Security & Testing Claude 技能

Security Standards

Implements comprehensive security protocols and OWASP-compliant coding patterns to protect applications from common vulnerabilities.

Code Quality Standards

Enforces non-negotiable standards for 3-tier architecture, Test-Driven Development, and self-documenting code.

Odin Code Reviewer

Audits code quality and adherence to project standards following the execution of ODIN tasks.

Pentest Command Reference

Provides a comprehensive reference of penetration testing commands for network scanning, exploitation, and vulnerability assessment.

Clerk Incident Runbook

Streamlines incident response for Clerk authentication issues with automated diagnostics, mitigation scripts, and recovery procedures.

Doc Detective Testing

Automates the verification of documentation procedures by converting text-based guides into executable Doc Detective test specifications.

KlingAI Compliance Review

Conducts comprehensive security audits and regulatory compliance reviews for Kling AI video generation integrations.

Eval Harness

Implements Eval-driven development to quantitatively measure code quality and track continuous improvements through standardized metrics.

Security Review & Vulnerability Audit

Performs comprehensive security audits and vulnerability checks based on OWASP standards and industry best practices.

XSS Vulnerability Scanner

Automatically identifies and reports cross-site scripting (XSS) vulnerabilities in web applications through context-aware code analysis.

Verification Loop

Executes a rigorous six-stage verification workflow to ensure code quality, security, and type safety within the Claude Code environment.

Replit Enterprise RBAC & SSO Manager

Configures enterprise-grade security for Replit including Single Sign-On (SSO) and robust role-based access control (RBAC).

API Security Guardian

Protects your applications by identifying vulnerabilities, enforcing OWASP standards, and implementing robust API security patterns.

Test Patterns

Generates robust, production-grade test suites using industry-standard patterns and best practices across multiple languages and frameworks.

Clay Security & Access Control

Secures Clay platform integrations by implementing API key protection, least privilege access, and robust audit logging.

LLM Evaluation Designer

Guides developers through designing production-quality LLM evaluation pipelines and scoring rubrics to ensure AI output reliability.

Windsurf Security Basics

Secures Windsurf API integrations by implementing secret management, least privilege access, and audit logging best practices.

Cursor SSO Integration

Configures enterprise-grade authentication including SAML 2.0 and OIDC for the Cursor code editor.

Systematic Debugging Workflow

Enforces a rigorous 6-phase root cause analysis process to identify, reproduce, and fix software bugs with evidence-based verification.

Rigorous Task Verification

Enforces an empirical evidence-first workflow by requiring command execution and output validation before any task is claimed as complete.

Testing Quality Analysis

Audits test suites with SRE-level scrutiny to identify tautological tests, coverage gaming, and ineffective assertions.

OWASP Security Review

Conducts comprehensive code security audits and provides remediation guidance based on the OWASP Cheat Sheet Series.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is verified by failing tests first.

Hypothesis-Based Debugger

Automates evidence-based debugging through systematic hypothesis generation, runtime instrumentation, and structured log analysis.

Systematic Debugging Assistant

Diagnoses complex code errors and identifies root causes through a systematic, multi-step troubleshooting framework.

Systematic Debugging

Enforces a rigorous, four-phase root cause analysis process to prevent guesswork and ensure permanent software fixes.

Protocol Reverse Engineering

Reverse engineers network protocols using advanced packet analysis, traffic dissection, and technical documentation techniques.

Gleam Testing Suite

Guides the creation of robust Gleam test suites using gleeunit and modern idiomatic assertion patterns.

Verified Completion Guardrail

Enforces rigorous verification and evidence collection before any task completion or status claim is made.

Permissions Configuration Wizard

Configures Claude Code tool permissions and security rules to control access to files, commands, and web tools.