Security & Testing Claude 技能

Fresh Eyes Review

Conducts systematic, checklist-based code reviews to identify security, quality, and performance issues before committing code.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate code vulnerability detection and enforce DevSecOps best practices.

Bats Shell Testing Patterns

Streamlines the creation of comprehensive unit tests for shell scripts using the Bash Automated Testing System (Bats).

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Kubernetes Security Policies

Implements defense-in-depth security for Kubernetes clusters through production-ready network isolation, RBAC, and pod security standards.

Kubernetes Security Policy Pro

Implements production-grade Kubernetes security policies including NetworkPolicy, RBAC, and Pod Security Standards.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and test-driven development best practices.

Auth Implementation Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, and robust access control patterns.

Core Development Standards

Enforces standardized development principles across security, testing, performance, and documentation to ensure high-quality software engineering.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, and mocking to ensure high-quality, reliable codebases.

Web3 Smart Contract Testing

Validates and optimizes Solidity smart contracts using professional testing frameworks like Hardhat and Foundry.

Error Handling Patterns

Implements robust error handling strategies and resilient software patterns across multiple programming languages to improve application reliability.

Temporal Python Testing

Implements robust testing strategies for Temporal Python workflows using time-skipping, activity mocking, and determinism validation.

DeFi Protocol Templates

Deploys production-ready smart contract templates for staking, AMMs, governance systems, and flash loans.

Secure Secrets Management

Implements robust security protocols for managing sensitive credentials, keys, and certificates within CI/CD pipelines.

Temporal Python Testing

Implements comprehensive testing strategies for Temporal workflows and activities using pytest and advanced time-skipping techniques.

Error Handling Patterns

Implements robust error handling strategies and resilient patterns like Circuit Breakers across multiple programming languages.

Secrets Management for CI/CD

Secures sensitive credentials and automates secret rotation within CI/CD pipelines using industry-standard tools and cloud services.

ShellCheck Configuration & Linting

Optimizes shell script quality by configuring ShellCheck static analysis, fixing common pitfalls, and enforcing portability standards.

Dependency Upgrade Manager

Facilitates complex framework and library version upgrades using compatibility analysis, staged rollouts, and automated testing strategies.

JavaScript Testing Patterns

Implements robust testing strategies using Jest and Vitest to ensure high-quality, bug-free JavaScript and TypeScript codebases.

Error Handling Patterns

Implements robust error handling strategies and resilient architectural patterns across multiple programming languages.

Debugging Strategies & Root Cause Analysis

Master systematic debugging techniques and profiling tools to efficiently resolve bugs and performance bottlenecks across any technology stack.

E2E Testing Patterns

Implements reliable end-to-end testing suites using Playwright and Cypress to ensure application stability and catch regressions.

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

Auth Implementation Patterns

Implements secure authentication and authorization systems including JWT, OAuth2, and role-based access control patterns.

Debugging Strategies & Root Cause Analysis

Master systematic debugging techniques and profiling tools to efficiently resolve bugs and performance issues across any technology stack.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure reliable user journeys and zero regressions.

SAST Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Web Application Testing

Tests local web applications using Playwright scripts with automated server lifecycle management and DOM inspection capabilities.