4. Security & Compliance

Provides end-to-end defensive application security services including threat modeling, code review, security testing, and report generation.

Provides JWT verification for FastAPI backends with JWKS, dependencies, and SQLModel/SQLAlchemy integration for secure route protection.

Conducts security code audits using OWASP Top 10 to identify XSS, SQL injection, and CSRF vulnerabilities in pre-deployment reviews.

Creates secure authentication layers for TypeScript/JavaScript applications using Better Auth library.

Audits keyboard navigation order to ensure compliance with WCAG accessibility standards for operable interfaces.

Read-only tool for inspecting system logs and operator actions to support security audits and compliance checks.

Performs code audits to identify security vulnerabilities and OWASP compliance issues in software.

Enforces security best practices in Node.js and TypeScript applications for secure coding, input handling, authentication, and secrets management.

Audits code for security vulnerabilities and OWASP compliance issues to identify and mitigate risks.

Adds authentication and role-based access control (RBAC) to Convex functions and routes for securing application resources.

Resolves Dependabot security alerts in Java/Gradle projects through severity-based processing and CI-validated dependency updates.

Verifies AI system adherence to epistemic and operational constraints, ensuring safety and compliance.

Provides comprehensive security and performance best practices for Supabase, including RLS policies, Clerk authentication setup, and database security guidelines.

Provides authentication utilities for Claude Code in Daytona sandboxes, handling OAuth tokens, API keys, and credential validation for AuthManager implementation.

Reviews security vulnerabilities, injection risks, and authentication issues with OWASP compliance, providing audit patterns and fixes.

Configures secret stores including environment variables, Kubernetes, and AWS Secrets Manager for secure credential management.

Provides expert security audits and vulnerability analysis for code review and secure system design.

Automates decryption and decoding of encrypted text using AI, supporting over 50 encryption types for security analysis.

Guides users through interactive authentication flows using the browse CLI, ensuring secure and efficient login processes.

Expert implementation patterns for Clerk authentication, including middleware, organizations, webhooks, and user sync for secure sign-in and sign-up flows.

Enforces default-deny security posture for Supabase by mandating strict Row-Level Security and 'WITH CHECK' clauses.

Aligns training programs with regulatory standards including GDPR, HIPAA, and OSHA to ensure compliance coverage and identify gaps.

Provides cryptographic operations including signing, verification, encryption, and key management using ED25519, P-256, and RSA-4096 algorithms via Sorcha.Cryptography.

Ensures educational platforms and content comply with data privacy regulations including COPPA, FERPA, and GDPR.