4. Security & Compliance

Defines security rules and permission management for admin interface functionalities, ensuring controlled access and compliance.

Provides security rules and best practices for developing secure Tauri applications, emphasizing code auditing and vulnerability prevention.

Provides advanced static analysis techniques for disassembling, decompiling, and analyzing control flow in compiled binaries to identify security vulnerabilities.

Provides security best practices for Firebase rules to secure data access and optimize application interactions.

Analyzes network traffic and reverse-engineers proprietary protocols to identify security vulnerabilities and assess network communication integrity.

Analyzes web project authentication architecture and API endpoints to generate PreAuth/PostAuth security classification reports.

Identifies security vulnerability entry points in web applications by analyzing dangerous sink functions and performing basic taint tracking.

Comprehensive toolkit for ISO 13485 certification documentation, including gap analysis, Quality Manuals, and Medical Device Files.

Enforces OAuth 2.1 authentication standards with mandatory PKCE and removal of insecure Implicit Flow for enhanced token security.

Designs security architectures, performs threat modeling, and conducts OWASP Top 10 analysis and vulnerability assessments for code and infrastructure.

Expert in authentication security, specializing in OAuth 2.1, JWT (RFC 8725), and encryption protocols to enforce modern security standards.

Analyzes memory dumps for incident response, malware detection, and artifact extraction using Volatility framework.

Enforces production-grade security in Kubernetes clusters using NetworkPolicy, PodSecurityPolicy, and RBAC implementations.

AI-driven security auditor for vulnerability scanning, CTEM compliance, and agentic security orchestration.

Provides forensic auditing and security enforcement for databases, specializing in Row Level Security (RLS), Zero-Trust architecture, and automated access control validation in Postgres, Supabase, and Convex.

Summarizes Starknet smart contract security best practices and common Cairo pitfalls for developers seeking audit-ready code.

Provides security best practices for application development, covering user input handling, authentication, secrets management, and vulnerability code review.

Scans local paths and GitHub repositories for malicious code and security vulnerabilities before plugin installation or during external audits.

Scans plugins and GitHub repositories for malicious code and security vulnerabilities before installation or during audits.

Manages regulatory compliance, supply chain adherence, and trade regulations including customs, import/export, certifications, and specific standards like REACH and RoHS.

Enforces web security best practices to prevent common vulnerabilities like XSS and CSRF in application development.

Provides deep code intelligence for security scanning, call graph analysis, and supply chain compliance via Narsil MCP tools.

Conducts adversarial code reviews to uncover security vulnerabilities, bugs, and unintended consequences in codebases prior to deployment.

Scans repositories for leaked secrets, API keys, and credentials using gitleaks, enabling pre-commit security checks to prevent exposure.