4. Security & Compliance

Provides foundational security knowledge and industry-standard best practices for secure system implementation.

Conducts security reviews and blocks critical vulnerabilities to prevent security risks in code deployments.

Provides security best practices for Solidity smart contracts to prevent vulnerabilities and ensure secure implementation in blockchain applications.

Reloads behavioral guidelines and audits recent actions to ensure compliance with established standards.

Lists all SSH keys associated with the user account for secure credential management and access control.

Logs out of the Agentuity Cloud Platform, enabling secure management of authentication credentials.

Displays authenticated user details for secure credential management. Requires valid authentication.

Initializes Agentuity authentication setup for projects, managing credentials with required user authentication.

Generates STRIDE/OWASP threat models and test scenarios from NFR security requirements for L3-level security validation.

Enables secure browser-based login to Agentuity Platform for managing authentication credentials.

Deletes SSH keys from user accounts to securely manage authentication credentials, requiring authentication for access control.

Automates security code reviews to detect vulnerabilities, injection flaws, authentication weaknesses, and data exposure risks.

Audits Stage 3 entries in spec_artifacts_registry.md to verify AICTXT/GOAL/SC artifact registration compliance after implementation creation.

Verifies VS entry_points consistency with project entry type specifications, generating missing entry reports and suggestions for constraint acceptance.

Generates compliance contracts from architecture documentation in ARCHITECTURE.md files, ensuring regulatory adherence.

Audits registry consistency against design artifacts, generating synchronization reports and missing item lists to prevent constraint acceptance failures.

Enforces engineering standards and compliance with standards.md during code reviews, PRs, and commits via automated audit checks.

Detects OWASP Top 10 vulnerabilities via static analysis, scores security, and provides remediation examples with Serena integration for compliance.

Requires fresh verification evidence before declaring any task or process complete, ensuring audit-ready integrity and compliance adherence.

Identifies weak cryptographic algorithms, hardcoded keys, and insecure key management in binary code for security analysis.

Detects type confusion vulnerabilities in C++ code by identifying unsafe type casts, vtable corruption, and polymorphism issues during security analysis.

Enforces multi-layer data validation across system boundaries to prevent failures from invalid data, making bugs structurally impossible.

Tracks untrusted input propagation in binary code to identify injection vulnerabilities like SQL and command injection via data flow analysis.

Detects arbitrary write vulnerabilities by analyzing unchecked array indexing and out-of-bounds memory writes in code.