bjornmelin/dash-audit
skills/dash-audit/SKILL.md
Audit Dash apps for callback hazards, state flow risks, layout and accessibility issues, and Dash-specific UX regressions. Use when the user asks for a Dash callback review, Dash UI audit, Dash web-interface audit, or a read-first remediation plan for a Dash app. Do not use for generic React or Next.js UI review.
$ install --global
skillsauthnpx skillsauth add bjornmelin/dev-skills dash-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 13, 2026, 3:38 AM143.1s6 files scanned
SKILL.md
- name:
- dash-audit
- description:
- Audit Dash apps for callback hazards, state flow risks, layout and accessibility issues, and Dash-specific UX regressions. Use when the user asks for a Dash callback review, Dash UI audit, Dash web-interface audit, or a read-first remediation plan for a Dash app. Do not use for generic React or Next.js UI review.
Dash Audit
Use this skill for read-first Dash audits. It owns Dash callback review, Dash UI/state review, and prioritized remediation guidance.
Workflow
- Read the repo
AGENTS.md. - Run
/home/bjorn/.codex/skill-support/bin/ui-audit-preflight dash-callback-map --cwd <repo> --out <json>. - When machine-readable evidence is useful, adapt the callback map into the
shared contract:
python3 <skill_root>/scripts/dash_ui_audit_adapter.py --input <json> --pretty. - Read only the Dash references you need:
references/dash-callbacks.mdfor callback graph and state hazards.references/dash-ui.mdfor layout, responsiveness, accessibility, and interaction review.
- Inspect only the files surfaced by the preflight plus any directly implicated layout, component, or callback modules.
- Report grouped findings with the highest-risk callback and regression issues first.
- If the user asks for fixes, keep remediation scoped and verify the affected path with repo-native commands.
Use When
- The task is a Dash callback audit.
- The task is a Dash web UI, state, or layout review.
- The user wants a read-first remediation plan for a Dash app.
Do Not Use When
- The task is a general web or Next.js UI audit.
- The task is platform architecture with no Dash review need.
- The task is only backend, dependency, or docs work.
Outputs
- executive summary
- grouped findings by category and file
- prioritized fixes
- callback graph or regression-risk notes when useful
- scorecard or risk summary when useful
UI Audit Contract
Use ui_audit.v1 for structured Dash findings. The adapter treats callback map
rows as observations and emits actionable findings only when the preflight
evidence indicates a likely callback registration issue, such as a callback
decorator with no detected Output.
Keep absolute repository roots redacted as <scan-root> in shared evidence.
Use the full JSON locally; paste only the specific redacted findings needed for
review comments or issue updates.
Related Skills
bjornmelin/kimi-ui-advisor
tools
VerifiedTrustedCommunity
Explicit-only Kimi Code CLI frontend/UI advisor for UI audits, redesigns, components, screenshots, before/after comparison, layout, styling, accessibility, responsive behavior, and visual polish. Use only when the user explicitly invokes `$kimi-ui-advisor` and wants Codex to ask Kimi for structured UI suggestions, then review, apply, and verify them in the repo.
2SKILL.mdUpdated May 28, 2026
bjornmelin/autoreview
development
VerifiedTrustedCommunity
Run a Codex-only structured code review closeout for local, branch, or commit diffs. Use when the user asks for autoreview, Codex review, structured closeout review, final review before commit/ship, or review after non-trivial code edits.
2SKILL.mdUpdated May 28, 2026
bjornmelin/firecrawl
tools
VerifiedTrustedCommunity
Use this skill for Firecrawl CLI web work: web search, URL scraping, site mapping, crawling, structured extraction, page interaction, monitoring changes, offline site download via x download, and parsing local documents such as PDF, DOCX, XLSX, HTML, DOC, ODT, or RTF. Trigger for requests to search the web, look up current info, fetch/read/scrape a URL, extract website data, crawl docs, click/fill/login/paginate a page, monitor page changes, save a site offline, or parse a document. Do not trigger for generic local file reads/edits, git/deploy/code tasks, or Firecrawl app integration work.
2SKILL.mdUpdated May 26, 2026
bjornmelin/sentry-triage-to-pr
tools
VerifiedTrustedCommunity
Triage unresolved Sentry issues into ranked groups, GitHub issue plans, branches, subspawn worktree assignments, PRs, and closeout loops using the sentry CLI, GitHub CLI, and local verification. Use when asked to prioritize Sentry backlogs, group production issues, create GitHub issues or PRs from Sentry evidence, or parallelize Sentry fixes.
2SKILL.mdUpdated May 14, 2026