frappe-auditlisted

Full audit of a Frappe app with parallel specialist delegation. Reviews security (permissions, injection, guest endpoints), schema quality (DocType JSON), and code conventions (hooks, patches, client scripts). Use when the user says audit my app, review this Frappe app, app health check, or pre-release review.
prilk-consulting/frappe-agent-kit · ★ 0 · AI & Automation · score 75

Install: claude install-skill prilk-consulting/frappe-agent-kit

# Frappe App Audit Audit a Frappe app end-to-end by delegating to specialist subagents, then aggregate a prioritized report. ## Usage Use this skill when: - User asks to audit, review, or health-check a Frappe app - Pre-release or pre-handover review of a custom app - Inheriting an unfamiliar codebase and needing a risk map ## Process 1. **Locate the app**: resolve `[app name]` to `apps/<app>/` in the current bench. If no argument, list apps in `apps/` (minus frappe/erpnext core unless explicitly requested) and ask which to audit. 2. **Inventory** (inline, fast): - `hooks.py` — verify every registered handler path resolves by running the bundled script from the bench root: `./env/bin/python <this skill's dir>/scripts/resolve_hooks.py <app>` (exit 3 = broken hooks; each is automatically a High finding) - `modules.txt`, `patches.txt` — modules and patch history - `**/doctype/*/` — DocType JSON + controllers - `public/js/`, `www/`, `templates/` — client and web surface - `install.py` / `setup.py` — install/migrate wiring 3. **Delegate to specialist agents** (run in parallel; if subagents are unavailable, run the same checklists inline sequentially): - `frappe-security` — permission enforcement, injection, guest surface - `frappe-schema` — DocType JSON quality and data-model design - `frappe-quality` — code conventions, hooks correctness, patch safety 4. **Verify findings**: drop anything a specialist flagged that doesn't reproduce on a second read o