What are P0 findings in the report?

P0 findings are critical 'Must Have' items, such as a missing test runner or the absence of a CI workflow, which prevent basic code verification.

How does the security scanning work?

The skill spawns a 'security-sentinel' agent to analyze source code for hardcoded secrets, SQL injection, insecure dependencies, and OWASP Top 10 vulnerabilities.

What frameworks does check-quality support?

It supports a wide range of modern tools including Vitest, Jest, ESLint, Prettier, Biome, GitHub Actions, Lefthook, and Husky.

Does this skill automatically fix the issues it finds?

No, check-quality is an investigative primitive that reports findings. You can use related commands like /fix-quality to automatically address the identified gaps.

Quality Infrastructure Audit

Name: Quality Infrastructure Audit
Author: phrazzld

byphrazzld

•

보안 및 테스팅

Audits project quality gates including testing frameworks, CI/CD pipelines, security vulnerabilities, and linting configurations.

The check-quality skill provides a comprehensive health check for your software project's quality infrastructure. It systematically scans for testing frameworks (Vitest, Jest), Git hook managers (Lefthook, Husky), CI/CD workflows, and security vulnerabilities using a specialized security agent. By generating a prioritized report of findings ranging from P0 (critical) to P3 (nice-to-have), it identifies gaps in coverage, missing guardrails, and outdated tooling, making it an essential tool for maintaining high engineering standards and production-ready code.

주요 기능

01Automated testing infrastructure audit for Vitest and Jest

02Git hook verification for Lefthook and Husky implementations

03Deep security scanning for secrets and OWASP vulnerabilities

04Linting and formatting analysis including ESLint, Prettier, and Biome

05CI/CD pipeline validation for GitHub Actions and branch protection

065 GitHub stars

사용 사례

01Conducting a comprehensive quality gate audit on a legacy codebase

02Identifying security vulnerabilities and hardcoded secrets before a release

03Assessing test coverage gaps and CI/CD configuration issues in a new repository

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add phrazzld/claude-config check-quality

For use in Claude.ai and ChatGPT

Download Skill