levnikolaevich/ln-613-code-comments-auditor
skills-catalog/ln-613-code-comments-auditor/SKILL.md
Checks inline code documentation quality: WHY-not-WHAT, density, forbidden content, docstrings quality, actuality, legacy cleanup. Use when auditing comments and docstrings.
$ install --global
skillsauthnpx skillsauth add levnikolaevich/claude-code-skills ln-613-code-comments-auditorInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 11:39 AM29.8s2 files scanned
SKILL.md
- name:
- ln-613-code-comments-auditor
- description:
- Checks inline code documentation quality: WHY-not-WHAT, density, forbidden content, docstrings quality, actuality, legacy cleanup. Use when auditing comments and docstrings.
- allowed-tools:
- Read, Grep, Glob, Bash, mcp__hex-line__outline, mcp__hex-line__read_file
- license:
- MIT
- model:
- claude-sonnet-4-6
Paths: File paths (
shared/,references/,../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root. Ifshared/is missing, fetch files via WebFetch fromhttps://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}.
Inline Code Documentation Auditor (L3 Worker)
Type: L3 Worker
Specialized worker auditing inline code documentation quality: comments, docstrings, and language-specific documentation blocks.
Purpose & Scope
- Audit inline code documentation for quality and compliance across 6 categories
- Universal for any tech stack (auto-detect comment syntax)
- Return structured findings to coordinator with severity, location, recommendations
- Calculate compliance score (X/10) for Inline Code Documentation category
- Scope is limited to comments/docstrings/JSDoc/XML docs
- Out of scope: code design quality, naming quality, test quality, architecture quality, or feature correctness except where comments contradict code
Inputs
MANDATORY READ: Load shared/references/audit_worker_core_contract.md and shared/references/mcp_tool_preferences.md.
Receives contextStore with: tech_stack, project_root, output_dir.
Workflow
- Parse Context: Extract tech stack, project root, output_dir from contextStore
- Scan: Find all source files (use
tech_stackfor detection) Hex-line primary path: Useoutline(file_path)and discovery-firstread_file()for code files before analyzing comments. Useedit_ready=true, verbosity="full"only if the audit turns into a follow-up edit. Do not usehex-graphhere - comment quality is a code-reading problem, not a semantic graph problem. - Extract: Parse inline comments + docstrings/JSDoc
- Audit: Run 6 category checks (see Audit Categories below)
- Collect Findings: Record each violation with severity, location (file:line), effort estimate (S/M/L), recommendation
- Calculate Score: Count violations by severity, calculate compliance score (X/10)
- Write Report: Build full markdown report per
shared/templates/audit_worker_report_template.md, write to{output_dir}/ln-613--global.mdin single Write call - Return Summary: Return minimal summary to coordinator (see Output Format)
Audit Categories
| # | Category | What to Check | |---|----------|---------------| | 1 | WHY not WHAT | Comments explain rationale, not obvious code behavior; no restating code | | 2 | Density (15-20%) | Comment-to-code ratio within range; not over/under-commented | | 3 | No Forbidden Content | No dates/authors; no historical notes; no code examples in comments | | 4 | Docstrings Quality | Match function signatures; parameters documented; return types accurate | | 5 | Actuality | Comments match code behavior; no stale references; examples runnable | | 6 | Legacy Cleanup | No TODO without context; no commented-out code; no unsupported notes |
Scoring Algorithm
MANDATORY READ: Load shared/references/audit_worker_core_contract.md and shared/references/audit_scoring.md.
Output Format
MANDATORY READ: Load shared/references/audit_worker_core_contract.md and shared/templates/audit_worker_report_template.md.
Write JSON summary per shared/references/audit_summary_contract.md. In managed mode the caller passes both runId and summaryArtifactPath; in standalone mode the worker generates its own run-scoped artifact path per shared contract.
Write report to {output_dir}/ln-613--global.md with category: "Inline Code Documentation" and checks: why_not_what, density, forbidden_content, docstrings_quality, actuality, legacy_cleanup.
Return summary per shared/references/audit_summary_contract.md.
When summaryArtifactPath is absent, write the standalone runtime summary under .hex-skills/runtime-artifacts/runs/{run_id}/evaluation-worker/{worker}--{identifier}.json and optionally echo the same summary in structured output.
Report written: .hex-skills/runtime-artifacts/runs/{run_id}/audit-report/ln-613--global.md
Score: X.X/10 | Issues: N (C:N H:N M:N L:N)
Severity mapping:
| Issue Type | Severity | |------------|----------| | Author names, dates in comments | CRITICAL | | Commented-out code blocks | HIGH | | Stale/outdated comments | HIGH | | Obvious WHAT comments | MEDIUM | | Density deviation >5% | MEDIUM | | Minor density deviation | LOW |
Critical Rules
MANDATORY READ: Load shared/references/audit_worker_core_contract.md.
- Do not auto-fix: Report violations only; coordinator aggregates for user
- Fix code, not rules: NEVER modify rules files (*_rules.md, *_standards.md) to make violations pass
- Code is truth: When comment contradicts code, flag the documentation for update; do not turn this into a general code-quality review
- WHY > WHAT: Comments explaining obvious behavior should be removed
- Universal: Works with any language; detect comment syntax automatically
- Location precision: Always include
file:linefor programmatic navigation
Definition of Done
MANDATORY READ: Load shared/references/audit_worker_core_contract.md.
- [ ] contextStore parsed successfully (including output_dir)
- [ ] All source files scanned (tech stack from contextStore)
- [ ] All 6 categories audited
- [ ] Findings collected with severity, location, effort, recommendation
- [ ] Score calculated using penalty algorithm
- [ ] Report written to
{output_dir}/ln-613--global.md(atomic single Write call) - [ ] Summary written per contract
Reference Files
- Comment rules and patterns: references/comments_rules.md
Version: 4.0.0 Last Updated: 2026-03-01
Related Skills
levnikolaevich/ln-629-runtime-lifecycle-config-auditor
testing
VerifiedTrustedCommunity
Checks runtime lifecycle and config validation: bootstrap, shutdown, probes, cleanup, env sync, and fail-fast startup. Use for runtime readiness.
479SKILL.mdUpdated May 30, 2026
levnikolaevich/ln-628-concurrency-correctness-auditor
testing
VerifiedTrustedCommunity
Checks races, deadlocks, async hazards, TOCTOU, blocking I/O, and shared resource contention. Use when auditing concurrency correctness.
479SKILL.mdUpdated May 30, 2026
levnikolaevich/ln-627-diagnosability-auditor
testing
VerifiedTrustedCommunity
Checks diagnosability through structured logs, metrics, traces, correlation IDs, and useful log levels. Use when auditing incident visibility.
479SKILL.mdUpdated May 30, 2026
levnikolaevich/ln-626-dead-code-pruning-auditor
development
VerifiedTrustedCommunity
Finds code that can be safely deleted: unreachable, unused, obsolete compatibility, and commented-out code. Use when pruning dead code.
479SKILL.mdUpdated May 30, 2026