bereniketech/aios-audit
skills/core/aios-audit/SKILL.md
Score your AIOS health across the Four C's (Context, Connections, Capabilities, Cadence). Returns a 0–4 score with one recommended next action per gap. Appends results to context/aios-audit-log.md for delta tracking.
testing
Updated May 3, 2026
$ install --global
skillsauthnpx skillsauth add bereniketech/claude_kit aios-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 3, 2026, 3:57 AM115.3s1 file scanned
SKILL.md
- name:
- aios-audit
- description:
- Score your AIOS health across the Four C's (Context, Connections, Capabilities, Cadence). Returns a 0–4 score with one recommended next action per gap. Appends results to context/aios-audit-log.md for delta tracking.
AIOS Audit
1. Run the Four Tests
Score each pillar 1 (pass) or 0 (fail).
C1 — Context
Read context/about-business.md, context/about-me.md, context/priorities.md.
| Check | Pass if | |---|---| | All 3 files exist and are populated | Content beyond section headers present in each file | | Claude can answer "who are you and what do you run?" from files alone | Answer matches actual identity without asking the user |
Fail action: /aios-onboard
C2 — Connections
Read context/connections.md. Check the Status column.
| Check | Pass if |
|---|---|
| At least 3 buckets have live status | Connections map has real API access, not just documented-only |
| Claude can answer "what's on my plate today?" by pulling live data | Reads tasks or calendar without the user pasting data |
Fail action: /aios-connect <highest-priority unwired bucket tool>
C3 — Capabilities
Read .kit/skills/ and context/ for evidence of SOP-backed skills.
| Check | Pass if | |---|---| | At least one skill exists for the project's primary workflow | A SKILL.md covers the most common repetitive task | | Running the skill produces correct output without micromanagement | No step-by-step prompting required |
Fail action: Identify the most repetitive task from context/about-me.md → propose a new skill for it
C4 — Cadence
Check for scheduled agents: CronCreate entries, Inngest cron functions in lib/inngest/aios-*.ts, GitHub Actions workflows with schedule: trigger.
| Check | Pass if |
|---|---|
| At least one scheduled agent exists | Something runs automatically without a manual trigger |
| context/ contains a file deposited by an automated agent | e.g. standup-*.md, analytics-snapshot.md |
Fail action: /aios-cadence
2. Score and Report
AIOS Audit — [date]
Context [PASS/FAIL] [one-line finding]
Connections [PASS/FAIL] [one-line finding]
Capabilities [PASS/FAIL] [one-line finding]
Cadence [PASS/FAIL] [one-line finding]
Score: N/4
Recommended next action: [single most impactful gap — one sentence]
Rule: Give exactly one next action, not a list. The user must be able to act immediately without deciding.
3. Delta Tracking
If context/aios-audit-log.md exists, read the last entry and report the delta:
Previous: N/4 ([date])
Current: M/4 ([date])
Change: +X (Connections and Cadence improved)
Append the new result to context/aios-audit-log.md — never overwrite.
## Audit — [date]
Score: N/4
Context: PASS/FAIL — [finding]
Connections: PASS/FAIL — [finding]
Capabilities: PASS/FAIL — [finding]
Cadence: PASS/FAIL — [finding]
Next: [recommended action]
Related Skills
bereniketech/anti-reversing-techniques
testing
VerifiedTrustedCommunity
AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.
SKILL.mdUpdated May 3, 2026
bereniketech/active-directory-attacks
testing
Community
Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.
SKILL.mdUpdated May 3, 2026
bereniketech/zeroize-audit
development
VerifiedTrustedCommunity
Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing C/C++/Rust code handling secrets, keys, passwords, or other sensitive data.
SKILL.mdUpdated May 3, 2026
bereniketech/wcag-audit-patterns
development
VerifiedTrustedCommunity
Comprehensive guide to auditing web content against WCAG 2.2 guidelines with actionable remediation strategies.
SKILL.mdUpdated May 3, 2026