git-pr-auditor
Professional-grade git diff auditor that identifies security vulnerabilities and code smells before you merge.
- Detect hardcoded secrets and injection vulnerabilities in PR diffs.
- Enforce code quality standards on staged changes before committing.
- Identify "TODO" comments and debug logs left in production-bound code.
Free
One-time purchase
Included in download
- Downloadable skill package
- 1 permission declared
Sample Output
A real example of what this skill produces.
PR Audit Report
Critical — Security Issues
| File | Line | Issue |
| src/api/auth.ts | 22 | Hardcoded JWT secret found |
| src/db/repo.js | 104 | SQL injection via string concat |
Warning — Code Quality
| src/utils.py | 45 | console.log left in production code |
git-pr-auditor
Professional-grade git diff auditor that identifies security vulnerabilities and code smells before you merge.
Free
One-time purchase
Included in download
- Downloadable skill package
- 1 permission declared
- Instant install
Sample Output
A real example of what this skill produces.
PR Audit Report
Critical — Security Issues
| File | Line | Issue |
| src/api/auth.ts | 22 | Hardcoded JWT secret found |
| src/db/repo.js | 104 | SQL injection via string concat |
Warning — Code Quality
| src/utils.py | 45 | console.log left in production code |
About This Skill
Automated Code Quality & Security Audits
The git-pr-auditor is a high-performance review skill designed for developers who need to shift-left on security and code quality. It automates the tedious process of scanning diffs for vulnerabilities and anti-patterns, ensuring that every commit meets your project's standards before it ever reaches a human reviewer.
What it does
This skill performs a multi-layered analysis of git diffs—whether they are currently staged, in a specific branch, or part of an active GitHub Pull Request. It categorizes changes by file type and applies targeted audit logic to identify issues across three severity levels: Critical (Security), Warning (Quality), and Info (Best Practices).
- Security Scanning: Detects hardcoded secrets, SQL/Command injection, and XSS patterns.
- Quality Control: Flags code smells like "magic numbers," swallowed errors, and leaked debug logs.
- Structural Analysis: Identifies overly complex functions and missing documentation.
- Integration Support: Works seamlessly with standard Git workflows and the GitHub CLI.
Why use this skill?
Unlike basic LLM prompting, this skill follows a structured multi-step execution protocol. It leverages specialized audit checklists for different languages (backend, frontend, config, SQL) and produces a standardized, machine-readable report. It acts as a tireless first-pass reviewer that never misses a TODO comment or a risky shell=True call.
Use Cases
- Detect hardcoded secrets and injection vulnerabilities in PR diffs.
- Enforce code quality standards on staged changes before committing.
- Identify "TODO" comments and debug logs left in production-bound code.
- Generate structured audit reports for GitHub PR reviews.
- Verify architectural best practices across complex branch merges.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/git-pr-auditor | tar xz -C ~/.claude/skills/Free skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes