Security & Testing Claude 技能

TCR Practice (Test && Commit || Revert)

Implements the high-discipline TCR workflow to enforce atomic code changes and guarantee a constant state of passing tests.

Test Orchestrator

Coordinates and executes parallel test suites across multiple environments and frameworks to ensure comprehensive software quality.

Refactoring Analysis

Analyzes codebases to identify technical debt, architectural complexity, and refactoring opportunities across multiple programming languages.

Code Quality Standards

Enforces rigorous coding standards through comprehensive guidelines for documentation, testing, and maintainable code architecture.

Security Audit Reporting

Generates standardized, professional security audit reports with automated severity classification and ASVS mapping.

Apollo API Security Basics

Implements industry-standard security best practices for Apollo.io API integrations and data protection.

Testing Strategies

Design and implement comprehensive test suites including unit, integration, and E2E tests across multiple programming languages.

GitHub Pull Request Reviewer

Automates comprehensive code reviews by creating isolated git worktrees and providing structured analysis across security, quality, and performance.

Systematic Debugger

Implements a structured, scientific approach to identify, isolate, and resolve software bugs efficiently.

Vulnerability Patterns: Core

Detects universal security vulnerabilities and hardcoded secrets across all programming languages using standardized regex patterns.

PR Quality Analyzer

Automates the assessment of pull requests to ensure code quality, security compliance, and architectural integrity before merging.

Security Scanner

Scans source code for security vulnerabilities and provides actionable remediation patterns based on industry standards.

Systematic Debugging

Implements a rigorous, 5-step methodology to reproduce, isolate, and resolve software bugs without guesswork.

TDD Workflow Guide

Guides developers through the test-driven development cycle to ensure robust code through red-green-refactor iterations.

Defense in Depth Validation

Implements a multi-layered testing and validation framework to catch bugs across syntax, logic, integration, and user workflows.

Root Cause Tracing

Eliminates technical debt by identifying and fixing the origin of software bugs rather than patching superficial symptoms.

Verified Task Completion

Enforces strict validation of all coding tasks through live command output before allowing any claims of success.

Claude Plugin Validator

Validates Claude Code plugin structures, configurations, and security practices to ensure seamless integration and deployment.

Verification Before Completion

Ensures code quality by requiring fresh command-line evidence before claiming any task is finished.

Requirements Quality Validator

Validates software requirement documentation for clarity, testability, and traceability before moving to the design phase.

TDD Red Phase Actuator

Automates the initial stage of Test-Driven Development by generating failing test cases from requirements before implementation begins.

Solidity Security & Smart Contract Auditing

Implements industry-standard security patterns and audits smart contracts to prevent critical blockchain vulnerabilities.

Requirement Traceability & SDLC Mapping

Standardizes requirement tracking across the software development lifecycle using structured REQ-* key patterns and validation rules.

Automated Test Coverage Generator

Automatically generates comprehensive unit, edge, and boundary tests to resolve code coverage gaps and validate business requirements.

Technical Constraint Extractor

Extracts and documents external ecosystem constraints to ensure software compliance and architectural alignment.

Integration Test Runner

Executes and validates complex end-to-end integration tests, BDD scenarios, and API contracts to ensure system-wide reliability.

SecLists Payloads Collection

Provides a curated set of exploitation payloads for security testing, including anti-virus bypasses and file name exploits.

Security Best Practices

Implements core security principles and defensive programming patterns to safeguard applications against common vulnerabilities.

Traceability Matrix Generator

Generates a comprehensive traceability matrix mapping business intents to requirements, code, tests, and runtime metrics.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, advanced mocking, and test-driven development (TDD) patterns.