Skip to main content

production-audit

Audits deployed repositories for production-readiness, identifying gaps in security, webhooks, and deployment health.

Install this skill

or
74/100

Security score

The production-audit skill was audited on May 15, 2026 and we found 10 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md
3description: "Audit a shipped repo for production-readiness gaps across RLS, webhooks, secrets, grants, Stripe idempotency, mobile UX, and deployment health."
medium line 11

Webhook reference - potential data exfiltration

SourceSKILL.md
11tags: [security, audit, production, vibe-coding, rls, webhook, stripe, supabase, mobile]
medium line 21

Webhook reference - potential data exfiltration

SourceSKILL.md
21A skill that runs an external audit on a shipped repo's deployed state — live URL, GitHub signals, secrets exposure, RLS gaps, webhook idempotency, indexes, observability, prompt injection, and ten ot
low line 90

Webhook reference - potential data exfiltration

SourceSKILL.md
90↓ [Infrastructure] webhook handler at api/stripe.ts — signature verified, but no
low line 93

Webhook reference - potential data exfiltration

SourceSKILL.md
93Want me to fix the webhook idempotency gap first?
medium line 146

Webhook reference - potential data exfiltration

SourceSKILL.md
146User: "show me where the webhook idempotency gap is"
low line 25

External URL reference

SourceSKILL.md
25The skill wraps the [commit.show](https://commit.show) audit engine via the public CLI (`npx [email protected] audit . --json`). Stable JSON envelope (`schema_version: "1"`, additive-only). Writes a `
low line 175

External URL reference

SourceSKILL.md
175- The skill executes `npx [email protected] audit ...`, which downloads and runs that exact npm package version locally, then calls the public API at `https://api.commit.show` (proxied to Supabase Edg
low line 209

External URL reference

SourceSKILL.md
209- Public REST API: `https://api.commit.show/audit?repo=...&format=json`
low line 210

External URL reference

SourceSKILL.md
210- skills.sh listing: <https://skills.sh/commitshow/production-audit>
Scanned on May 15, 2026
View Security Dashboard
Installation guide →
GitHub Stars 37.6K
Rate this skill
Categorydevelopment
UpdatedMay 20, 2026
claudecursorcodexantigravitybackendapitestingsecurity-engineerdevops-srebackend-developerqa-engineerproduct-managergithubstripesupabasedevelopmentproduct
sickn33/antigravity-awesome-skills