Search everything...

Stats

Actions

Available In

audit

Name: audit
Author: soreavis

By soreavis

A complete pre-ship audit suite for Claude Code: 13 skills covering security (33 OWASP-era vectors), deep code quality, dependency health, regulatory compliance (GDPR/ISO), accessibility (WCAG 2.1 AA), SEO + GEO, form hardening, responsive design, deploy readiness, and LLM hallucination risk — plus /audit:all to orchestrate them and /audit:diff to compare reports over time.

npx claudepluginhub soreavis/claude-audit-skills --plugin audit

Popularity

Stars

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Skills13

audit-a11y

/a11y

Accessibility audit against WCAG 2.1 AA. Checks semantic HTML, alt text, keyboard navigation, contrast, form labels, ARIA, focus management, and motion preferences. Works on any web frontend.

audit-all

/all

Orchestrator that runs the bundled audit skills (security, deep, deps, compliance, tech-stack, forms, a11y, seo, deploy, responsive, hallucination) in sequence against a project and merges their reports into one combined scorecard. All sibling audits ship in this same plugin — nothing else to install. Use when the user wants to run "all audits" / "the full audit suite" / "every pre-launch check" before shipping.

audit-compliance

/compliance

Regulatory compliance audit against GDPR, ISO 27001:2022, ISO 9001:2015 (and optionally HIPAA, SOC 2, PCI DSS). Scores code on 7 compliance dimensions (data handling, access control, validation, sanitization, audit trail, error handling, documentation) with line-number evidence. Report-only by default; --fix opt-in.

audit-deep

/deep

Deep audit of code quality, security, and injection attack surface. Launches three parallel agents covering dead code, OWASP Top 10, and content injection vectors.

audit-deploy

/deploy

Pre-deployment production readiness checklist. Checks build health, debug code, dev URLs, env vars, error tracking, analytics, SEO, legal pages, and git state. Run before every production push.

Stats

Version0.1.0

ReleasedJun 14, 2026

Stars0

MaintenanceGood

LicenseMIT

Last CommitJun 14, 2026

AddedJun 16, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

soreavis-skills

README

claude-audit-skills

A pre-ship audit suite for Claude Code — 13 skills under one plugin. Run any audit on its own, or /audit:all to orchestrate the whole suite into a single combined scorecard.

This is a Claude Code plugin marketplace. The whole suite installs as one plugin (audit); every audit is then an individually invocable, namespaced command (/audit:security, /audit:a11y, …). One install, no per-repo sprawl, no drift between siblings.

The audits

Command	Focus
`/audit:all`	Orchestrator — runs the suite in sequence, merges into one scorecard with a SHIP / WARNINGS / DO NOT SHIP verdict
`/audit:security`	Attack surface — 33 vectors (OWASP, auth, API, client-side, AI)
`/audit:deep`	Code quality + security + injection surface (3 parallel agents)
`/audit:deps`	Dependency health — licenses, outdated, unused, duplicates, bundle size, vulns
`/audit:compliance`	Regulatory — GDPR, ISO 27001:2022, ISO 9001:2015 (+ HIPAA/SOC2/PCI), 7 dimensions
`/audit:tech-stack`	Stack-convention conformance — 8 checks, adapts to your detected stack
`/audit:forms`	Form hardening — 38-point spam/bot/security checklist
`/audit:a11y`	Accessibility — WCAG 2.1 AA, 29 checks
`/audit:seo`	SEO + technical SEO + GEO (generative-engine optimization)
`/audit:deploy`	Pre-deploy production-readiness checklist
`/audit:responsive`	Responsive / mobile optimization across viewports
`/audit:hallucination`	LLM fabrication-risk audit — 46 vectors for prompts, AI-integration code, and generated content
`/audit:diff`	Compare two audit reports — what improved, regressed, or is new

Every audit is report-only by default; the ones that can remediate take an opt-in --fix. All findings carry file:line evidence, and each skill enforces its own anti-hallucination rules (no invented identifiers, evidence-mandated findings).

Install

# 1. Add this marketplace (Git-based; owner/repo shorthand):
/plugin marketplace add soreavis/claude-audit-skills

# 2. Install the suite:
/plugin install audit@soreavis-skills

# 3. Activate without restarting:
/reload-plugins

Then run any audit, e.g.:

/audit:security --fix
/audit:all --tier=full --scope=src/ --report
/audit:a11y

Team setup (project .claude/settings.json):

{
  "extraKnownMarketplaces": {
    "soreavis-skills": {
      "source": { "source": "github", "repo": "soreavis/claude-audit-skills" }
    }
  },
  "enabledPlugins": {
    "audit@soreavis-skills": true
  }
}

`/audit:all` tiers

Tier	Audits	When
`quick`	security, deploy	Fast sanity check / MVP
`standard` (default)	security, deploy, forms, a11y, responsive	Most public-facing web projects
`full`	hallucination, security, deep, deps, compliance, tech-stack, forms, a11y, seo, responsive, deploy	Pre-launch of a paid / regulated / customer-facing product

/audit:all                                   # standard tier
/audit:all --tier=full --skip=hallucination  # everything except the AI-risk pass
/audit:all --tier=quick --include=a11y       # compose tier + include/skip

(/audit:diff isn't part of a run-all — it compares two existing reports. Run /audit:all twice across a fix sprint, then /audit:diff.)

Layout

claude-audit-skills/
├── .claude-plugin/
│   └── marketplace.json          # lists the `audit` plugin
└── plugins/
    └── audit/
        ├── .claude-plugin/plugin.json
        └── skills/
            ├── all/SKILL.md       → /audit:all
            ├── security/SKILL.md  → /audit:security
            ├── deep/SKILL.md      → /audit:deep
            └── …                  (13 skills total)

Requirements

Claude Code
Your target project checked out locally — the skills use Grep / Glob / Read against the codebase
For --report / --fix reports: a _local/ directory (skills create one if needed)

No external services. No API keys. Pure methodology + Claude Code execution.

License

MIT — copy it, ship it, improve it.

Acknowledgments

Built with Claude Code. Vector and checklist catalogs assembled from OWASP, WCAG 2.1, web.dev, GDPR / ISO 27001:2022, and real shipping experience.

Similar Plugins

fullstack-dev-skills

10.0k·455·

Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.

v0.4.15

Jeffallan

godot-skills

30·328·

Develop, test, build, and deploy Godot 4.x games with Claude Code. Includes GdUnit4 testing, web/desktop exports, CI/CD pipelines, and deployment to Vercel/GitHub Pages/itch.io.

5mo

v1.0.0

Randroids-Dojo

nature-skills

20.0k·124·

A growing collection of Claude-compatible academic workflow bundles. Covers scientific figures, manuscript writing and polishing, reviewer assessment, citation retrieval, data availability, paper reading, literature search, response letters, paper-to-PPTX conversion, and evidence-grounded Chinese invention patent drafting. Rules are organized as reusable skill folders with explicit workflows and quality checks.

v1.0.0

Yuan1z0825

octo

3.6k·81·

v9.44.1 — Patch release for Gemini environment/version detection and qwen auth gating. Run /octo:setup.

v9.45.0

nyldn

ecc

217.3k·2.6K·

Harness-native ECC operator layer - 67 agents, 271 skills, 92 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses

v2.0.0

affaan-m

ui-ux-pro-max

90.2k·1.3K·

UI/UX design intelligence. 67 styles, 161 palettes, 57 font pairings, 25 charts, 15 stacks (React, Next.js, Vue, Svelte, Astro, SwiftUI, React Native, Flutter, Tailwind, shadcn/ui, Nuxt, Jetpack Compose). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient.

2mo

v2.5.0

nextlevelbuilder

audit

Popularity

What's Inside

Confidence

README

claude-audit-skills

The audits

Install

/audit:all tiers

Layout

Requirements

License

Acknowledgments

Similar Plugins

fullstack-dev-skills

godot-skills

nature-skills

octo

ecc

ui-ux-pro-max

More by soreavis

property-deep-dive

claude-audit-skills

The audits

Install

/audit:all tiers

Layout

Requirements

License

Acknowledgments

Popularity

Health & Quality

More by soreavis

property-deep-dive

Similar Plugins

fullstack-dev-skills

godot-skills

nature-skills

octo

ecc

ui-ux-pro-max

`/audit:all` tiers

`/audit:all` tiers