rails-auditlisted

Use when auditing, reviewing, or doing a health-check of an existing/inherited Rails app — onboarding to a legacy codebase, assessing technical debt, or a pre-engagement code review. Orchestrates the deep-dive rails-* skills and produces a severity-ranked report. Triggers on: code audit, app review, legacy/inherited Rails app, technical debt assessment, 'review my Rails app'.
mickzijdel/rails-toolkit · ★ 0 · AI & Automation · score 70

Install: claude install-skill mickzijdel/rails-toolkit

# Rails App Audit ## Overview A top-level health-check for an **existing** Rails app — inheriting a legacy codebase, onboarding to an unfamiliar project, or doing a pre-engagement review. This skill is the entry point for *reviewing* an app, the counterpart to [[rails-core]] which is the entry point for *writing* one. It **orchestrates**: it owns the broad health-check items nothing else covers (version pinning, dependency CVEs, exposed secrets, seeds, tech-debt) and hands off the deep dives to the specialist skills ([[rails-database-performance]], [[rails-security]], [[rails-performance]], [[rails-testing]], [[rails-upgrade]]). Do **not** re-derive what those skills already do — run the cheap detection here, then delegate the fix. The audit ends in a **written, severity-ranked report** (see [Producing the Report](#producing-the-report)). ## How to Run This Audit 1. Confirm you are at the app root (`Gemfile`, `app/`, `config/` present). 2. Work through every numbered section below — do not stop early. 3. For **each** finding, record three things: - **Severity** — 🔴 high (security / data loss / broken in prod), 🟡 medium (tech debt, performance, missing safety net), 🟢 low (polish, style, docs). - **Location** — `file:line` (the audit must point at real code, not generalities). - **Fix** — the concrete remediation, and **which skill owns the deep fix** if it's a delegated area. 4. When a section hands off to another skill (shown as "→ [[skill-name]]"), run only