Developed security-focused features across google/security-testbeds and google/tsunami-security-scanner-plugins, building a reproducible testbed for CVE-2022-26148 in Grafana and integrating a Tsunami plugin for proactive vulnerability detection. Leveraged Java, Docker, and Gradle to create controlled environments with both vulnerable and non-vulnerable Grafana instances, enabling end-to-end validation of credential disclosure scenarios. Enhanced documentation to clarify exposure conditions and improved test infrastructure by introducing custom mocking utilities, streamlining validation of detection logic. Prioritized code quality and clear guidance, supporting safer deployments and more accurate security reviews. Work emphasized robust test coverage, reproducibility, and actionable documentation for vulnerability mitigation workflows.