diff --git a/src/BPSecLib_Private.h b/src/BPSecLib_Private.h
index e7428fa..3f4e7f0 100644
--- a/src/BPSecLib_Private.h
+++ b/src/BPSecLib_Private.h
@@ -1349,8 +1349,12 @@ struct BSL_PolicyDesc_s
 int BSL_SecCtx_ExecutePolicyActionSet(BSL_LibCtx_t *lib, BSL_SecurityResponseSet_t *output_response,
                                       BSL_BundleRef_t *bundle, const BSL_SecurityActionSet_t *action_set);
 
-/**
- * @todo Doxygen
+/** Validate policy action set
+ *
+ * @param[in] lib This BSL context
+ * @param[in,out] bundle Pointer to bundle, which may be modified.
+ * @param[in] action_set Action containing all params and operations.
+ * @return true on success, false on failure.
  */
 bool BSL_SecCtx_ValidatePolicyActionSet(BSL_LibCtx_t *lib, const BSL_BundleRef_t *bundle,
                                         const BSL_SecurityActionSet_t *action_set);
diff --git a/src/Data.h b/src/Data.h
index f7adc27..9eaee93 100644
--- a/src/Data.h
+++ b/src/Data.h
@@ -71,12 +71,10 @@ typedef struct BSL_Data_s
  */
 int BSL_Data_Init(BSL_Data_t *data);
 
-/** Initialize with an owned buffer of size bytelen
- *
- * @todo Clarify to indicate this calls MALLOC.
- *
+/** Initialize with a dynamically-allocated owned buffer of size bytelen
+ * *
  * @param[in,out] data The data to initialize.
- * @param[in] bytelen Length of buffer to allocate.
+ * @param[in] bytelen Length of buffer to dynamically allocate.
  * @return Zero upon success.
  */
 int BSL_Data_InitBuffer(BSL_Data_t *data, size_t bytelen);
diff --git a/src/backend/SecParam.c b/src/backend/SecParam.c
index 0b86d09..aead7b6 100644
--- a/src/backend/SecParam.c
+++ b/src/backend/SecParam.c
@@ -173,11 +173,6 @@ bool BSL_SecParam_IsConsistent(const BSL_SecParam_t *self)
     {
         CHK_AS_BOOL(m_bstring_empty_p(self->_bytes));
     }
-    else
-    {
-        // TODO is this meaningful?
-        CHK_AS_BOOL(self->_uint_value == 0);
-    }
     return true;
 }
 
diff --git a/src/backend/SecurityContext.c b/src/backend/SecurityContext.c
index 502cd90..187ddd8 100644
--- a/src/backend/SecurityContext.c
+++ b/src/backend/SecurityContext.c
@@ -24,8 +24,6 @@
  * @brief Implementation of functions to interact with the security context
  * @ingroup backend_dyn
  *
- * @todo Enable checking (not just using a stub returning True.)
- * @todo Complete implementation for BCB acceptor.
  */
 #include <BPSecLib_Private.h>
 
@@ -81,7 +79,6 @@ static int Encode_ASB(BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, uint64_t blk_n
 static int BSL_ExecBIBSource(BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle,
                              BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome)
 {
-    (void)lib;
     CHK_ARG_NONNULL(sec_context_fn);
     CHK_ARG_NONNULL(bundle);
     CHK_ARG_NONNULL(sec_oper);
diff --git a/src/mock_bpa/agent.c b/src/mock_bpa/agent.c
index 34e0dbe..1a79af2 100644
--- a/src/mock_bpa/agent.c
+++ b/src/mock_bpa/agent.c
@@ -493,7 +493,6 @@ int MockBPA_Agent_Init(MockBPA_Agent_t *agent, BSLP_PolicyProvider_t **policy)
         bcb_sec_desc.validate = BSLX_BCB_Validate;
         ASSERT_PROPERTY(0 == BSL_API_RegisterSecurityContext(ctx->bsl, 2, bcb_sec_desc));
     }
-    // TODO find a better way to deal with this
 
     *policy              = BSLP_PolicyProvider_Init(1);
     agent->appin.policy  = *policy;