4. Security & Compliance

Retrieves staging credentials or JWT tokens for secure access to the Aircall dashboard.

Checks WCAG color contrast ratios for accessibility compliance, supporting all CSS color formats and returning AA/AAA levels.

Classifies Telegram messages into security categories (ALLOW, WARN, BLOCK) with rationale to prevent threats and enforce security policies.

Generates secure, memorable passwords as grammatically correct sentences or phrases to enhance account security.

Provides secure authentication and secrets management for GitHub Actions workflows, supporting OIDC, API keys, and AI service integrations.

Analyzes binary files through reverse engineering using strings, binwalk, and hexdump for security investigations and vulnerability detection.

Performs rapid network discovery and service analysis using RustScan, arp-scan, and nmap for security assessments.

Scans codebases for security vulnerabilities including SQL injection, XSS, and insecure dependencies without executing code.

Prevents credential leaks by running detect-secrets scans and validating secrets baselines via pre-commit hooks.

Configures Claude Code security settings: permission wildcards, shell operator protections, and project-level access controls.

Generates structured security incident reports with NIST/SANS templates, including DDoS post-mortems, CVE correlation, and blameless root cause analysis.

Generates legally compliant Austrian company impressum notices covering ECG, UGB, GewO, and MedienG regulations.

Guides EVM/solidity smart contract security with vulnerability taxonomy, review workflows, and README documentation best practices.

Guides secure wallet implementation through MPC/TSS, key management, UX security, and phishing prevention with resource categorization in documentation.

Guides contributors in adding, organizing, and maintaining a curated Web3 security resource list with README consistency and duplicate prevention.

Guide for conducting Solana/Sealevel security research and organizing blockchain-specific resources in README documentation.

Guides integration and consistent README placement of security tooling (analyzers, fuzzers, decompilers) for Web3 projects.

Provides a guide on MEV concepts, common blockchain security attacks, and mitigation strategies, including organizing resources in a README.

Assesses and enhances software projects for enterprise-grade security, quality, and automation, aligned with OpenSSF Scorecard, SLSA, and S2C2F.

Provides security hardening checklist and best practices for TYPO3 v13/v14, covering configuration, file permissions, and common vulnerabilities.

Conducts security assessments for PHP applications using OWASP patterns to identify vulnerabilities and assign CVSS scores.

Enables field-level encryption for specific data elements during transmission to prevent data leaks in transit.

Provides field-level encryption for sensitive data at rest, preventing data leakage in databases through application-level encryption.

Provides secure in-application cryptographic key management, including storage, derivation, and lifecycle protection without external services.