auditlisted

Run a structured code audit on this project. Adapts to the detected stack. **Modes:** - `/audit` — full audit, all relevant axes, all files - `/audit security` (or tests, architecture, etc.) — full audit, single axis - `/audit --changed` — incremental: only files changed since the last audit report - `/audit --since abc123` — incremental: only files changed since the given commit or date - `/audit --changed security` — incremental + single axis - `/audit --dry-run` — full audit, report only, no tickets created - `/audit --dry-run security` — single axis, no tickets ## Step 1 — Context & scope 1. Read `CLAUDE.md` (project root or `.claude/`). If none exists: - Tell the user: "No CLAUDE.md found. Run `/audit-conf` first to generate one, then re-run `/audit`." - Stop. 2. From CLAUDE.md, extract: - **Stack** (languages, frameworks, DB, infra) - **Build/test commands** - **Project conventions** 3. Check for previous audit reports: - `ls -t audit-reports/*.md 2>/dev/null | head -1` - If found → note the filename and its date, used for delta comparison in Step 7 4. Parse arguments and determine mode: **Incremental mode** (if `--changed` or `--since` in arguments): - `--changed`: find the date of the last audit report. If none exists, tell the user "No previous audit found — running full audit instead." and fall back to full mode. Get changed files: `git diff --name-only --diff-filter=ACMR $(git log --since="YYYY-MM-DD" --format=%H | tail -1)..H