4. Security & Compliance

Tests for OS command injection vulnerabilities using direct, blind, and out-of-band injection techniques.

Enables Firebase Authentication implementation for email/password, OAuth, phone auth, and custom tokens, including error handling for common authentication issues.

Audits code and dependencies for security vulnerabilities during PR reviews, dependency checks, and deployment preparation.

Performs on-demand security and code quality audits to identify vulnerabilities, security issues, and compliance problems.

Performs static and behavioral analysis of PE executables and suspicious files, generating threat intelligence reports for security analysts.

Generates a detailed incident timeline for Windows security breaches using event logs, EDR, SIEM data, and triage notes.

Provides a first-hour incident intake checklist that generates actionable scope and evidence collection plans for security investigations.

Analyzes Mitre ATT&CK tactics, techniques, and sub-techniques for threat detection, threat modeling, and security risk assessment.

Provides hypothesis-driven threat hunting plan for suspicious PowerShell activity with query snippets for security telemetry sources.

Provides expert guidance on email authentication, spam prevention, and troubleshooting to ensure high email deliverability rates.

Reviews Firebase Security Rules and Angular application security patterns for vulnerabilities and best practices.

Securely manages passwords, API keys, and sensitive data in TestDriver tests and CI/CD pipelines to prevent exposure.

Programmatically creates and maintains security threat models using STRIDE analysis, generating data flow diagrams and automated threat reports for development workflows.

Scans git repositories and codebases for hardcoded secrets using Gitleaks, preventing credential exposure and ensuring compliance with security standards.

SAST tool using Semgrep to scan code for vulnerabilities, provide OWASP/CWE-mapped remediation guidance, and integrate into CI/CD pipelines.

Scans container images, dependencies, and IaC for vulnerabilities (CVEs), misconfigurations, and license risks, with CI/CD integration and SBOM generation.

Delivers an OWASP security checklist to identify and mitigate common web application security vulnerabilities and ensure compliance.

Comprehensive guide for setting up and troubleshooting GPG commit signing in Git across Windows, macOS, and Linux, ensuring commit integrity and verification.

Advanced GPG key management for secure enterprise and CI/CD workflows, enabling key isolation, automated signing, and scalable multi-key strategies.

Plans accessibility compliance strategies for WCAG 2.2, Section 508, and EN 301 549, including audit planning and remediation.

Enforces security and quality in all code outputs by preventing hallucinations and ensuring adherence to secure coding standards.

Restricts agent access to Passlock public monorepo files, enforcing workspace-scope guardrails for secure code operations.

Conducts deep security audits to review authorization logic, data access boundaries, and protection of sensitive operations.

Quick security audit checklist for Convex applications, verifying authentication, function exposure, argument validation, and row-level access control.