code-quality-audit
Conducts comprehensive code quality and security audits for Drupal and Next.js projects, ensuring adherence to best practices.
Install this skill
or
48/100
Security score
The code-quality-audit skill was audited on Jun 8, 2026 and we found 6 security issues across 3 threat categories, including 3 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 160
Template literal with variable interpolation in command context
SourceSKILL.md
| 160 | ## Adaptive Audit Depth (`${CLAUDE_EFFORT}`) |
high line 162
Template literal with variable interpolation in command context
SourceSKILL.md
| 162 | When this skill drives an audit, scale depth to the session's effort level. The `${CLAUDE_EFFORT}` substitution resolves to the current level: |
high line 164
Template literal with variable interpolation in command context
SourceSKILL.md
| 164 | | `${CLAUDE_EFFORT}` | Audit depth | |
medium line 147
Access to hidden dotfiles in home directory
SourceSKILL.md
| 147 | > The Bash sandbox restricts **only Bash** — built-in file tools, MCP servers, and **hooks run unconstrained on the host**. That matters here because the watch-mode dispatcher runs as a `FileChanged` |
low line 29
External URL reference
SourceSKILL.md
| 29 | > **Reading strategy:** Audit, review, security, SOLID, and DRY commands are **Type B** work (audit / review / architecture analysis) — agents must read full source and config files. Do NOT grep-first |
low line 308
External URL reference
SourceSKILL.md
| 308 | **Index:** `https://camoa.github.io/dev-guides/llms.txt` |
Scanned on Jun 8, 2026
View Security DashboardGitHub Stars 29
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
claudeclaude-codefrontendreactdocxgitapitestingdevopsbackendbackend-developerdevops-sreqa-engineerproduct-managertechnical-pmdevelopmentproduct
camoa/claude-skills