4. Security & Compliance

Validates input security by testing special characters and injection patterns to prevent vulnerabilities.

Securely resolves file references, preventing path traversal and ensuring safe access to supporting files.

Audits Azure Key Vault for expiring keys, secrets, and certificates to ensure security compliance and prevent service disruptions.

Assists in Microsoft Entra app registration, OAuth protocol understanding, and OAuth flow integration for console applications.

Configures Microsoft Entra ID authentication for Azure PostgreSQL Flexible Server, enabling passwordless access, role mapping, and group-based permissions.

Hardens Azure cloud infrastructure through Zero Trust implementation, RBAC, Key Vault, and network security configurations.

Performs Azure compliance assessments using azqr to identify best practice violations and security posture issues in Azure resources.

Guides users in selecting Azure roles for least privilege access, ensuring minimal permissions and secure identity management.

Provides Azure security services for secrets management, credential-free authentication, RBAC, and threat protection using Key Vault, Managed Identity, and Defender.

Conducts security audits on Cardano smart contracts, identifying vulnerabilities like redirect attacks and integer overflow before deployment.

Real-time Constitution compliance checker for devflow documents, blocking hardcoded secrets and partial implementations during file editing.

Guides users in selecting the appropriate Azure role for least privilege access, ensuring minimal permissions required for desired tasks.

Proactively identifies security threats, vulnerabilities, and suspicious patterns in applications and infrastructure to prevent breaches and enhance security posture.

Provides security patterns to mitigate OWASP Top 10 vulnerabilities including XSS, CSRF, and SQL injection in application development.

Guides developers in implementing secure coding practices to prevent vulnerabilities and safeguard user data throughout the development lifecycle.

Guides secure integration of Better Auth, a TypeScript authentication framework, with industry best practices for authentication management.

Evaluates Agent Skill design quality against official specifications, providing multi-dimensional scoring and actionable improvement suggestions for SKILL.md files.

Provides essential security practices for sensitive code, covering secrets management, input validation, SSRF prevention, and production hardening.

Enriches security indicators (IP, domain, hash, URL) with threat intelligence data from GTI and SIEM, providing reputation context and match status.

Searches for existing SOAR cases using indicators or entities to correlate with ongoing security investigations, returning matching case IDs.

Checks for duplicate or similar security incidents in SOAR cases to avoid redundant investigations. Takes a CASE_ID and returns similar cases.

Automates SOAR case closure with required documentation including artifact ID, closure reason, and root cause for FP/BTP or completed investigations.

Analyzes suspected malicious file hashes using GTI reports and behavioral indicators to identify affected systems and recommend containment actions for security incidents.

Searches for APT threat actors by analyzing TTPs and IOCs from GTI and SIEM, documenting security findings.