Security & Testing Claude 技能

ISO 27001 Information Security Manager

Implements ISO 27001 information security management standards and quality management workflows within Claude Code.

XSS Vulnerability Scanner

Scans web applications for Cross-Site Scripting vulnerabilities and provides context-aware remediation guidance.

Test Coverage Analyzer

Analyzes code coverage metrics to identify untested code paths and generate detailed quality reports.

Code Smell Detector & Refactor Guide

Analyzes source code to identify anti-patterns, complexity issues, and technical debt while providing senior-level refactoring advice.

Accessibility Test Scanner

Conducts comprehensive WCAG accessibility audits and ARIA validations to ensure web applications are inclusive and compliant.

Threat Model Initializer

Automates the creation of comprehensive threat models by analyzing architecture documentation and system components.

Django Security Pro

Secures Django applications using industry-standard patterns for authentication, protection, and production-ready configurations.

Regression Test Tracker

Automates the identification, execution, and analysis of regression tests to prevent breaking changes and ensure code stability.

Configuration & Secrets Reviewer

Audits application configurations and secret management to ensure production safety, environment parity, and security compliance.

Claude Plugin Validator

Ensures Claude Code plugins meet structural, security, and marketplace standards through automated comprehensive validation.

Playwright Smart Test Reporting

Generates and routes comprehensive Playwright test reports to Slack, TestRail, GitHub, or Markdown files.

Apex Ship & AI Code Review

Finalizes software tasks through multi-agent adversarial code reviews, automated git commits, and pattern-based learning.

Security Pattern Check

Identifies security vulnerabilities and anti-patterns to provide senior-level feedback on code safety and compliance.

Engineering Environment Secrets Manager

Manages sensitive engineering environment variables and secrets using OpenClaw-native workflows and explicit verification.

Nitro & Nuxt 3 Testing Patterns

Streamlines testing for Nuxt 3 and Nitro applications using transactional PostgreSQL isolation and advanced component testing patterns.

Testing Implementation

Implements comprehensive test suites and quality assurance workflows using industry-standard frameworks and coverage targets.

Lighthouse Web Auditor

Audits web page quality including performance, accessibility, SEO, and best practices using the Lighthouse CLI.

Playwright CLI Expert

Automates end-to-end testing and browser workflows using the Playwright CLI to record, debug, and execute tests across multiple platforms.

Systematic Debugging

Implements a rigorous, four-phase debugging methodology to identify root causes and prevent guesswork in software troubleshooting.

Django Verification Suite

Conducts comprehensive pre-deployment and pull request audits for Django applications including migrations, security scans, and test coverage.

Team Codex Code Validator

Enforces Kotlin and Spring Boot architectural standards through automated quality gate checks and reactive pattern validation.

Root Cause Tracing

Systematically traces software bugs backward through the call stack to identify and resolve the original trigger.

Security Reviewer Role

Conducts threat-focused security audits and provides actionable vulnerability remediation steps for codebases.

Infrastructure Security Reviewer

Audits infrastructure-as-code and cloud configurations to identify security vulnerabilities, hardcoded secrets, and compliance gaps.

mTLS Security Configuration

Configures mutual TLS (mTLS) for zero-trust service communication and automated certificate management across cloud-native environments.

Webapp Testing Compatibility Bridge

Integrates Anthropic's specialized web application testing capabilities into OpenClaw-native environments for seamless automated verification.

Smart Test Generator

Automatically generates comprehensive unit, integration, and E2E tests by detecting project frameworks and applying best-practice patterns.

Systematic Debugging

Implements a rigorous, evidence-based methodology for identifying root causes and resolving complex software bugs without guesswork.

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Test Coverage Improver

Automates the identification of code coverage gaps and generates high-impact tests to strengthen software reliability.