Security & Testing Claude 技能

Access Control Auditor

Identifies security vulnerabilities and misconfigurations in IAM policies, ACLs, and permission systems to ensure robust access management.

Go Testing Expert

Generates and guides Go testing strategies using a pyramid approach with a focus on in-memory dependencies and 100% coverage for leaf types.

SOC 2 Audit Helper

Streamlines SOC 2 audit preparation by automating evidence gathering, Trust Service Criteria assessments, and compliance gap analysis.

Auth Implementation Patterns

Implements secure authentication and authorization systems including JWT, OAuth2, and RBAC using industry-standard security patterns.

Bknd Testing Suite

Streamlines the creation of automated unit and integration tests for Bknd.io applications using Bun Test or Vitest.

Bknd Permission Manager

Configures fine-grained role permissions and conditional access control policies for Bknd.io backend applications.

Advanced Debugging Strategies

Employs systematic troubleshooting techniques and profiling tools to identify and resolve complex software defects and performance bottlenecks.

Form Debugger & Auditor

Audits web forms for accessibility, validation, security, and autocomplete compatibility using Playwright automation.

IDOR Security Testing

Identifies and remediates Insecure Direct Object Reference (IDOR) vulnerabilities through systematic testing and exploitation methodologies.

Load Test Runner

Generates and executes comprehensive load testing scripts to validate application performance and identify architectural bottlenecks.

E2E Test Loop for Playwright

Automates the creation and execution of end-to-end browser tests using Playwright and the page object pattern.

Real-World Verification Plans

Automates the creation and execution of real-world verification plans to ensure code works in production-like environments without mocks.

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

SDD Root Cause Analysis & Troubleshooting

Resolves software bugs and system errors through a systematic root cause analysis framework aligned with project specifications.

Dependency Checker

Scans project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple programming languages.

Quality Gate Compliance

Enforces a rigorous 8-point quality assurance checklist for every AI-generated code change to ensure architectural consistency and security.

Unit Test Loop

Automates the iterative cycle of identifying coverage gaps, writing focused unit tests, and maintaining code quality through integrated reviews.

Systematic Debugging Strategies

Implements methodical troubleshooting techniques and root cause analysis to efficiently resolve complex software bugs across multiple tech stacks.

Unit Test Generator

Generates comprehensive unit tests across multiple languages and frameworks to ensure code reliability and coverage.

Verification Guardrail

Enforces a strict, evidence-based verification protocol to ensure all code changes, builds, and tests pass before marking tasks as complete.

Compliance Report Generator

Automates the creation of security compliance reports and audit documentation for standards like PCI DSS, HIPAA, and SOC 2.

Test Report Generator

Generates professional test reports with coverage metrics and trend analysis to streamline quality assurance and stakeholder communication.

API Fuzzer

Automates API fuzzing to identify security vulnerabilities, edge cases, and potential system crashes through specialized testing patterns.

TypeScript Testing Runner

Executes and reports on TypeScript unit and integration tests using a dedicated subagent for enhanced reliability and safety.

Prompt Performance Testing

Measures and compares prompt efficacy through A/B testing, performance metrics, and detailed analytical reports.

Network Mock Server

Creates a flexible API mocking layer to intercept, record, and modify network requests for deterministic frontend testing.

Rails Error Prevention

Prevents common Ruby on Rails runtime errors and architectural pitfalls through proactive checklists and verification strategies.

Prompt Library

Provides a comprehensive collection of over 18 optimized prompt templates and executable agents for specialized cognitive tasks.

Idiomatic Go Testing & TDD

Implements professional Go testing patterns including table-driven tests, fuzzing, benchmarks, and TDD workflows.

Gemini Code Analyzer

Leverages Gemini's 1 million token context window to perform deep architectural analysis, pattern detection, and security audits across massive codebases.