auditlisted

Audit a codebase for bugs, report findings BEFORE changing anything, then on approval fix, verify with a build/tests, and commit + push. Use when the user asks to "audit the codebase", "find bugs", "audit and fix", or run their standard audit-fix-verify-push loop.
aljazfrancic/claude-audit-skill · ★ 0 · Data & Documents · score 72

Install: claude install-skill aljazfrancic/claude-audit-skill

# Bug Audit → Fix → Verify → Push A disciplined, findings-first audit loop. The cardinal rule: **surface findings before you start editing.** Do not disappear into a long silent file-reading phase — keep the user in the loop and show results early. ## Workflow 1. **Scope fast, read smart.** - If the codebase is large, spawn parallel `Explore`/task agents to map it rather than reading every file serially on the main thread. Get to findings quickly. - Focus on likely bug categories for the stack at hand (e.g. navigation/lifecycle races, API pagination/read limits, edge-to-edge UI clipping, null/edge-case handling, resource leaks, lint/type errors, markdown link correctness). 2. **Report findings — then STOP.** - Present a concise **numbered list** of issues: file:line, what's wrong, severity, and the proposed fix in one line each. - **Do not change anything yet.** Wait for the user to confirm or pick which to fix. - If the user has pre-approved autonomous execution for this run, you may proceed — but still print the findings list first so it's visible. 3. **Fix.** - Apply the approved fixes. Match the surrounding code style. Don't introduce new features unless the user approves them. 4. **Verify — in the user's real environment.** - Run the actual build/test command (gradle, pytest, latexmk, npm, etc.). - On Windows, test in **PowerShell**, not just git bash. Watch for platform quirks (non-ASCII filenames/jobnames