Security & Testing Claude 技能

API Security Testing

Conducts comprehensive security audits and penetration tests on REST and GraphQL APIs to identify vulnerabilities like IDOR, injection, and authorization flaws.

Security Core

Secures applications across TypeScript, Python, and Rust with expert guidance on authentication, authorization, and OWASP best practices.

Evaluating Skills with Models

Evaluates AI skill performance across multiple Claude models using parallel sub-agents and quality-based scoring.

Evaluation-Driven Skill Development

Guides the evaluation-driven development cycle for creating and validating high-quality Claude Code skills.

Agentic Skill Auditor

Audits Agentic AI skill files against Claude's best practices to ensure optimal naming, structure, and performance.

Initial Access Recon

Automates reconnaissance and intelligence gathering for offensive security assessments and attack surface mapping.

OE Site-Visit E2E Verification

Validates the site-visit workflow step through automated backend trace generation and Playwright browser testing.

Password Attacks & Credential Cracking

Conducts professional password hash cracking, credential spraying, and authentication brute-force attacks using industry-standard tools.

Container Security & Escape Expert

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

Web Application Security Testing

Equips Claude with expert penetration testing methodologies and specialized payloads to identify and exploit web application vulnerabilities.

Mobile App Pentesting

Conducts comprehensive security audits and penetration testing for Android and iOS mobile applications.

Go TDD & Backend Testing

Enforces strict Test-Driven Development workflows and standardized Go testing patterns for backend services and controllers.

Testing & Quality Implementation

Implements comprehensive automated testing strategies and quality assurance workflows across Kotlin, JavaScript, and Python environments.

Playwright Testing Patterns

Implements high-performance end-to-end testing patterns and best practices using Playwright for Astro and React applications.

Solidity Function Audit Team

Orchestrates a multi-agent team to perform deep, structured security audits of Solidity smart contracts with human-in-the-loop oversight.

LimaCharlie Performance & Cost Optimizer

Optimizes LimaCharlie deployments by reducing operational costs, tuning query performance, and implementing efficient resource management strategies.

LimaCharlie API Integrator

Integrate with the LimaCharlie SecOps platform using REST APIs, Python SDK, or Go SDK for programmatic sensor management and data streaming.

Maestro E2E Testing

Executes comprehensive end-to-end testing for data persistence pipelines within the Maestro ecosystem.

LimaCharlie Threat Intel Integrator

Integrates real-time threat intelligence feeds and API-based lookups into LimaCharlie security operations and detection rules.

Secure Authentication Patterns

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC to secure web applications and APIs.

AI Code Reviewer

Performs deep, multi-model code analysis and security scanning using external AI engines to identify vulnerabilities and architectural improvements.

Smart Contract Entry Point Analyzer

Identifies and categorizes state-changing entry points in smart contracts to map attack surfaces for security audits.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Code Review Expert

Analyzes, debugs, and refactors code across multiple languages to improve security, performance, and maintainability.

Solidity Smart Contract Security

Secures Ethereum smart contracts by implementing industry-standard patterns and identifying critical vulnerabilities like reentrancy and access control flaws.

Testing & Quality Assurance

Implements comprehensive testing strategies and quality assurance workflows using frameworks like JUnit, MockK, and Jest.

Multi-Dimensional Skill Reviewer

Conducts comprehensive quality assurance reviews of Claude Code skills using standardized rubrics and automated validation.

Async REPL Protocol

Standardizes asynchronous code execution and tool interactions within the Agentica REPL testing harness.

Codex Auth Manager

Simplifies OpenAI Codex CLI authentication using OAuth, API keys, and multi-account configurations.

Multi-AI Testing

Implements test-driven development workflows with independent verification to ensure high-quality code and comprehensive test coverage.