4. Security & Compliance

Configures enterprise SSO, RBAC, and organization management for FireCrawl access control.

Automates API fuzz testing to identify security vulnerabilities including SQL injection, XSS, and input validation flaws through malformed inputs and boundary testing.

Manages PII handling, data retention, and GDPR/CCPA compliance for Fireflies.ai integrations, ensuring privacy regulation adherence.

Automatically validates SOC2 compliance operations for Security Advanced features. Triggered by SOC2-related phrases.

Configures enterprise RBAC and SSO for Linear, enabling secure team permissions and integration access management.

Validates session security operations to ensure compliance with security fundamentals. Automatically activates for session security checks.

Configures SSO and enterprise authentication for Cursor, supporting SAML, OAuth, and Okta integrations.

Identifies security misconfigurations in infrastructure-as-code and application settings, highlighting vulnerabilities and compliance gaps.

Validates authentication implementations against security best practices, covering JWT, OAuth, session-based auth, and API keys.

Automates digital certificate lifecycle management including issuance, renewal, and revocation to ensure secure communications and compliance with security standards.

Identifies security misconfigurations in infrastructure-as-code, application settings, and system configurations to pinpoint vulnerabilities and compliance gaps.

Applies CodeRabbit security best practices for secrets management and least privilege access control implementation.

Provides security best practices for Gamma integration, including API key management, access controls, and security configuration auditing.

Automates generation of security headers to protect web applications and ensure compliance with security standards.

Plans and orchestrates penetration testing operations for Security Advanced. Auto-activating tool triggered by phrases like 'penetration test planner'.

Scans web applications for Cross-Site Scripting (XSS) vulnerabilities to identify security weaknesses.

Secures Groq webhook endpoints through signature verification and event processing to prevent spoofing and ensure integrity.

Performs OWASP-compliant database security scans for vulnerabilities like SQL injection and weak passwords, with remediation guidance for PostgreSQL and MySQL.

Applies Retell AI security best practices for managing secrets and access control configurations to enhance security posture.

Generates secure password hashes for storage. Auto-activating security tool triggered by 'password hash generator' phrases.

Configures code privacy and data retention policies to ensure GDPR compliance and data governance adherence. Triggered by privacy-related keywords.

Validates CSRF protection mechanisms including tokens, cookies, and SameSite attributes to identify vulnerabilities in web applications.

Validates CORS policies to ensure secure cross-origin resource sharing configurations, preventing security vulnerabilities.

Guides database audit logging implementation for compliance, offering strategies like triggers, CDC, and schema generation to track data changes.