desloplisted

# Deslop — Code Hardening Skill Systematically audit and harden an existing codebase for production. Designed for AI-generated ("vibe coded") codebases that work superficially but are fragile, sloppy, or insecure under real-world conditions. **This skill operates in two strict phases. Never mix them.** ``` Phase 1: AUDIT → produces AUDIT.md (human-reviewable, machine-parseable) Phase 2: FIX → consumes AUDIT.md → applies fixes in safety order ``` The user provides a codebase (directory path or repo). They may specify focus areas, exclusions, or constraints. If not specified, audit everything. --- ## Phase 1: AUDIT **MANDATORY before starting**: Read the full audit checklist and format spec: ``` Read ~/.claude/skills/deslop/references/checklist.md # 15-category audit checklist with specific patterns Read ~/.claude/skills/deslop/references/audit-format.md # Structured finding format for AUDIT.md ``` The audit runs five sequential passes. Each pass builds on the previous. Never skip a pass — thoroughness matters more than speed. ### Pass 0 — Reconnaissance Map the codebase before judging anything. Do NOT write findings yet. 1. **Generate file tree**: `find . -type f | head -500` or equivalent. Understand the shape. 2. **Classify files**: Source, tests, configs, migrations, infra, docs, generated, vendored. 3. **Identify the stack**: Language(s), framework(s), package manager, build system, runtime. 4. **Build dependency map**: Which files import from