skillshare-codebase-audit
- Repo stars 194
- Author updated Live
- Author repo skills
- Domain
- Security
- Compatible agents
-
- Claude Code
- Cursor
- Cline
- Codex
- Windsurf
- Gemini CLI
- +20
- Trust score
- 88 / 100 · community maintained
- Author / version / license
- @JetBrains · no license declared
- Token usage
- Lean
- Setup complexity
- Plug-and-play
- External API key
- Not required
- Operating systems
- Unspecified (assume cross-platform)
- Runtime requirements
- No special requirements
- Permissions
-
- Read-only
- Write / modify
- Network behavior
- Local-only
- Install commands
- 26 variants
Profile is derived at build time from SKILL.md and install vectors. Subject to drift from author intent.
Heads up: 未限定 allowed-tools,默认拥有全部工具权限。
---
name: skillshare-codebase-audit
description: >- Read-only consistency audit across the skillshare codebase. $ARGUMENTS specifies focus area (…
category: security
runtime: no special runtime
---
# skillshare-codebase-audit output preview
## PART A: Task fit
- Use case: >- Read-only consistency audit across the skillshare codebase. $ARGUMENTS specifies focus area (e.g., "flags", "tests", "targets") or omit for full audit. Run all 4 dimensions in parallel where possible. For each, produce a summary table. runs entirely locally. Works with Claude Code, Cursor, Cline and 23 more..
- Inputs: target material, constraints, expected output, and acceptance criteria.
- Evidence boundary: follow “Audit Dimensions / 1. CLI Flag Audit / 2. Spec vs Code” and do not present inference as author intent.
## PART B: Execution result
- **01** The card summarizes the use case; runtime output centers on “>- Read-only consistency audit across the skillshare codebase. $ARGUMENTS specifies focus area (e.g., "flags", "tests", "targets") or omit for full audit. Run all 4 dimensions in parallel where possible. For each, produce a summary table. runs entirely locally. Works with Claude Code, Cursor, Cline and 23 more.”.
- **02** When the source has headings, the agent prioritizes “Audit Dimensions / 1. CLI Flag Audit / 2. Spec vs Code” so the result follows the author’s structure.
- **03** Typical output includes task judgment, concrete steps, required commands or file edits, validation, and follow-up options.
- **04** Risk context follows the fingerprint: read files, write/modify files; mostly runs locally; usually needs no extra API key.
## Running Rules
- read files, write/modify files; mostly runs locally; usually needs no extra API key.
- Validate with a small sample before expanding scope.
- Return the result, validation criteria, and next iteration options. The source does not require a stable slash command. After installation, invoke the skill by name and describe the task.
Name target files or source material, expected output, forbidden changes, and whether network or shell access is allowed. Permission fingerprint: read files, write/modify files.
Start with a small task and check whether the result follows “Audit Dimensions / 1. CLI Flag Audit / 2. Spec vs Code”. Inspect diffs, logs, previews, or tests before expanding scope.
Confirm the final output includes a concrete result, evidence, and next action. If it stays generic, tighten inputs, boundaries, and acceptance criteria.
---
name: skillshare-codebase-audit
description: >- Read-only consistency audit across the skillshare codebase. $ARGUMENTS specifies focus area (…
category: security
source: JetBrains/skills
---
# skillshare-codebase-audit
## When to use
- >- Read-only consistency audit across the skillshare codebase. $ARGUMENTS specifies focus area (e.g., "flags", "tests"…
- Use it when the task has clear inputs, repeatable steps, and validation criteria.
## What to provide
- Target material, scope, expected result, and forbidden changes.
- Whether network, commands, file writes, or external services are allowed.
## Execution rules
- Organize steps around “Audit Dimensions / 1. CLI Flag Audit / 2. Spec vs Code” and keep inference separate from source facts.
- read files, write/modify files; mostly runs locally; usually needs no extra API key.
- Validate with a small sample before expanding the task.
## Output requirements
- Return the deliverable, key evidence, validation method, and next action.
- Mark missing information as unknown; do not invent commands, platforms, or dependencies. The author source anchors workflow facts; repository files anchor sources and commands; Fluxly only adds fit, limitations, and quality judgment.
skill "skillshare-codebase-audit" {
input -> user goal + target files + boundaries + acceptance criteria
context -> Audit Dimensions / 1. CLI Flag Audit / 2. Spec vs Code
rules -> SKILL.md triggers / order / output contract
runtime -> no special runtime | read files, write/modify files | mostly runs locally
guardrails -> usually needs no extra API key + small-sample validation + diff/log review
output -> copyable result + checklist + next iteration
} Read-only consistency audit across the skillshare codebase. $ARGUMENTS specifies focus area (e.g., "flags", "tests", "targets") or omit for full audit.
Scope: This skill only READS and REPORTS. It does not modify any files. Use implement-feature to fix issues or update-docs to fix documentation gaps.
Audit Dimensions
Run all 4 dimensions in parallel where possible. For each, produce a summary table.
1. CLI Flag Audit
Compare every flag defined in cmd/skillshare/*.go against website/docs/commands/*.md.
# Find all flags in Go source
grep -rn 'flag\.\(String\|Bool\|Int\)' cmd/skillshare/
grep -rn 'Args\|Usage' cmd/skillshare/
Report:
- UNDOCUMENTED: Flag exists in code but not in docs
- STALE: Flag documented but not found in code
- OK: Flag matches between code and docs
2. Spec vs Code
For each spec in specs/ marked as completed/done:
- Verify the described feature exists in source code
- Check that the spec's acceptance criteria are testable
Report:
- IMPLEMENTED: Spec complete, code exists
- MISMATCH: Spec says done but code missing or partial
- PENDING: Spec not yet marked complete (informational)
3. Test Coverage
For each command handler in cmd/skillshare/<cmd>.go:
- Check if
tests/integration/<cmd>_test.goexists - Check if key behaviors have test cases
# List all command handlers
ls cmd/skillshare/*.go | grep -v '_test.go\|main.go\|helpers.go\|mode.go'
# List all integration tests
ls tests/integration/*_test.go
Report:
- COVERED: Command has integration test file with test cases
- PARTIAL: Test file exists but missing key scenarios
- MISSING: No integration test for this command
4. Target Audit
Verify internal/config/targets.yaml entries:
- Each target has both
global_pathandproject_path - Aliases are consistent
- No duplicate entries
Report:
- OK: Target entry complete and valid
- INCOMPLETE: Missing required fields
- DUPLICATE: Name or alias collision
Output Format
== Skillshare Codebase Audit ==
### CLI Flags (N issues)
| Command | Flag | Status |
|-----------|-------------|--------------|
| install | --force | OK |
| install | --into | UNDOCUMENTED |
### Specs (N issues)
| Spec File | Status |
|----------------------|-------------|
| copy-sync-mode.md | IMPLEMENTED |
| some-feature.md | MISMATCH |
### Test Coverage (N issues)
| Command | Status | Notes |
|-----------|---------|--------------------|
| sync | COVERED | |
| audit | PARTIAL | missing edge cases |
| target | MISSING | |
### Targets (N issues)
| Target | Status | Notes |
|-----------|------------|---------------|
| claude | OK | |
| newagent | INCOMPLETE | no project_path |
== Summary: X OK / Y issues found ==
5. Handler Split Audit
For commands with >300 lines in cmd/skillshare/<cmd>.go, verify the handler split convention is followed:
# Find large command files
wc -l cmd/skillshare/*.go | sort -rn | head -20
Check that large commands are properly split:
| Suffix | Expected for large commands |
|---|---|
_handlers.go |
Core logic extracted |
_render.go |
Output rendering separated |
_tui.go |
TUI components isolated |
Report:
- SPLIT: Large command properly follows handler split convention
- MONOLITH: >300 lines without split (should be refactored)
- N/A: Small command, no split needed
6. Oplog Coverage
Verify all mutating commands have oplog instrumentation:
# Find commands that modify state
grep -rn 'func handle\|func cmd' cmd/skillshare/*.go
# Check for oplog.Write calls
grep -rn 'oplog.Write' cmd/skillshare/
Mutating commands (install, uninstall, sync, update, init, collect, backup, restore, trash) should all write to oplog. Read-only commands (list, status, check, search, audit, log, version) should not.
Report:
- INSTRUMENTED: Mutating command has oplog.Write
- MISSING: Mutating command lacks oplog instrumentation
- N/A: Read-only command (no oplog expected)
7. Web API Consistency
Verify internal/server/handler_*.go routes match CLI commands:
# List all handler files
ls internal/server/handler_*.go | grep -v _test.go
# Check route registration in server.go
grep -n 'HandleFunc\|Handle(' internal/server/server.go
Report:
- SYNCED: CLI command has corresponding API handler
- CLI-ONLY: Command exists in CLI but not in Web API (may be intentional)
- API-ONLY: API handler without CLI counterpart (unusual)
Output Format
== Skillshare Codebase Audit ==
### CLI Flags (N issues)
| Command | Flag | Status |
|-----------|-------------|--------------|
| install | --force | OK |
| install | --into | UNDOCUMENTED |
### Specs (N issues)
| Spec File | Status |
|----------------------|-------------|
| copy-sync-mode.md | IMPLEMENTED |
| some-feature.md | MISMATCH |
### Test Coverage (N issues)
| Command | Status | Notes |
|-----------|---------|--------------------|
| sync | COVERED | |
| audit | PARTIAL | missing edge cases |
| target | MISSING | |
### Targets (N issues)
| Target | Status | Notes |
|-----------|------------|---------------|
| claude | OK | |
| newagent | INCOMPLETE | no project_path |
### Handler Split (N issues)
| Command | Lines | Status | Notes |
|-----------|-------|-----------|--------------------|
| install | 450 | SPLIT | 6 sub-files |
| audit | 320 | MONOLITH | should split render |
| status | 80 | N/A | |
### Oplog (N issues)
| Command | Mutating? | Status |
|-----------|-----------|---------------|
| install | Yes | INSTRUMENTED |
| trash | Yes | MISSING |
| list | No | N/A |
### Web API (N issues)
| Command | CLI | API | Status |
|-----------|-----|-----|----------|
| install | Yes | Yes | SYNCED |
| diff | Yes | No | CLI-ONLY |
== Summary: X OK / Y issues found ==
Rules
- Read-only — never modify files, only report
- Evidence-based — every finding must include file path and line number
- No false positives — verify with grep before flagging
- Scope $ARGUMENTS — if user specifies "flags", only run dimension 1; "handlers" for dimension 5, "oplog" for dimension 6, "api" for dimension 7
Decide Fit First
Design Intent
How To Use It
Boundaries And Review