بنقرة واحدة
audit
System-wide code audit with 8 modules
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
System-wide code audit with 8 modules
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Finish feature with tests, commit, and session closure
Start feature with branch and session tracking
Interactive wizard to configure the project
Environment-aware deployment with pre/post checks
Methodical codebase exploration and understanding
Bug fix workflow with 3-hypothesis debugging protocol
| name | audit |
| description | System-wide code audit with 8 modules |
| argument-hint | ["module-letter|all"] |
| allowed-tools | Bash(tsc:*), Bash(*test*), Bash(*lint*), Read, Write, Edit, Glob, Grep |
Run a comprehensive system audit. Can run all modules or a specific one.
Usage:
/audit or /audit all — Run all modules/audit A — Run only Types module/audit B C — Run specific modulesRead .claude/project.config.json:
{maxFileLines} = config.workflow.maxFileLines (default: 400){maxFunctionLines} = config.workflow.maxFunctionLines (default: 50){testCmd} = config.commands.test{stack} = config.project.stack{coverageThreshold} = config.workflow.coverageThreshold (default: 80)Detect project characteristics:
tsconfig.jsonpackage.json dependenciesGoal: Zero type errors.
npx tsc --noEmit 2>&1 | head -50
Goal: No unprotected endpoints or queries.
Find all API route/endpoint files:
Glob: src/api/**/*.ts, src/routes/**/*.ts, src/**/controller*.ts
For each endpoint, verify:
Find raw SQL or ORM queries without filters:
Grep: "\.query\(|\.raw\(|\.execute\(" in src/
Grep: "findMany|findAll" without "where" clause
Report unprotected endpoints and unfiltered queries.
Goal: All inputs validated at system boundaries.
Find controller/route handler functions:
Grep: "@Body|@Query|@Param|req\.body|req\.query|req\.params" in src/
For each input point, verify:
Report unvalidated inputs with file:line references.
Goal: Enforce maxFileLines and maxFunctionLines.
Scan all source files:
Glob: src/**/*.{ts,tsx,js,jsx,py,go,rs}
For each file:
{maxFileLines}{maxFunctionLines}Report oversized files and functions with line counts and suggested split points.
Goal: Business logic files have corresponding test files.
Find business logic files:
Glob: src/services/**/*.*, src/domain/**/*.*, src/use-cases/**/*.*
For each business file, check for corresponding test:
Glob: tests/**/*{filename}*, src/**/*{filename}.test.*, src/**/*{filename}.spec.*
Report:
{with tests}/{total} = {%}{coverageThreshold}%Goal: All endpoints are documented.
Find all endpoint definitions:
Grep: "@Get|@Post|@Put|@Delete|@Patch|router\.(get|post|put|delete|patch)" in src/
For each endpoint, check for documentation:
@ApiOperation, @ApiResponse)Report undocumented endpoints.
Goal: Files follow the established project structure.
Detect the architecture pattern:
Find files that don't fit the pattern:
Report architectural violations with suggested correct locations.
Goal: No anti-patterns in production code.
Search for common anti-patterns:
Grep: "any" (as type annotation, not in strings/comments)
Grep: "@ts-ignore|@ts-nocheck" in src/ (not in tests)
Grep: "console\.log|console\.debug|console\.info" in src/ (not in logger files)
Grep: "TODO|FIXME|HACK|XXX" in src/
Grep: "eslint-disable" in src/
Report each finding with file:line and context.
Generate report in context/auditorias/YYYY-MM-DD-{module|full}.md:
# Audit Report: {date}
**Scope**: {modules run}
**Project**: {project name}
**Stack**: {stack}
## Summary
| Module | Issues | Status |
|--------|--------|--------|
| A. Types | {N} errors | PASS / FAIL / SKIP |
| B. Security | {N} issues | PASS / FAIL / SKIP |
| C. Validation | {N} missing | PASS / FAIL / SKIP |
| D. File Size | {N} oversized | PASS / FAIL / SKIP |
| E. Coverage | {N}% coverage | PASS / FAIL / SKIP |
| F. API Docs | {N} undocumented | PASS / FAIL / SKIP |
| G. Architecture | {N} violations | PASS / FAIL / SKIP |
| H. Quality | {N} anti-patterns | PASS / FAIL / SKIP |
## Details
### Module X: {Name}
{Detailed findings per module}
## Recommended Actions
Priority actions to address findings:
1. **[CRITICAL]** {action}
2. **[IMPORTANT]** {action}
3. **[SUGGESTION]** {action}
After generating the report, ask user:
"Found {N} issues. Want to add any as BACKLOG items?"
If yes:
| Problem | Recovery |
|---|---|
| TypeScript not installed | Skip Module A, mark as SKIP |
| No test framework detected | Skip Module E, mark as SKIP |
| No API endpoints found | Skip Modules B, C, F, mark as SKIP |
context/auditorias/ missing | Create directory before writing report |
| Audit report exceeds 400 lines | Split into separate module reports |