During April 2025, Terratauri focused on security hardening for the grafana/grafanactl repository by enhancing CI/CD pipelines. They removed credential persistence from the checkout action and introduced job-scoped permissions, directly addressing recent Grafana security updates and zizmor findings. Using YAML and GitHub Actions, Terratauri reduced the risk of credential exposure and improved access controls within automated workflows. Their work improved traceability of security fixes and aligned deployment processes with evolving security requirements. While the scope was targeted, the changes delivered measurable business value by lowering attack surfaces and ensuring continuous security improvements in the CI environment, demonstrating depth in CI/CD security practices.