4. Security & Compliance

Automates security-focused code review, blocking vulnerable changes pre-commit to prevent security risks.

Provides anti-cheat systems for games with exploit prevention, secure networking, and data protection to ensure fair gameplay.

Audits web forms for WCAG accessibility compliance, ensuring clear input labels and data collection for users with disabilities.

Enables secure authentication for React SPAs via Microsoft Entra ID and MSAL (PKCE), handling login/logout, token management, and security error scenarios.

Automates code approval by using Haiku to review security, reducing manual permission prompts in Claude Code.

Performs advanced vulnerability scanning, attack surface mapping, and risk prioritization using OWASP 2025 and supply chain security frameworks.

Automates secure retrieval of API keys and passwords from Bitwarden vault, triggering on missing environment variables or secret references.

Provides secure and resilient Microsoft Graph API integration for SPAs, handling authentication errors, rate limits, and privacy-preserving logging.

Tests web animations for compliance with WCAG guidelines on motion sensitivity and reduced motion preferences.

Validates interactive elements meet WCAG 2.1 minimum touch target size of 44x44 pixels for accessibility compliance.

Creates and manages Row Level Security (RLS) policies in Supabase for table-level data access control and multi-tenant isolation.

Command-line interface for Ghidra enabling binary analysis, decompilation, vulnerability assessment, and security-focused reverse engineering tasks.

Command-line interface for Ghidra enabling binary analysis, decompilation, and security-focused reverse engineering tasks.

Standardizes user authentication and persistent conversation storage for SaaS applications using Supabase PostgreSQL.

Conducts security reviews against OWASP API Security Top 10, validating authentication, input validation, and confidential data handling.

Provides best practices for implementing Row-Level Security (RLS) in Power BI, including dynamic security patterns and governance strategies for secure data access.

Guides Singapore corporate secretaries on ACRA compliance, statutory filings, AGM/EGM, and financial record-keeping requirements.

Validates digital content against global accessibility standards including WCAG, EN 301 549, and Section 508 for worldwide compliance.

Scans package dependencies for security vulnerabilities using pnpm audit and Snyk, identifying and resolving CVEs before deployment.

Security-first authentication and authorization architect for web/mobile apps, covering flows, MFA, OAuth, and session management with Supabase Auth.

Manages user authentication, authorization, and session handling for secure API access and user data operations.

Securely manages environment variables by distinguishing between template (.env) and secrets (.env.local) files.

Provides secure authentication implementation guidelines for Microsoft Dataverse using Python, including OAuth token handling and security configuration.

Prevents unintended code changes by GitHub Copilot, ensuring codebase stability and security through controlled usage.