測試與安全

FastAPI - Modern Python web framework for building APIs with automatic validation, documentation, and async support. Use for API routes, dependency injection, Pydantic models, middleware, and authentication.

Comprehensive knowledge for using the Bash tool in Claude Code effectively. This skillshould be used when orchestrating CLI tools, configuring hooks, setting up automationworkflows, managing git operations, handling multi-command patterns, or encounteringBash tool errors.Covers: PreToolUse hooks, command chaining patterns, git workflow automation, CLI toolintegration, custom commands (.claude/commands/), security configurations, allowlisting,session persistence, output handling, error prevention, and troubleshooting common issues.Use when: setting up Claude Code hooks, configuring bash permissions, creating customcommands, automating git workflows, orchestrating multiple CLI tools, debugging bashcommand failures, implementing security guards, logging command execution, or preventingdangerous operations.

Run and verify backend tests for the FastAPI/Python application.

Extract, consolidate, and prioritize all comments from GitHub Pull Requests for systematic code review. Fetches both inline review comments and general PR conversation, then analyzes and organizes them by priority (critical bugs/security, design improvements, style nitpicks). Use when working with PR reviews, consolidating feedback from multiple reviewers, or creating action plans from review comments.

Know exactly what failed, where, and why. No output parsing.

Run comprehensive codebase audit for gaps, deprecated code, TODOs, FIXMEs, architectural anti-patterns, type issues, and code smells. Use when user asks to audit code, find issues, check code quality, or identify architectural problems.

Analyzes HTML files for SEO issues using static analysis with cheerio. Checks meta tags, Open Graph, Twitter Cards, heading structure, and JSON-LD structured data. Use when user mentions "SEO check", "meta tags", "og tags", "structured data validation", "SEO audit", or wants to analyze HTML/JSX for SEO compliance.

Comprehensive SEO optimization for web directories - human-curated categorical website collections. Use when building, optimizing, or auditing web directories for: (1) Category taxonomy and hierarchy design, (2) Listing page optimization, (3) Schema markup and structured data, (4) Internal linking architecture, (5) Local/niche directory strategies, (6) AI-citation optimization for modern search. Covers general, niche, local, and academic directories.

Use this skill when creating or updating DAG configurations (dags.yaml), schema.yaml, and metadata.yaml files for BigQuery tables. Handles creating new DAGs when needed and coordinates test updates when queries are modified (invokes sql-test-generator as needed). Works with bigquery-etl-core, query-writer, and sql-test-generator skills.

Environment variable validation, security scanning, and management for Next.js, Vite, React, and Node.js applications

RESTful principles, versioning, security, rate limiting, and documentation.

Run comprehensive system diagnostics including dependency checks, test suite execution, git status, and pipeline health verification. Use when troubleshooting issues, verifying system readiness, or preparing for a release.

コード変更の影響範囲分析スキル。変更が引き起こし得る影響を影響面（code/interface/data/external/config/runtime/security/observability）ごとに整理し、「どこをレビューし、何をテストし、何を観測すべきか」を根拠つきで提示する。トリガー条件:- 「影響範囲を分析して」「この変更の影響は？」「どこまで波及する？」- PRレビュー依頼時、リファクタ/仕様変更時- 障害対応で「原因箇所の周辺影響」を確認したい時注意: 変更の是非の最終判断は行わない。実行時にしか分からない挙動は推定と不確実性を提示する。

This skill provides foundational knowledge about Asleep sleep tracking platform, covering core concepts, authentication, data structures, error handling, and platform-agnostic best practices. Use this skill when developers ask about Asleep fundamentals, API concepts, error codes, sleep data structures, or need to understand how the platform works before implementing platform-specific integration. This skill serves as prerequisite knowledge for sleeptrack-ios, sleeptrack-android, and sleeptrack-be skills.

End-to-end truth-case orchestration for the Phoenix VC fund-modeling platform. Use when running tests/truth-cases/runner.test.ts, computing module-level pass rates, updating docs/phase0-validation-report.md and docs/failure-triage.md, or deciding between Phase 1A/1B/1C.

Expert guidance for designing, optimizing, and maintaining database schemas for SQL and NoSQL systems. Use when creating new databases, optimizing existing schemas, planning migrations, implementing security policies, or ensuring GDPR compliance. Covers normalization, indexing, data types, relationships, performance optimization, and audit logging.

Use when working with authentication, API routes, user input, or sensitive data. Audits code for security vulnerabilities based on OWASP Top 10. Critical for payment processing, auth systems, and data handling.

Senior Information Security Manager specializing in ISO 27001 and ISO 27002 implementation for HealthTech and MedTech companies. Provides ISMS implementation, cybersecurity risk assessment, security controls management, and compliance oversight. Use for ISMS design, security risk assessments, control implementation, and ISO 27001 certification activities.

Perform enterprise security review of the codebase

Use when building rwsdk applications with route handling, middleware, authentication guards, HTTP method routing, context sharing, and type-safe link generation - covers defineApp, route patterns, interrupters, and Documents