Provides code auditing methodology, checklists, and best practices. Use when user asks to "audit code", "find technical debt", "security review", "identify dead code", "analyze code quality", or "check best practices".
View on GitHubplugins/codebase-health/skills/code-auditing/SKILL.md
January 25, 2026
Select agents to install to:
npx add-skill https://github.com/jeffrigby/somepulp-agents/blob/main/plugins/codebase-health/skills/code-auditing/SKILL.md -a claude-code --skill code-auditingInstallation paths:
.claude/skills/code-auditing/# Code Auditing Skill Comprehensive methodology for systematic code quality audits. ## When to Use - Comprehensive code quality audits - Security vulnerability assessments - Technical debt identification - Pre-release code reviews - Best practices verification - Library and dependency audits ## Audit Phases ### Phase 0: Pre-Analysis Setup 1. Check for project configuration files (package.json, tsconfig.json, etc.) 2. Identify tech stack and main libraries 3. Check for linting/formatting configs 4. Run existing linting/testing commands as baseline 5. Load documentation for identified core libraries ### Phase 1: Discovery 1. Find all code files by type 2. Create tracking list for each file 3. Group files by module/feature for contextual analysis ### Phase 2: File-by-File Analysis For each file, analyze for: - Dead code (unused functions, variables, imports) - Code smells and anti-patterns - Custom implementations that could use established libraries - Security vulnerabilities - Performance issues - Outdated patterns or deprecated APIs - Missing error handling - Overly complex functions - Duplicate code ### Phase 3: Best Practices Verification For every library and framework: 1. Retrieve official documentation 2. Compare implementation against official patterns 3. Identify deviations from recommendations 4. Note outdated usage patterns 5. Flag discouraged anti-patterns ### Phase 4: Pattern Detection Look for recurring issues: - Common anti-patterns across files - Duplicated logic that could be abstracted - Inconsistent coding styles - Missing error handling patterns ### Phase 5: Library Recommendations For custom implementations: 1. Check if current libraries provide the functionality 2. Search for mature ecosystem packages 3. Verify library health (commits, issues, activity) 4. Check compatibility with project setup ### Phase 6: Comprehensive Report Generate detailed report with: - Executive summary - Critical issues requiring immediate attention - File-by-