Remote OpenClaw
Menu

audit-project

audit-project

developmentClaude Codeby agent-sh

Summary

Multi-agent iterative code review until zero issues remain

Install to Claude Code

/plugin install audit-project@audit-project

Run in Claude Code. Add the marketplace first with /plugin marketplace add agent-sh/audit-project if you haven't already.

README.md

audit-project

Multi-agent iterative code review that loops until zero issues remain.

Why

Manual code reviews miss things. Single-pass automated reviews find issues but leave fixing to you. audit-project runs up to 10 specialized review agents, fixes the issues it finds, re-reviews the fixes, and repeats until the codebase is clean - or you tell it to stop.

Use it when you want:

  • A thorough review before a release or major merge
  • Security-focused auditing of a specific area
  • Quick feedback on recent commits
  • Automated cleanup of accumulated code quality issues

Installation

agentsys install audit-project

Requires agentsys as the plugin runtime.

Quick Start

/audit-project              # Full iterative review of the entire project
/audit-project --quick      # Single pass, findings only, no fixes
/audit-project --recent     # Review last 5 commits only

How It Works

1. Context gathering - Detects project type, framework, languages, and infrastructure (DB, API, CI/CD, frontend/backend). 2. Agent selection - Activates 4 core agents plus up to 6 conditional agents based on what the project contains. 3. Multi-agent review - Each agent reviews only the files relevant to its domain and produces structured findings with file:line locations, severity, and suggested fixes. 4. Automated fixes - Applies fixes in severity order (critical first), batched by file. Rolls back any fix that breaks tests or build. 5. Re-review - Runs agents again on changed files. If new issues appear, fixes and re-reviews again. 6. Decision gate - After each iteration, reports remaining issues and asks whether to continue, create GitHub issues, update TECHNICAL_DEBT.md, or save the queue for later.

Review Agents

Always active:

| Agent | Focus | |-------|-------| | code-quality-reviewer | Error handling, maintainability, code patterns | | security-expert | Vulnerabilities, auth, input validation | | performance-engineer | Bottlenecks, algorithms, memory usage | | test-quality-guardian | Test coverage gaps, test quality |

Conditional (activated by project signals):

| Agent | Activated when | |-------|---------------| | architecture-reviewer | 50+ tracked files | | database-specialist | Sequelize, Prisma, or TypeORM detected | | api-designer | Express, Fastify, or NestJS detected | | frontend-specialist | .tsx, .jsx, .vue, or .svelte files present | | backend-specialist | Server framework detected | | devops-reviewer | CI/CD configuration files present |

Finding Format

Every finding includes file:line location, severity (critical/high/medium/low), a code quote, a suggested fix, and an effort estimate (small/medium/large).

Usage

/audit-project                      # Full iterative review
/audit-project src/api              # Review a specific path
/audit-project --domain security    # Run only the security-expert agent
/audit-project --quick              # Single pass, no fixes applied
/audit-project --recent             # Scope to last 5 commits
/audit-project --create-tech-debt   # Force TECHNICAL_DEBT.md creation
/audit-project --resume             # Resume from a saved review queue

Repo Intelligence

When agent-analyzer repo-intel data is available, audit-project uses test-gap signals to prioritize review. Files with high churn but no co-changing test file receive extra scrutiny.

Requirements

  • agentsys runtime
  • Git repository
  • Works with Claude Code, OpenCode, Codex, and Cursor

Related Plugins

  • enhance - Plugin structure and config analysis
  • perf - Dedicated performance investigation with profiling
  • repo-intel - Unified static analysis (git history, AST symbols, doc-code sync)
  • ship - PR workflow from commit to production

License

MIT

Related plugins

Browse all →

a2a-bridge

a2a-bridge

Bidirectional bridge between Claude Code and external AI coding agents. Exposes Claude Code as an A2A server (Gemini CLI, any A2A client) and as an ACP agent (OpenClaw, Zed, VS Code); routes outbound tool calls to Codex, OpenClaw, and Hermes adapters through a shared daemon with per-room task logs and verification-artifact support.

Open plugin →

adapty-sdk-integration

adapty

End-to-end Adapty SDK integration for mobile apps — dashboard setup, SDK install, paywall, and store configuration. Supports iOS, Android, Flutter, React Native, Unity, KMP, and Capacitor.

Open plugin →

advanced-kit

claudius-skills-marketplace

Enterprise-grade kit with 15 skills, 20 commands, 10 specialist agents for microservices, compliance, and platform engineering

Open plugin →

aeo-architecture

aeo-skill-marketplace

Design and documentation toolkit with agents for creating system architectures, C4 diagrams, ADRs, and conducting quality analysis

Open plugin →

aeo-claude

aeo-skill-marketplace

Claude development skills: Agent SDK reference, skill creation, slash command creation, Opus prompting, ultra validation workflows, team-coordinated planning, session retrospectives, and Cowork session migration/export utilities

Open plugin →

aeo-dev

aeo-skill-marketplace

Platform-specific development skills covering VS Code extension development (stable and Insiders), WSL remote workflows, TypeScript tooling, and developer environment configuration

Open plugin →

Browse

Plugins by category

Other2041development375productivity237communication49design47security46database40workflow30compliance28product24data22bundle21