Security Review Team

Launches a parallel security audit with 3 specialized reviewers.

Team

1. Code Security Reviewer

Focus: Application-level vulnerabilities

• SQL injection (check all sqlx queries)
• Command injection (check Bash/exec usage)
• Input validation gaps
• Authentication/authorization bypass
• Error information disclosure
• Unsafe type assertions

2. Infrastructure Security Reviewer

Focus: Deployment and configuration security

• Docker image security (non-root, minimal base)
• Kubernetes manifests (RBAC, resource limits, network policies)
• Environment variable handling
• Secret management
• Exposed ports and services
• CI pipeline security

3. Data Security Reviewer

Focus: Data protection and privacy

• PII handling (logging, error responses, storage)