4. Security & Compliance

Maps NIST security controls to FedRAMP requirements for compliance documentation and implementation alignment.

Security-first dependency management with vulnerability prioritization, batch remediation, and policy-driven compliance for security, freshness, and license adherence.

Automates documentation and code example auditing for the claude-skills repository, ensuring compliance, accuracy, and consistency with auto-fixing of unambiguous issues.

Reviews MCP server specifications and updates for compliance, security, and quality, focusing on spec.yaml files and PRs.

Manages data classification policies in ServiceNow to enforce security standards and meet regulatory compliance requirements.

Audits code for OWASP Top 10 vulnerabilities (XSS, SQL injection) and scans dependencies to prevent security risks before deployment.

Conducts security-focused code reviews, identifying vulnerabilities and mapping attack surfaces for risk classification in pull requests.

Automates security-focused code reviews to identify vulnerabilities, performance issues, and quality gaps before PR creation.

Audits code for security vulnerabilities including SQL injection and XSS, ensuring compliance with OWASP Top 10 standards.

Scans package dependencies for security vulnerabilities using pnpm audit and Snyk, for pre-deployment checks and CVE resolution.

Detects hallucinations, timeline fabrications, and unverified assumptions in AI agent outputs to ensure reliability and trustworthiness.

Middleware for capturing, logging, and analyzing agent interactions with security features and compliance-ready audit trails.

Prevents SQL injection attacks by enforcing parameterized query execution for all database operations requiring security hardening.

Provides centralized JSON validation for AGENT_SUCCESS_CRITERIA with defensive parsing and injection attack prevention (CVSS 8.2).

Secures CI/CD pipelines for desktop applications via secret management, code signing, and supply chain protection.

Provides threat modeling assistance for systems handling sensitive data, ensuring security compliance and addressing security architecture concerns.

Expert application security engineer implementing secure SDLC, OWASP Top 10 compliance, and vulnerability remediation for robust security posture.

Expertise in implementing Kanidm for secure identity management, SSO, authentication systems, and infrastructure access control.

Automates security audits to detect hardcoded secrets, dangerous code patterns, and unsafe practices in source code.

Automates static code analysis to enforce security standards, architectural patterns, and code quality compliance.

Provides comprehensive OWASP security guidelines, secure coding patterns, and vulnerability prevention strategies for building secure applications.

Coordinates security testing for common vulnerabilities including XSS, injection flaws, and client-side issues via specialized agents.

Coordinates subdomain discovery and port scanning to map and inventory a domain's attack surface for security assessment.

Generates secure permissions configuration for Claude Code by analyzing session logs of used Bash commands and MCP tools, avoiding dangerous permission skips.