4. Security & Compliance

Blocks dangerous shell commands and warns on risky operations, including sensitive file access and cloud CLI usage, to prevent system damage.

Blocks dangerous shell commands and prevents reading of sensitive files to enhance system security and prevent accidental data breaches.

Expertise in designing and maintaining cathodic protection systems for oil and gas pipelines, ensuring NACE/ISO compliance for corrosion prevention and integrity.

Verifies OrcaFlex model results against DNV, API, and ISO standards for offshore structure compliance, including capacity and safety factor checks.

Automatically monitors code edits for security vulnerabilities including XSS, command injection, eval usage, and credential exposure during development and code reviews.

Automates fixing npm dependency security vulnerabilities via Dependabot analysis, package upgrades, build verification, and semantic versioning release.

Provides security patterns for Electron applications, including IPC security, renderer isolation, and Node API access control.

Syncs auto-approved permissions from community-patterns directories to shared project settings, showing new permissions for review before implementation.

Manages software dependencies across multiple package managers, including security auditing, vulnerability checks, and supply chain risk assessment.

Generates Frida scripts for dynamic reverse engineering, enabling function hooking, runtime interaction, and memory inspection with debuggable output.

Enforces explicit confirmation for external system writes (Jira, Confluence, Slack) to prevent accidental changes, blocking execution until verified with 'yes'. Provides audit trail for all operations.

Provides essential penetration testing command references for network scanning, vulnerability assessment, and exploit execution using tools like nmap, metasploit, and nikto.

Executes network reconnaissance including host discovery, port scanning, and service enumeration for security assessments.

Identifies web server software and technologies on a target, enabling security assessment and vulnerability identification.

Securely manages environment variables and secrets with encryption, rotation, and provider integrations for API keys and credentials.

Plans and implements data retention policies with GDPR compliance, automated cleanup, and cold storage migration strategies.

Builds and safely deploys Content Security Policy (CSP) and security headers with phased rollout, testing, and compatibility checks to prevent XSS attacks.

Provides secure input validation for client and server sides to prevent injection attacks and ensure data integrity.

Automates security validation for tenant isolation in multi-tenant databases using Row Level Security (RLS) and audits to prevent data leakage.

Builds secure authentication modules with JWT, session management, password hashing, and CSRF protection, including security configurations and threat modeling.

Generates repeatable security review checklists for pull requests with required checks, common pitfalls, and automated security gates.

Reviews authentication and authorization implementations for session management, CSRF, cookie security, and auth flow vulnerabilities, providing findings, severity, and fix recommendations.

Builds role-based access control (RBAC) systems with permission matrices, route guards, and authorization patterns for secure application development.

Creates incident response playbooks with containment steps, communication templates, and evidence collection procedures for security breaches.