安全审计
- 作者仓库星标 45
- 许可证 BSD-2-Clause
- 作者更新于 实时读取
- 作者仓库 leos_claude_starter
- 领域
- 安全
- 兼容 Agent
-
- Claude Code
- Cursor
- Cline
- Codex
- Windsurf
- Gemini CLI
- +20
- 信任分
- 94 / 100 · 已通过审计
- 作者 / 版本 / 许可
- @leogodin217 · BSD-2-Clause
- Token 消耗评级
- 低消耗
- 接入复杂程度
- 即装即用
- 是否需要外部 API Key
- 不需要
- 兼容的系统
- 未声明(默认跨平台)
- 底层运行要求
- 无特殊要求
- 文件与系统权限
-
- 只读
- 允许写入 / 修改
- 网络行为
- 仅限本地
- 安装命令数
- 26 条
档案由构建时根据 SKILL.md 与安装命令自动衍生,可能与作者实际意图存在差异。
需要注意: 未限定 allowed-tools,默认拥有全部工具权限。
---
name: audit-docs
description: Orchestrate sequential documentation audits with checkpointing and resumption. YYYY-MM-DD_HHMMSS…
category: 安全
runtime: 无特殊运行时
---
# audit-docs 输出预览
## PART A: 任务判断
- 适用问题:安全审计、密钥扫描、权限检查或风险分析。
- 输入要求:目标材料、限制条件、期望输出和验收方式。
- 证据边界:围绕“Output Location / Process / 1. Check for Incomplete Session”读取原文规则,不把推断写成作者承诺。
## PART B: 执行结果
- **01** 任务判断:确认你的需求是否属于安全审计、密钥扫描、权限检查或风险分析,并标出输入、限制和预期结果。
- **02** 执行计划:优先按“Output Location / Process / 1. Check for Incomplete Session”拆成步骤,说明每一步会读取什么、修改什么、产出什么。
- **03** 交付结果:给出可复制的命令、文件改动、检查清单或内容草稿,并说明如何继续迭代。
- **04** 风险边界:结合 读取文件、写入/修改文件、主要在本地完成、通常不需要额外 API Key 给出执行前确认项。
## Running Rules
- 读取文件、写入/修改文件;主要在本地完成;通常不需要额外 API Key。
- 先小样例验证,再放大到真实任务。
- 交付时同时给结果、检查口径和下一步迭代建议。 原文出现了 `/audit-docs` 这类斜杠命令;如果你的 Agent 支持命令触发,优先用命令开场,再补充目标和边界。
告诉 Agent 目标文件或材料、期望结果、不可改范围、是否允许联网或执行命令。本 Skill 的权限画像是:读取文件、写入/修改文件。
先用一个小任务确认它会围绕“Output Location / Process / 1. Check for Incomplete Session”工作;涉及文件或命令时,先看 diff、日志、预览或测试结果。
检查最终产物是否包含明确结果、必要证据和下一步动作;如果输出泛泛而谈,就补充输入、边界和验收标准后重跑。
---
name: audit-docs
description: Orchestrate sequential documentation audits with checkpointing and resumption. YYYY-MM-DD_HHMMSS…
category: 安全
source: leogodin217/leos_claude_starter
---
# audit-docs
## 什么时候使用
- 用于提炼长内容、变更或对话里的关键信息 适合处理安全审计、密钥扫描、权限检查和风险分析,核心价值是把输入、判断、执行、验证和交付边界固定下来,避免 Agent 泛泛回答。 把任务拆成可执行、可检查、可继续迭代的步骤;通常不需要额外 AP…
- 面向安全审计、密钥扫描、权限检查或风险分析,优先处理能明确输入、步骤和验收标准的工作。
## 需要提供什么
- 目标材料、目录范围、期望结果和不可改动内容。
- 是否允许联网、执行命令、读写文件或调用外部服务。
## 执行规则
- 围绕「Output Location / Process / 1. Check for Incomplete Session」组织步骤,不把推断写成作者事实。
- 读取文件、写入/修改文件;主要在本地完成;通常不需要额外 API Key。
- 先跑小样例,确认结果可检查后再扩大任务范围。
## 输出要求
- 给出最终产物、关键证据、验证方式和下一步动作。
- 信息不足时标记 unknown,不编造命令、平台或依赖。 作者原文负责流程事实;仓库文件负责来源和命令;流狐只补充适用场景、限制和质量判断。
skill "audit-docs" {
输入层 -> 用户目标 + 目标文件 + 禁止范围 + 验收标准
上下文层 -> Output Location / Process / 1. Check for Incomplete Session
规则层 -> SKILL.md 触发条件 / 执行顺序 / 输出格式
运行层 -> 无特殊运行时 | 读取文件、写入/修改文件 | 主要在本地完成
安全层 -> 通常不需要额外 API Key + 小任务验证 + diff / 日志复核
输出层 -> 可复制结果 + 检查清单 + 下一步迭代
} Audit Docs
Orchestrate sequential documentation audits with file-based checkpointing. Enables resumption across sessions.
Output Location
docs/audits/
YYYY-MM-DD_HHMMSS/
manifest.yaml # checkpoint state
summary.md # generated after all audits complete
findings/
actors.md
behaviors.md
...
Process
1. Check for Incomplete Session
Look for existing sessions:
Glob: docs/audits/*/manifest.yaml
For each manifest found, read it. If any has status: auditing or status: summarizing:
AskUserQuestion:
question: "Found incomplete audit session from {session_id}. How should I proceed?"
options:
- "Resume the incomplete session"
- "Start a fresh audit (abandons previous)"
If "Resume" → skip to Phase 2 or 3 based on manifest status. If "Start fresh" → continue to initialization.
If no incomplete sessions found, proceed to initialization.
2. Initialize Session
Create session folder:
session_id = current timestamp as "YYYY-MM-DD_HHMMSS"
folder = docs/audits/{session_id}/
Create the folder structure:
docs/audits/{session_id}/
docs/audits/{session_id}/findings/
Discover architecture docs:
Glob: docs/architecture/*.md
Exclude:
README.md(index/navigation)PROCESS.md(workflow documentation)
Write initial manifest:
session_id: "{session_id}"
created_at: "{ISO timestamp}"
status: "auditing"
docs:
- name: "actors.md"
path: "docs/architecture/actors.md"
status: "pending"
error: null
- name: "behaviors.md"
path: "docs/architecture/behaviors.md"
status: "pending"
error: null
# ... all discovered docs
Report: "Created audit session {session_id} with {N} docs to audit."
3. Audit Phase (Sequential, Checkpointed)
Read manifest to find docs with status: pending.
For each pending doc, one at a time:
Update manifest - set doc
status: "auditing"Launch doc-auditor agent (NOT in background):
Task( subagent_type="doc-auditor", prompt="Audit this architecture doc against implementation.\n\ndoc_path: {doc_path}", run_in_background=false )Write findings file - take agent response and write to
findings/{doc_name}:# Audit: {doc_name} **Audited:** {ISO timestamp} **Doc path:** {doc_path} ## Findings {findings from agent, numbered list} ## Verified Accurate {verified items from agent, bullet list}Update manifest - set doc
status: "complete"Report progress: "Completed {n}/{total}: {doc_name} - {X} findings"
Continue to next pending doc
If agent returns error: Set doc status: "error", error: "{message}", continue to next doc.
Checkpoint guarantee: After each doc, manifest reflects current state. If context exhausts, next session resumes from manifest.
4. Summary Phase
Once all docs have status: complete or status: error:
Update manifest - set
status: "summarizing"Read all findings files from
findings/folderGenerate summary.md:
# Documentation Audit Summary **Session:** {session_id} **Completed:** {ISO timestamp} ## Overview - Docs audited: {total} - Docs with findings: {count with findings} - Docs verified accurate: {count with no findings} - Docs with errors: {count with errors} ## Findings ### {doc_name} {copy findings section from that doc's file} ### {doc_name} ... ## Verified Accurate - {doc_name} - {doc_name} - ... ## Errors - {doc_name}: {error message} - ...Update manifest - set
status: "complete"Report: "Audit complete. Summary written to docs/audits/{session_id}/summary.md"
5. Present and Ask for Approval
Display the summary to the user (read and output summary.md content).
Then ask:
AskUserQuestion:
question: "How should I proceed with documentation updates?"
options:
- "Fix all findings"
- "Show me the specific changes first"
- "Skip updates for now"
6. Apply Fixes (If Approved)
For each finding to fix:
- Read the doc
- Locate the incorrect section
- Edit to match implementation
- Follow "Code Is Truth" principle:
- Prune duplicated details (link to code instead)
- Keep rationale and invariants
- Remove stale content
Report each change made.
7. Verification (Optional)
After fixes, offer to re-run audit on modified docs only:
AskUserQuestion:
question: "Want me to verify the fixes?"
options:
- "Yes, re-audit modified docs"
- "No, I'll review manually"
Manifest Schema
session_id: str # "YYYY-MM-DD_HHMMSS"
created_at: str # ISO 8601 timestamp
status: str # "auditing" | "summarizing" | "complete"
docs:
- name: str # "actors.md"
path: str # "docs/architecture/actors.md"
status: str # "pending" | "auditing" | "complete" | "error"
error: str | null # error message if status=error
Findings File Format
# Audit: {doc_name}
**Audited:** {ISO timestamp}
**Doc path:** {path}
## Findings
1. **{title}**
- Doc says: "{quote from doc}"
- Code does: {actual behavior}
- Location: {file}:{line}
2. **{title}**
...
## Verified Accurate
- {item verified correct}
- {item verified correct}
Doc-to-Code Mapping
The doc-auditor agent discovers code paths from within the doc itself:
- Explicit references: Look for
src/fabulexa/...paths in the doc - Code References section: Many docs have a table linking topics to files
- Naming convention:
{name}.mdoften maps tosrc/fabulexa/{name}/
The agent should NOT rely on a hardcoded mapping.
Example: Fresh Run
User: /audit-docs
Claude: Checking for incomplete sessions...
No incomplete sessions found.
Creating audit session 2025-01-21_143022 with 10 docs to audit.
Auditing actors.md...
Completed 1/10: actors.md - 2 findings
Auditing behaviors.md...
Completed 2/10: behaviors.md - 0 findings
...
Audit complete. Summary written to docs/audits/2025-01-21_143022/summary.md
# Documentation Audit Summary
...
How should I proceed with documentation updates?
[Fix all findings] [Show changes first] [Skip updates]
Example: Resume After Context Exhaustion
User: /audit-docs
Claude: Checking for incomplete sessions...
Found incomplete audit session from 2025-01-21_143022.
Progress: 6/10 docs complete.
How should I proceed?
[Resume the incomplete session] [Start a fresh audit]
User: Resume
Claude: Resuming session 2025-01-21_143022...
Auditing simulation.md...
Completed 7/10: simulation.md - 1 finding
...
先判断是否适合
作者设计意图
作者的方法与取舍
边界和复核