Security & Testing Claude 技能

Code Verification Loop

Automates a comprehensive six-stage quality assurance process to ensure codebases remain stable, secure, and production-ready.

Full Threat Modeling & Security Analysis

Automates comprehensive security threat modeling by identifying vulnerabilities, verifying controls, and mapping compliance frameworks directly within your development workflow.

Adversarial Fingerprint Testing

Validates Pivot pipeline fingerprinting by identifying code changes that bypass cache invalidation logic.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specified tasks, requirements, and design artifacts before archiving.

Quick Threat Assessment

Performs rapid security scans and automated threat modeling to identify critical vulnerabilities in under 30 seconds.

Threat Model Status Report

Provides a real-time overview of your application's security posture, tracking threats, controls, and compliance coverage directly within Claude Code.

OpenSpec Implementation Verifier

Verifies that code implementations align perfectly with change artifacts, specifications, and design requirements before archiving.

OpenSpec Implementation Verifier

Verifies that code implementations accurately match specifications, tasks, and design requirements before archiving changes.

Test-Driven Development (TDD) Mastery

Enforces a strict Test-Driven Development workflow by requiring failing tests before any production code is implemented.

SDD Quality Reviewer

Validates code against specification checklists and quality gates for single or multi-domain projects.

Systematic Debugging

Enforces a rigorous, four-phase root cause analysis process before any code fixes are proposed or implemented.

Verification Before Completion

Enforces rigorous evidence-based verification and command execution before any task completion claims are made.

AI Risk Mapper

Identifies, analyzes, and mitigates security risks in AI systems and LLM applications using the CoSAI Risk Map framework.

Etendo Java Test Generator

Automates the creation of comprehensive Java unit and integration tests for Etendo ERP modules with full framework support.

Code Testing Agent

Suggests and generates targeted, behavior-driven tests to maximize code coverage and reliability.

Node.js Jest Testing

Implements comprehensive testing suites for Node.js applications using Jest, covering unit tests, mocking, and API integration.

WS Verifier

Reviews and validates implementation output against project documentation, coding standards, and specific task requirements.

Test Review & Audit Agent

Audits existing test suites to identify quality issues, coverage gaps, and misalignment with source code behavior.

ERC-4337 Privacy Wallet Dev

Develops privacy-preserving ERC-4337 account abstraction wallets for sensitive data like vehicle identities and biometric information.

NestJS Testing Suite

Generates standardized NestJS unit, integration, and E2E tests following professional 3-layer architecture conventions.

WS Debugger

Investigates bug reports by tracing execution paths and identifying root causes through deep source code analysis.

TDD Workflow for Claude Code

Enforces a rigorous test-driven development cycle with automated unit, integration, and E2E testing to ensure 80%+ code coverage.

Eval Harness

Implements a formal evaluation framework for Claude Code to enable Eval-Driven Development (EDD) and track model reliability.

Brownfield Project Modernizer

Automates dependency upgrades, breaking change fixes, and spec synchronization for Node.js and TypeScript projects.

Plugin Compliance Auditor

Audits Claude Code plugins for marketplace compliance, security protocols, and architectural best practices.

Threat Modeling & Security Scoping

Establishes structured threat models and trust boundaries before security audits to ensure prioritized, context-aware vulnerability analysis.

CCG Code Guardian

Enhances development workflows with persistent memory, automated security guarding, and multi-agent coordination for complex repositories.

Claude Code Security Scan

Audits your Claude Code configuration files for security vulnerabilities, misconfigurations, and prompt injection risks using AgentShield.

Targeted Vulnerability Analysis

Performs rigorous, depth-first security audits by tracing data flows and proving exploitability based on established threat models.

Backend Testing & Automation

Implements comprehensive backend testing strategies including unit, integration, E2E, and load testing using industry best practices.