Git pr Auditor
by Timoranjes
Professional-grade git diff auditor that identifies security vulnerabilities and code smells before you merge.
- Detect hardcoded secrets and injection vulnerabilities in PR diffs.
- Enforce code quality standards on staged changes before committing.
- Identify "TODO" comments and debug logs left in production-bound code.
Free
Included in download
- Downloadable skill package
- Works with Claude Code, Cursor
- 1 permission declared
Sample input
Audit my current staged changes for security vulnerabilities and code smells before I commit.
Sample output
PR Audit Report
Critical — Security Issues
| File | Line | Issue |
| src/api/auth.ts | 22 | Hardcoded JWT secret found |
| src/db/repo.js | 104 | SQL injection via string concat |
Warning — Code Quality
| src/utils.py | 45 | console.log left in production code |
Git pr Auditor
by Timoranjes
Professional-grade git diff auditor that identifies security vulnerabilities and code smells before you merge.
Free
Included in download
- Downloadable skill package
- Works with Claude Code, Cursor
- 1 permission declared
- Instant install
Sample input
Audit my current staged changes for security vulnerabilities and code smells before I commit.
Sample output
PR Audit Report
Critical — Security Issues
| File | Line | Issue |
| src/api/auth.ts | 22 | Hardcoded JWT secret found |
| src/db/repo.js | 104 | SQL injection via string concat |
Warning — Code Quality
| src/utils.py | 45 | console.log left in production code |
About This Skill
Automated Code Quality & Security Audits
The git-pr-auditor is a high-performance review skill designed for developers who need to shift-left on security and code quality. It automates the tedious process of scanning diffs for vulnerabilities and anti-patterns, ensuring that every commit meets your project's standards before it ever reaches a human reviewer.
What it does
This skill performs a multi-layered analysis of git diffs—whether they are currently staged, in a specific branch, or part of an active GitHub Pull Request. It categorizes changes by file type and applies targeted audit logic to identify issues across three severity levels: Critical (Security), Warning (Quality), and Info (Best Practices).
- Security Scanning: Detects hardcoded secrets, SQL/Command injection, and XSS patterns.
- Quality Control: Flags code smells like "magic numbers," swallowed errors, and leaked debug logs.
- Structural Analysis: Identifies overly complex functions and missing documentation.
- Integration Support: Works seamlessly with standard Git workflows and the GitHub CLI.
Why use this skill?
Unlike basic LLM prompting, this skill follows a structured multi-step execution protocol. It leverages specialized audit checklists for different languages (backend, frontend, config, SQL) and produces a standardized, machine-readable report. It acts as a tireless first-pass reviewer that never misses a TODO comment or a risky shell=True call.
Use Cases
- Detect hardcoded secrets and injection vulnerabilities in PR diffs.
- Enforce code quality standards on staged changes before committing.
- Identify "TODO" comments and debug logs left in production-bound code.
- Generate structured audit reports for GitHub PR reviews.
- Verify architectural best practices across complex branch merges.
Known Limitations
- Cannot execute code or dynamic analysis
- Maximum diff size limited by LLM context window
- Not a replacement for official SOC2 or PCI audits
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/git-pr-auditor -o /tmp/git-pr-auditor.zip && unzip -o /tmp/git-pr-auditor.zip -d ~/.claude/skills && rm /tmp/git-pr-auditor.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Claude Code, Cursor, GitHub Copilot CLI, SKILL.md-compatible agents
Creator
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
inline-comment
Best way to steer your agents, effortlessly.
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.