4. Security & Compliance

Provides a standardized checklist to validate security fixes, ensuring effectiveness and absence of behavioral regressions.

Reviews AI/LLM outputs to prevent over-trust, injection attacks, and unsafe automation, ensuring secure deployment.

Automates vulnerability triage for software dependencies by assessing reachability, impact, and generating safe remediation plans.

Conducts systematic security code reviews to identify vulnerabilities and provide actionable remediation steps.

Prevents secret and PII leaks in logs through automated redaction and security hygiene defaults.

Reviews authentication and authorization flows (sessions, tokens, RBAC/ABAC) and provides actionable security fix guidance.

Reviews application security by implementing best practices including CSP, XSS prevention, input validation, and secrets management.

Audits websites for WCAG compliance, identifies accessibility issues, and provides fixes for inclusive design implementation.

Ensures Pine Scripts meet TradingView's House Rules and documentation standards for community library publication.

Analyzes Apple firmware, binaries, and security components including Mach-O disassembly and iOS/macOS kernel research.

Provides secure OAuth2 authentication with support for authorization flows, token management, PKCE, OpenID Connect, and security best practices.

Conducts adversarial security analysis to identify vulnerabilities and weaknesses in systems before deployment or during security reviews.

Automates container and dependency vulnerability scanning using Grype in CI/CD pipelines and development workflows to detect security issues early.

Detects project type and applies appropriate NASA or open source licenses for compliance assurance.

Securely stores and retrieves API keys for external services like Anthropic, Google Gemini, and GitHub to enable safe external API access.

Provides input validation and sanitization patterns to prevent injection attacks and ensure safe user input handling.

Provides security patterns for LLM integrations to defend against prompt injection and prevent hallucinations.

Secures MCP servers through prompt injection defense, tool poisoning prevention, and permission management via allowlist implementation.

Provides guidance on OWASP Top 10 security vulnerabilities and their mitigations for security audits and code reviews.

Provides secure authentication and authorization patterns including JWT, OAuth 2.1, and role-based access control for login flows and session management.

Automates security scanning of dependencies and code using tools like npm audit, pip-audit, and Semgrep, with CI/CD integration.

Enforces defense-in-depth security validation across AI pipeline components to eliminate single points of failure in LLM integrations.

Provides WCAG 2.2 AA compliance patterns for auditing and implementing accessibility requirements in web applications.

Automates security audits for Laravel and Filament applications, checking for XSS, CSP misconfigurations, and IDOR vulnerabilities.