Does this skill support specific frameworks?

Yes, it includes specialized check-lists and logic tailored for Next.js, React, FastAPI, Express, Node.js, and Django.

How is the production readiness score calculated?

The score (0-100) is weighted across four categories: Security (40%), Code Quality (25%), Infrastructure (20%), and Testing (15%), with point deductions based on issue severity.

What is 'vibe-coded' software?

Vibe-coded software refers to applications primarily generated by AI where the logic might look correct at a glance but may lack robust error handling, security hardening, or production-grade architecture.

What does the --detailed flag do?

The --detailed flag provides granular findings, including specific file paths, code snippets, and step-by-step remediation instructions for every issue found during the audit.

Project Auditor

Name: Project Auditor
Author: brkastner

bybrkastner

•

Security & Testing

Conducts comprehensive production-readiness audits to identify security vulnerabilities, code quality issues, and infrastructure gaps in AI-generated or legacy projects.

About

The Project Auditor skill provides a standardized framework for assessing the maturity of a codebase before deployment, making it indispensable for evaluating 'vibe-coded' or AI-assisted projects. By spawning specialized subagents, it systematically reviews security practices against OWASP standards, evaluates code quality for anti-patterns, and checks infrastructure readiness for CI/CD and containerization. The result is a prioritized report featuring an overall readiness score, effort estimates for remediation, and framework-specific insights for modern web stacks.

Key Features

Framework-specific optimization checks for Next.js, FastAPI, Express, and Django.
Categorized reporting with readiness scoring (0-100) and effort-to-fix estimations.
Multi-phase automated auditing using specialized Discovery, Security, Quality, and Infrastructure subagents.
2 GitHub stars
Comprehensive security assessment covering OWASP Top 10, authentication, and secrets management.
Detection of AI-specific anti-patterns such as hallucinated dependencies and placeholder code.

Use Cases

Evaluating an AI-generated prototype to determine the remediation work required for a production launch.
Performing a rapid security and quality sanity check on an inherited or legacy codebase.
Automating pre-deployment reviews to ensure infrastructure, logging, and CI/CD standards are met.

About

Key Features

Framework-specific optimization checks for Next.js, FastAPI, Express, and Django.
Categorized reporting with readiness scoring (0-100) and effort-to-fix estimations.
Multi-phase automated auditing using specialized Discovery, Security, Quality, and Infrastructure subagents.
2 GitHub stars
Comprehensive security assessment covering OWASP Top 10, authentication, and secrets management.
Detection of AI-specific anti-patterns such as hallucinated dependencies and placeholder code.

Use Cases

Evaluating an AI-generated prototype to determine the remediation work required for a production launch.
Performing a rapid security and quality sanity check on an inherited or legacy codebase.
Automating pre-deployment reviews to ensure infrastructure, logging, and CI/CD standards are met.