Security & Testing Claude 技能

Go Testing Patterns & TDD

Implements idiomatic Go testing patterns and TDD workflows to build robust, high-performance applications with comprehensive coverage.

Security Audit & Best Practices

Implements rigorous security audits and best practices for web applications, APIs, and sensitive data handling.

Verification Loop

Ensures code quality and stability through a comprehensive multi-phase verification process including builds, tests, and security scans.

Playwright E2E Testing

Generates robust, maintainable Playwright end-to-end tests using fixtures and accessibility-first best practices.

Python Testing Patterns

Implements comprehensive testing strategies using pytest, fixtures, and mocking to ensure robust Python code quality.

Python Type Checking with ty

Performs ultra-fast Python static type analysis using Astral's Rust-based type checker.

Elixir Testing with ExUnit

Streamlines Elixir test suite development using ExUnit, property-based testing, and advanced mocking patterns.

Zig Testing & Memory Safety

Streamlines Zig unit testing and memory leak detection using the built-in test framework and allocator.

Rust Testing & Cargo

Optimizes Rust development by providing expert guidance on unit testing, integration testing, and Cargo package management.

Security Audit

Conducts comprehensive security reviews to identify vulnerabilities, configuration flaws, and sensitive data exposure within codebases.

Security Audit & Secure Coding

Conducts comprehensive security audits and implements OWASP-aligned secure coding patterns for PHP applications.

Enterprise Readiness Assessment

Assess and enhance software projects for enterprise-grade security, quality, and supply chain automation.

Test-Driven Development Workflow

Guides developers through the Red-Green-Refactor cycle to ensure robust, testable, and clean code implementation.

TDD Workflow

Implements a structured Red-Green-Refactor cycle to ensure code reliability and maintainability through Test-Driven Development.

Targeted Test Prioritization

Identifies high-priority testing targets by analyzing code risk, complexity, and historical churn.

Playwright E2E Testing Setup

Configures a comprehensive Playwright end-to-end testing environment with best practices, fixtures, and CI/CD integration.

Vitest Testing Suite Setup

Configures Vitest as a comprehensive unit and integration testing framework with Testing Library integration and monorepo support.

Architectural Health Audit

Analyzes codebase structure to identify circular dependencies, low cohesion, and hidden technical debt hotspots.

Find Bugs

Locates high-risk code areas, hotspots, and potential defects using advanced code intelligence metrics.

RSpec Testing

Generates and refactors high-quality, maintainable RSpec tests for Ruby on Rails applications following industry-standard best practices.

Platform Testing Standards

Implements framework-agnostic testing principles and patterns to ensure robust, high-confidence software through behavior-driven verification.

Fnox Secrets Management

Manages encrypted secrets using age encryption and mathematical GF(3) triadic conservation for secure, git-safe configuration.

Fuzzing Obstacles Specialist

Identifies and overcomes common fuzzing bottlenecks to maximize code coverage and bug discovery during security testing.

Fuzzing Obstacles

Enhances security testing effectiveness by identifying and overcoming technical barriers that prevent fuzzers from reaching deep code paths.

NIST Compliance Standards

Implements NIST security standards and best practices to ensure production-grade software compliance and vulnerability prevention.

Binary Reverse Engineering Toolkit

Analyzes binaries, executables, and bytecode using a structured methodology to uncover functionality and internal logic.

Differential Security Review

Performs security-focused code reviews on diffs and pull requests using expert-level security patterns and Trail of Bits methodologies.

Systematic Bug Fixer

Investigates and resolves software defects using a structured root cause analysis and test-driven workflow.

Automated Manifest Verification

Orchestrates parallel agentic verification of project requirements, global invariants, and acceptance criteria.

Review Type Safety

Audits TypeScript code for type safety violations, including any/unknown abuse, unhandled states, and missing type narrowing.