Security & Testing Claude 技能

Go Call Graph Reachability Analysis

Performs deep call graph analysis to determine if vulnerable functions are reachable from program entry points.

CVE Intelligence Gathering

Systematically collects comprehensive security vulnerability data from multiple authoritative sources to build detailed CVE profiles.

Go Security Remediation Planning

Generates actionable, step-by-step remediation plans for security vulnerabilities in Go modules and applications.

Visual Testing & UI Verification

Automates visual audits and UI verification by capturing screenshots, analyzing DOM structures, and comparing live pages against design specifications.

Go Codebase CVE Impact Analysis

Evaluates Go projects for vulnerability exposure by performing multi-layered impact analysis and call graph reachability checks.

SLB Secure Command Guard

Implements a two-person approval rule for destructive CLI commands executed by AI agents to prevent data loss and infrastructure damage.

CI Test Skill

Verifies the correct installation, structure, and parsing of Claude skills for PRPM integration testing.

CI Test Droid Skill

Verifies the correct installation of Droid skills for PRPM integration testing.

Systematic Debugging

Implements a disciplined, four-phase debugging workflow using specialized agents to identify and resolve root causes of technical issues.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure all production code is verified by failing tests first.

Systematic Bug Fixing

Automates a rigorous bug-fixing workflow including issue tracking, root-cause debugging, TDD regression testing, and verification.

Test Effectiveness Auditor

Audits test suites with Google Fellow SRE-level scrutiny to eliminate vanity metrics and identify real logic gaps.

Implementation Review Agent

Verifies completed code implementations against specifications using high-scrutiny, evidence-based audits to ensure production readiness.

Testing Anti-Patterns Guard

Enforces rigorous testing standards by preventing brittle mocks, production code pollution, and misunderstood dependency isolation.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve the original trigger instead of patching symptoms.

Parallel Agent Dispatcher

Dispatches multiple specialized agents concurrently to investigate and resolve three or more independent system failures.

Strict Task Verification

Enforces rigorous evidence-based verification before any task, bug fix, or build is claimed as complete.

Codex Oracle

Consults an external AI oracle (OpenAI Codex) for advanced code review and architectural planning.

Neon Auth Integration

Configures secure authentication, UI components, and social login for Next.js, React, and Node.js applications using Neon Auth.

BiomeJS Configuration

Configures BiomeJS for code formatting and linting using best practices for monorepos, UI projects, and Git hooks.

Rust Mutation Testing

Analyzes Rust test suite effectiveness by injecting faults and measuring detection rates.

Formal Methods Discovery

Enables automatic access to formal methods, theorem proving, and verification tools within Claude Code.

Cryptography & Security Discovery

Automates the discovery of security and cryptography skills to help developers implement robust encryption, PKI, and TLS configurations.

Security Discovery & Hardening

Automates the identification and application of specialized security skills for authentication, vulnerability assessment, and application hardening.

Testing Skills Discovery

Automatically discovers and enables specialized testing workflows for unit, integration, and E2E testing scenarios.

Debugging Discovery & Diagnostics

Streamlines the identification and resolution of software bugs by automatically loading specialized debugging and profiling skills.

Tracealyzer for x64dbg

Automates x64dbg execution tracing and provides deep analysis of instruction logs to identify code patterns and control-flow behavior.

x64dbg Decompiler with angr

Decompiles functions from debugged binaries into readable C-like pseudocode using the angr analysis framework.

x64dbg State Differential Analysis

Identifies and interprets register and memory changes between two x64dbg debugger snapshots to provide a detailed narrative of program behavior.

YARA Signature Scanner for x64dbg

Analyzes x64dbg memory snapshots using YARA signatures to identify malware patterns, packers, and cryptographic constants.