Security & Testing Claude 技能

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within your development workflow.

Test-Driven Development (TDD) Guardrails

Enforces a rigorous Red-Green-Refactor workflow by requiring failing tests before any implementation code is written.

PCI Compliance & Secure Payments

Implement PCI DSS compliance requirements and secure payment card data handling practices within your applications.

Web3 Smart Contract Testing

Validates smart contracts through comprehensive testing suites using Hardhat and Foundry to ensure security, gas efficiency, and protocol reliability.

Web Application Testing

Automates local web application testing and UI verification using Playwright and integrated server management tools.

React Testing Patterns

Implements comprehensive testing strategies using Vitest, React Testing Library, and Playwright for modern React applications.

Supabase Auth Patterns

Implements secure authentication and session management workflows for Next.js applications using Supabase Auth and SSR.

Subagent Skill Testing

Validates and bulletproofs Claude skills using a Red-Green-Refactor cycle and high-pressure subagent scenarios.

AC TDD Runner

Automates the complete Red-Green-Refactor Test-Driven Development cycle for feature implementation.

Systematic Debugging

Applies a rigorous four-phase framework to identify root causes and implement stable fixes for complex software bugs.

Automated Test Fixing

Systematically identifies and resolves failing tests using intelligent error grouping and prioritized fixing strategies.

Ralph Wiggum Autonomous TDD Loop

Automates the software development lifecycle using a parallel agent swarm and rigorous test-driven development to ensure codebase stability and high-quality convergence.

AC QA Reviewer

Performs automated quality assurance reviews on code implementations to ensure adherence to clean code, security, and performance standards.

Security Misconfiguration Auditor

Identifies and remediates security misconfigurations in infrastructure-as-code, application settings, and system configurations.

AI Quality Assurance Reviewer

Automates comprehensive quality assurance reviews for feature implementations by evaluating code standards, security, performance, and documentation.

Authentication Implementation Patterns

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

Supabase E2E Test Scenarios

Automates end-to-end testing for Supabase applications, covering authentication, database operations, realtime features, and AI-powered vector searches.

Ralph Prompt Research

Generates structured, multi-phase research prompts for deep codebase analysis, security audits, and architectural planning.

Auth Implementation Patterns

Implements secure, industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC.

Review Workflow Orchestrator

Orchestrates a comprehensive three-stage quality assurance pipeline including validation, multi-dimensional scoring, and functional scenario testing.

Multi-AI Testing & TDD

Implements rigorous test-driven development workflows using independent multi-agent verification to ensure high code coverage and prevent test gaming.

Bedrock Automated Reasoning

Mathematically verifies AI-generated responses against formal policy rules with up to 99% accuracy to ensure deterministic compliance.

Review Helper

Analyzes source code to identify bugs, security risks, regressions, and gaps in test coverage.

Debugging Strategies & Root Cause Analysis

Transforms troubleshooting into a systematic scientific process for identifying, isolating, and fixing complex bugs across any technology stack.

Web Application Testing Toolkit

Automates local web application testing and browser interaction using Playwright and integrated server management.

Multi-AI Code Review

Automates multi-perspective code reviews by orchestrating Claude, Gemini, and Codex to perform deep analysis across five critical dimensions.

Ralph Research & Analysis

Generates structured research and analysis prompts for systematic codebase investigation and architectural planning.

Windsurf Dependency Management

Automates dependency updates and security vulnerability scanning across multiple package managers within the Windsurf environment.

Ideogram Enterprise RBAC

Configures enterprise-grade role-based access control and SSO integration for Ideogram services.

Bedrock AgentCore Policy

Defines and enforces deterministic security boundaries for Amazon Bedrock agents using natural language and Cedar policy logic.