Security & Testing Claude 技能

Crypto Security Remediation

Fixes cryptographic security flaws by replacing weak algorithms, insecure randomness, and broken TLS configurations with language-specific secure patterns.

Authentication Security Remediation

Provides language-specific patterns and secure implementations for fixing authentication and authorization vulnerabilities in codebases.

Security Audit Reporting

Generates standardized, professional security audit reports with automated severity classification and ASVS mapping.

OWASP ASVS 5.0 Security Requirements

Accesses and maps OWASP ASVS 5.0 requirements to streamline security audits and ensure application compliance across 17 domains.

gdUnit4 Test Writer

Generates robust GDScript unit and integration tests for the Godot engine using the gdUnit4 framework.

Code Reviewer

Conducts systematic code reviews to ensure requirements compliance, security, and quality before testing or merging.

OpenWebF DevTools Debugging

Debugs WebF application runtime issues using Chrome DevTools to inspect console logs, network requests, and DOM elements.

Python Testing Strategy

Standardizes Python testing workflows using pytest with structured file naming, coverage goals, and API-first testing patterns.

Frontend Accessibility

Implements semantic HTML, keyboard navigation, and ARIA standards to ensure web applications are inclusive and WCAG-compliant.

TypeScript Type Safety Review

Conducts comprehensive TypeScript code reviews to identify type safety violations, security risks, and runtime reliability issues.

Testing Blocks

Validates code changes in AEM Edge Delivery Services projects using a value-driven testing philosophy that balances durable unit tests with efficient browser-based UI validation.

Global Truth Safety

Ensures technical accuracy and radical candor by delivering verified code, surfacing risks immediately, and making evidence-based assertions.

E2E Testing Patterns

Implements and optimizes end-to-end testing suites using Playwright and Cypress best practices to ensure application reliability.

Testing & Test Writing

Implements rigorous Test-Driven Development (TDD) practices, covering edge cases and ensuring high code coverage through maintainable, fast-executing test suites.

Global Validation

Ensures robust data integrity by implementing multi-layered, allowlist-based validation and structured error handling across all system boundaries.

Global Validation

Implements comprehensive input validation and sanitization across client and server environments to ensure data integrity and security.

Frontend Accessibility

Implements WCAG-compliant web interfaces using semantic HTML, ARIA attributes, and robust keyboard navigation to ensure inclusive user experiences.

Probitas Setup

Initializes Probitas project environments and installs necessary CLI tools for E2E testing and automation.

Newman API Testing & Automation

Automates API testing workflows using Newman and Postman collections with robust environment management and reporting.

Peer LLM Code Consultant

Executes parallel code reviews using external LLM CLIs like Gemini and Codex to provide diverse architectural and quality insights.

Git Security & Quality Hooks

Automates security scanning and quality enforcement through a two-layer system of local Git hooks and GitHub Actions.

Playwright E2E Testing

Streamlines the creation, execution, and debugging of robust end-to-end browser tests using Playwright.

Frontend Testing & Quality Suite

Implement comprehensive frontend testing patterns for React and Next.js applications, covering component, visual regression, accessibility, and performance audits.

Security Validation

Protects AI workflows by implementing runtime secret scanning, PII masking, and prompt injection defense mechanisms.

Probitas Framework Information

Provides specialized knowledge and guidance for the Probitas scenario-based E2E testing framework for backend services.

TDD Workflow Manager

Enforces a rigorous Red-Green-Refactor cycle to ensure high-quality, test-driven code development within Claude Code.

Probitas E2E Test Writer

Automates the creation and editing of end-to-end (E2E) testing scenarios for the Probitas ecosystem using a specialized AI agent.

Vault & Secrets Management

Streamlines HashiCorp Vault workflows and Kubernetes secret management using industry-standard security best practices.

Critical Thinking & Self-Skepticism

Enforces a rigorous, self-skeptical development mindset focused on technical accuracy and red-teaming assumptions.

Async Testing Expert

Implements comprehensive async Python testing patterns using pytest for FastAPI applications and database interactions.