Chore: weekly repo cleanup

CONTRIBUTING.md

@@ -69,7 +69,7 @@ in MDX files.
 5. **Notify reviewers** by tagging a steward or maintainer, requesting reviews directly in your PR.
 6. Additionally, you can paste your PR and/or potential associated issues to the `frameworks-contribs` Discord channel.
 7. Once reviewed and approved, your changes will be merged into `develop`.
-8. Don't forget to add yourself to the YAML header of the file you're modifying, since that is how we provide
+8. Don't forget to add yourself to the YAML header of the file you're modifying, given that is the way we provide
    attribution. You should also create your profile inside the contributors list, at `docs/pages/config/contributors.json`.
 9. Periodically, reviewed content from `develop` is merged into `main` for the stable site.
 
@@ -85,7 +85,7 @@ Choose the development approach that works best for you:
 
 ### Option A: DevContainer with VSCode
 
-The easiest way to get started is using our pre-configured devcontainer with VSCode:
+The easiest way to get started is to use our pre-configured devcontainer with VSCode:
 
 1. **Prerequisites**: VSCode with [Dev Containers
 extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers)
@@ -96,14 +96,14 @@ extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.
 ### Option B: DevContainer CLI Only (No VSCode Required)
 
 Since you won't require extensions for the initiative to work, you can just create a devcontainer using the CLI and
-access it through whatever means you think suits you best.
+access it through whatever means suit you best.
 
 **Using DevContainer CLI (Recommended):**
 
 - Install [DevContainer CLI](https://github.com/devcontainers/cli)
 
 ```bash
-git clone <https://github.com/security-alliance/frameworks.git>
+git clone https://github.com/security-alliance/frameworks.git
 cd frameworks && git checkout develop
 devcontainer up --workspace-folder .
 devcontainer exec --workspace-folder . bash
@@ -129,7 +129,7 @@ If you prefer to install dependencies locally on your machine:
 2. Clone the repository:
 
     ```bash
-    git clone <https://github.com/security-alliance/frameworks.git>
+    git clone https://github.com/security-alliance/frameworks.git
     cd frameworks && git checkout develop
     ```
 
@@ -145,7 +145,7 @@ If you prefer to install dependencies locally on your machine:
     pnpm exec just serve
     ```
 
-5. Once the server is running, access the site at port ```5173```
+5. Once the server is running, access the site on port `5173`.
 
 **(Optional) Authenticate with GitHub CLI**: The GitHub CLI (`gh`) is already preinstalled in the devcontainer. You can
 authenticate by running `gh auth login` in the terminal, making it easy to interact with GitHub directly from your
@@ -298,7 +298,7 @@ Example of a category with multiple pages:
 This ensures that new content appears correctly in the site’s navigation for readers on the `.dev` site while staying
 hidden from the stable `.org` site until ready.
 
-### 4. Error Checking
+### 3. Error Checking
 
 Before pushing changes, always make sure your build works without errors:
 
@@ -312,7 +312,7 @@ This helps catch build or formatting issues early so reviewers see clean contrib
 Wiki pages follow standard MDX.
 
 The audience of this wiki is technical, and the content should reflect that. There are many guides on technical and
-documentation writing you can learn from, for example, you can check [this
+documentation writing you can learn from; for example, you can check [this
 lecture](https://www.youtube.com/watch?v=vtIzMaLkCaM) to get started.
 
 ### Writing guidelines
@@ -321,13 +321,13 @@ lecture](https://www.youtube.com/watch?v=vtIzMaLkCaM) to get started.
 - Use concise sentences and break down complex ideas with bullet points, tables, images, or block-quotes.
 - Always link your resources and verify them
 - Introduce acronyms and technical jargon before using them.
-- Web3 changes fast, write the content to be as future-proof as possible
+- Web3 changes fast; write the content to be as future-proof as possible.
 - Do **not** submit content entirely generated by AI; however, we recommend using it to fix grammar or phrasing
 - Consider tutorials or hands-on guides for practical steps.
 - Use visualizations (mermaid, diagrams, tables) to clarify concepts.
 - Add recommended reading or dependencies at the top of a page if relevant.
 - Focus on delivering credible, formal, technical content without unnecessary high-level introductions; use examples,
-comparisons, or anecdotes to clarify complex topics.
+  comparisons, or anecdotes to clarify complex topics.
 - You can use mermaid diagrams for visualizations
 
 ### Content standardization
@@ -351,15 +351,17 @@ fits, for example in block-quotes.
   where you can jump straight to draw!
 
   ```mermaid
-  pie title What Voldemort doesn't have?
+pie title What Voldemort doesn't have?
           "FRIENDS" : 2
           "FAMILY" : 3
           "NOSE" : 45
-  ```
+```
+
 - Adding images is welcome and encouraged.
   Please follow the steps below to include them correctly:
 
-  1. After making your changes and opening a PR, add the images you want to include in the PR's comments (by uploading them directly)
+  1. After making your changes and opening a PR, add the images you want to include in the PR's comments
+  (by uploading them directly)
   2. During the review, a maintainer will upload your images to our S3 bucket and reply with the links you should use.
   3. Once you receive the new links, update your PR to add the images' links.
 

docs/pages/config/contributors.json

@@ -23,7 +23,7 @@
       { "name": "Issue-Opener-5", "assigned": "2024-08-22" },
       { "name": "Issue-Opener-10", "assigned": "2024-08-24" },
       { "name": "Issue-Opener-25", "assigned": "2024-09-25" },
-      { "name": "Active-Last-7d", "lastActive": "2026-03-24" }
+      { "name": "Active-Last-7d", "lastActive": "2026-04-08" }
     ]
   },
   "fredriksvantes": {
@@ -191,7 +191,7 @@
       { "name": "Framework-Steward", "assigned": "2025-07-10", "framework": "Wallet Security" },
       { "name": "First-Contribution", "assigned": "2025-07-10" },
       { "name": "First-Review", "assigned": "2025-09-25" },
-      { "name": "Dormant-90d+", "lastActive": "2025-10-27" }
+      { "name": "Active-Last-7d", "lastActive": "2026-04-07" }
     ]
   },
   "njelich": {
@@ -231,7 +231,7 @@
       { "name": "First-Review", "assigned": "2025-08-11" },
       { "name": "Reviewer-10", "assigned": "2026-02-24" },
       { "name": "Reviewer-25", "assigned": "2024-03-01" },
-      { "name": "Active-Last-7d", "lastActive": "2026-03-23" }
+      { "name": "Active-Last-7d", "lastActive": "2026-04-06" }
     ]
   },
   "blackbigswan": {
@@ -445,7 +445,7 @@
       { "name": "First-Review", "assigned": "2025-08-12" },
       { "name": "Reviewer-10", "assigned": "2025-09-12" },
       { "name": "Reviewer-25", "assigned": "2026-03-20" },
-      { "name": "Active-Last-7d", "lastActive": "2026-03-25" }
+      { "name": "Active-Last-7d", "lastActive": "2026-04-09" }
     ]
   },
   "gunnim": {
@@ -461,7 +461,7 @@
     "description": "Cloud architecture enthusiast with a passion for IT Security",
     "badges": [
       { "name": "First-Contribution", "assigned": "2026-01-21" },
-      { "name": "Active-Last-7d", "lastActive": "2026-03-21" }
+      { "name": "Active-Last-30d", "lastActive": "2026-03-21" }
     ]
   },
   "madjin": {
@@ -552,8 +552,11 @@
     "company": "QuillAudits",
     "job_title": "Smart Contract Audit Firm",
     "role": "contributor",
-    "description": "Leading smart contract audit firm specializing in Web3 security solutions, DeFi auditing, and DApp penetration testing.",
-    "badges": []
+    "description": "Frameworks Contributor",
+    "badges": [
+      { "name": "First-Contribution", "assigned": "2025-12-30" },
+      { "name": "Dormant-90d+", "lastActive": "2025-12-30" }
+    ]
   },
   "hexnickk4997": {
     "slug": "hexnickk4997",
@@ -634,21 +637,21 @@
       { "name": "First-Contribution", "assigned": "2025-09-18" },
       { "name": "Dormant-90d+", "lastActive": "2025-09-18" }
     ]
-},
-"andrew-chang-gu": {
-  "slug": "andrew-chang-gu",
-  "name": "Andrew Chang-Gu",
-  "avatar": "",
-  "github": "",
-  "twitter": "",
-  "website": "https://www.linkedin.com/in/achanggu",
-  "company": "Google Cloud Security",
-  "job_title": "Google Cloud Security",
-  "role": "contributor",
-  "description": "Google Cloud Security",
-  "badges": []
-},
-"JosepBove": {
+  },
+  "andrew-chang-gu": {
+    "slug": "andrew-chang-gu",
+    "name": "Andrew Chang-Gu",
+    "avatar": null,
+    "github": null,
+    "twitter": null,
+    "website": "https://www.linkedin.com/in/achanggu",
+    "company": "Google Cloud Security",
+    "job_title": "Google Cloud Security",
+    "role": "contributor",
+    "description": "Google Cloud Security",
+    "badges": []
+  },
+  "JosepBove": {
     "slug": "JosepBove",
     "name": "Josep Bove",
     "avatar": "https://avatars.githubusercontent.com/JosepBove",
@@ -662,14 +665,47 @@
     "badges": [
       { "name": "Framework-Steward", "assigned": "2026-03-17", "framework": "Monitoring" },
       { "name": "First-Contribution", "assigned": "2026-03-16" },
-      { "name": "New-Joiner", "lastActive": "2026-03-17" },
-      { "name": "Active-Last-7d", "lastActive": "2026-03-23" }
+      { "name": "Active-Last-30d", "lastActive": "2026-03-23" }
+    ]
+  },
+  "tim-sha256": {
+    "slug": "tim-sha256",
+    "name": "tim-sha256",
+    "avatar": "https://avatars.githubusercontent.com/tim-sha256",
+    "github": "https://github.com/tim-sha256",
+    "twitter": null,
+    "website": null,
+    "company": null,
+    "job_title": null,
+    "role": "contributor",
+    "description": "Frameworks Contributor",
+    "badges": [
+      { "name": "First-Contribution", "assigned": "2026-04-05" },
+      { "name": "New-Joiner", "assigned": "2026-04-05" },
+      { "name": "Active-Last-7d", "lastActive": "2026-04-05" }
+    ]
+  },
+  "fvelazquez-x": {
+    "slug": "fvelazquez-x",
+    "name": "fvelazquez-x",
+    "avatar": "https://avatars.githubusercontent.com/fvelazquez-x",
+    "github": "https://github.com/fvelazquez-x",
+    "twitter": null,
+    "website": null,
+    "company": null,
+    "job_title": null,
+    "role": "contributor",
+    "description": "Frameworks Contributor",
+    "badges": [
+      { "name": "First-Contribution", "assigned": "2026-04-07" },
+      { "name": "New-Joiner", "assigned": "2026-04-07" },
+      { "name": "Active-Last-7d", "lastActive": "2026-04-07" }
     ]
 },
 "shallem": {
     "slug": "shallem",
     "name": "Seth Hallem",
-    "avatar": "",
+    "avatar": null,
     "github": "https://github.com/shallem",
     "twitter": "https://x.com/seth_certora",
     "website": "https://www.certora.com/",
@@ -678,6 +714,9 @@
     "job_title": null,
     "description": "Steward of Opsec framework",
     "badges": [
+      { "name": "Framework-Steward", "assigned": "2026-04-09", "framework": "Operational Security" },
+      { "name": "First-Contribution", "assigned": "2025-09-10" },
+      { "name": "Active-Last-7d", "lastActive": "2026-04-09" }
     ]
   }
 }

docs/pages/contribute/contributing.mdx

@@ -285,7 +285,7 @@ This helps track contributions and ensures proper attribution.
 
 For a complete frontmatter example, see the [template file](https://github.com/security-alliance/frameworks/blob/develop/docs/pages/config/template.mdx?plain=1).
 
-### 3. Sidebar / Navigation
+### 2. Sidebar / Navigation
 
 Because of how we handle the `.org` and `.dev` domains in different branches, when contributing **new pages** you must
 also **update `vocs.config.tsx`** so that the page appears in the site’s sidebar. For content still in review, remember
@@ -310,7 +310,7 @@ Example of a category with multiple pages:
 This ensures that new content appears correctly in the site’s navigation for readers on the `.dev` site while staying
 hidden from the stable `.org` site until ready.
 
-### 4. Error Checking
+### 3. Error Checking
 
 Before pushing changes, always make sure your build works without errors:
 
@@ -372,7 +372,8 @@ fits, for example in block-quotes.
 - Adding images is welcome and encouraged.
   Please follow the steps below to include them correctly:
 
-  1. After making your changes and opening a PR, add the images you want to include in the PR's comments (by uploading them directly)
+  1. After making your changes and opening a PR, add the images you want to include
+     in the PR's comments (by uploading them directly)
   2. During the review, a maintainer will upload your images to our S3 bucket and reply with the links you should use.
   3. Once you receive the new links, update your PR to add the images' links.
 
@@ -404,7 +405,7 @@ This page is also open for contributions! Suggest improvements to our style and
 
 ## About this page
 
-Originally inspired by the [Ethereum Protocol Fellows](https://github.com/eth-protocol-fellows/protocol-studies)
+Originally inspired by the [Ethereum Protocol Fellows](https://github.com/eth-protocol-fellows/protocol-studies).
 
 ---
 

docs/pages/dprk-it-workers/techniques-tactics-and-procedures.mdx

@@ -210,18 +210,18 @@ hiring a DPRK IT Worker.
                 profile, which can uncover further identity mismatches.
                  1. On LinkedIn, examine the strength of the actor's connection network.
 
-
-
 ### Defeating Deepfakes: Liveness Verification
 
-Pre-recorded deepfake video can fool a casual interviewer, particularly when audio "technical difficulties" are used as cover. Incorporate unpredictable, interactive requests that a pre-rendered deepfake cannot handle:
+Pre-recorded deepfake video can fool a casual interviewer, particularly when audio "technical difficulties"
+are used as cover. Incorporate unpredictable, interactive requests that a pre-rendered deepfake cannot handle:
 
 - Ask the candidate to turn their head sideways and hold the position
 - Have them read a randomly generated phrase displayed on screen for the first time during the call
 - Request a hand movement across the face mid-stream
 - Ask them to screen-share and perform a live technical task requiring real-time interaction with their environment
 
-> Any candidate who persistently avoids in-person interaction — even for high-value roles — warrants a security review. This is a documented indicator of DPRK IT worker activity.
+> Any candidate who persistently avoids in-person interaction — even for high-value roles — warrants a security
+> review. This is a documented indicator of DPRK IT worker activity.
 
 ## Did I hire a DPRK IT Worker?
 

docs/pages/opsec/endpoint/overview.mdx

@@ -22,9 +22,12 @@ import { TagList, AttributionList, TagProvider, TagFilter, ContributeFooter } fr
 <TagList tags={frontmatter.tags} />
 <AttributionList contributors={frontmatter.contributors} />
 
-> **Key Takeaway:** Match device security investment to role risk. Managed hardware for privileged operators, VDI for global contractors, enterprise browsers as minimum viable security for everyone else.
+> **Key Takeaway:** Match device security investment to role risk. Managed hardware for privileged operators,
+> VDI for global contractors, enterprise browsers as minimum viable security for everyone else.
 
-Unmanaged personal devices are a primary vector for credential theft and lateral movement in Web3 organizations. Infostealers, malicious browser extensions, and compromised development environments all start at the endpoint. Organizations need a device provisioning strategy that scales security with role sensitivity.
+Unmanaged personal devices are a primary vector for credential theft and lateral movement in Web3 organizations.
+Infostealers, malicious browser extensions, and compromised development environments all start at the endpoint.
+Organizations need a device provisioning strategy that scales security with role sensitivity.
 
 ## Device Security Tiers
 
@@ -42,7 +45,9 @@ Issue organization-managed hardware to your highest-risk roles. This provides fu
 
 ### Tier 2: Virtual Desktop Infrastructure (Privacy-First Scale)
 
-For global contractors where issuing hardware is impractical, VDI provides a secure cloud-hosted environment accessible from any device. The employee's personal machine becomes a thin client — all sensitive work happens inside the managed virtual desktop.
+For global contractors where issuing hardware is impractical, VDI provides a secure cloud-hosted environment
+accessible from any device. The employee's personal machine becomes a thin client — all sensitive work happens
+inside the managed virtual desktop.
 
 - Complete visibility and control inside the virtual environment
 - Corporate web proxying and traffic inspection
@@ -51,7 +56,8 @@ For global contractors where issuing hardware is impractical, VDI provides a sec
 - **Limitation:** Performance and latency overhead
 - **Limitation:** Hardware authentication dongle (YubiKey) compatibility issues in virtualized environments
 
-**Target roles:** Global operations, customer support, regional teams, contractors with defined scopes. Providers: AWS WorkSpaces, Azure Virtual Desktop, Google Cloud Workstations.
+**Target roles:** Global operations, customer support, regional teams, contractors with defined scopes.
+Providers: AWS WorkSpaces, Azure Virtual Desktop, Google Cloud Workstations.
 
 ### Tier 3: Enterprise Browser (Minimum Viable Security)
 
@@ -65,23 +71,26 @@ For general staff and short-term contractors, an enterprise browser provides a m
 
 **Target roles:** General staff, community managers, short-term contractors.
 
-> If you use Google Workspace, you already have **Chrome Enterprise Core** at no additional cost. Enabling extension allowlisting alone eliminates one of the most common attack vectors against Discord and web-based platforms.
+> If you use Google Workspace, you already have **Chrome Enterprise Core** at no additional cost. Enabling
+> extension allowlisting alone eliminates one of the most common attack vectors against Discord and web-based platforms.
 
 ## Choosing the Right Tier
 
 | Factor | Managed Device | VDI | Enterprise Browser |
-|--------|---------------|-----|-------------------|
+| ------ | -------------- | --- | ------------------ |
 | **Visibility** | Full (OS + apps) | Inside VDI only | Browser only |
 | **Host compromise protection** | Yes — EDR on host | Partial — Host keyloggers | No — None |
 | **Hardware cost** | High (org buys devices) | Low (any device) | None |
 | **Privacy** | Low (org owns device) | Medium (host is private) | High (only browser managed) |
 | **Best for** | Core team, signers | Global contractors | General staff |
 
-Most Web3 organizations will use all three tiers simultaneously — the goal is to match investment to actual risk, not to force a single approach across all roles.
+Most Web3 organizations will use all three tiers simultaneously — the goal is to match investment to actual risk,
+not to force a single approach across all roles.
 
 ## Further Reading
 
-- [Hardening your organization](/dprk-it-workers/mitigating-dprk-it-workers#hardening-your-organization) — Access control policies for remote workers
+- [Hardening your organization](/dprk-it-workers/mitigating-dprk-it-workers#hardening-your-organization)
+  — Access control policies for remote workers
 - [Browser Security](/opsec/browser/overview) — Browser-specific hardening
 
 </TagProvider>