Security & Testing Claude 技能

Verification Loop

Ensures code quality and stability through a comprehensive multi-phase verification process including builds, tests, and security scans.

Integrity Validation System

Ensures project stability by performing pre- and post-operation snapshots to detect missing components and prevent data loss during refactoring.

Security Audit & Best Practices

Implements rigorous security audits and best practices for web applications, APIs, and sensitive data handling.

Code Analysis & Quality

Analyzes codebase structure and complexity to identify refactoring opportunities and technical debt.

Go Testing Patterns & TDD

Implements idiomatic Go testing patterns and TDD workflows to build robust, high-performance applications with comprehensive coverage.

Playwright E2E Testing

Generates robust, maintainable Playwright end-to-end tests using fixtures and accessibility-first best practices.

Python Testing Patterns

Implements comprehensive testing strategies using pytest, fixtures, and mocking to ensure robust Python code quality.

Security Audit

Conducts comprehensive security reviews to identify vulnerabilities, configuration flaws, and sensitive data exposure within codebases.

Security Audit & Secure Coding

Conducts comprehensive security audits and implements OWASP-aligned secure coding patterns for PHP applications.

Enterprise Readiness Assessment

Assess and enhance software projects for enterprise-grade security, quality, and supply chain automation.

Architectural Health Audit

Analyzes codebase structure to identify circular dependencies, low cohesion, and hidden technical debt hotspots.

Targeted Test Prioritization

Identifies high-priority testing targets by analyzing code risk, complexity, and historical churn.

Test-Driven Development Workflow

Guides developers through the Red-Green-Refactor cycle to ensure robust, testable, and clean code implementation.

TDD Workflow

Implements a structured Red-Green-Refactor cycle to ensure code reliability and maintainability through Test-Driven Development.

Playwright E2E Testing Setup

Configures a comprehensive Playwright end-to-end testing environment with best practices, fixtures, and CI/CD integration.

Vitest Testing Suite Setup

Configures Vitest as a comprehensive unit and integration testing framework with Testing Library integration and monorepo support.

Find Bugs

Locates high-risk code areas, hotspots, and potential defects using advanced code intelligence metrics.

Python Type Checking with ty

Performs ultra-fast Python static type analysis using Astral's Rust-based type checker.

Platform Testing Standards

Implements framework-agnostic testing principles and patterns to ensure robust, high-confidence software through behavior-driven verification.

NIST Compliance Standards

Implements NIST security standards and best practices to ensure production-grade software compliance and vulnerability prevention.

Binary Reverse Engineering Toolkit

Analyzes binaries, executables, and bytecode using a structured methodology to uncover functionality and internal logic.

Security Threat Modeler

Performs systematic security reviews and vulnerability assessments using the STRIDE methodology and trust boundary mapping.

Review Coverage

Analyzes code diffs against the main branch to identify and report gaps in test coverage.

Have I Been Pwned Security Integration

Integrates the Have I Been Pwned API to check for compromised accounts, passwords, and data breaches within security workflows.

Automated Manifest Verification

Orchestrates parallel agentic verification of project requirements, global invariants, and acceptance criteria.

Chrome UI Tester

Automates end-to-end UI testing in Google Chrome with visual validation, responsive checks, and technical debugging.

Python Testing Specialist

Writes, reviews, and optimizes Python tests using pytest with a focus on atomic structure, async support, and FastMCP integration.

Code Validation Checklist

Validates code against custom checklists and security standards before execution to ensure quality and compliance.

Dev: Advanced Quality Review

Performs a multi-layered quality audit using PHPStan level 9, Elegant Objects principles, and adversarial edge-case testing.

Salesforce Apex Expert

Generates and reviews production-ready Salesforce Apex code using 2025 best practices and a rigorous 150-point quality scoring system.