4. Security & Compliance

Automates responses to security and compliance questionnaires, due diligence, and vendor assessments for StackOne.

Provides secure authentication implementation using JWT, sessions, OAuth, and password hashing for login, token management, and OAuth provider integration.

Enables secure development practices for web applications, including input validation, authentication, and security headers to prevent common vulnerabilities.

Checks HTML content for WCAG2AA accessibility compliance, ensuring user-facing elements meet standard accessibility requirements.

Provides security guidelines for authentication, data handling, and input validation in RawDrive applications.

Implements security assertion contracts for the Phylax Credible Layer using cheatcodes and event/state inspection to verify security properties.

Designs security invariants and trigger mappings for Phylax Credible Layer assertions to enforce compliance and detect violations.

Logs completed work to session log for audit trail maintenance, ensuring security compliance and action traceability.

Mandatory JavaScript pattern matching guardrail for UK police force identification before AI classification to ensure regulatory compliance.

Guides security decisions for Next.js and TypeScript projects, covering input validation, authentication, data protection, and OWASP compliance.

Conducts security audits on code, dependencies, configurations, and architecture, addressing OWASP Top 10 and common vulnerabilities.

Validates and creates Row Level Security (RLS) policies in Supabase to protect user data and ensure secure access in the KR92 Bible Voice database.

Comprehensive Supabase security auditor validating Row Level Security (RLS) policies, table privileges, and access control to identify vulnerabilities and gaps.

Validates and creates Row Level Security policies for the KR92 Bible Voice Supabase database, ensuring data protection and access control.

Analyzes web and mobile applications for WCAG 2.2 AA compliance, generating actionable audit reports from code and test findings.

Provides secure JWT verification dependency for FastAPI routes, ensuring user isolation and identity verification using Better Auth secrets.

Guides on security standards, vulnerability management, and compliance including OWASP, CVE, dependency audits, and license compliance.

Securely manages environment variables to prevent accidental exposure in chat logs, ensuring sensitive data confidentiality during development.

Enables property-based fuzz testing for Ethereum smart contracts, focusing on edge cases and invariant validation using Foundry's fuzzer.

Manages Google Service Account credentials and establishes secure protocols for onboarding new photographers and galleries.

Assesses feature and platform compliance with BSI/ISO standards to ensure readiness for real-world audits and evidence verification.

Securely manages environment variables and credentials to prevent sensitive data exposure during development.

Maps LogiDocs features to ISO 9001/14001/45001 standards to verify compliance coverage and alignment.

Promotes a captured command to baseline permissions, standardizing security access levels for commands.