diff --git a/.beads/formulas/security-audit.formula.json b/.beads/formulas/security-audit.formula.json
index e9b7e8ea..13ac5c2f 100644
--- a/.beads/formulas/security-audit.formula.json
+++ b/.beads/formulas/security-audit.formula.json
@@ -4,39 +4,47 @@
   "description": "Cross-cutting security concern. Applies security scanning before and after implementation steps.",
   "version": 1,
   "pointcuts": [
-    {"glob": "*.implement"},
-    {"glob": "*.submit"}
+    {"glob": "implement"},
+    {"glob": "submit"}
   ],
-  "advice": {
-    "around": {
-      "before": [
-        {
-          "id": "security-prescan",
-          "description": "Pre-implementation security check. Review for secrets/credentials in scope. Check dependencies for known vulnerabilities.",
-          "args": {
-            "target": "{step.id}"
+  "advice": [
+    {
+      "target": "implement",
+      "around": {
+        "before": [
+          {
+            "id": "{step.id}-security-prescan",
+            "title": "Security prescan for {step.id}",
+            "description": "Pre-implementation security check. Review for secrets/credentials in scope. Check dependencies for known vulnerabilities."
           }
-        }
-      ],
-      "after": [
-        {
-          "id": "security-postscan",
-          "description": "Post-implementation security scan. Scan new code for vulnerabilities (SAST). Check for hardcoded secrets. Review for OWASP Top 10 issues.",
-          "args": {
-            "target": "{step.id}"
-          },
-          "output": {
-            "approved": "boolean",
-            "findings": "list"
+        ],
+        "after": [
+          {
+            "id": "{step.id}-security-postscan",
+            "title": "Security postscan for {step.id}",
+            "description": "Post-implementation security scan. Scan new code for vulnerabilities (SAST). Check for hardcoded secrets. Review for OWASP Top 10 issues."
           }
-        },
-        {
-          "gate": {
-            "condition": "security-postscan.output.approved == true",
-            "message": "Security approval required before proceeding"
+        ]
+      }
+    },
+    {
+      "target": "submit",
+      "around": {
+        "before": [
+          {
+            "id": "{step.id}-security-prescan",
+            "title": "Security prescan for {step.id}",
+            "description": "Pre-submission security check. Final vulnerability scan before merge."
           }
-        }
-      ]
+        ],
+        "after": [
+          {
+            "id": "{step.id}-security-postscan",
+            "title": "Security postscan for {step.id}",
+            "description": "Post-submission security verification. Confirm no new vulnerabilities introduced."
+          }
+        ]
+      }
     }
-  }
+  ]
 }
diff --git a/.beads/formulas/shiny-secure.formula.json b/.beads/formulas/shiny-secure.formula.json
new file mode 100644
index 00000000..11d6ba44
--- /dev/null
+++ b/.beads/formulas/shiny-secure.formula.json
@@ -0,0 +1,10 @@
+{
+  "formula": "shiny-secure",
+  "type": "workflow",
+  "description": "Shiny workflow with security audit aspect applied.",
+  "version": 1,
+  "extends": ["shiny"],
+  "compose": {
+    "aspects": ["security-audit"]
+  }
+}