4. Security & Compliance

Delivers domain-specific security checklists for vulnerability analysis, enabling deep security reviews by referencing code files during audits.

Enables secure, privacy-compliant responses to customer data inquiries without direct access to sensitive information like emails or account details.

Automates authentication, permission verification, role management, and JWT token processing for secure application development.

Manages secure storage, retrieval, and rotation of secrets including credentials, API keys, and external secrets in CI/CD pipelines.

Provides real-time security warnings for code editors, flagging command injection, XSS, and unsafe patterns to prevent vulnerabilities.

Configures and validates Codex command policies (allowlists/denylists) to control executable commands, ensuring security and scope (global/project) clarity.

Provides penetration testing, vulnerability scanning, and security testing services to identify and mitigate security risks in systems.

Validates security in Server Actions by checking authentication, authorization, and data validation before code merge or deployment.

Provides strategic guidance on security policies, risk management, and regulatory compliance for executive leadership.

Provides application security best practices covering OWASP Top 10, authentication mechanisms, and data protection strategies.

Manages database backup, recovery, security configurations, and permission administration.

Performs security audits, vulnerability analysis, and compliance reviews for security and regulatory requirements.

Automated code auditor identifying accessibility issues like missing alt text, color contrast problems, and ARIA label errors, with WCAG compliance reporting.

Warns and blocks destructive database operations on production to prevent data loss in the readathon project.

Expert in international shipping, customs, duties, tariffs, and landed cost calculations for UK, US, and Canada, including HS/HTS codes and trade agreements.

Scans code for security vulnerabilities including SQL injection and XSS, providing structured reports with file paths and remediation steps.

Proactive threat detection system leveraging Sigma rules, IOCs, and behavioral analytics to identify and mitigate security threats.

Self-hosted authentication system for TypeScript/Cloudflare Workers with social logins, 2FA, passkeys, and RBAC for secure application development.

Provides tools for digital forensics analysis, including system security audits, file analysis, and evidence preservation for security investigations.

Securely deletes files via overwriting to prevent recovery, ensuring data privacy and adherence to data protection regulations.

Automates security testing of web applications using fuzzing techniques to discover vulnerabilities and injection points.

Troubleshoots Datadog API authentication errors (401/403), clarifies API key vs app key usage, and configures correct regions for secure access.

Extracts and analyzes file, image, and document metadata for digital forensics investigations and organizational purposes.

Enables Auth0 security feature implementation including MFA, token security, and compliance with FAPI, GDPR, and HIPAA regulations.