4. Security & Compliance

Automates digital certificate lifecycle management including issuance, renewal, and revocation to ensure secure communications and compliance with security standards.

Identifies security misconfigurations in infrastructure-as-code, application settings, and system configurations to pinpoint vulnerabilities and compliance gaps.

Applies CodeRabbit security best practices for secrets management and least privilege access control implementation.

Provides security best practices for Gamma integration, including API key management, access controls, and security configuration auditing.

Automates generation of security headers to protect web applications and ensure compliance with security standards.

Plans and orchestrates penetration testing operations for Security Advanced. Auto-activating tool triggered by phrases like 'penetration test planner'.

Scans web applications for Cross-Site Scripting (XSS) vulnerabilities to identify security weaknesses.

Secures Groq webhook endpoints through signature verification and event processing to prevent spoofing and ensure integrity.

Performs OWASP-compliant database security scans for vulnerabilities like SQL injection and weak passwords, with remediation guidance for PostgreSQL and MySQL.

Applies Retell AI security best practices for managing secrets and access control configurations to enhance security posture.

Generates secure password hashes for storage. Auto-activating security tool triggered by 'password hash generator' phrases.

Configures code privacy and data retention policies to ensure GDPR compliance and data governance adherence. Triggered by privacy-related keywords.

Validates CSRF protection mechanisms including tokens, cookies, and SameSite attributes to identify vulnerabilities in web applications.

Validates CORS policies to ensure secure cross-origin resource sharing configurations, preventing security vulnerabilities.

Guides database audit logging implementation for compliance, offering strategies like triggers, CDC, and schema generation to track data changes.

Auto-activating HTTP header security audit to identify vulnerabilities and ensure compliance.

Conducts automated security code reviews to identify vulnerabilities including SQL injection, XSS, and authentication flaws.

Enforces data privacy compliance for Clay integrations through PII handling, retention policies, and GDPR/CCPA adherence.

Secures Groq API keys and configurations using best practices for secrets management and least privilege access control.

Configures Sentry security settings for data protection, including data scrubbing and sensitive data management policies.

Analyzes codebase for session security vulnerabilities including insecure IDs, missing expiration, and session fixation risks.

Handles user data operations including export, deletion, and GDPR compliance for Clerk-integrated applications.

Automates infrastructure compliance checks, validates security policies, and provides audit guidance for regulatory adherence.

Applies Clay security best practices for managing secrets, implementing least privilege access, and auditing security configurations.