diff --git a/api/wired-pending/intent-opus4-dev_devops.php b/api/wired-pending/intent-opus4-dev_devops.php
index 760c2e185..9cb28c28d 100644
--- a/api/wired-pending/intent-opus4-dev_devops.php
+++ b/api/wired-pending/intent-opus4-dev_devops.php
@@ -23,7 +23,7 @@ return array (
     15 => 'site reliability project',
     16 => 'DORA metrics improvement',
     17 => 'deployment automation projet',
-    18 => 'comment mettre en place CI CD',
+    18 => 'comment faire integration continue projet',
     19 => 'comment automatiser le deploiement',
     20 => 'comment faire du DevOps',
     21 => 'quelle meilleure facon automatiser deploiement',
diff --git a/api/wired-pending/intent-opus4-dev_mobile.php b/api/wired-pending/intent-opus4-dev_mobile.php
index 0e2a7ae42..d4fbead83 100644
--- a/api/wired-pending/intent-opus4-dev_mobile.php
+++ b/api/wired-pending/intent-opus4-dev_mobile.php
@@ -23,7 +23,7 @@ return array (
     15 => 'Swift projet iOS',
     16 => 'Kotlin projet Android',
     17 => 'Expo projet React Native',
-    18 => 'comment developper une app mobile',
+    18 => 'comment developper application smartphone tablette',
     19 => 'comment faire une app iOS Android',
     20 => 'comment creer une application mobile',
     21 => 'quelle meilleure facon developper app mobile',
diff --git a/api/wired-pending/intent-opus4-dev_security.php b/api/wired-pending/intent-opus4-dev_security.php
index 9d3be0170..d57d7e2e0 100644
--- a/api/wired-pending/intent-opus4-dev_security.php
+++ b/api/wired-pending/intent-opus4-dev_security.php
@@ -25,11 +25,11 @@ return array (
     17 => 'threat intelligence projet',
     18 => 'defensive security projet',
     19 => 'blue team project',
-    20 => 'comment deployer un SIEM',
-    21 => 'comment mettre en place un SOC',
-    22 => 'comment faire un pentest',
-    23 => 'quelle meilleure facon proteger infrastructure',
-    24 => 'how to deploy a SIEM',
+    20 => 'comment deployer centralisation logs securite',
+    21 => 'comment construire equipe surveillance securite',
+    22 => 'comment organiser test intrusion application',
+    23 => 'quelle meilleure facon durcir serveurs weval',
+    24 => 'how to build centralized security logs',
     20 => 'red team exercise'
   ),
   'cmd' => 'echo "=== WEVIA propose un scope SECURITY ==="; echo ""; echo "Stack options WEVAL-ready:"; echo "1. CrowdSec + fail2ban (deja deploye S204, IP threat intelligence)\n2. OWASP ZAP + Burp Suite (pentesting web apps)\n3. Wazuh SIEM (open-source SOC, log aggregation)\n4. HashiCorp Vault (secrets management centralise)\n5. GPG/age + chattr +i (WEVAL pattern secrets.env protection)"; echo ""; echo "Agents WEVIA mobilisables:"; echo "- CrowdSec deja deploye S204 (whitelist auto pattern V9.63)\n- WEVIA Master pour audit posture\n- Paperclip pour pilotage remediation findings"; echo ""; echo "Pour avancer:"; echo "1. Scope (app web, infra, SOC 24/7, compliance cible)\n2. Audit initial (OWASP Top 10, CIS benchmarks, nmap)\n3. POC 1 scope 2sem / MVP complet 2mois / Enterprise 3-6mois\n4. Certification audit externe si compliance ISO 27001 / SOC 2"; echo ""; echo "Quel est ton risque principal? App publique, data sensitive, ou compliance?"',