Security & Testing Claude 技能

Validator Role

Implements rigorous software quality assurance, comprehensive test suites, and security-focused code reviews to ensure production-grade standards.

QA Screenshot Validation

Validates UI screenshots for layout integrity, element clipping, and rendering issues with intelligent viewport handling.

RAG/CAG Security Patterns

Secures retrieval-augmented and cache-augmented generation systems through multi-tenant isolation, document-level access control, and prompt injection prevention.

QA Element Extraction

Automates the capture of specific UI component screenshots from QA test procedures to create clear visual documentation.

Testing Infrastructure

Implements comprehensive testing infrastructure and patterns for monorepos using Vitest, React Testing Library, and Storybook.

QA Test Management

Manages the end-to-end QA test lifecycle with automated naming conventions, directory structures, and traceability to requirements.

OAuth Implementation

Implements secure OAuth 2.0 and OpenID Connect authentication flows using standardized industry patterns and security best practices.

Code Hardcode Audit

Audits codebases for hardcoded values, magic numbers, duplicate constants, and potential secret leaks using industry-standard scanning tools.

Multi-Agent E2E Database Validation

Orchestrates parallel AI agents to rigorously validate database refactors, schema migrations, and complex system transitions.

MCP Fortress Security Scanner

Protects Model Context Protocol (MCP) ecosystems by scanning servers for vulnerabilities, prompt injection attacks, and malicious tool poisoning.

Enterprise Cybersecurity Policy Generator

Generates framework-compliant enterprise cybersecurity policies in multiple formats using industry-standard templates from SANS and CIS Controls.

Lighthouse CI Integrator

Integrates Lighthouse CI into development workflows to automate performance auditing and enforce Core Web Vitals budgets.

Sinatra Security Expert

Implements industry-standard security best practices for Sinatra applications to prevent common vulnerabilities like CSRF, XSS, and SQL injection.

QA Testing & Methodology

Implements standardized QA frameworks and test design patterns to ensure comprehensive software quality and accessibility coverage.

Chaos Engineering Setup

Implements robust chaos engineering practices and tools to validate system resilience and fault tolerance through controlled experimentation.

Testing Framework Helper

Generates comprehensive unit, integration, and E2E test suites across multiple languages and frameworks using industry best practices.

Ark Chainsaw Testing

Executes and scaffolds end-to-end Ark resource tests using the Chainsaw framework and mock-LLM configurations.

Global Security

Guides AI-assisted coding to adhere to established global security standards and best practices.

Agent Tool Permissions

Configures granular tool permissions and path restrictions for secure, multi-agent Claude Code workflows.

Coverport Integration

Integrates the `coverport` tool into Go repositories to collect and upload end-to-end test coverage data to Codecov via Tekton pipelines.

Privacy Compliance

Implements robust data protection standards and regulatory compliance for global privacy jurisdictions.

MCP Security Architect

Implements a robust 5-layer defense architecture to secure multi-agent systems and MCP pipelines against prompt injection and unauthorized access.

Backend Tests

Guides the creation and maintenance of backend tests according to established coding standards and best practices.

AI Content Detection

Analyzes academic drafts and documentation to identify patterns typical of AI-generated text and ensures an authentic, human-authored writing style.

CORS Configuration Validator

Validates and secures Cloudflare Workers CORS configurations to ensure proper header handling and cross-origin security.

QA Screenshot Management

Standardizes screenshot capture, naming, and organization to ensure visual traceability and consistency during QA testing.

Maven Build and Test Strategy

Orchestrates parallel Maven builds and intelligent test execution for complex Java and Scala projects.

Code Reviewer

Automates comprehensive code audits using research-backed security standards, performance pattern detection, and automated quality enforcement.

Mock Generator

Generates automated test mocks, stubs, and fixtures across multiple languages and testing frameworks.

Testing Framework Helper

Generates comprehensive, production-ready test suites for JavaScript, TypeScript, and Python using frameworks like Jest, Pytest, and Playwright.