Security & Testing Claude 技能

Secrets Management for DevOps

Secures sensitive credentials across CI/CD pipelines, cloud providers, and Kubernetes environments using industry-standard tools.

API Security Guardian

Protects your applications by identifying vulnerabilities, enforcing OWASP standards, and implementing robust API security patterns.

PCI Compliance Security

Implements PCI DSS requirements to ensure the secure handling, storage, and transmission of payment card data.

Test Patterns

Generates robust, production-grade test suites using industry-standard patterns and best practices across multiple languages and frameworks.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure code quality and prevent technical debt through mandatory test-first development.

Clay Security & Access Control

Secures Clay platform integrations by implementing API key protection, least privilege access, and robust audit logging.

DevPrep Quality Reviewer

Enforces strict code quality standards, architectural patterns, and TypeScript best practices for robust software development.

OpenSpec Verify

Validates code implementations against specifications, tasks, and design documents to ensure completeness and architectural coherence.

LLM Evaluation Designer

Guides developers through designing production-quality LLM evaluation pipelines and scoring rubrics to ensure AI output reliability.

TDD Playwright

Automates the test-driven development lifecycle using Playwright to ensure robust web application functionality through iterative testing and implementation.

Authentication Patterns

Implements secure authentication and authorization systems using patterns like JWT, OAuth2, and RBAC.

Systematic Debugging Patterns

Diagnoses and resolves complex bugs in .NET/ABP and React applications using systematic root cause analysis and performance optimization patterns.

Bazinga Validator

Validates project completion claims through independent verification of tests, coverage, and success criteria.

Policy Runner

Executes policy-as-code checks to ensure security compliance and governance throughout the development lifecycle.

Secure Development Guidelines

Enforces secure implementation patterns, sensitive data management, and vulnerability prevention across the software lifecycle.

Windsurf Security Basics

Secures Windsurf API integrations by implementing secret management, least privilege access, and audit logging best practices.

OSDU Test Reliability Analysis

Analyzes OSDU GitLab CI/CD pipeline reliability to identify flaky tests and provide quality metrics across cloud providers.

Cursor SSO Integration

Configures enterprise-grade authentication including SAML 2.0 and OIDC for the Cursor code editor.

Systematic Debugging Workflow

Enforces a rigorous 6-phase root cause analysis process to identify, reproduce, and fix software bugs with evidence-based verification.

Rigorous Task Verification

Enforces an empirical evidence-first workflow by requiring command execution and output validation before any task is claimed as complete.

Testing Quality Analysis

Audits test suites with SRE-level scrutiny to identify tautological tests, coverage gaming, and ineffective assertions.

OWASP Security Review

Conducts comprehensive code security audits and provides remediation guidance based on the OWASP Cheat Sheet Series.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is verified by failing tests first.

Hypothesis-Based Debugger

Automates evidence-based debugging through systematic hypothesis generation, runtime instrumentation, and structured log analysis.

GDPR Compliance & Data Handling

Implements GDPR-compliant data processing, consent management, and data subject rights within software architectures.

Systematic Debugging Assistant

Diagnoses complex code errors and identifies root causes through a systematic, multi-step troubleshooting framework.

Examples Inclusivity Audit

Analyzes mock data, documentation, and test fixtures for cultural assumptions to ensure software inclusivity and diverse representation.

Systematic Debugging

Enforces a rigorous, four-phase root cause analysis process to prevent guesswork and ensure permanent software fixes.

Protocol Reverse Engineering

Reverse engineers network protocols using advanced packet analysis, traffic dissection, and technical documentation techniques.

Gotrino Inclusion Help

Provides a comprehensive command reference and workflow guide for the Gotrino inclusion and accessibility plugin.