com um clique
audit
System-wide code audit with 8 modules
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Menu
System-wide code audit with 8 modules
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Finish feature with tests, commit, and session closure
Start feature with branch and session tracking
Interactive wizard to configure the project
Environment-aware deployment with pre/post checks
Methodical codebase exploration and understanding
Bug fix workflow with 3-hypothesis debugging protocol
Baseado na classificação ocupacional SOC
| name | audit |
| description | System-wide code audit with 8 modules |
| argument-hint | ["module-letter|all"] |
| allowed-tools | Bash(tsc:*), Bash(*test*), Bash(*lint*), Read, Write, Edit, Glob, Grep |
Run a comprehensive system audit. Can run all modules or a specific one.
Usage:
/audit or /audit all — Run all modules/audit A — Run only Types module/audit B C — Run specific modulesRead .claude/project.config.json:
{maxFileLines} = config.workflow.maxFileLines (default: 400){maxFunctionLines} = config.workflow.maxFunctionLines (default: 50){testCmd} = config.commands.test{stack} = config.project.stack{coverageThreshold} = config.workflow.coverageThreshold (default: 80)Detect project characteristics:
tsconfig.jsonpackage.json dependenciesGoal: Zero type errors.
npx tsc --noEmit 2>&1 | head -50
Goal: No unprotected endpoints or queries.
Find all API route/endpoint files:
Glob: src/api/**/*.ts, src/routes/**/*.ts, src/**/controller*.ts
For each endpoint, verify:
Find raw SQL or ORM queries without filters:
Grep: "\.query\(|\.raw\(|\.execute\(" in src/
Grep: "findMany|findAll" without "where" clause
Report unprotected endpoints and unfiltered queries.
Goal: All inputs validated at system boundaries.
Find controller/route handler functions:
Grep: "@Body|@Query|@Param|req\.body|req\.query|req\.params" in src/
For each input point, verify:
Report unvalidated inputs with file:line references.
Goal: Enforce maxFileLines and maxFunctionLines.
Scan all source files:
Glob: src/**/*.{ts,tsx,js,jsx,py,go,rs}
For each file:
{maxFileLines}{maxFunctionLines}Report oversized files and functions with line counts and suggested split points.
Goal: Business logic files have corresponding test files.
Find business logic files:
Glob: src/services/**/*.*, src/domain/**/*.*, src/use-cases/**/*.*
For each business file, check for corresponding test:
Glob: tests/**/*{filename}*, src/**/*{filename}.test.*, src/**/*{filename}.spec.*
Report:
{with tests}/{total} = {%}{coverageThreshold}%Goal: All endpoints are documented.
Find all endpoint definitions:
Grep: "@Get|@Post|@Put|@Delete|@Patch|router\.(get|post|put|delete|patch)" in src/
For each endpoint, check for documentation:
@ApiOperation, @ApiResponse)Report undocumented endpoints.
Goal: Files follow the established project structure.
Detect the architecture pattern:
Find files that don't fit the pattern:
Report architectural violations with suggested correct locations.
Goal: No anti-patterns in production code.
Search for common anti-patterns:
Grep: "any" (as type annotation, not in strings/comments)
Grep: "@ts-ignore|@ts-nocheck" in src/ (not in tests)
Grep: "console\.log|console\.debug|console\.info" in src/ (not in logger files)
Grep: "TODO|FIXME|HACK|XXX" in src/
Grep: "eslint-disable" in src/
Report each finding with file:line and context.
Generate report in context/auditorias/YYYY-MM-DD-{module|full}.md:
# Audit Report: {date}
**Scope**: {modules run}
**Project**: {project name}
**Stack**: {stack}
## Summary
| Module | Issues | Status |
|--------|--------|--------|
| A. Types | {N} errors | PASS / FAIL / SKIP |
| B. Security | {N} issues | PASS / FAIL / SKIP |
| C. Validation | {N} missing | PASS / FAIL / SKIP |
| D. File Size | {N} oversized | PASS / FAIL / SKIP |
| E. Coverage | {N}% coverage | PASS / FAIL / SKIP |
| F. API Docs | {N} undocumented | PASS / FAIL / SKIP |
| G. Architecture | {N} violations | PASS / FAIL / SKIP |
| H. Quality | {N} anti-patterns | PASS / FAIL / SKIP |
## Details
### Module X: {Name}
{Detailed findings per module}
## Recommended Actions
Priority actions to address findings:
1. **[CRITICAL]** {action}
2. **[IMPORTANT]** {action}
3. **[SUGGESTION]** {action}
After generating the report, ask user:
"Found {N} issues. Want to add any as BACKLOG items?"
If yes:
| Problem | Recovery |
|---|---|
| TypeScript not installed | Skip Module A, mark as SKIP |
| No test framework detected | Skip Module E, mark as SKIP |
| No API endpoints found | Skip Modules B, C, F, mark as SKIP |
context/auditorias/ missing | Create directory before writing report |
| Audit report exceeds 400 lines | Split into separate module reports |