code-auditlisted

Methodical codebase audit across a multi-dimension tech-DD framework. Routes by intent — security pass, release check, deep per-dimension, full tech-DD, or explicit quick scan. Stack-aware (PHP/Laravel, Python/FastAPI, TS/Node, shell, Docker). Use for "audit", "tech DD", "security review", "ready to ship?" — NOT for routine PR diff review.
GuidanceStudio/code-repository-audit-skill · ★ 0 · Code & Development · score 62

Install: claude install-skill GuidanceStudio/code-repository-audit-skill

# Code audit — Router Honest, actionable findings on a codebase: methodical questions across a multi-dimension framework (see the registry below), calibrated severity per finding, triageable output. Assistant-neutral — works wherever this skill folder is loaded. ## When to invoke - "audit my code/project/codebase", "tech audit", "tech DD" - "security review", "security audit", "vuln scan" - "is this ready to ship?", "release check", "pre-release" - an explicit invocation of this skill (a `/code-audit` slash command, an `@code-audit` mention, or however your assistant invokes skills) Routine "review this PR/file" is better served by a lightweight diff- review tool if your assistant ships one. The `quick` cut here exists for explicit narrow scans. ## Step 1 — pick the cut If intent is clear, pick directly; ask only when genuinely ambiguous. | Cut | When | Loads | |---|---|---| | **quick** | explicit narrow scan of a file/PR/diff | `cuts/quick.md` + languages | | **security** | "security review", "OWASP" | `cuts/security.md` (D4+D5+threat-models) | | **release** | "ready to ship?", release tag | `cuts/release.md` | | **deep** | "deep audit on X", named dimensions | `cuts/deep.md` + those dimensions | | **full** | "full audit", "tech DD" | `cuts/full.md` + every dimension | No-args fallback: **quick** on a narrow open target, **full** on a repo root. ## Step 2 — detect the stack Markers are searched recursively (depth ≤3, dependency dirs pruned — see `routing/detect-s