Worked on security hardening for the atlanhq/application-sdk repository, focusing on dependency management and risk mitigation. Addressed a high-severity CVE by introducing an allowlist entry for the SSH knownhosts subpackage, a dependency within the Dapr runtime. This targeted remediation closed a vulnerability gap in the dependency chain, supporting safer production deployments. The approach involved careful documentation of the rationale, scope, and anticipated timeline for a permanent fix. Utilized JSON for configuration and leveraged security management best practices to ensure transparency and maintainability. The work emphasized precise, auditable changes that reinforce the repository’s security posture without introducing new features.