4. Security & Compliance

High-performance Rust hook that blocks dangerous commands before execution using SIMD acceleration and whitelist-first architecture for agent workflow safety.

Conducts WCAG 2.1/2.2 compliance audits, screen reader testing, and keyboard navigation validation for accessible web design.

Reviews Firebase code against security best practices, validating configuration, rules, and architecture for potential vulnerabilities.

Generates structured incident response runbooks with step-by-step procedures, escalation paths, and recovery actions for security incident management.

Securely retrieves website credentials from 1Password using URL-based lookup to prevent insecure practices.

Performs Software Composition Analysis (SCA) to identify open source vulnerabilities, license risks, and supply chain threats with CVE/CWE mapping for security and compliance.

Configures network isolation, trusted domains, and access policies in Claude Code sandbox for secure environment management.

Generates Software Bill of Materials (SBOM) for container images and applications, enabling vulnerability scanning, license compliance, and supply chain security analysis.

Configures network isolation, trusted domains, and access policies in Claude Code sandbox for secure network communication.

Performs dynamic binary analysis using QEMU, GDB, Frida, and strace for runtime behavior observation, syscall tracing, and memory inspection.

Maps security threats to appropriate controls and mitigations for prioritizing investments, creating remediation plans, and validating control effectiveness.

Analyzes network traffic for security incidents, malware detection, and forensic investigations using tshark command-line interface.

Provides penetration testing capabilities using Metasploit Framework for authorized security assessments and vulnerability validation.

Enables forensic investigation and threat hunting by querying operating systems via SQL for security incident response and evidence collection.

Enforces OWASP Top 10 security best practices during code reviews for authentication, authorization, and data exposure.

Conducts security audits, vulnerability assessments, and OWASP compliance reviews to identify and report security risks in code.

Audits package dependencies for security vulnerabilities, outdated versions, and license compliance to ensure safe and legally compliant software releases.

Generates DOCX security assessment reports with vulnerability findings, risk ratings, and remediation steps for audits and compliance documentation.

Conducts network reconnaissance, service enumeration, and vulnerability detection via Nmap for security audits and compliance assessments.

Manages security policies, firewall zones, access control rules, and guest network access; conducts security audits and compliance reviews.

Enforces strict security protocols and data isolation rules for public community operations in the Agent Flywheel Hub Discord server.

High-performance web fuzzer for DAST testing, enabling directory enumeration, parameter fuzzing, and virtual host discovery to identify security vulnerabilities.

Manages cases of forced surrenders, threats, and lack of informed consent in the Coercion_Duress queue for compliance verification.

Applies STRIDE methodology for systematic threat identification in security analysis, threat modeling, and documentation.