4. Security & Compliance

Scans Infrastructure as Code (IaC) files for security misconfigurations and vulnerabilities using Checkmarx KICS.

Provides comprehensive security auditing with static analysis, dynamic testing, dependency vulnerability scanning, secrets detection, and OWASP compliance checks.

Configures security boundaries for Claude Code sandboxes, enforcing file system and network isolation to prevent unauthorized access.

Configures network isolation, trusted domains, and access policies in Claude Code sandbox for secure application environments.

Identifies security vulnerabilities in code including SQL injection, XSS, and exposed secrets during code review.

Guidelines for secure Supabase implementation covering authentication, database security policies, and edge functions.

Automatically detects API keys, passwords, and database credentials in code during commit, config edits, and PR creation to prevent accidental exposure.

Provides security measures and tools for securing filesystem operations and access controls.

Automates pre-deployment security audits to detect OWASP Top 10 vulnerabilities, RLS policy gaps, and exposed secrets.

Automates security audits to detect OWASP Top 10 vulnerabilities including SQL injection, XSS, CSRF, and authentication flaws in user input, database operations, and API endpoints.

Generates cryptographic secrets, creates JWTs, and manages environment variables for secure credential and configuration handling.

Policy engine for authorization decisions, storing and evaluating access control policies with planned OPA-WASM integration.

Audits codebases for security vulnerabilities, bugs, and memory leaks, then reprioritizes TODO.md with findings.

Applies IN19 Harm Minimization by removing harmful elements to enhance security and reduce vulnerabilities.

Dynamically adjusts security and compliance guardrails using recursive governance to self-improve rule effectiveness over time.

Organizes adversarial reviews using IN10 Red Teaming to identify security vulnerabilities through simulated attacks.

Provides a security checklist for reviewing authentication, API endpoints, user input handling, and sensitive data management practices.

Enforces multi-layer data validation across system boundaries to prevent failures and security vulnerabilities from invalid input.

Conducts rapid security audits on code change diffs to identify potential vulnerabilities and risks.

Provides structured workflows for identifying, analyzing, and resolving security incidents and alerts in real-time.

Provides secure authentication patterns and guidance for password storage, preventing insecure credential handling.

Securely manages API keys, passwords, and credentials to prevent hardcoding and potential security breaches.

Validates user input and request data to prevent security vulnerabilities and ensure data integrity.

Enforces role-based access control, authentication, and input validation to prevent XSS and SQL injection in the ree-board project.