Secure & Comply
PCI, GDPR, accessibility, auth providers, and the security hardening that protects your store and your customers.
8 Skills
Advanced Next.js patterns - middleware, Server Actions, caching with Clerk.
Conducts comprehensive Magento 2 security assessments and implements security measures. Use when auditing security, identifying vulnerabilities, implementing security controls, or ensuring compliance. Masters security auditing, vulnerability management, and compliance frameworks.
Use when building payment processing, handling credit card data, PAN, CVV, cardholder data environment (CDE), implementing checkout flows, tokenization, Stripe, Braintree, or any code that touches cardholder information — PCI DSS v4.0 coding patterns, SAQ selection, data classification, AES-256 encryption, TLS 1.2, audit log, data masking, Luhn validation, payment gateway integration, 3-D Secure, scope reduction, network segmentation
Implement advanced SLAS authentication patterns in B2C Commerce. Use when implementing passwordless login (email OTP, SMS OTP, passkeys), session bridging between PWA and SFRA, hybrid authentication, token refresh, or trusted system authentication. Covers authentication flows, token management, and JWT validation.
Comprehensive Magento 2 security scanning skill that checks for vulnerabilities, misconfigurations, outdated dependencies, security patches, and compliance with security best practices.
Industry-specific guide for implementing Fullstory in banking and financial services applications. Covers regulatory requirements (PCI DSS, GLBA, SOX), privacy controls for sensitive financial data, authentication flows, transaction monitoring, and fraud detection patterns. Includes detailed examples for retail banking, investment platforms, and payment applications.
Core concepts for Fullstory's User Consent APIs. Platform-agnostic guide covering consent mechanisms, GDPR/CCPA compliance patterns, and privacy-compliant session recording. See SKILL-WEB.md and SKILL-MOBILE.md for implementation examples.
Security best practices for Shopify Apps. Covers OWASP Top 10, authentication, data protection, webhook verification, and secure coding patterns for Remix applications.