aiskillstore/axiom-audit
skills/cygnusfear/axiom-audit/SKILL.md
Audit Axiom logs to identify and prioritize errors and warnings, research probable causes, and flag log smells. Use when user asks to check Axiom logs, analyze production errors, investigate log issues, or audit logging patterns.
$ install --global
skillsauthnpx skillsauth add aiskillstore/marketplace axiom-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 1, 2026, 2:23 AM55.9s2 files scanned
SKILL.md
- name:
- axiom-audit
- description:
- Audit Axiom logs to identify and prioritize errors and warnings, research probable causes, and flag log smells. Use when user asks to check Axiom logs, analyze production errors, investigate log issues, or audit logging patterns.
- allowed-tools:
- Bash, Read, Grep, Write
Axiom Logs Audit Skill
Systematically audit Axiom logs to identify, prioritize, and research errors and warnings.
Setup
Install axiom-mcp:
go install github.com/axiomhq/axiom-mcp@latest
Install mcptools:
# macOS
brew tap f/mcptools
brew install mcp
# Windows/Linux
go install github.com/f/mcptools/cmd/mcptools@latest
Set credentials:
export AXIOM_TOKEN="xaat-your-token"
export AXIOM_ORG_ID="your-org-id" # Optional
Find credentials in repo:
grep -r "AXIOM" . --include="*.env*" --include="*.config.*"
Usage
List datasets:
mcp call listDatasets --params '{"arguments":{}}' ~/go/bin/axiom-mcp
Query APL:
# Query errors
mcp call queryApl --params '{"arguments":{"dataset":"logs","apl":"['\''now-24h'\'':now] | where level == \"error\" | summarize count() by message"}}' ~/go/bin/axiom-mcp
# Query warnings
mcp call queryApl --params '{"arguments":{"dataset":"logs","apl":"['\''now-24h'\'':now] | where level == \"warn\" | summarize count() by message"}}' ~/go/bin/axiom-mcp
Interactive shell (recommended for multiple queries):
mcp shell ~/go/bin/axiom-mcp
Audit Process
1. Identify Dataset
mcp call listDatasets --params '{"arguments":{}}' ~/go/bin/axiom-mcp
Or search codebase for dataset names:
grep -r "axiom.*dataset" . --include="*.ts" --include="*.js"
2. Query Errors & Warnings
Errors:
['now-24h':now]
| where level in ("error", "ERROR", "fatal", "FATAL")
| summarize count() by error_message=coalesce(_error, message, msg), error_type
| order by count_desc
Warnings:
['now-24h':now]
| where level in ("warn", "WARNING", "WARN")
| summarize count() by message
| order by count_desc
Error trends:
['now-7d':now]
| where level in ("error", "ERROR", "fatal", "FATAL")
| summarize count() by bin_auto(_time), error_type
3. Prioritize Errors
Priority scoring:
- P0: CRITICAL + High Frequency (>100/hour)
- P1: CRITICAL + Low Frequency OR HIGH + High Frequency
- P2: HIGH + Low Frequency OR MEDIUM + High Frequency
- P3: MEDIUM + Low Frequency
- P4: LOW
Severity levels:
- CRITICAL: Data loss, security issues, service down
- HIGH: Feature broken, user-facing errors
- MEDIUM: Degraded functionality, intermittent issues
- LOW: Minor warnings, non-critical issues
4. Research Each Error
For each unique error:
- Find source in codebase using Grep
- Read surrounding code to understand context
- Identify probable cause (code bug, infrastructure, data, integration, config)
- Collect evidence from code patterns and related errors
- Flag log smells (see below)
5. Flag Log Smells
- Excessive logging: Same message flooding logs
- Missing context: No request ID, user ID, trace info
- Poor error messages: Vague or unhelpful
- Logged but not handled: Errors logged then ignored
- Inconsistent logging: Different levels for similar issues
- Sensitive data exposure: PII, secrets, tokens in logs
- No stack traces: Errors without stack traces
- Generic catch-all handlers: Hiding real issues
6. Generate Report
Create .audits/axiom-audit-[timestamp].md with:
# Axiom Logs Audit Report
**Date**: [timestamp]
**Time Range**: [start] to [end]
**Total Errors**: X | **Total Warnings**: Y
## Executive Summary
- **P0 Issues**: X (immediate action required)
- **P1 Issues**: Y (urgent)
- **P2 Issues**: Z
- **P3+ Issues**: W
## Prioritized Error List
### P0: [Error Type]
**Occurrences**: X times | **Trend**: [↑/→/↓]
**First Seen**: [timestamp] | **Last Seen**: [timestamp]
**Error Message**:
[Actual error message]
**Source**: `path/to/file.ts:line`
**Probable Cause**: [Analysis]
**Evidence**:
- [Code patterns, related errors]
---
### P1: [Next Error]
[Same structure]
---
## Log Smells Detected
### Excessive Logging
- `[error pattern]` - X,000 times in Y minutes
- **Location**: `file.ts:line`
### Sensitive Data Exposure
- User emails logged in `auth.ts:42`
- **Impact**: Privacy/compliance risk
---
## Error Categories
**Infrastructure**: X% | **Code Bugs**: Y% | **Data Issues**: Z% | **External**: W%
---
## Trend Analysis
**New Errors**: [Errors that appeared recently]
**Increasing**: [Errors with rising frequency]
**Resolved**: [Errors that stopped]
7. Provide Summary
Brief summary for user highlighting:
- P0/P1 count and top issues
- Critical log smells
- Category breakdown
- Link to full report
Critical Rules
- NEVER EDIT FILES - Audit only, no fixes
- NEVER ASSUME - Research each error in codebase
- DO PRIORITIZE - Use consistent priority scoring
- DO IDENTIFY PATTERNS - Group similar errors
- DO FLAG LOG SMELLS - Document logging anti-patterns
- DO PROVIDE EVIDENCE - Support analysis with code/data
Success Criteria
✅ All errors/warnings extracted from Axiom ✅ Prioritized with severity + frequency scoring ✅ Root cause research for each error type ✅ Log smells identified ✅ Categorization and trend analysis complete ✅ Structured report generated
Related Skills
aiskillstore/hig-components-content
development
VerifiedTrustedCommunity
Apple Human Interface Guidelines for content display components. Use this skill when the user asks about charts component, collection view, image view, web view, color well, image well, activity view, lockup, data visualization, content display, displaying images, rendering web content, color pickers, or presenting collections of items in Apple apps. Also use when the user says how should I display charts, what's the best way to show images, should I use a web view, how do I build a grid of items, what component shows media, or how do I present a share sheet. Cross-references: hig-foundations for color/typography/accessibility, hig-patterns for data visualization patterns, hig-components-layout for structural containers, hig-platforms for platform-specific component behavior.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/helpdesk-automation
tools
VerifiedTrustedCommunity
Automate HelpDesk tasks via Rube MCP (Composio): list tickets, manage views, use canned responses, and configure custom fields. Always search tools first for current schemas.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/haskell-pro
testing
VerifiedTrustedCommunity
Expert Haskell engineer specializing in advanced type systems, pure functional design, and high-reliability software. Use PROACTIVELY for type-level programming, concurrency, and architecture guidance.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/graphql
tools
VerifiedTrustedCommunity
GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully.
244SKILL.mdUpdated Apr 10, 2026