Implements production-ready authentication systems, role-based access controls, and comprehensive security architectures with regulatory compliance.

SQL Injection Detector

Identifies and remediates SQL injection vulnerabilities within codebases to ensure application security and robustness.

Smoke Test Runner

Executes rapid automated smoke tests to verify critical application functionality and system health after deployments or configuration changes.

End-to-End Testing Framework

Generates automated end-to-end test scripts using Playwright, Cypress, or Selenium to validate complex user workflows.

Unit Test Generator

Automates the creation of comprehensive unit tests and mock dependencies across multiple programming languages and frameworks.

Unit Test Generator

Generates comprehensive unit tests across multiple frameworks to ensure code quality and accelerate development workflows.

Test Data Generator

Generates realistic, schema-aligned test data for software applications, including user profiles, e-commerce transactions, and custom datasets.

TDD Implementer

Automates the test-driven development cycle through isolated Git worktrees and strict code coverage enforcement.

Spec-Test-Driven Development

Enforces a rigorous specification-first workflow that ensures every feature is documented, tested, and verified before final implementation.

Verification Before Completion

Enforces a rigorous multi-step quality checklist to verify functionality, tests, and documentation before any code is committed or finalized.

C# xUnit Testing Patterns

Standardizes the creation of C# unit and integration tests using xUnit, Moq, Bogus, and Alba.

QA Test Planning & Strategy

Generates comprehensive test plans including scenario matrices, environment checklists, and reporting protocols for software releases.