codebase-audit-pre-push
Conducts a thorough pre-push audit of codebases to eliminate junk files, dead code, and security vulnerabilities before GitHub deployment.
Install this skill
or
63/100
Security score
The codebase-audit-pre-push skill was audited on Jun 5, 2026 and we found 5 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.
Categories Tested
Security Issues
critical line 96
Direct command execution function call
SourceSKILL.md
| 96 | - Command injection: No `exec()` with user-provided input |
medium line 50
Access to .env file
SourceSKILL.md
| 50 | - `.env` files (should never be committed) |
medium line 58
Access to .env file
SourceSKILL.md
| 58 | Check if the `.gitignore` file exists and is thorough. If itโs missing or not complete, update it to include all junk file patterns above. Ensure that `.env.example` exists with keys but no values. |
low line 202
Access to .env file
SourceSKILL.md
| 202 | - .env (contained secrets) |
low line 216
Access to .env file
SourceSKILL.md
| 216 | ๐จ CRITICAL: Hardcoded API key in config.js (line 12) โ moved to .env |
Scanned on Jun 5, 2026
View Security DashboardGitHub Stars 25
Rate this skill
Categorydevelopment
UpdatedJune 10, 2026
github-copilotbackendtestingbackend-developerdevops-sreqa-engineertechnical-pmproduct-managergithubdevelopmentproduct
Anhvu1107/all-agent-skill