4. Security & Compliance

Conducts security code reviews to identify vulnerabilities, enforce authorization controls, and ensure data protection compliance.

Conducts security-focused code reviews for PRs, emphasizing OWASP compliance, vulnerability detection, and performance optimization.

Advises on compliant eviction procedures under Ontario's Residential Tenancies Act, covering notice types, tenant rights, and legal requirements.

Audits lease compliance for insurance, environmental, use clause, and covenant adherence, tracking breaches and cure periods.

Verifies completeness and procedural compliance of expropriation Forms 1-12 against O.Reg. 363/90, checking statutory authority and service requirements.

Tracks statutory deadlines under Ontario Expropriations Act, including Form 2/7 service and 3-month registration windows.

Expert interpretation of Ontario Expropriations Act provisions for legal compliance, covering compensation, procedures, hearings, and case law application.

Expert in transmission line technical specifications including easement width, NESC clearances, and regulatory compliance documentation.

Enforces Row Level Security (RLS) best practices in PostgreSQL to prevent common security vulnerabilities in multi-tenant and authentication tables.

Mandatory OWASP-based security review for authentication, input handling, API, database, and credential code changes before PR approval.

Analyzes research ethics, ensures IRB compliance, and assesses data privacy risks for research projects.

Ensures research projects comply with grant specifications from NSF, NIH, EU, and other funders through deliverables tracking and requirement alignment.

Audits project consistency for package scripts, tsconfig paths, and README tables after manual edits.

Comprehensive tool for evaluating codebases against production readiness standards, including security, compliance, architecture, and operational requirements.

Conducts comprehensive security analysis by identifying technology stacks and delegating to specialized sub-skills for vulnerability assessment.

Securely manages environment variables and secrets, preventing exposure in terminals, logs, or context. Handles API keys and credentials.

Conducts security audits, vulnerability scans, and penetration testing to identify and remediate security risks using OWASP standards and CVE databases.

Validates end-to-end traceability from requirements to tests, ensuring compliance with traceability mandates and detecting gaps.

Validates project compliance with 9 Constitutional Articles and Phase-1 Gates prior to implementation.

Implements production-grade Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for cluster security, network isolation, and pod security enforcement.

Enables secure secret management in CI/CD pipelines using Vault, AWS Secrets Manager, and native solutions for authentication, rotation, and environment protection.

Master authentication and authorization patterns including JWT, OAuth2, and RBAC to build secure, scalable access control systems for API protection and security debugging.

Enforces PCI DSS compliance to secure payment card data handling, protect processing, and ensure adherence to security standards.

Provides guidance on security best practices, OWASP compliance, authentication patterns, and vulnerability prevention for secure application development.