Security & Testing Claude 技能

PCI Compliance & Secure Payments

Implement PCI DSS compliance requirements and secure payment card data handling practices within your applications.

Test-Driven Development (TDD) Guardrails

Enforces a rigorous Red-Green-Refactor workflow by requiring failing tests before any implementation code is written.

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within your development workflow.

Claude Code Permission Management

Validates and secures Claude Code settings through architectural patterns and security anti-pattern detection.

JavaScript Unit Testing Standards

Enforces standardized Jest unit testing patterns, configuration, and coverage requirements for CUI JavaScript projects.

AI Slop Detector

Audits codebases to identify and remediate low-quality AI-generated patterns, security vulnerabilities, and hallucinated dependencies.

Web Security Standards

Enforces domain security protocols and research methodologies for managing WebFetch permissions and domain trustworthiness.

Skill Reviewer and Enhancer

Audits and improves Claude Code skills to ensure adherence to official best practices and modern architectural patterns.

Defense-in-Depth Validation

Implements multi-layered data validation across system boundaries to make software bugs structurally impossible to reproduce.

Defense-in-Depth Validation

Enforces a multi-layered validation strategy across application layers to make structural bugs impossible and ensure data integrity.

Solidity Security & Smart Contract Audit

Implements industry-standard security patterns and vulnerability prevention for Solidity smart contracts.

Web3 Smart Contract Testing

Tests smart contracts comprehensively using Hardhat and Foundry to ensure security, gas efficiency, and protocol reliability.

Bats Shell Testing Patterns

Implements production-grade unit testing for shell scripts using the Bash Automated Testing System (Bats).

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Condition-Based Waiting

Eliminates flaky tests by replacing arbitrary timeouts with smart condition polling for asynchronous state changes.

Debugging Strategies & Root Cause Analysis

Provides a systematic framework for investigating, isolating, and resolving software bugs across various technology stacks using proven scientific methodologies.

Kubernetes Security Policy Expert

Implements defense-in-depth security for Kubernetes clusters using Network Policies, RBAC, and Pod Security Standards.

LimaCharlie Threat Hunter

Conducts proactive threat investigations and builds hypothesis-driven hunts within the LimaCharlie SecOps platform.

Python Testing Patterns

Implements comprehensive testing strategies for Python using pytest, advanced mocking, and test-driven development best practices.

Temporal Python Testing

Streamlines the testing of Temporal workflows and activities in Python using time-skipping, mocking, and determinism validation.

JavaScript Testing Patterns

Implements robust unit, integration, and end-to-end testing strategies for JavaScript and TypeScript applications.

LCQL Query Builder

Generates, optimizes, and explains LimaCharlie Query Language (LCQL) queries for advanced security telemetry analysis and threat hunting.

LimaCharlie Adapter Configurator

Configures and troubleshoots LimaCharlie adapters to seamlessly ingest telemetry from cloud services, identity providers, and various log sources.

LSP Type Safety Checker

Verifies code type safety and function signature compatibility using Language Server Protocol data to prevent runtime errors.

LimaCharlie Sensor Manager

Manages, deploys, and troubleshoots LimaCharlie endpoint sensors across Windows, macOS, and Linux platforms for real-time EDR telemetry.

LimaCharlie Telemetry Onboarding

Orchestrates step-by-step connections for cloud logs, SaaS applications, and third-party telemetry into the LimaCharlie SecOps platform.

Python Code Review Expert

Performs deep, context-aware Python code reviews on changed files to identify security vulnerabilities, performance bottlenecks, and architectural issues.

Cloud Security Exploitation

Identifies and exploits security misconfigurations across AWS, Azure, and GCP environments to harden cloud infrastructure.

Wireless Attack & Security Testing

Automates and guides wireless network security assessments, including WPA/WPA2 cracking, WPS exploitation, and Evil Twin attacks.

Phishing and Social Engineering Toolkit

Conducts authorized social engineering assessments, phishing simulations, and credential harvesting to test organizational security awareness.