Codebase Auditor
Conduct thorough codebase audits to identify critical issues across multiple dimensions.
Audit Workflow
Phase 1: Discovery
- •Identify project type, languages, and frameworks used
- •Locate configuration files, entry points, and core modules
- •Map directory structure and understand architecture
- •Identify existing testing and CI/CD setup
Phase 2: Systematic Investigation
Investigate each category using the checklists in references/. For each category:
- •Read the relevant checklist from
references/ - •Search for patterns matching potential issues
- •Examine suspicious code sections in detail
- •Document findings with severity, location, and evidence
Investigation order (by typical impact):
- •Security - See security-checklist.md
- •Error Handling - See error-handling-checklist.md
- •Concurrency - See concurrency-checklist.md
- •Performance - See performance-checklist.md
- •Code Quality - See code-quality-checklist.md
- •Testing - See testing-checklist.md
- •Dependencies - See dependencies-checklist.md
- •Configuration - See configuration-checklist.md
Phase 3: Report Generation
Generate a Markdown report using the template in assets/report-template.md.
Severity Classification:
| Severity | Criteria |
|---|---|
| Critical | Immediate security risk, data loss, or system failure |
| High | Significant bugs, security issues, or major performance problems |
| Medium | Code quality issues, potential bugs, or moderate performance impact |
| Low | Minor improvements, style issues, or optimization opportunities |
Output Guidelines
- •Include file paths with line numbers for all findings
- •Provide code snippets showing the issue
- •Suggest specific fixes where possible
- •Prioritize findings by severity
- •Group related issues together
- •Include statistics summary at end