測試與安全

Evaluate and improve Claude skill quality through auditing.Triggers: skill audit, quality review, compliance check, improvement suggestions,token usage analysis, skill evaluation, skill assessment, skill optimization,skill standards, skill metrics, skill performanceUse when: reviewing skill quality, preparing skills for production, auditingexisting skills, generating improvement recommendations, checking compliancewith standards, analyzing token efficiency, benchmarking skill performanceDO NOT use when: creating new skills from scratch - use modular-skills instead.DO NOT use when: writing prose for humans - use writing-clearly-and-concisely.DO NOT use when: need architectural design patterns - use modular-skills.Use this skill BEFORE shipping any skill to production. Check even if unsure.

Enforces "prove before claim" discipline - validation, testing, and evidencerequirements before declaring work complete.Triggers: completion, finished, done, working, should work, configured,ready to use, implemented, fixedUse when: claiming ANY work is complete, recommending solutions, statingsomething will work, finishing implementationsDO NOT use when: explicitly asking questions or requesting clarificationDO NOT use when: work is clearly in-progress and not claiming completionCRITICAL: This skill is MANDATORY before any completion claim. Violationsresult in wasted time and eroded trust.

Guide to effective Claude Code skill authoring using TDD methodology andpersuasion principles.Triggers: skill authoring, skill writing, new skill, TDD skills, skill creation,skill best practices, skill validation, skill deployment, skill complianceUse when: creating new skills from scratch, improving existing skills withlow compliance rates, learning skill authoring best practices, validatingskill quality before deployment, understanding what makes skills effectiveDO NOT use when: evaluating existing skills - use skills-eval instead.DO NOT use when: analyzing skill architecture - use modular-skills instead.DO NOT use when: writing general documentation for humans.YOU MUST write a failing test before writing any skill. This is the Iron Law.

Workflow for capturing evidence and citations to create reproducible analysesand audit trails.Triggers: evidence capture, citations, reproducible analysis, audit trail,documentation, evidence logging, findings documentationUse when: conducting any review that needs evidence trails, creating auditdocumentation, ensuring reproducibility of analysesDO NOT use when: quick informal checks without documentation needs.DO NOT use when: structured output is the focus - use structured-output.Use this skill as foundation for all evidence-based review workflows.

Incorporating security at every step of software development – writing code that defends against vulnerabilities and protects user data.

OWASP API Security Top 10 (2023) と Rust セキュリティベストプラクティス。脆弱性検出。Use when: セキュリティ、脆弱性、OWASP、認証、認可、監査を依頼された時。

Ensuring software correctness and reliability by writing automated tests, using quality assurance tools, and systematically debugging issues.

Evaluate Clojure code via nREPL using clj-nrepl-eval. Use this when you need to test code, check if edited files compile, verify function behavior, or interact with a running REPL session.

TDD方法論に従ってテストを作成します。テストファイルの配置（コロケーション）、命名規則、テスト構造のベストプラクティスに従います。React/TypeScript、Go、Rustで適切なパターンを使い分けます。「テストを書いて」「テストを作成」「単体テストを追加」などのリクエストで起動します。

A skill to automatically download and install the latest ButterCut version from GitHub while preserving libraries. Use when user wants to check for updates or update their installation for new features.

Add integration tests for type checker inference and checking functions

Guide for creating, auditing, and packaging Claude Code skills. This skill should be used when building new skills, improving existing skills, understanding skill structure, or packaging skills for distribution.

Write focused tests for core user flows and critical paths with clear test names, behavior-focused assertions, mocked external dependencies, and fast execution, deferring edge case testing until explicitly required. Use this skill when creating or modifying test files, writing unit tests, integration tests, or test cases for any feature. Apply when writing test files (test/, __tests__/, spec/, .test.js, .spec.ts, test_*.py), implementing tests for core user workflows, testing critical business logic, mocking external dependencies (databases, APIs, file systems), writing descriptive test names, creating fast-running unit tests, or adding tests at logical completion points of feature development. Use for any task involving test creation, test coverage, test strategy, or test-driven development.

Use when building custom Kiro AI agents or when user asks for agent configurations - provides JSON structure, tool configuration, prompt patterns, and security best practices for specialized development assistants

Build responsive, mobile-first layouts using fluid containers, flexible units, media queries, and touch-friendly design that works across all screen sizes. Use this skill when creating or modifying UI layouts, responsive grids, breakpoint styles, mobile navigation, or any interface that needs to adapt to different screen sizes. Apply when working with responsive CSS, media queries, viewport settings, flexbox/grid layouts, mobile-first styling, breakpoint definitions (mobile, tablet, desktop), touch target sizing, relative units (rem, em, %), image optimization for different screens, or testing layouts across multiple devices. Use for any task involving multi-device support, responsive design patterns, or adaptive layouts.

Expert guidance for testing and validating GitHub Actions workflows before deployment - catches cache errors, path issues, monorepo dependencies, and service container problems that local testing misses

CI Test Codex Skill

Implement comprehensive validation with server-side enforcement, client-side UX feedback, early failure, specific error messages, allowlists over blocklists, type checking, input sanitization, and consistent validation across all entry points. Use this skill when implementing validation logic in forms, API endpoints, data models, user inputs, or any data processing. Apply when validating form inputs, API request parameters, database model fields, implementing client-side validation for user experience, enforcing server-side validation for security, sanitizing user input to prevent injection attacks, checking data types and formats, validating business rules, or providing field-specific error messages. Use for any task involving input validation, data integrity checks, security validation, or user input processing.

Expert guidance for writing secure, reliable, and performant Claude Code hooks - validates design decisions, enforces best practices, and prevents common pitfalls

Use when creating or publishing Claude Code hooks - covers executable format, event types, JSON I/O, exit codes, security requirements, and PRPM package structure