Security & Testing Claude 技能

Vitest Testing Framework

Streamlines unit and integration testing using the Vitest framework with Vite-native performance and Jest-compatible APIs.

Crypto Game Theory

Analyzes and designs incentive systems for crypto protocols, DeFi mechanisms, and web3 governance using advanced game theory frameworks.

AI Web QA Bot

Automates web application quality assurance using AI and accessibility-tree element detection for reliable, low-maintenance testing suites.

Agent Identity Manager

Establishes secure, cryptographic on-chain identities for AI agents to enable verifiable cross-platform reputation and trust.

Test with Spanner

Executes Go unit tests requiring the Spanner emulator by automating environment configuration and lifecycle management.

Cosmos Vulnerability Scanner

Scans Cosmos SDK and CosmWasm codebases for consensus-critical security vulnerabilities, non-determinism, and logic errors.

Secure Smart Contract Workflow

Automates the Trail of Bits 5-step secure development process for smart contracts, including vulnerability scanning, architectural visualization, and property-based testing setup.

Trail of Bits Smart Contract Guidelines Advisor

Analyzes smart contract codebases to provide security-focused architectural reviews and development guidance based on Trail of Bits' best practices.

Code Maturity Assessor

Evaluates codebase security and maturity using the Trail of Bits 9-category framework to provide actionable risk reports.

Second Opinion Code Review

Conducts independent, multi-model code reviews using OpenAI Codex and Google Gemini CLI to identify bugs, security flaws, and performance issues.

Substrate Vulnerability Scanner

Scans Substrate and Polkadot pallets for critical security vulnerabilities like arithmetic overflows, panic-driven DoS, and improper origin checks.

Solana Vulnerability Scanner

Scans Solana and Anchor programs for critical security vulnerabilities including arbitrary CPI, improper PDA validation, and missing signer checks.

TON Smart Contract Security Scanner

Analyzes TON blockchain smart contracts written in FunC to identify critical vulnerabilities in boolean logic, Jetton handling, and gas management.

Algorand Vulnerability Scanner

Audits Algorand smart contracts written in TEAL or PyTeal to detect and remediate 11 critical security vulnerabilities.

Debug Buttercup CRS

Diagnoses and troubleshoots the Buttercup Cyber Reasoning System running on Kubernetes clusters.

Token Integration Analyzer

Analyzes smart contract token implementations and integrations to identify security vulnerabilities and non-standard ERC20/ERC721 behaviors.

Cairo Vulnerability Scanner

Scans Cairo and StarkNet smart contracts for critical security vulnerabilities including arithmetic overflows, L1-L2 messaging flaws, and signature replay attacks.

Insecure Defaults Detection

Identifies critical fail-open vulnerabilities where applications run with insecure default configurations instead of crashing safely.

YARA-X Rule Authoring

Guides the creation of high-performance, precision YARA-X rules for malware detection and security auditing.

Audit Prep Assistant

Prepares codebases for professional security reviews by automating static analysis, optimizing test coverage, and generating architectural documentation.

Automated Code Reviewer

Performs rigorous security, correctness, and quality audits on source code with actionable fix suggestions.

AI-Driven Test Generation

Generates comprehensive unit and integration tests using TDD principles and standardized patterns to ensure maximum code reliability.

IDOR Vulnerability Testing

Conducts systematic security audits to identify and mitigate Insecure Direct Object Reference (IDOR) vulnerabilities in web applications and APIs.

Network 101 Lab Assistant

Configures and tests essential network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing labs.

AWS Penetration Testing

Conducts thorough security assessments and ethical hacking operations within Amazon Web Services environments.

XSS & HTML Injection Testing

Conducts comprehensive security audits to identify, exploit, and remediate client-side injection vulnerabilities in web applications.

SMTP Penetration Testing

Conducts comprehensive security audits of SMTP servers to identify vulnerabilities like open relays, user enumeration, and weak authentication.

WordPress Penetration Testing

Performs comprehensive security assessments and vulnerability scanning on WordPress installations to identify and mitigate risks.

Linux Privilege Escalation

Identifies and exploits security misconfigurations, kernel vulnerabilities, and system weaknesses to elevate user privileges on Linux systems.

Pentest Planning & Security Checklist

Provides a structured methodology and comprehensive checklist for planning, executing, and remediating penetration tests.