4. Security & Compliance

Audits backend services for security vulnerabilities, reliability gaps, performance bottlenecks, and operational issues in APIs and microservices.

Identifies attackers, assets, trust boundaries, and attack paths to analyze security posture and review new features for threats.

Audits Python research code for data leaks, PII handling vulnerabilities, and open-source license compliance risks.

Performs comprehensive frontend code audits for security, accessibility, performance, and UX regressions across React, Next.js, Vue, and Svelte.

Security auditor for smart contracts, identifying vulnerabilities including reentrancy, access control flaws, and MEV attacks in Solidity, Vyper, and Rust/Anchor.

Conducts privacy design reviews for email-handling features to verify PII compliance before implementation.

Real-time KYC/AML verification system validating NIN, BVN, NIMC, and passports across African regions with compliance scoring.

Reviews contracts and ensures compliance with CEMAC and OHADA business regulations for Central African legal contexts.

Command-line utility to securely log out from Agentuity Cloud Platform, managing authentication sessions.

Monitors regulatory changes and flags compliance issues in documents during review or user inquiry.

Automates security scanning for secrets and PII in code commits using gitleaks and custom rules via pre-commit hooks.

Manages risk knowledge base repository for Copilot-driven risk assessment, handling domain additions, incident recording, risk updates, and knowledge-map index modifications.

Automates analysis and remediation of GitHub CodeQL security vulnerabilities with documentation and testing to ensure secure code.

Enforces secure SQL practices via prepared statements to prevent injection and ensure transaction safety in TapScore backend.

Provides a security checklist based on OWASP guidelines to prevent common vulnerabilities and ensure adherence to security best practices.

Reviews code for security vulnerabilities, performance issues, and architecture compliance, enforcing offline-first dual-mode architecture with SQLite and Supabase.

Conducts thorough code reviews and security audits to identify vulnerabilities and ensure compliance with security standards.

Displays authenticated user details. Requires valid credentials. Used for session management and identity verification in security workflows.

Enables evidence-first delivery of software changes with safety justification, ensuring compliance in regulated safety-critical domains.

Displays the authenticated user's API key for secure credential management within the CLI environment.

Validates skill folders against development guidelines, checking for portability, hard-coded paths, and missing references in SKILL.md files.

Enables scalable AI governance through organizational policies, guardrails, and audit trails to maintain quality and compliance.

Provides best practices, architecture patterns, and anti-patterns for permission validation and management in Claude Code settings.

Deletes SSH keys from user accounts with authentication requirements for secure credential management.