Security & Testing Claude 技能

Vitest Testing Support

Streamlines JavaScript and TypeScript unit testing using the Vite-native Vitest framework and Jest-compatible APIs.

Ultrathink Detective

Performs deep, multi-dimensional codebase audits and architectural analysis using LLM-enriched semantic memory.

Tester Detective

Performs deep test coverage analysis and QA audits using semantic indexed memory to identify missing edge cases and test quality issues.

Frontend Performance & Security

Optimizes React applications through production-ready performance patterns, accessibility standards, and comprehensive security hardening.

Debugger Detective

Investigates codebase bugs and identifies root causes using advanced indexed memory and semantic behavioral search.

Root Cause Investigator

Implements a systematic 5-Why methodology to identify fundamental root causes of software errors, performance issues, and system failures.

Dialectic Analysis

Performs objective analysis of statements or code changes by running parallel opposing agents to eliminate confirmation bias.

Safety-Critical Coding Patterns

Implements robust software engineering principles inspired by NASA's Power of 10 rules to ensure high-reliability and verifiable code.

Azure Auth for React & Cloudflare

Implements Microsoft Entra ID (Azure AD) authentication for React SPAs and Cloudflare Workers using MSAL.js and JWT validation.

Web Vulnerability Verification

Automates the validation of web vulnerabilities like XSS and Open Redirects through raw HTTP request manipulation and session context handling.

Local CI Pipeline

Automates local continuous integration checks for Ruby on Rails projects including security scans, linting, and comprehensive testing.

Script Test

Validates script execution functionality by automatically running scripts upon skill activation within the Claude Code environment.

Harness Review

Automates multi-dimensional code, plan, and scope reviews using specialized AI experts and static analysis tools.

Build Verification & Error Recovery

Safeguards code quality by verifying builds, automating error recovery, and enforcing strict testing guardrails during the development cycle.

Harness Review

Automates multi-perspective code, plan, and scope reviews using context-aware quality gates and expert analysis.

Auth & Payments Integration

Implements secure user authentication and payment processing systems using industry-standard providers like Clerk, Supabase, and Stripe.

Performance Engineering

Optimizes system responsiveness and scalability through comprehensive load testing, deep profiling, and full-stack tuning strategies.

Secure Authentication & API Security

Implements modern authentication, fine-grained authorization, and robust API security patterns following 2025 industry standards.

Security Architecture Designer

Architects comprehensive security frameworks using defense-in-depth, zero trust principles, and strategic threat modeling.

Firewall Configuration & Security

Configures host-based and cloud firewalls with security best practices to harden servers and implement network segmentation.

Security Hardening

Hardens production infrastructure across OS, container, cloud, network, and database layers using CIS Benchmarks and zero-trust principles.

Testing Strategies

Architects comprehensive, high-performance test suites by strategically balancing unit, integration, E2E, and contract testing across multiple languages.

Secure Secret Management

Manages the lifecycle of API keys, database credentials, and certificates across cloud providers and Kubernetes environments.

Advanced Debugging Techniques

Provides expert debugging strategies for Python, Go, Rust, and Node.js across local, containerized, and production environments.

LLM Evaluation Framework

Evaluates Large Language Model performance using automated metrics, LLM-as-judge patterns, and RAG validation frameworks.

Secure TLS Implementation

Configures TLS certificates and encryption protocols to secure web applications and service-to-service communications.

SIEM & Security Logging

Configures centralized security information and event management systems for threat detection, compliance auditing, and log aggregation.

Constitution Validation

Automates project governance through discovery-based rule generation and multi-level compliance checking.

Safe Code Refactoring

Systematically improves code structure and quality while strictly preserving external behavior through a test-driven protocol.

Implementation Verification

Validates code implementations against documentation to ensure strict compliance with architectural designs and business requirements.