代码库随着时间推移会积累技术债务、过时的模式和隐藏的漏洞。本技能提供一个系统化的代码审查框架,可以识别弃用、架构、类型和代码异味等方面的问题。
Télécharger le ZIP du skill
Importer dans Claude
Allez dans Paramètres → Capacités → Skills → Importer un skill
Activez et commencez à utiliser
Tester
Utilisation de "audit". Audit the utils directory for issues
Résultat attendu:
- Found 12 files to audit in the utils directory
- 3 deprecations using Buffer() instead of Buffer.from()
- 5 FIXME comments indicating known bugs
- 2 functions exceeding 100 lines of code
- 4 uses of 'any' type hiding potential bugs
- 1 instance of god object in DateHelper.ts
Utilisation de "audit". Run a security-focused audit on the auth module
Résultat attendu:
- Audited 8 files in the auth module
- Found 2 uses of deprecated crypto methods
- Identified 1 hardcoded secret in config file
- Detected 3 instances of missing input validation
- Report saved to .audit/audit-report-[timestamp].md
Audit de sécurité
SûrPure prompt-based skill containing only markdown instructions for systematic code audit methodology. Contains no executable code, network calls, or file system modifications. The static analyzer flagged benign content (documentation, command references, and metadata) as false positives. All 17 detected patterns are harmless - this is a read-only analysis tool.
Facteurs de risque
🌐 Accès réseau (1)
⚙️ Commandes externes (6)
Score de qualité
Ce que vous pouvez construire
评估代码库健康状况
在重构冲刺或架构审查之前评估技术债务和代码质量
发现危险模式
识别可能引入安全漏洞的弃用安全模式和反模式
准备代码审查
系统地审查拉取请求并在团队审查之前发现问题
Essayez ces prompts
Run a quick audit on the files in src/components/
Perform a comprehensive audit of the entire codebase including all TypeScript files
Audit the codebase specifically looking for deprecated security patterns and type vulnerabilities
Audit the codebase for architectural anti-patterns, circular dependencies, and SOLID violations
Bonnes pratiques
- 提前明确指定范围以避免在审核期间遗漏相关文件
- 使用便签板记录跨文件模式以便追踪发现的问题
- 结合手动分析审查自动化工具(tsc、eslint)的结果
Éviter
- 因为文件看起来简单就跳过它们
- 在审核过程中编辑或修复代码而不是只报告发现
- 提供建议而不是专注于客观发现