detection▌

When analysis requires computation (statistics, data processing, scoring, enrichment), write and run Python code via Bash. Don't describe what you would do — execute it and report actual results. Use ToolUniverse tools to retrieve data, then Python (pandas, scipy, statsmodels, matplotlib) to analyze it.

Create new detection rules for emerging threats and coverage gaps, and tune existing rules to reduce false positives. All operations use the Kibana Detection Engine API via rule-manager.js.

Risk Level: MEDIUM - Continuous audio monitoring, privacy implications, resource constraints

Identify and fix memory leaks to prevent out-of-memory crashes and optimize application performance.

Anomaly detection identifies unusual patterns, outliers, and anomalies in data that deviate significantly from normal behavior, enabling fraud detection and system monitoring.

Detect code smells, security vulnerabilities, anomalies, and trends across codebases using regex, AST analysis, and statistical methods. \n \n Identifies problematic patterns including long functions, duplicate code, magic numbers, empty catch blocks, and TODO/FIXME markers \n Scans for security risks such as SQL injection, hard-coded secrets, dangerous function usage (eval, innerHTML), and credential exposure patterns \n Performs statistical anomaly detection using Z-score and IQR methods to fl