Security & Testing Claude 技能

Accessibility Checker CI

Integrates automated WCAG accessibility testing and reporting into CI/CD pipelines using industry-standard tools like axe-core and pa11y-ci.

ThinkDeep Reasoning & Investigation

Conducts systematic multi-step investigations using hypothesis tracking and progressive confidence modeling to solve complex technical problems.

Verification Before Completion

Enforces a strict evidence-based workflow by requiring fresh verification output before any task is marked as complete or successful.

Web3 Smart Contract Testing

Validates and optimizes Solidity smart contracts using professional testing frameworks like Hardhat and Foundry.

Secrets Validator

Detects and prevents the exposure of credentials, API keys, and sensitive data within code and configuration files.

Infrastructure Security Scanner

Scans infrastructure configuration files for security vulnerabilities and misconfigurations in Docker, Kubernetes, and Terraform.

Verification & Quality Assurance

Maintains codebase integrity through real-time truth scoring, automated security checks, and intelligent rollback mechanisms.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, and mocking to ensure high-quality, reliable codebases.

Auth Implementation Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, and robust access control patterns.

Quality Gate for Task Master

Enforces code quality standards by running linting, type-checking, and test suites before tasks can be marked as completed.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and test-driven development best practices.

GitHub Code Review Swarm

Orchestrates specialized AI agents to perform comprehensive, automated code reviews covering security, performance, and architecture within GitHub pull requests.

GitHub Code Review

Performs comprehensive, multi-agent code reviews on GitHub pull requests using specialized AI swarms for security, performance, and architecture analysis.

Verification & Quality Assurance

Ensures code reliability and agent output quality through real-time truth scoring, automated verification checks, and instant rollback systems.

UpshiftAI Dependency Intelligence

Analyzes and audits software dependencies using AI to identify deprecated packages, security vulnerabilities, and maintenance risks.

Automated Pre-Commit Hooks

Enforces mandatory code quality gates and security checks by automating linting, formatting, and testing before every git commit.

TDD Methodology

Enforces a strict Red-Green-Refactor cycle to ensure code quality through test-driven development within Claude Code.

Web3 Smart Contract Testing

Automates and optimizes smart contract testing using Hardhat and Foundry to ensure security, reliability, and gas efficiency.

OAPS Hook Rule Writing

Streamlines the creation, debugging, and management of automated guardrails and workflows for the OAPS planning system.

Chrome Extension Security Expert

Implements robust security patterns and Manifest V3 best practices for Chrome extension development.

Chrome Extension Debugging Guide

Provides comprehensive strategies and code patterns for troubleshooting Chrome Extension service workers, content scripts, and communication layers.

Kubernetes Security Policy Pro

Implements production-grade Kubernetes security policies including NetworkPolicy, RBAC, and Pod Security Standards.

Bats Shell Testing Patterns

Streamlines the creation of comprehensive unit tests for shell scripts using the Bash Automated Testing System (Bats).

API Test Automation

Automates the generation and execution of comprehensive test suites for REST and GraphQL APIs.

Solidity Function Auditor

Performs comprehensive, multi-stage security audits of Solidity smart contracts using parallelized analysis and human-in-the-loop review.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate code vulnerability detection and enforce DevSecOps best practices.

Fresh Eyes Review

Conducts systematic, checklist-based code reviews to identify security, quality, and performance issues before committing code.

Test Environment Manager

Orchestrates isolated and reproducible test environments using Docker Compose and Testcontainers for consistent software validation.

Corder Test Generation

Generates production-ready unit and integration tests across multiple frameworks using the Arrange-Act-Assert pattern.

QA Code Review Checklist

Standardizes and automates comprehensive code reviews focusing on readability, performance, security, and industry best practices.