production-code-audit

Analyzes and transforms codebases to meet production-grade standards, ensuring security, performance, and quality optimizations.

Install this skill

90/100

Security score

The production-code-audit skill was audited on Feb 21, 2026 and we found 6 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 271

Template literal with variable interpolation in command context

SourceSKILL.md

271	const query = \`SELECT * FROM users WHERE email = '\${email}'\`;

low line 150

Access to .env file

SourceSKILL.md

150	- After: password: process.env.DB_PASSWORD

low line 284

Access to .env file

SourceSKILL.md

284	const JWT_SECRET = process.env.JWT_SECRET;

low line 533

External URL reference

SourceSKILL.md

533	- [OWASP Top 10](https://owasp.org/www-project-top-ten/)

low line 534

External URL reference

SourceSKILL.md

534	- [Google Engineering Practices](https://google.github.io/eng-practices/)

low line 536

External URL reference

SourceSKILL.md

536	- [Clean Code by Robert C. Martin](https://www.amazon.com/Clean-Code-Handbook-Software-Craftsmanship/dp/0132350882)

Scanned on Feb 21, 2026

View Security Dashboard

Install this skill with one command

/learn @claudioceppi83/production-code-audit

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw backend testing backend-developer devops-sre qa-engineer product-manager technical-pm development product

ClaudioCeppi83/kora-os-kernel