4. Security & Compliance

Enables secure Web3 identity authentication via SIWE, ENS resolution, and session management for decentralized applications.

Analyzes Web3 security risks including token safety, smart contract auditing, and MEV detection using SpoonOS agents.

Enforces strict institutional RBAC for SASE-310, ensuring secure and compliant access management.

Ensures all incidents, alerts, and interventions comply with official SEP/DGOSE protocols in educational operations.

Enables secure implementation of login/signup flows, session management, and role-based access control for web applications.

Comprehensive security expertise for authentication, authorization, code auditing, and OWASP Top 10 vulnerability prevention across web applications.

Provides JWT authentication utilities for FastAPI and Python projects, including token generation, verification, and role-based access control.

Simplifies Linux firewall configuration using ufw commands for network security and access control.

Provides security-focused guidance for Python development within UV environments, enforcing .env-based secret management and adherence to runtime security rules.

Automates decryption and decoding of unknown ciphertext from strings or files using the Ciphey CLI with Docker fallback.

Provides authentication and access control for Next.js 15 with Supabase, including OAuth, role-based access, and multi-tenant data isolation.

Conducts zero-trust security audits including dependency forensics, secrets scanning, and supply-chain attack analysis with adversarial mindset.

Provides essential security principles and recommended practices for secure application development and system management.

Provides secure methods for storing and managing credentials, API keys, and secrets to prevent leaks and ensure compliance with security best practices.

Generates adversarial, stress, and edge case tests using AI to suggest attack vectors for security hardening.

Performs deep security audits on code, identifying vulnerabilities including null pointers, exception handling flaws, and race conditions.

Provides security checklists and patterns for authentication, input handling, secrets management, and API endpoints in payment/confidential features.

Checks UI components and pages for WCAG accessibility compliance, ensuring inclusive design practices meet regulatory standards.

Enforces absolute strict workflow rules to prevent unauthorized execution, ensuring system security and compliance.

Audits agent skills for structural integrity, safety guardrails, and global regulatory compliance.

Generates security test cases from threat models, creating threat scenarios and control verification tests for penetration testing and mitigation validation.

Executes end-to-end threat modeling, orchestrating security analysis, assessment, and comprehensive documentation generation.

Maps security threats and controls to compliance frameworks (GDPR, HIPAA) and generates coverage reports with gap analysis.

Analyzes security threats against assets using STRIDE or PASTA frameworks, generating threat catalogs, attack trees, and risk registers for comprehensive threat modeling.