Roman Trofimenkov enhanced security automation and CI/CD reliability across the Deckhouse repositories by developing and refining secret scanning and vulnerability detection workflows. He integrated Gitleaks-based secret scanning into both GitHub Actions and GitLab CI, introducing centralized configuration management to streamline cross-repo security policies. In deckhouse/modules-gitlab-ci and deckhouse/modules-actions, Roman improved CVE scan accuracy by updating API request handling and preventing the reactivation of resolved vulnerabilities. His work leveraged Python scripting, Bash, and YAML to automate reporting, add custom token detection rules, and standardize configuration delivery. These contributions deepened security coverage and improved the maintainability of automated pipelines.