Security & Testing Claude 技能

Secure Environment Manager (dotenvx + direnv)

Configures secure, encrypted environment variable management optimized for Git worktrees and parallel development workflows.

Accessibility Review Specialist

Automates comprehensive accessibility audits for web pages, source code, and design mockups based on WCAG 2.2 and WAI-ARIA standards.

Java 25 & Spring Boot 4 Code Reviewer

Conducts expert-level architectural and security reviews for modern Java 25 and Spring Boot 4 applications.

Next.js Authentication Patterns

Implements advanced Clerk authentication patterns for Next.js applications, including Server Actions, middleware, and caching strategies.

Clerk E2E Testing

Streamlines end-to-end testing for Clerk-powered applications by providing framework-specific guidance for Playwright and Cypress.

Permission Test Skill

Verifies permission levels and access controls within the Claude Code environment.

Whitelist Bypass Security Testing

Facilitates security audits by attempting to bypass whitelist restrictions to identify and mitigate potential vulnerabilities.

Clerk Authentication Setup

Integrates Clerk authentication into web and mobile projects by automatically executing official framework-specific quickstart guides.

Web App Testing

Automates end-to-end testing and UI debugging for local web applications using Playwright and integrated server management.

DevTools Secrets Manager

Orchestrates and secures development environments using the mise, fnox, and Infisical secrets management toolchain.

TDD Workflow

Implements a strict Red-Green-Refactor cycle for disciplined Test-Driven Development within Claude Code.

Intelligent Code Reviewer

Performs comprehensive, multi-agent code reviews focusing on architecture, security, performance, and style consistency.

Comprehensive Code Analyzer

Performs multi-agent analysis of source code to provide deep insights into architecture, security vulnerabilities, and performance bottlenecks.

RSpec Testing for Rails

Generates and refactors high-quality RSpec test suites for Ruby on Rails applications using industry-standard best practices.

Automated Test Generator

Generates comprehensive unit, integration, and end-to-end tests using advanced strategies like property-based and mutation testing.

Implementation Reviewer

Verifies completed implementations against project specifications using high-rigidity quality gates and automated code audits.

Unit Testing Expert

Implements production-grade unit testing strategies using Vitest and Jest, specializing in TDD, mocking, and coverage analysis.

Increment Quality Judge

Evaluates software specifications and plans using AI-powered risk scoring and formal quality gate validation.

Python Type Hint Auditor

Audits Python code diffs and new files to ensure strict type hint compliance and robust structural design patterns.

Code Reviewer Pro

Performs comprehensive code audits for security vulnerabilities, performance bottlenecks, and architectural best practices.

TDD Expert

Master the red-green-refactor cycle and build high-quality, testable software with expert Test-Driven Development guidance.

OCaml Testing Suite

Implements comprehensive testing strategies for OCaml libraries using Alcotest, Eio mocks, and Cram integration tests.

Systematic Bug Fixing

Standardizes the end-to-end bug resolution process from discovery and tracking to regression testing and verification.

Testing Anti-Patterns Guard

Enforces high-quality testing standards by preventing mock-testing, production code pollution, and uninformed dependency isolation.

dbt Unit Testing

Streamlines the creation and configuration of unit tests for dbt models to ensure SQL logic reliability and facilitate TDD.

Version Checker

Analyzes dependency compatibility, detects breaking changes, and scans for security vulnerabilities to ensure robust software updates.

TypeScript Quality Checker

Validates TypeScript and JavaScript codebases through automated linting, formatting, type checking, and security analysis.

Test-Driven Development

Enforces a rigorous RED-GREEN-REFACTOR cycle to ensure every line of production code is verified by a failing test first.

Playwright E2E Testing

Automates robust end-to-end testing workflows using Playwright, providing expertise in browser automation, visual regression, and accessibility audits.

Systematic Debugging & Tooling

Enforces a rigorous, tool-assisted methodology to identify and resolve the root cause of software bugs through systematic investigation and evidence-based hypotheses.