What does the Project Workflow Auditor Agent do?

It performs a deep audit of your codebase, configurations, and workflows to ensure security, compliance with project standards, and overall release readiness.

What specific files does it check for compliance?

It audits adherence to documentation such as AGENTS.md, CONTRIBUTING.md, and SECURITY.md to ensure the project follows its own defined governance rules.

Can it help with GitHub Actions security?

Yes, one of its primary functions is reviewing CI/CD workflows for safety, best practices, and consistency across the repository.

What is the output of this skill?

The skill generates a Project & Workflow Audit Report which includes a list of prioritized, actionable tasks with specific acceptance criteria for remediation.

How does it handle sensitive information like secrets?

The agent is designed to be security-conscious; it uses filename-only search patterns to identify potential secret leaks without printing the actual sensitive data to the logs.

Project Workflow Auditor

Name: Project Workflow Auditor
Author: koala-man-64

bykoala-man-64

0•

Security & Testing

Audits repositories for security vulnerabilities, CI/CD safety, and compliance with engineering standards to ensure production readiness.

The Project Workflow Auditor Agent provides a comprehensive governance layer for your software development lifecycle by systematically reviewing repository security, CI/CD workflow safety, and adherence to internal documentation. It automates the identification of inconsistencies across code, configurations, and docs, helping teams enforce engineering guardrails and prepare for stable releases. By utilizing specialized scripts and checklists, the skill produces prioritized, actionable work items that ensure your project meets rigorous delivery standards and governance requirements.

Key Features

01Comprehensive repo-wide security and governance audits

02CI/CD workflow and SDLC compliance verification

03Validation of AGENTS.md and CONTRIBUTING.md adherence

04Prioritized reporting with clear acceptance criteria

050 GitHub stars

06Automated evidence collection via project snapshots

Use Cases

01Reviewing GitHub Actions workflows for security and safety

02Enforcing engineering guardrails across a development team

03Preparing a repository for a major production release

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add koala-man-64/asset-allocation project-workflow-auditor-agent

For use in Claude.ai and ChatGPT

Download Skill