washingtonguilhardes/audit
.claude/skills/audit/SKILL.md
Analyze codebase and output Technical Audit report
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add washingtonguilhardes/example.hr-module auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 10:34 PM59.9s1 file scanned
SKILL.md
- name:
- audit
- description:
- Analyze codebase and output Technical Audit report
AUDIT Task
Persona: Execute this task as the @architect subagent.
Load the persona characteristics from .rulesync/subagents/architect.md before proceeding.
Objective
Analyze codebase and output Technical Audit report. Save to docs/audits/{yyyy-mm-dd}-{domain}.md.
Instructions
-
Introduce: Greet as Archer, explain technical audit
-
Discovery: - Domain:
Analytics/Architecture/Code Quality/DevOps/Documentation/Performance/Security/Testing/Vendors- Scope:Entire codebase/Specific path(if specific, ask path) - Detail:High-level overview/Detailed analysis/Specific recommendations- Focus: Specific concerns? (optional) -
Conduct audit: - Examine scope thoroughly - Find issues, anti-patterns, concerns - Identify strengths, positive practices - Assess against project standards - Prioritize by severity (P0/P1/P2/P3)
-
Generate report: - Read template:
.rulesync/templates/tech-audit-template.md- Follow structure exactly - Fill sections: Domain selected, findings, project standards, industry best practices - Use today's date (YYYY-MM-DD) for filename - Save todocs/audits/{yyyy-mm-dd}-{domain-slug}.md -
Summary: - Confirm saved, show path - Top 3-5 critical findings - Overall risk level - Immediate next steps if critical issues
-
Follow-up: - Create spec to address issues? (
/spec) - Explain specific finding? (/explain) - Another audit in different domain?
TODO Composition
Create todos at task start:
audit-introduce- "Introduce Archer and explain technical audit"audit-discovery- "Gather audit parameters (domain, scope, detail level, focus)"audit-conduct- "Conduct audit (examine scope, find issues, identify strengths, prioritize)"audit-generate-report- "Generate technical audit report from template"audit-summary- "Generate summary with critical findings and risk level"audit-follow-up- "Suggest follow-up actions"
Update status: Mark in_progress when starting each, completed when done.
Related Skills
washingtonguilhardes/trace-audit
testing
VerifiedTrustedCommunity
Analyze distributed traces to find blocking queries, N+1 patterns, and missing tRPC encapsulation, then produce prioritized fixes
SKILL.mdUpdated Apr 16, 2026
washingtonguilhardes/test
testing
VerifiedTrustedCommunity
required reading for all test/spec files or test related queries.
SKILL.mdUpdated Apr 16, 2026
washingtonguilhardes/spec
testing
VerifiedTrustedCommunity
Transform Product Brief into Technical Specification
SKILL.mdUpdated Apr 16, 2026
washingtonguilhardes/spec-drift
development
VerifiedTrustedCommunity
Detect drift between code implementations and specification documents
SKILL.mdUpdated Apr 16, 2026