Security & Testing Claude 技能

AI Validation Architect

Defines actionable AI validation criteria and testing standards to ensure code quality before task completion.

Verification Discipline

Enforces a strict evidence-based protocol to ensure every completion claim is backed by fresh, verified command output.

Security Hint

Identifies potential security vulnerabilities and secret exposures in real-time to promote safer development practices.

GitHub Speckit Tester

Orchestrates the complete Speckit workflow pipeline non-interactively using subagents to automate the transition from specification to implementation.

Spring Boot TDD

Implements a rigorous test-driven development workflow for Spring Boot applications to ensure high code quality and 80%+ test coverage.

Structured Code Review Protocol

Implements a rigorous three-stage review protocol to ensure spec compliance, code quality, and domain integrity.

Incident Response Commander

Orchestrates IT outage recovery and security incident management using industry-standard frameworks and structured communication workflows.

Systematic Debugging

Enforces a rigorous, evidence-based methodology for identifying and resolving the root causes of software bugs and test failures.

Systematic Bug Investigation

Identifies root causes and documents findings for complex software bugs to streamline the debugging workflow.

TDD Workflow

Implements a rigorous test-driven development cycle by writing failing tests before coding the implementation.

Blockchain Integration Builder

Designs and implements chain-agnostic blockchain architectures, smart contract patterns, and decentralized application workflows.

Accessibility Auditor

Conducts comprehensive WCAG 2.2 Level AA accessibility audits for React and TypeScript applications with specialized MUI framework awareness.

Codebase Auditor

Performs comprehensive audits of code quality, security vulnerabilities, and technical debt using modern engineering standards and actionable remediation plans.

SEO & Accessibility Analyzer

Audits web source files for SEO best practices and WCAG 2.1 AA accessibility compliance.

Secret Scanner

Scans git repositories for hardcoded secrets, credentials, and API keys to prevent security breaches and data leaks.

Accessibility Self-Check

Validates generated UI code against WCAG 2.1 AA standards to ensure highly accessible and compliant web components.

Code Reviewer

Automates comprehensive code audits using research-backed security standards, performance pattern detection, and automated quality enforcement.

Container Security Scanner

Audits Dockerfiles for best practices and scans container images for security vulnerabilities using industry-standard tools like Hadolint and Trivy.

SCA Runner

Runs Software Composition Analysis (SCA) to identify and mitigate vulnerabilities in project dependencies across multiple languages.

CLAUDE.md Auditor

Audits and optimizes CLAUDE.md configuration files to ensure security compliance, adherence to official Anthropic guidance, and peak LLM context performance.

DevSecOps Guideline Lookup

Provides comprehensive guidance on DevSecOps phases, security tools, and CI/CD integration patterns based on OWASP standards.

Project Test Suite Runner

Executes comprehensive project test suites and validates results within the Claude Code environment.

Mutation Testing

Validates test suite effectiveness by introducing deliberate code mutations to identify logic gaps that traditional coverage metrics miss.

Claude Flow V3 Security Overhaul

Hardens Claude Flow v3 architectures by remediating critical CVEs and implementing secure-by-default development patterns.

Web3 Smart Contract Testing

Automates comprehensive smart contract validation using Hardhat and Foundry frameworks for robust blockchain applications.

E2E Testing & Visual Debugging

Automates the Playwright end-to-end testing lifecycle with LLM-powered visual analysis and actionable fix recommendations.

Authentication & Authorization Patterns

Implements secure access control systems using industry-standard patterns like JWT, OAuth2, and RBAC to protect web applications and APIs.

Dependency Tracker

Audits and aligns project dependencies with infrastructure documentation to ensure security, consistency, and clean codebases.

Skill Isolation Tester

Validates Claude Code skills in isolated environments to identify hidden dependencies and environment-specific bugs before public release.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, mocking, and advanced patterns for robust software quality.