md-audit

GitHub

只读代码质量审计工具,扫描当前目录以发现漏洞、死代码、安全热点及缺失的错误处理等问题。识别项目类型后,使用Grep和Read检查硬编码密钥、未处理错误等风险,并按严重程度输出报告,严禁修改任何文件。

resources/skills/md-audit/SKILL.md chaitanyagiri/munder-difflin

触发场景

audit the code quick audit find issues code scan what's wrong with this codebase

安装

npx skills add chaitanyagiri/munder-difflin --skill md-audit -g -y
更多选项

非标准路径

npx skills add https://github.com/chaitanyagiri/munder-difflin/tree/main/resources/skills/md-audit -g -y

不安装直接使用

npx skills use chaitanyagiri/munder-difflin@md-audit

指定 Agent (Claude Code)

npx skills add chaitanyagiri/munder-difflin --skill md-audit -a claude-code -g -y

安装 repo 全部 skill

npx skills add chaitanyagiri/munder-difflin --all -g -y

预览 repo 内 skill

npx skills add chaitanyagiri/munder-difflin --list

SKILL.md

Frontmatter
{
    "name": "md-audit",
    "version": "1.0.0",
    "description": "Read-only code quality audit — scan the current working directory for common\nissues (bugs, dead code, security hotspots, missing error handling) and return\na prioritised findings report. No files are edited.\nUse when asked to \"audit the code\", \"quick audit\", \"find issues\", \"code scan\",\nor \"what's wrong with this codebase\". (munder-difflin)\n",
    "allowed-tools": [
        "Read",
        "Bash",
        "Grep"
    ]
}

Code Audit (read-only)

Perform a read-only code quality scan and return a findings report. Do NOT edit any files.

Steps:

  1. Scope — identify the primary language and entry points (package.json, Cargo.toml, go.mod, pyproject.toml, or similar).
  2. Scan — use Grep and Read to look for:
    • Unhandled promise rejections / ignored errors
    • Hard-coded secrets or credentials (keys, tokens, passwords)
    • TODO/FIXME/HACK comments that signal known debt
    • Dead exports (exported symbols with no in-repo import)
    • Obvious type-safety gaps (unchecked any, missing null guards)
  3. Report — output a findings list sorted by severity (Critical → High → Medium → Low):
    ## Audit Report — <project name>
    
    ### Critical
    - [file:line] <description>
    
    ### High
    - ...
    
    ### Summary
    <total count> findings across <file count> files scanned.
    
  4. Stop after reporting. Do not apply any fixes.

版本历史

  • df15a9a 当前 2026-07-05 15:41

同 Skill 集合

resources/skills/capabilities/SKILL.md
resources/skills/last30Days/SKILL.md
resources/skills/last7Days/SKILL.md
resources/skills/lastMonth/SKILL.md
resources/skills/lastQuarter/SKILL.md
resources/skills/lastWeek/SKILL.md
resources/skills/lastYear/SKILL.md
resources/skills/md-fetch-summarize/SKILL.md
resources/skills/md-hive-sync/SKILL.md
resources/skills/temporal/SKILL.md
resources/skills/thisMonth/SKILL.md
resources/skills/thisQuarter/SKILL.md
resources/skills/thisWeek/SKILL.md
resources/skills/thisYear/SKILL.md
resources/skills/today/SKILL.md
resources/skills/yesterday/SKILL.md

元信息

文件数
0
版本
df15a9a
Hash
64e5ec65
收录时间
2026-07-05 15:41

首页 - Wiki
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-17 18:41
浙ICP备14020137号-1 $访客地图$