4. Security & Compliance

Guide for reviewing application code to identify vulnerabilities, validate inputs, and verify permissions to ensure security compliance.

Provides a security validation checklist covering encryption, authentication, and data protection for compliance and implementation reviews.

Guides secure integration of the Signal protocol, including encryption, key management, and security best practices for messaging applications.

Performs advanced vulnerability analysis including OWASP 2025 compliance, supply chain security assessment, attack surface mapping, and risk prioritization.

Guides creation of Row Level Security (RLS) policies in Supabase for secure data access control and permission management.

Reviews Go code using Casbin for authorization security, model correctness, policy design, and anti-patterns in pull requests and audits.

Manages secrets securely using 1Password CLI for injection, authentication, and environment variable provisioning in scripts.

Analyzes hardened or low-signal targets via observation-first instrumentation and baseline/stimulus diffs to identify security escalation paths.

Provides red team tactics based on MITRE ATT&CK, covering attack phases, detection evasion, and reporting guidelines.

Manages user authentication, authorization, and role-based access control with JWT and token rotation for secure user management.

Static analysis tool for macOS .app bundles and Mach-O binaries, examining bundle structure, code signatures, entitlements, and symbol imports to assess security posture.

Audits Cursor IDE rules (.mdc files) against quality standards using a 5-gate review process to ensure correctness and maintainability.

Analyzes npm audit results to distinguish critical security vulnerabilities from false positives and provides actionable remediation steps.

Monitors and sanitizes all inputs to prevent storage of PHI, PII, and proprietary secrets.

Provides security assistance for web applications and APIs, including vulnerability checks, permission management, and data protection, tailored for Supabase and FastAPI projects.

Analyzes and reports authorized security evidence using Recon Workbench workflows for macOS, iOS, web apps, and OSS repositories via CLI commands.

Automates pre-commit security scanning to detect secrets, vulnerabilities, and injection risks, ensuring compliance before code commit.

Configures Google Analytics 4 with DSGVO-compliant cookie consent banners to ensure legal data tracking compliance.

Enforces multi-layer data validation across all system layers to eliminate security flaws and prevent bugs.

Provides OWASP Top 10 compliant security hardening for code, including input validation, authentication, and protection against XSS, CSRF, and SQL injection vulnerabilities.

Provides security checklists and patterns for secure implementation of authentication, user input handling, secrets management, and payment features.

Enforces security best practices in code development, covering input handling, secrets management, and secure coding standards.

Provides a structured methodology for bug bounty hunting, including parallel reconnaissance, systematic testing, and vulnerability exploitation guidance across diverse targets.

Audits Supabase Row Level Security policies to prevent cross-shop data leaks in multi-tenant applications.