audit▌

Security audit patterns for authorization, data access, action isolation, rate limiting, and sensitive operations in Convex applications. \n \n Covers five core security areas: role-based access control with hierarchical permissions, data access boundaries with ownership verification, action isolation for external API calls, rate limiting with configurable windows, and two-factor confirmation for destructive operations \n Includes complete TypeScript examples for RBAC implementation, permission-

Comprehensive Core Web Vitals audit with root-cause diagnosis and resource optimization guidance. \n \n Covers five key metrics (LCP, CLS, INP, FCP, TTFB) with diagnostic trees that pinpoint specific causes like slow servers, missing image dimensions, font loading issues, and main-thread blocking \n Includes structured resource analysis breaking down HTML, CSS, JavaScript, images, fonts, and third-party script sizes against industry benchmarks \n Provides prioritized fix recommendations ordered

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

Enable and configure audit logging for Kibana via kibana.yml. Kibana audit logs cover application-layer security events that Elasticsearch does not see: saved object CRUD (dashboards, visualizations, index patterns, rules, cases), login/logout, session expiry, space operations, and Kibana-level RBAC enforcement.

Prepares codebases for security audits using Trail of Bits' checklist across four structured phases. \n \n Helps define review goals by identifying security concerns, previous issues, and worst-case scenarios, then documents them for the assessment team \n Runs platform-specific static analysis tools (Slither for Solidity, Dylint for Rust, Golangci-lint for Go, CodeQL and Semgrep for multiple languages) and triages findings \n Increases test coverage, identifies and removes dead code, and genera

Comprehensive SEO audit covering technical health, on-page optimization, content quality, backlinks, and competitive positioning. \n \n Structured five-layer framework: technical foundation, on-page optimization, content quality, link profile, and competitive position \n Includes detailed checklists for crawlability, indexability, performance, rendering, title/meta optimization, heading structure, internal linking, and schema markup \n Provides page-level scoring rubric with weighted sections (t

Comprehensive quality review covering performance, accessibility, SEO, and best practices across 150+ checks. \n \n Analyzes code and projects across four audit categories: Performance (Core Web Vitals, resource optimization, loading strategy), Accessibility (perceivable, operable, understandable, robust), SEO (crawlability, on-page, technical), and Best Practices (security, standards, UX patterns) \n Categorizes findings by severity (Critical, High, Medium, Low) with specific, actionable recomm

Systematic quality audit across accessibility, performance, theming, and responsive design with prioritized findings. \n \n Scans five dimensions: accessibility (contrast, ARIA, keyboard nav, semantic HTML, alt text, forms), performance (layout thrashing, expensive animations, bundle size, render efficiency), theming (hard-coded colors, dark mode, token consistency), responsive design (fixed widths, touch targets, overflow, text scaling), and AI anti-patterns \n Documents issues by severity (Cri

If you see unfamiliar placeholders or need to check which tools are connected, see CONNECTORS.md.

Pre-trade token security scanning across Ethereum, BSC, Base, and Solana to detect honeypots, rug pulls, and malicious contracts. \n \n Analyzes contract risks, trading risks, and scam indicators with three-tier risk classification (LOW, MEDIUM, HIGH) \n Returns buy/sell tax percentages, contract verification status, and detailed risk item breakdowns with descriptions \n Supports four blockchains: Ethereum, BSC, Base, and Solana via single unified API endpoint \n Results valid only when both has