Security & Testing Claude 技能

Systematic Debugging

Implements a rigorous, four-phase debugging framework to identify root causes and ensure robust software fixes through multi-layer validation.

Testing Patterns & TDD

Implements robust Jest testing strategies, factory functions, and TDD workflows for maintainable React and Node.js applications.

Shodan Reconnaissance & Pentesting

Automates network reconnaissance and vulnerability discovery using the Shodan search engine to identify exposed internet-connected devices and services.

API Security & Fuzzing Specialist

Guides comprehensive security assessments for REST, GraphQL, and SOAP APIs to identify vulnerabilities like IDOR, injection attacks, and authentication bypasses.

C# & Angular Test Generation

Generates production-grade unit and integration tests for C# backend and Angular frontend applications using xUnit and Jest.

Clerk Authentication Integration

Simplifies the implementation of secure user authentication and session management using Clerk for modern web applications.

XSS & HTML Injection Security Testing

Performs comprehensive security audits to identify and demonstrate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

Pragmatic TDD & Hexagonal Architecture

Implements resilient, domain-rich business logic using behavior-focused test-driven development and clean architecture patterns.

Claude Skill Reviewer

Validates and audits Claude Code skills and agents against architectural, implementation, and storage standards.

macOS File Origin Auditor

Analyzes the macOS quarantine database to track file download sources, audit security risks, and manage system download history.

AI-Powered E2E Testing with Browser-Use

Generates and executes end-to-end browser tests using AI-driven automation for complex user journeys and authenticated flows.

Form Debugger & Auditor

Audits web forms for accessibility, validation, security, and autocomplete compatibility using Playwright automation.

Software Testing Strategy Expert

Provides expert, language-agnostic guidance on software testing strategies, methodologies, and quality assurance best practices.

StackShift Modernize

Upgrades legacy dependencies and modernizes brownfield applications while maintaining rigorous spec-driven control and high test coverage.

Feature Flag Implementation

Implements, manages, and automates feature flag lifecycles using type-safe patterns and best practices.

Advanced Dependency Manager

Manages complex software dependency upgrades through compatibility analysis, staged rollout strategies, and comprehensive validation testing.

Secure Secrets Management

Implements robust secrets management and rotation strategies across CI/CD pipelines and cloud environments to protect sensitive credentials.

Authentication Implementation Patterns

Implements secure, industry-standard authentication and authorization patterns including JWT, OAuth2, and Role-Based Access Control.

Systematic Debugging Strategies

Implements methodical troubleshooting techniques and root cause analysis to efficiently resolve complex software bugs across multiple tech stacks.

Advanced Debugging Strategies

Employs systematic troubleshooting techniques and profiling tools to identify and resolve complex software defects and performance bottlenecks.

Auth Implementation Patterns

Implements secure authentication and authorization systems including JWT, OAuth2, and RBAC using industry-standard security patterns.

TypeScript Development & TDD

Implements type-safe, test-driven TypeScript features following strict dependency injection patterns.

TypeScript Testing

Implements comprehensive, type-safe testing suites for TypeScript projects using modern frameworks and best practices.

TypeScript Testing Methodology

Implements a high-confidence, three-tiered testing framework for TypeScript using dependency injection and behavior-driven patterns.

No-Mock Test Strategy

Implements a high-confidence testing methodology focused on real-world behavior and the elimination of brittle mocks.

Strict TypeScript Code Reviewer

Enforces rigorous TypeScript quality standards by rejecting mocks, validating dependency injection, and running comprehensive static analysis.

Systematic Debugging

Enforces a rigorous four-phase framework to identify root causes and implement stable fixes for any technical issue.

AI Manipulation Defense System (AIMDS)

Protects AI agents from adversarial attacks and manipulation using temporal analysis, vector intelligence, and formal verification.

Systematic Testing & Debugging

Guides test-driven development and systematic debugging through structured frameworks and comprehensive test suite generation.

Load Test Runner

Generates and executes comprehensive load testing scripts to validate application performance and identify architectural bottlenecks.