Security & Testing Claude 技能

Dwarf Debugging Expert

Analyzes DWARF debug files and provides deep technical insight into DWARF standards for binary analysis and low-level debugging.

Token Integration Analyzer

Analyzes smart contract token implementations and integrations for security vulnerabilities and compliance with industry standards.

Security Best Practices Reviewer

Performs language-specific security reviews and provides actionable improvements for Python, JavaScript, and Go projects.

Burp Suite Project Parser

Parses and explores Burp Suite project files from the command line to streamline security audits and traffic analysis.

Keychain Secure

Manages sensitive credentials using the hardware-backed macOS Keychain with mathematically balanced GF(3) operations.

Fnox Secrets Management

Manages encrypted secrets using age encryption and mathematical GF(3) triadic conservation for secure, git-safe configuration.

Threat Model Generation

Generates comprehensive STRIDE-based security threat models by analyzing repository architecture and data flows.

Move Smart Contract Fuzzing

Secures Move smart contracts through comprehensive fuzzing, property testing, and vulnerability detection for Aptos, Sui, and Movement blockchains.

Intent Sink Validation

Validates intent-centric architectures by ensuring requests are well-formed, authorized, and resource-balanced before execution.

TDD Workflow

Implements features and fixes bugs using the disciplined Red-Green-Refactor cycle of Test-Driven Development (TDD).

Effect-TS Testing Patterns

Provides standardized patterns and best practices for writing comprehensive tests for Effect-TS applications and services.

MDM Cobordism

Manages macOS Mobile Device Management (MDM) and authentication states using topological cobordism and triadic logic.

Systematic Debugging Strategies

Master advanced debugging techniques and root cause analysis to efficiently identify and resolve complex software bugs across any technology stack.

Deliberation & Red Teaming

Conducts structured adversarial reviews to challenge assumptions and identify hidden vulnerabilities in plans or architectures.

Audit Context Builder

Performs deep, line-by-line code analysis to establish architectural context for security audits and bug detection.

Reverse Engineering Suite

Performs deep binary analysis, decompilation, and malware research using industry-standard tools like Ghidra, IDA Pro, and radare2.

Dynamic Sufficiency

Gates agent actions using ε-machine causal state inference to ensure verified skill coverage before task execution.

Auth Patterns

Implements secure authentication and authorization patterns using modern industry standards.

MCP Spec Checker

Performs semantic diffing and triadic verification on Model Context Protocol (MCP) specifications to detect breaking changes and validate compliance.

Dynamic Sufficiency

Prevents agent actions by verifying minimal skill coverage using ε-machine causal state modeling.

Fuzzing Obstacles

Enhances security testing effectiveness by identifying and overcoming technical barriers that prevent fuzzers from reaching deep code paths.

Narya Event Proofs

Generates mechanically verified cryptographic proofs and audit trails for event-sourced systems to ensure consistency, security, and deterministic replay.

Tizen Certification Coordinator

Orchestrates the Tizen certification lifecycle by coordinating TCT test execution, compliance verification, and documentation.

Spec to Code Compliance

Verifies that source code accurately implements technical specifications and whitepapers to ensure protocol integrity during blockchain audits.

Constant-Time Security Testing

Verifies cryptographic implementations for timing side-channel vulnerabilities to ensure data-independent, constant-time execution.

Security Ownership Map

Analyzes git history to map security ownership, calculate bus factor for sensitive code, and identify orphaned repository hotspots.

Citizen Lab Digital Forensics

Performs advanced digital forensics and malware analysis to detect targeted surveillance and device compromise.

Testcontainers for Go

Automates the setup and management of Docker-based integration tests for Go applications using pre-configured modules and best practices.

Boneh-Roughgarden WEV Mechanism

Implements protocol-aligned value extraction and transaction fee mechanisms based on Stanford FDCI research.

Solana Vulnerability Scanner

Automates security audits for Solana smart contracts by identifying critical vulnerabilities including arbitrary CPI and improper PDA validation.