4. Security & Compliance

Configures SAST tools for automated vulnerability detection in code, enabling DevSecOps integration and security scanning automation.

Provides best practices for secure Solidity smart contract development, preventing common vulnerabilities and ensuring robust security during implementation and auditing.

Guides verification of Apache License 2.0 compliance in derivative works, ensuring proper attribution, NOTICE/LICENSE file validation, and adherence to license requirements.

Reviews code implementation against specifications to identify deviations, assess impact, and generate compliance reports for quality assurance.

Enables AI coding agents to write secure code, conduct security reviews, and implement security best practices via Secure Flow integration.

Provides a comprehensive security checklist covering OWASP Top 10, input validation, and security headers to identify vulnerabilities and ensure secure implementation.

Creates or updates encrypted secret files using the age encryption format via agenix tool.

Decrypts and displays the contents of an .age encrypted secret file, enabling secure access to sensitive data.

Re-encrypts sensitive secrets in storage after modifying .age files or changing encryption keys, ensuring ongoing security compliance.

Reviews Compound governance proposals against a security and compliance verification checklist to identify potential risks and ensure protocol safety.

Audits code for security-critical error handling flaws including force unwrapping, empty catch blocks, and silent try? failures to prevent vulnerabilities.

Manages secure authentication for Knack API, handling API keys, user tokens, session creation, and validation.

Generates compliant stakeholder reports in multiple formats for NCDIT submissions and board presentations.

Audits Docker configurations for security flaws including secrets in layers, exposed ports, non-root users, and privileged container settings.

Scans code and configurations for exposed AI API keys (e.g., OpenAI, Anthropic) and provides redaction strategies to prevent leakage.

Audits Express.js applications for security vulnerabilities in middleware, routes, and configuration settings like Helmet.js, CORS, and auth patterns.

Audits FastAPI security configurations including authentication, CORS, middleware, and API key handling to prevent common vulnerabilities.

Security audit tool for Bun runtime applications, identifying vulnerabilities in shell commands, SQL queries, server configurations, and process spawning.

Scans repositories, artifacts, and code history for high-signal secrets like AWS keys and database passwords to prevent accidental exposure during security audits.

Audits Django applications for security vulnerabilities in settings, middleware, and code patterns to ensure secure configuration and implementation.

Audits Convex applications for security vulnerabilities in authentication, authorization, and data access patterns, ensuring proper row-level security and input validation.

Audits Next.js applications for security vulnerabilities including environment variables, server actions, and middleware configurations to prevent common exploits.

Audits Vite applications for security flaws including environment variable exposure, build secrets, and dev server misconfigurations.

Conducts security code reviews covering OWASP Top 10, vulnerability assessment, and secure coding practices to strengthen application security.