Worked on security hardening for the langwatch/langwatch repository by introducing automated vulnerability detection and enforcing robust HTTP security headers. Leveraged GitHub Actions to implement a CodeQL workflow, enabling static analysis of JavaScript code and YAML configuration files directly within the CI/CD pipeline. Enhanced the repository’s security posture by configuring headers such as Content Security Policy, Referrer Policy, Strict-Transport-Security, and X-Content-Type-Options, aligning with OWASP best practices. This approach reduced the attack surface and provided earlier feedback on potential vulnerabilities, supporting safer code releases and improved compliance. Demonstrated skills in DevOps, security automation, and web security configuration throughout the project.