4. Security & Compliance

Provides OWASP Top 10 compliant secure coding practices to prevent XSS, SQL injection, and CSRF vulnerabilities in applications.

Enforces two-person approval for high-risk commands in multi-agent workflows, using risk-tiered classification and command binding to prevent accidental destruction.

Scans codebase for hardcoded secrets, providing severity ratings and remediation guidance. Integrates as a pre-commit hook to prevent secret leaks.

Audits project dependencies across multiple ecosystems for security vulnerabilities using CVSS severity scoring.

Automates security audits of codebases, identifying vulnerabilities like hardcoded secrets and SQL injection with severity ratings and remediation guidance.

Audits project dependencies for security risks, unused packages, and redundant custom implementations, providing severity-ranked findings and remediation guidance.

Automates security setup by coordinating secret and dependency scans, generating SECURITY.md, pre-commit hooks, and CI workflows.

Automates comprehensive codebase audits across security, quality, dependencies, and other aspects, aggregating results into a single Linear task.

Manages resource authorization policies with attribute-based permissions and scoping for secure access control.

Configures world ownership, authorization policies, and resource permissions for secure access control management.

Audits Dojo code for security vulnerabilities, best practices, and optimization opportunities to ensure secure and robust deployments.

Audits Convex applications for security vulnerabilities including missing auth checks, IDOR risks, and data leaks in queries, mutations, and subscriptions.

Audits Next.js applications for security vulnerabilities including exposed environment variables, missing authentication in Server Actions, and middleware configuration.

Audits Django applications for security vulnerabilities by checking settings, middleware, and authentication patterns including SECRET_KEY, CSRF, and auth decorators.

Audits Vite security patterns for environment variables, build secrets, and dev server configurations in SPAs and development environments.

Audits Bun runtime security patterns, identifying vulnerabilities like injection flaws and insecure configurations in Bun applications.

Audits FastAPI applications for security vulnerabilities in dependencies, middleware, CORS, and authentication configurations.

Audits Docker container security by checking for secrets in layers, exposed ports, non-root users, and privileged configurations in Dockerfiles and docker-compose.yml.

Scans code repositories and history for high-signal secrets including AWS keys and tokens to prevent exposure during security audits.

Audits Express.js applications for security vulnerabilities in middleware, routes, and configuration settings like Helmet.js, CORS, and authentication.

Scans code and configurations for exposed AI API keys (e.g., OpenAI, Anthropic) and verifies proper redaction in logs and integrations.

Continuous security vulnerability scanning for OWASP Top 10, SQL injection, XSS, and secrets exposure. Triggers on file changes and security mentions.

Continuous security vulnerability scanning for OWASP Top 10, SQL injection, XSS, and secrets exposure in code.

Provides 22 AI agents for automated security reviews, code quality analysis, compliance checks, and infrastructure validation with auto-activation.