Security & Testing Claude 技能

Code Review Gate

Enforces human-in-the-loop validation for security-sensitive paths and high-complexity code changes within the Claude Code environment.

Web App Testing with Playwright

Automates browser testing and UI verification for local web applications using Playwright integration.

OpenEvent Workflow Triage

Streamlines bug triage and regression testing for OpenEvent workflows using deterministic reproduction traces and invariant validation.

Solidity Security Expert

Implements industry-standard smart contract security patterns and prevents common vulnerabilities in Ethereum-based applications.

AgRAG LLM Judge

Evaluates Agentic GraphRAG performance using automated benchmarking and LLM-as-judge scoring rubrics.

Permissions Configuration Wizard

Configures Claude Code tool permissions and security rules to control access to files, commands, and web tools.

Web3 Smart Contract Testing

Facilitates comprehensive testing of Solidity smart contracts using Hardhat and Foundry to ensure security, reliability, and gas efficiency.

GDPR Data Compliance & Privacy

Implements GDPR-compliant data processing, consent management systems, and automated data subject request handlers.

Data Quality Frameworks

Implements robust data validation and quality assurance using Great Expectations, dbt tests, and data contracts.

.NET Test Triage

Automates .NET test failure analysis by capturing logs, generating markdown summaries, and creating focused rerun filters.

Attack Tree Construction

Builds systematic attack trees to visualize potential threat paths and identify critical security vulnerabilities.

UI Smoke & E2E Testing

Guides the execution of UI smoke tests and Playwright E2E suites to validate frontend changes and navigation flows.

Threat Mitigation Mapping

Maps identified security threats to specific technical controls and mitigations to strengthen system architecture and defense-in-depth.

WCAG Accessibility Audit Patterns

Performs comprehensive web accessibility audits and provides remediation strategies based on WCAG 2.2 standards.

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

Authentication & Authorization Patterns

Implements secure, scalable access control systems using modern patterns like JWT, OAuth2, and RBAC.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified code implementation for every feature and bugfix.

Eval Framework

Standardizes and compares AI-generated evaluations to ensure consistency, accuracy, and reproducibility across multiple runs.

Security Validation Scanner

Automates pre-merge security scans to detect hardcoded secrets, insecure SSH configurations, and non-portable paths.

Baseline Governance

Enforces quality standards and prevents software regressions by implementing a "ratchet" mechanism for core project metrics.

Behavior Tree Validator

Validates py_trees behavior trees for syntactic correctness, action availability, and semantic consistency in robotic workflows.

Systematic Debugging

Implements a rigorous four-phase framework to identify root causes and apply permanent fixes for technical bugs and system failures.

Security Scanner

Performs automated security audits, secret detection, and vulnerability scanning across codebases, containers, and infrastructure.

Financial Calculation Correctness & Excel Parity

Validates financial logic against Excel models to ensure numerical accuracy and parity across IRR, waterfalls, and complex cash flow computations.

Test Fixture Generator

Standardizes the creation of maintainable, type-safe test data through factories and golden datasets to ensure consistent testing environments.

Systematic Debugging Workflow

Implements a rigorous four-phase framework to identify root causes and eliminate bugs through evidence-based analysis rather than guesswork.

SimpleCov Test Coverage Agent

Analyzes and improves Ruby and Rails test coverage using SimpleCov and automated quality metrics.

Cucumber & Gherkin BDD

Implements Behavior-Driven Development (BDD) using Gherkin syntax and Cucumber step definitions across multiple programming languages.

FastAPI JWT Authentication

Implements secure JSON Web Token (JWT) authentication, password hashing, and role-based access control within FastAPI applications.

JavaScript Unit Testing Expert

Generates maintainable, reliable JavaScript and TypeScript unit tests using Jest and industry-standard patterns.