All plugins must comply with:
  • OWASP ASVS Level 3
  • CIS Benchmarks for container, K8s, and OS hardening
  • Integration with secret managers like Vault or AWS Secrets Manager