Security & Testing Claude 技能

Build Quality Gates Implementation

Implements systematic build quality gates using the BAIME framework to reduce CI failures and accelerate error detection.

Go Testing Strategy & Coverage Optimizer

Systematizes project testing with coverage-driven gap closure and automated pattern generation to reach 80%+ code coverage.

OCI CVE Comparison Tool

Compares vulnerability reports between two OCI container images to identify fixed and newly introduced security issues.

Retrospective Validation

Validates methodology effectiveness and tool performance using historical data instead of live deployment cycles.

Python TDD Expert

Implements robust Python features using a strict test-driven development methodology with pytest and FastAPI integration.

Dependency Health & Security

Manages software dependencies through security-first prioritization and batch remediation to ensure policy compliance and reduce technical debt.

Grey Haven Security Practices

Enforces enterprise-grade security standards including multi-tenant isolation, secret management, and robust input validation for modern web stacks.

React TanStack Testing

Automates the creation and validation of robust test suites for React applications utilizing the TanStack ecosystem and Vitest.

TUI Testing Strategies for Bubbletea

Implements advanced testing patterns for Bubbletea v2 terminal applications including visual regression and component state validation.

Code Quality Analysis

Conducts deep security audits, improves code readability, and identifies cross-file architectural issues within Claude Code.

FedRAMP Control Mapping

Maps NIST SP 800-53 security controls to official FedRAMP requirements and implementation guidance.

TDD TypeScript & Vitest Expert

Implements robust TypeScript and React features using a strict red-green-refactor methodology powered by Vitest.

TDD Orchestration & Quality Gates

Orchestrates multi-agent Test-Driven Development workflows with strict red-green-refactor enforcement and automated coverage tracking.

FedRAMP FRMR Analysis

Simplifies FedRAMP compliance by analyzing FRMR documents and mapping security controls directly within Claude Code.

Multi-Tenant Authentication Patterns

Implements production-grade multi-tenant authentication patterns using better-auth, magic links, and passkeys.

Test Generation

Generates comprehensive unit and integration test suites by analyzing existing code structures and identifying edge cases.

Security Analysis

Conducts comprehensive security audits and vulnerability assessments to protect codebases using OWASP standards and threat modeling.

Testing Strategy Framework

Systematizes Go project testing through TDD, coverage-driven gap closure, and high-speed automation tools.

Secure Environment Setup (dotenvx & direnv)

Configures secure, encrypted environment variable management using dotenvx and direnv with full Git worktree support.

Secure Environment Setup

Automates the configuration of encrypted environment variable management and seamless workflow integration using dotenvx, direnv, and git worktree.

Grey Haven Testing Strategy

Standardizes comprehensive testing workflows for TypeScript and Python projects using Vitest, pytest, and industry-leading coverage standards.

Dependency Health

Implements a security-first, policy-driven methodology for systematic dependency management and batch remediation.

Security Skill Template

Provides a standardized framework and blueprint for creating specialized security operations skills for AI coding agents.

QA Engineer Agent

Manages the full quality assurance lifecycle from test planning and bug reproduction to regression analysis and quality reporting.

Better Auth OIDC Configuration

Implements secure OAuth 2.1 and OIDC authentication using Better Auth with guided MCP assistance.

Unit Test Generator

Generates comprehensive, production-ready unit tests across multiple programming languages and frameworks automatically.

Simulation Workload Designer

Designs autonomous, randomized workloads to discover race conditions and edge cases in distributed actor systems.

Orchestrator Plan Validator

Ensures structural integrity of AI-generated orchestrator plan files by validating them against strict JSON schemas.

Security Scanner & Vulnerability Auditor

Conducts automated security audits to identify vulnerabilities, hardcoded secrets, and OWASP Top 10 risks in your codebase.

Codex Second Opinion

Validates code and architectural decisions by leveraging OpenAI Codex models for multi-perspective technical analysis.