audit-loop_skill

This skill automates an iterative audit-fix loop for changed files, detecting issues and re-auditing until clean.

7

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

3 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill proxiblue/claude-skills --skill audit-loop

  • SKILL.md3.7 KB

Overview

This skill runs an automated, iterative audit-and-fix loop focused on the files you recently edited. It spawns three parallel audits—performance, security, and code quality—fixes any Critical or High findings, and repeats until the changed files are clean or a max iteration limit is reached. Invoke with /audit-loop to run the process on staged and unstaged changes.

How this skill works

The skill detects changed files via git diff (HEAD and cached) and filters to auditable extensions (.php, .phtml, .xml). It starts a Ralph Wiggum loop that runs three parallel subagents for performance, security, and code quality audits, collects severity-labeled findings, and automatically applies fixes for Critical and High issues. After fixes it compiles PHP changes and flushes caches, then re-runs audits up to five iterations or until no Critical/High findings remain.

When to use it

  • Before committing a feature or refactor to catch regressions early
  • When you want a hands-off audit-and-fix cycle for recently edited files
  • To verify performance, security, and quality concerns focused only on changed code
  • When you need automated re-auditing until Critical/High issues are resolved

Best practices

  • Run on the branch containing your work before pushing to remote
  • Stage any files you want audited so both staged and unstaged changes are detected
  • Review automated fixes before committing, especially for behavioral changes
  • Ensure your development environment can run bin/magento commands used for compile and cache flush
  • Limit edits to relevant files per audit (.php, .phtml, .xml) to keep audits focused

Example use cases

  • After refactoring a checkout flow, run /audit-loop to catch N+1, escaping, or PSR violations in changed files
  • When adding a new controller or model, ensure security and code quality fixes are applied automatically
  • Before opening a pull request, run the loop to ensure no Critical/High findings remain in modified files
  • Use during a rapid iteration cycle to automatically apply urgent fixes and re-audit until clean

FAQ

Only files returned by git diff --name-only HEAD and git diff --name-only --cached, filtered to .php, .phtml, and .xml are audited.

What happens to fixes the skill makes?

The loop applies fixes directly to the changed files, then runs bin/magento setup:di:compile if PHP changed and bin/magento cache:flush. You should review and commit changes manually after verification.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational