4. Security & Compliance

Provides security best practices for Mapbox access tokens, including scope management, URL restrictions, and rotation strategies.

Enforces security protocols and data isolation policies for the public Agent Flywheel Hub Discord server, ensuring secure community operations.

Provides security best practices and threat mitigation patterns for PACT framework development, covering authentication, data protection, and vulnerability review.

Specializes in implementing secure authentication mechanisms including JWT, cookie-based sessions, and MFA for web applications.

Offers GDPR-compliant privacy policy templates and CNIL 2020 recommendations for website and app privacy documentation.

Guides drafting of legally compliant French labor law dismissal notifications, including mandatory elements for serious misconduct, gross misconduct, or personal reasons.

Guides legal professionals in interpreting statutes, regulations, and applying compliance requirements across jurisdictions and legal contexts.

Framework for structured risk assessments of IT vendors and third-party partners, covering compliance, security, and operational risks with regulatory checklists.

Guides evaluation of alert systems and drafting of compliant reporting policies based on EU Directive 2019/1937, Sapin II, and CNIL standards.

Provides a GDPR and ePrivacy compliant cookie policy template with CNIL 2020 recommendations for website and app privacy policies.

Automates resolution of Dependabot security alerts in Java/Gradle projects through severity-based processing and CI validation.

Conducts security analysis on code changes, covering credential scanning, input validation, authentication checks, and dependency vulnerability assessment.

Provides identity verification, KYC compliance, and fraud prevention services for account holder information retrieval including name and address.

Enforces API security best practices to prevent OWASP Top 10 vulnerabilities including SQL injection and XSS.

Guides on using ffuf for web fuzzing in penetration testing, covering authenticated scans, auto-calibration, and result analysis.

Guides developers in identifying and patching security vulnerabilities, including CWE-classified flaws and injection issues, to enhance code security.

Generates self-signed SSL/TLS certificates using OpenSSL, including private keys, CSRs, and PEM files, with verification and common pitfalls.

Removes JavaScript and XSS payloads from HTML while preserving original document structure for secure content handling.

Guides recovery and secure removal of sensitive data from Git history after reset or rebase operations to prevent leaks.

Guides extraction of secrets from protected binaries using static and dynamic analysis for security assessment and vulnerability discovery.

Removes sensitive credentials and secrets from Git repositories to prevent exposure and ensure security compliance.

Recover and securely remove leaked secrets from Git repositories, including orphaned commits and unreachable objects, to prevent security breaches.

Guides linear cryptanalysis for FEAL cipher, enabling key recovery from known plaintext-ciphertext pairs via mathematical analysis.

Provides guidance for identifying and fixing security vulnerabilities in code, including CVE/CWE remediation and common attack types like SQL injection and XSS.