行動開發

This skill enables automated penetration testing of web applications. It uses the penetration-tester plugin to identify vulnerabilities, including OWASP Top 10 threats, and suggests exploitation techniques. Use this skill when the user requests a "penetration test", "pentest", "vulnerability assessment", or asks to "exploit" a web application. It provides comprehensive reporting on identified security flaws.

セキュリティ診断レポートの作成と脆弱性報告の文書化を支援するスキル。脅威分析、脆弱性評価、リスク採点、レポート生成の一連のプロセスを体系化し、専門的で実用性の高いセキュリティドキュメントを作成する。Anchors:• OWASP Top 10 (2021) / 適用: 脆弱性分類・評価基準 / 目的: 業界標準への準拠• CVSS v3.1 (FIRST) / 適用: リスクスコア計算 / 目的: 定量的脆弱性評価• Web Application Security (Andrew Hoffman) / 適用: 脅威モデリング / 目的: 体系的分析手法• CWE Top 25 / 適用: 脆弱性分類 / 目的: 共通語彙での報告Trigger:Use when creating security audit reports, vulnerability assessments, penetration test documentation, or risk analysis documents.security report, vulnerability report, security audit, penetration test report, risk assessment, 脆弱性レポート, セキュリティ監査

This skill deploys monitoring stacks, including Prometheus, Grafana, and Datadog. It is used when the user needs to set up or configure monitoring infrastructure for applications or systems. The skill generates production-ready configurations, implements best practices, and supports multi-platform deployments. Use this when the user explicitly requests to deploy a monitoring stack, or mentions Prometheus, Grafana, or Datadog in the context of infrastructure setup.

データベース監視の設計・実装・検証を体系化するスキル。SQLite/Tursoの統計情報、スロークエリ、接続数、ストレージを含めた監視運用を整理する。Anchors:• Designing Data-Intensive Applications / 適用: 性能とスケーリング設計 / 目的: 監視メトリクスの根拠整理• Database Reliability Engineering / 適用: SREの監視設計 / 目的: 監視項目の体系化• Observability / 適用: 監視と診断 / 目的: 可観測性の向上Trigger:Use when designing database monitoring metrics, alert thresholds, SLI/SLOs, or operational dashboards for SQLite/Turso.database monitoring, sqlite metrics, turso monitoring, slow query, alerting, sli slo

GitHub Actions の environments 設計、承認フロー、シークレット運用を体系化するスキル。複数環境の保護ルールと段階的デプロイを整理する。Anchors:• Release It! / 適用: 環境分離 / 目的: 本番保護• GitHub Actions / 適用: environments と approval / 目的: 標準的な運用設計• The Pragmatic Programmer / 適用: 自動化 / 目的: 手順の一貫性Trigger:Use when setting up multi-environment deployments, approval gates, protection rules, or environment-specific secrets in GitHub Actions.github actions environments, approval workflow, deployment gates, environment secrets

Choose deployment strategy and infrastructure. Use when deciding where to deploy applications, setting up CI/CD, or configuring production environments. Covers Vercel, Railway, AWS, Cloudflare Workers, and Docker.

Use this skill to write or modify unit-tests in the application for non-component files.

Defines caching strategies with cache keys, TTL values, invalidation triggers, consistency patterns, and correctness checklist. Provides code examples for Redis, CDN, and application-level caching. Use when implementing "caching", "performance optimization", "cache strategy", or "Redis caching".

Provides Flutter and Dart development workflows using dart-mcp tools. Triggers when working with .dart files, pubspec.yaml, or when user mentions Flutter, widget, Riverpod, Freezed, or Dart development. MUST BE USED for Flutter project work involving dart_analyzer, dart_run_tests, hot_reload, or IDE MCP tools.

This skill enables Claude to detect and resolve performance bottlenecks in applications. It analyzes CPU, memory, I/O, and database performance to identify areas of concern. Use this skill when you need to diagnose slow application performance, optimize resource usage, or proactively prevent performance issues. The skill is triggered by requests to "detect bottlenecks", "analyze performance", "find performance issues", or similar phrases related to performance optimization. It helps uncover root causes and suggest remediation strategies.

Search and download podcast episodes from Apple Podcasts. Use when user wants to find podcasts, download podcast episodes, get podcast information, or mentions Apple Podcasts, iTunes, podcast search, or audio downloads.

This skill trains machine learning models using automated workflows. It analyzes datasets, selects appropriate model types (classification, regression, etc.), configures training parameters, trains the model with cross-validation, generates performance metrics, and saves the trained model artifact. Use this skill when the user requests to "train" a model, needs to evaluate a dataset for machine learning purposes, or wants to optimize model performance. The skill supports common frameworks like scikit-learn.

This skill enables Claude to generate end-to-end (E2E) tests for web applications. It leverages Playwright, Cypress, or Selenium to automate browser interactions and validate user workflows. Use this skill when the user requests to "create E2E tests", "generate end-to-end tests", or asks for help with "browser-based testing". The skill is particularly useful for testing user registration, login flows, shopping cart functionality, and other multi-step processes within a web application. It supports cross-browser testing and can be used to verify the responsiveness of web applications on different devices.

Master code organization - encapsulation with wrapper methods, file modularity (split >150 lines), one function one responsibility, descriptive naming, minimal comments

This skill enables Claude to aggregate and centralize performance metrics from various sources. It is used when the user needs to consolidate metrics from applications, systems, databases, caches, queues, and external services into a central location for monitoring and analysis. The skill is triggered by requests to "aggregate metrics", "centralize performance metrics", or similar phrases related to metrics aggregation and monitoring. It facilitates designing a metrics taxonomy, choosing appropriate aggregation tools, and setting up dashboards and alerts.

Apply universal naming principles: avoid Manager/Helper/Util, use intention-revealing names, domain language, verb+noun functions. Use when naming variables, functions, classes, reviewing names, or refactoring for clarity. Language-agnostic principles.

正規化設計の要件整理、正規形判定、非正規化判断を体系化するスキル。1NF〜5NFの適用とパフォーマンス要件のトレードオフを整理する。Anchors:• データベース実践講義 / 適用: 正規化理論 / 目的: 正規形の判断基準を明確化• Designing Data-Intensive Applications / 適用: データモデリング / 目的: 性能と一貫性の整理• Database Reliability Engineering / 適用: 運用設計 / 目的: 変更の安全性担保Trigger:Use when evaluating normalization levels, designing relational schemas, documenting denormalization decisions, or reviewing schema trade-offs.database normalization, 1nf 2nf 3nf, schema review, denormalization decision

Calculates technical mapping statistics for any aligned BAM file (ChIP or ATAC). It assesses the performance of the aligner itself by generating metrics on read depth, mapping quality, error rates, and read group data using samtools and Picard.Use this skill to check "how well the reads mapped" or to validate BAM formatting/sorting before further processing. Do NOT use this skill for biological signal validation (like checking for peaks or open chromatin) or for filtering/removing reads.

Comprehensive guide for implementing Fullstory's User Anonymization API (setIdentity with anonymous:true) for web applications. Teaches proper logout handling, session management, privacy compliance, and user switching scenarios. Includes detailed good/bad examples for logout flows, multi-user applications, and privacy-conscious implementations.

This skill enables Claude to identify potential security misconfigurations in various systems and configurations. It leverages the security-misconfiguration-finder plugin to analyze infrastructure-as-code, application configurations, and system settings, pinpointing common vulnerabilities and compliance issues. Use this skill when the user asks to "find security misconfigurations", "check for security vulnerabilities in my configuration", "audit security settings", or requests a security assessment of a specific system or file. This skill will assist in identifying and remediating potential security weaknesses.