4. Security & Compliance

Screens GitHub repositories for security vulnerabilities in sandboxed environments before cloning to prevent exposure to malicious code.

Specializes in OAuth integration and business asset management for Meta platforms including Facebook, Instagram, and WhatsApp Business.

Dissects network traffic via packet analysis to document protocols, debug communication, and identify security vulnerabilities.

Provides best practices for designing, reviewing, and refactoring OpenFGA authorization models to ensure secure access control structures.

Enforces security guardrails to prevent data leakage during AI usage, integrated with security rules 15 and 39.

A security testing tool for ethical vulnerability scanning and penetration testing in controlled environments.

Scans user-provided code for security vulnerabilities, focusing on common issues like XSS and SQL injection upon request.

Integrates client applications with OneAuth for OAuth2/OIDC authentication, handling login/logout, token management, and identity flows across platforms.

Guides configuration of Access Control Lists (ACL) in SimpleRest, including role adjustments and resource permissions.

Audits repositories for security practices, CI/CD safety, and compliance with security guidelines (SECURITY.md, CONTRIBUTING, AGENTS.md) to ensure delivery readiness and governance.

Enforces policy-compliant tool usage in multi-agent systems via centralized routing, blocks unauthorized access, and maintains auditable logs for all actions.

Conducts static analysis, security scans, and dependency checks on .NET code to identify vulnerabilities and ensure code quality.

Read-only operational audit tool for TITAN OMNISCIENCE to validate post-deployment, verify PIT compliance, and diagnose tier coverage without system modifications.

Scans the FutbolStats repository for exposed secrets (API keys, tokens, passwords) and generates a redacted security report.

Applies system-level security rules to enforce least privilege for commands, file access, and network operations, preventing sensitive data exposure.

Checks code and elements for WCAG accessibility compliance upon user request.

Audits dynamic interface elements for WCAG compliance regarding motion and animation accessibility.

Manages OAuth 2.0 authentication flows for MCP servers, enabling secure user authorization and access control.

Provides adversarial stress-testing using The Crucible methodology to identify security vulnerabilities in systems.

Scans codebases for sensitive data like API keys and credentials to prevent accidental exposure during open-sourcing.

Provides Spring Security implementation for authentication, authorization, and protection against common web vulnerabilities like CSRF and CORS.

Validates compliance with regional data privacy laws (GDPR, CCPA, PIPEDA) and accessibility requirements across jurisdictions.

Provides security best practices for React applications, covering XSS prevention, secure authentication flows, and dependency vulnerability management.

Integrates BetterAuth for secure user authentication, profile management, and personalized features in the Physical AI & Humanoid Robotics textbook.