Security & Testing Claude 技能

Test Writing Strategy

Develops focused, behavior-driven unit and integration tests that prioritize critical user flows and fast execution.

Global Error Handling

Implements robust, standardized error management patterns to ensure system stability and provide clear, user-friendly feedback during failures.

Software Engineering Best Practices

Enforces rigorous software engineering standards including TDD, Clean Architecture, and Feature-Sliced Design during code implementation.

Temporal Python Testing

Streamlines the testing of Temporal workflows using pytest, time-skipping techniques, and deterministic replay validation.

AstroApps Local Auth UI Hooks

Simplifies building React-based authentication pages for email and password identity systems with robust form management.

Validate Test Coverage

Validates code coverage thresholds and maps test results to specific requirements to ensure software quality homeostasis.

Refactor BDD Implementation

Refactors BDD components including Gherkin scenarios, step definitions, and feature code to eliminate technical debt while maintaining passing tests.

Enterprise Identity & SSO Management

Implements advanced enterprise identity and access management patterns using SAML 2.0, OIDC, and SCIM protocols.

Secrets Validator

Detects and prevents the exposure of credentials, API keys, and sensitive data within code and configuration files.

Moai Security Threat Modeling

Analyzes system architectures using STRIDE methodology and generates production-ready IDS/IPS and WAF security rules.

Design Coverage Validator

Ensures architectural readiness by validating that all project requirements are mapped to specific components, APIs, and data models.

Infrastructure Security Scanner

Scans infrastructure configuration files for security vulnerabilities and misconfigurations in Docker, Kubernetes, and Terraform.

Formula Code Generator

Automatically converts mathematical formula specifications into production-ready code with comprehensive test coverage.

Requirement Traceability Coverage Report

Generates comprehensive test coverage reports mapped to specific requirements to identify testing gaps and ensure quality compliance.

BDD Workflow Orchestrator

Automates the complete Behavior-Driven Development lifecycle from Gherkin scenario creation to requirement-traced implementation and refactoring.

Clerk Enterprise Auth Expert

Architects and implements scalable identity systems using Clerk with AI-powered patterns and multi-tenant orchestration.

Test-Driven Development (TDD) Workflow

Implements disciplined Red-Green-Refactor cycles for high-quality software development using TypeScript, Bun, and Rust.

Scenario Testing

Validates application features end-to-end using real dependencies and a strict no-mock testing architecture.

Requirement Traceability Tagger

Automates the tagging of source code, tests, and commit messages with requirement IDs to ensure full traceability throughout the SDLC.

SecLists Fuzzing & Security Payloads

Automates vulnerability discovery by providing curated fuzzing payloads for SQL injection, command injection, and NoSQL exploits.

SecLists Web-Shells

Provides a comprehensive library of web shell samples across multiple languages for security research and detection validation.

Systematic Debugging

Implements a rigorous four-phase investigation framework to identify and resolve software defects through evidence-based analysis and root-cause verification.

Senior Developer

Instills senior-level engineering judgment and decision-making principles to ensure high-quality, maintainable, and secure code architecture.

Auth Route Protection Checker

Audits and secures Next.js routes, server components, and API endpoints by identifying authentication gaps and generating robust protection logic.

Testing Next Stack

Scaffolds a comprehensive testing infrastructure for Next.js applications including unit, component, E2E, and accessibility testing tools.

Skill Reviewer and Enhancer

Audits and upgrades Claude Code skills to ensure adherence to Anthropic best practices, proper structural validation, and modern domain patterns.

ESLint, Prettier & Husky Configuration

Configures comprehensive code quality tooling including ESLint v9 flat config, Prettier formatting, and Husky git hooks for Next.js or React projects.

Hostinger Security & WordPress Audit

Secures Hostinger VPS infrastructure and WordPress installations through automated audits, Fail2ban management, and server hardening.

Requirement Coverage Sensor

Audits software requirements against source code and test files to identify gaps in implementation and validation.

A11y Checker CI

Integrates automated accessibility testing into CI/CD pipelines to enforce WCAG compliance and generate detailed remediation reports for pull requests.