4. Security & Compliance

A Python CLI tool for querying SonarCloud API to check quality gates, issues, metrics, and analysis history.

Provides a security audit checklist and best practices for securing the bCommGuard WhatsApp bot.

Provides security review, vulnerability assessment, and risk analysis for code and architecture to identify and mitigate security issues.

Reviews plugin security, scans for vulnerabilities, and audits installed plugins to ensure compliance and safety.

Scans Terraform configurations for security vulnerabilities, hardcoded secrets, and audit compliance in cloud infrastructure.

Checks Google Drive file sharing permissions, displaying access status, authorized users, and sharing settings for security verification.

Audits KrakenD configurations for security vulnerabilities, authentication gaps, and best practice violations.

Audits and fixes UI code to ensure RadOS design system compliance, catching issues like hardcoded colors and incorrect shadow/radius hierarchy.

Enforces security rules for AAW sessions during sensitive operations, external connections, and protected path access.

Audits UI components and pages for WCAG accessibility compliance, identifying keyboard navigation and color contrast issues pre-launch.

Generates secure Row Level Security (RLS) policies for Supabase tables with admin bypass, proper USING/WITH CHECK clauses, and relationship patterns.

Validates skills against production-level quality criteria, delivering scoring reports with actionable improvement recommendations.

Validates Nixtla skills and plugins using deterministic evidence bundles and strict schema gates for compliance auditing and change enforcement.

Validates skills and plugins against strict schema gates using deterministic evidence bundles for compliance auditing and change enforcement.

Scans code and data for Protected Health Information (PHI) to verify HIPAA compliance in healthcare data handling.

Mandates evidence-based verification before declaring any work complete, ensuring all claims meet security and compliance standards.

Enforces zero-trust security, manages secrets, and ensures compliance using tools including Vault, Kyverno, and OPA for Kubernetes environments.

Provides enterprise AI security solutions including OWASP LLM Top 10 compliance, prompt injection defense, and PII protection guardrails.

Provides database security solutions including access control and data protection measures.

Guides secure system development by addressing OWASP Top 10 vulnerabilities, security testing, and compliance best practices.

Provides security features for Spring Boot applications including authentication, authorization, OAuth2, JWT, and CORS/CSRF protection.

Guides implementation of Python security best practices using OWASP standards to prevent common vulnerabilities in applications.

Provides comprehensive guidance on securing Redis instances through authentication, ACLs, TLS encryption, and network hardening best practices.

Checks security considerations before shipping, generating warnings for unresolved issues requiring remediation.