AI Code Change Auditor
Verify AI-generated code for scope drift, false completions, and missing tests.
- Verify AI-generated patches for hidden TODOs and placeholders
- Catch unrelated file edits and scope overreach in agent PRs
- Identify missing test coverage and unverified edge cases in AI fixes
$38
· or 190 creditsSecure checkout via Stripe
Included in download
- Verify AI-generated patches for hidden TODOs and placeholders
- Catch unrelated file edits and scope overreach in agent PRs
- terminal, file_read, file_write automation included
- Ready for Claude Code
See it in action
You say
Audit this patch. Request: 'Update the auth middleware to support MFA tokens'. Agent says it's done. Here is the diff and the log from the single test it ran.
Your agent does
Audit verdict: NEEDS_FIX Requested change: MFA token support in auth middleware. Scope compliance: Failed. Agent modified unrelated 'billing.js' files. False-completion check: The diff adds the MFA check but lacks the required 'TokenExpired' error handler mentioned in the docs. Status: NEEDS_FIX
AI Code Change Auditor
Verify AI-generated code for scope drift, false completions, and missing tests.
$38
· or 190 creditsSecure checkout via Stripe
Included in download
- Verify AI-generated patches for hidden TODOs and placeholders
- Catch unrelated file edits and scope overreach in agent PRs
- terminal, file_read, file_write automation included
- Ready for Claude Code
- Instant install
See it in action
You say
Audit this patch. Request: 'Update the auth middleware to support MFA tokens'. Agent says it's done. Here is the diff and the log from the single test it ran.
Your agent does
Audit verdict: NEEDS_FIX Requested change: MFA token support in auth middleware. Scope compliance: Failed. Agent modified unrelated 'billing.js' files. False-completion check: The diff adds the MFA check but lacks the required 'TokenExpired' error handler mentioned in the docs. Status: NEEDS_FIX
About This Skill
The problem
AI agents often claim a task is complete while leaving behind TODOs, omitting necessary tests, or making unrelated changes to your codebase. Reviewing these "black box" patches manually is time consuming and prone to missing subtle scope drift or false completions.
What it does
- Detects false completions where the AI claims a fix but the diff lacks the actual implementation.
- Identifies scope drift and "overreach" where the agent modified files unrelated to the original ticket.
- Flagging missing validation, such as skipped edge cases, missing migration scripts, or tests that don't actually assert the requested behavior.
- Categorizes patches into actionable states like PASS, NEEDS_FIX, or PRODUCT_REVIEW_REQUIRED.
- Generates a structured Fix Verification Receipt to document evidence, reviewed files, and outstanding risks.
Why this beats prompting it yourself
General prompts often miss "hallucinated" progress where an agent says a test passed that wasn't actually run. This skill enforces a rigorous audit procedure that specifically looks for agentic failure modes like happy-path-only fixes and placeholder code that standard reviews often overlook.
Use cases
- Reviewing a PR generated by an automated coding agent before merging to main.
- Auditing a complex bug fix to ensure the agent didn't break adjacent call sites.
- Verifying that a refactor stayed within the requested architectural boundaries.
- Generating a verification receipt for compliance or team handoff after AI-assisted development.
Known limitations
This is a change auditor, not a deep security or performance profiler. It cannot verify UI behavior without provided screenshots or logs.
Use Cases
- Verify AI-generated patches for hidden TODOs and placeholders
- Catch unrelated file edits and scope overreach in agent PRs
- Identify missing test coverage and unverified edge cases in AI fixes
- Generate structured verification receipts for AI-assisted code changes
Known Limitations
This is a code change auditing workflow, not a full security audit, performance profiler, or replacement for human engineering review. It can help identify scope drift, missing validation, weak tests, unrelated file changes, and false-completion risks, but it depends on the user providing the relevant diff, files, logs, test output, or project context. UI behavior, runtime behavior, and production safety must be validated separately by the user before merging or deploying.
How to install
Drop the file into your AI tool. Works with Claude, Cursor, ChatGPT, and 20+ more.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
Claude Code, Cursor, Aider, Windsurf, and Cline