Does it support both src and flat project layouts?

Yes, it analyzes the project structure to ensure consistency, checking for the presence of __init__.py files and confirming that src and flat layouts are not mixed.

Can this skill automatically fix the issues it discovers?

Yes. After the audit report is generated, you can choose to fix all issues, fix only critical security issues, or keep the report for manual reference.

What specifically does the Python Project Auditor check?

The skill evaluates four main areas: pyproject.toml configuration (Ruff, MyPy, Pytest), settings management (Pydantic, secrets), pre-commit hooks (Gitleaks, pip-audit), and general project structure.

How does it handle security and secrets?

It performs deep greps for hardcoded strings like passwords and API keys, checks for the presence of Gitleaks in pre-commit hooks, and ensures secrets are managed via Pydantic Settings rather than insecure environment calls.

Python Project Auditor

Name: Python Project Auditor
Author: jugrajsingh

byjugrajsingh

0•

安全与测试

Audits Python projects against modern standards for configuration, security, and project structure to ensure code quality.

This skill provides a comprehensive health check for Python repositories, scanning for essential configurations in pyproject.toml, secure settings management using Pydantic, and robust pre-commit hook implementations. It identifies security risks like hardcoded credentials and missing secret detection tools, evaluates linter and type-checker coverage, and suggests improvements for project layout. By generating structured reports and offering automated fixes, it helps developers align their codebases with industry-standard best practices and modern automation workflows.

主要功能

01Prioritized audit reports with automated fix suggestions for identified issues

02Security scanning for hardcoded secrets and insecure environment variable usage

03Pre-commit hook validation including Gitleaks and pip-audit integrations

040 GitHub stars

05Automated configuration checks for Ruff, MyPy, Pytest, and Coverage

06Project structure analysis for proper package layout and test organization

使用场景

01Performing pre-release security and configuration reviews to prevent credential leaks

02Standardizing project architecture and dependency management across a team

03Onboarding legacy Python repositories to modern development and linting standards

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jugrajsingh/skillgarden auditing

For use in Claude.ai and ChatGPT

Download Skill