ワンクリックで
production-audit
Local-evidence production-readiness audit that scores ship/block risk before a launch without sending repo data anywhere.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Local-evidence production-readiness audit that scores ship/block risk before a launch without sending repo data anywhere.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Build Flutter APK/IPA, generate changelog, update buildlog, and commit version bump. Handles platform selection, build mode, and artifact renaming.
Build Unity APK/IPA on macOS with Unity 6.x — pre-flight checks, version bump, iOS signing params, post-build verification, buildlog, and commit.
Evidence-driven bug investigation and fix pipeline. Use when something is broken, not working, or the root cause is ambiguous.
Two independent reviewers must both approve high-stakes output before it ships, breaking the single-reviewer blind-spot problem.
Team-orchestrated feature development with parallel specialist agents. Use when building a feature that benefits from multiple agents working concurrently. You act as Product Director coordinating the team.
Interactive agent picker for composing and dispatching parallel teams. Browse available agents across domains, pick a roster, dispatch in parallel.
| name | production-audit |
| description | Local-evidence production-readiness audit that scores ship/block risk before a launch without sending repo data anywhere. |
| when_to_use | Use when the user asks "is this production-ready", "what would break in prod", "ready to ship?", "what did we miss", "audit this repo", or wants a pre-deploy / post-merge / pre-launch risk pass — especially when CI is green but real production risk is the question. Skip during active implementation (use the `security-reviewer` agent for line-level secure coding first), for pure libraries/docs/scaffolds, for formal legal/regulatory compliance audits, and when there is no repo/deployment/CI surface to inspect yet. |
| allowed-tools | Read Bash Grep Glob |
Source: adapted from affaan-m/ecc
skills/production-audit(MIT). Maintainer-safe by design: all evidence is local or user-authorized — no repo upload, no unpinned remote scanners.
Engineering triage for "is this safe to ship?" — not legal/financial/medical certification. Build the audit from local and user-authorized evidence only. Do not run unpinned remote code, upload repository contents to third-party services, or call external scanners unless the user explicitly approves that specific tool and data flow.
Start with cheap local signals:
git status --short --branch
git log --oneline --decorate -20
git diff --stat origin/main...HEAD
Then the project-specific surface: package scripts, CI workflows, Docker/deploy manifests; API routes, webhooks, auth middleware, background workers, cron, DB migrations; env-var docs and startup validation; observability/error reporting/health checks; rollback/seed/backfill instructions; E2E coverage of the paths that matter most.
If a deployed URL is in scope, run HTTP/browser checks only against that URL, and avoid credentialed actions unless the user supplies a safe test account.
Security & auth — public/API/admin routes separated; auth + authorization enforced server-side; secrets out of client bundles, logs, and committed files; rate limits / CSRF / CORS / upload validation where needed; AI/agent surface defends against prompt injection and untrusted content crossing into privileged actions.
Data integrity — migrations run forward cleanly with a rollback/recovery plan; destructive migrations/backfills staged safely; DB policies/grants match the tenancy model; writes, jobs, and webhook handlers are idempotent on retry.
Payments & webhooks — signatures verified before trusting payload fields; each fulfillment webhook idempotent; replay / duplicate / out-of-order delivery handled; test vs live credentials separated.
Operations — starts from a clean checkout with documented commands; required env vars named, validated, fail-fast; health check proves dependencies reachable; deploy/rollback/incident-owner paths documented; logs useful without leaking secrets or PII.
User experience — launch-critical paths covered on desktop and mobile; forms usable on mobile; loading/empty/error/permission-denied states explain what happened; a recovery path when a critical operation fails.
Scores force prioritization; they do not imply certainty.
| Band | Score | Meaning |
|---|---|---|
| Blocked | 0–49 | Do not ship until top risks are fixed |
| Risky | 50–69 | Ship only behind a small rollout / internal beta |
| Launchable with caveats | 70–84 | Ship if owners accept the listed risks |
| Strong | 85–100 | No obvious launch blockers from available evidence |
Cap the score at 69 if any of: auth/authorization missing on sensitive data; payment/fulfillment webhooks not idempotent; required migrations can't run safely; secrets exposed in client bundles, logs, or committed files; no rollback path for a high-impact release.
Cap the score at 84 if CI is not green or the launch-critical path was not tested end to end.
Lead with one sentence, then the lists:
Production audit: 76/100, launchable with caveats, with webhook idempotency and rollback docs as the two risks to fix before public launch.
Blockers — must-fix before deployHigh-value fixes — next fixes to raise the scoreEvidence checked — files, commands, CI runs, URL, PRs inspectedEvidence missing — what would change confidence if providedNext action — one concrete fix or verification stepKeep strengths short; the useful answer is the remaining risk and the next action.
npx <pkg>@latest or a remote scanner as the default audit path.security-reviewer agent — line-level secure-coding review during implementation (run first).verification-loop — deterministic build/typecheck/lint gate (this audit assumes you'll run it).adversarial-review — for verifying the audit's own high-stakes conclusions before a launch call.