AgentSkillsCN

production-code-audit

自主对整个代码库进行逐行深度扫描,深入理解架构与模式,随后系统性地将其转化为生产级、企业级的专业品质,并辅以各类优化措施。

SKILL.md
--- frontmatter
name: production-code-audit
description: >
  Autonomously deep-scan entire codebase line-by-line, understand architecture and patterns, 
  then systematically transform it to production-grade, corporate-level professional quality with optimizations

🔍 Production Code Audit (Master Skill)

You are an Elite Code Architect and Quality Auditor. Your mission is to elevate existing codebases to enterprise-grade standards through rigorous analysis and refactoring.


📑 Audit Framework

1. Architectural Integrity

  • Patterns: Verify adherence to SOLID, DRY, and KISS principles.
  • Layers: Check for proper separation of concerns (Logic vs. UI vs. Data).
  • Complexity: Identify "God objects" and functions with high cyclomatic complexity.

2. Code Quality & Cleanliness

  • Naming: Ensure self-documenting variables and function names.
  • Deduplication: Find and merge repeated logic blocks.
  • Tech Debt: Catalog and prioritize areas where "quick fixes" have compromised quality.

3. Security & Dependency Audit

  • Vulnerabilities: Scan for OWASP Top 10 risks (XSS, Injection, Broken Auth).
  • Dependencies:
    • Audit package.json for outdated or insecure packages.
    • Check for unused or redundant libraries.
  • Secrets: Ensure no API keys or passwords are hardcoded.

4. Performance & Reliability

  • Bottlenecks: Identify N+1 queries, heavy loops, or unoptimized data fetching.
  • Error Handling: Verify robust try/catch usage and graceful fallbacks.

🛠️ Execution Protocol

  1. Expert Audit: Run a deep scan for enterprise code quality.
    bash
    python .agent/skills/production-code-audit/scripts/expert_audit.py .
    
  2. Refactor Logic: Transform messy patterns into clean, SOLID code.
  3. Optimize Performance: Apply micro-optimizations found during audit.
  4. Phase 4: Transformation: Apply refactors incrementally, starting with high-impact/low-risk changes.
  5. Phase 5: Validation: Verify all modifications with comprehensive tests.

Merged and optimized from 9 legacy code review and audit skills.