{"slug": "audit-checklists-for-ai-coding-agents-30-invariants-any-language", "title": "Audit checklists for AI coding agents – 30 invariants, any language", "summary": "Developer Dany Giguere released a language- and framework-agnostic audit checklist package for AI coding agents, containing 30 invariants covering security, correctness, and operability. The package works with tools like Claude Code, GitHub Copilot, and Cursor, and is designed to catch bugs that static-analysis scanners miss by reasoning about ownership, concurrency, and retries.", "body_md": "Language- and framework-agnostic audit checklists for AI coding agents — security, correctness, and operability. Works with Claude Code, GitHub Copilot, Cursor, Codex CLI, OpenCode, and any agent that can read files.\n\nEvery checklist is written as **invariants and detection smells**, not\nframework APIs, so the same content audits a Rails app, a Spring service,\nor an Express API — the agent supplies the framework-specific translation.\n\n`/audit`\n\non a 20-line money handler — six bugs a static-analysis scanner\ncan't see, because each takes reasoning about ownership, concurrency, and\nretries, not pattern-matching. Every one flagged, with severity and a fix.\n\n`AGENTS.md`\n\n— a one-page digest of all 30 invariants; copy its content into your project's`AGENTS.md`\n\nso every agent has it in context.`.agents/skills/audit/`\n\n— the router skill, with all 30 checklists and remediation patterns bundled under`references/`\n\n(four categories: access & data security, input/API, correctness, operability).`.agents/skills/audit-*`\n\n— thin per-topic wrapper skills so each checklist is individually invocable (`/audit-idor`\n\n,`/audit-injection`\n\n,`/audit-fix-authz`\n\n, …). Everything this package installs starts with`audit`\n\n, so it stays grouped among your other skills.\n\n`/audit`\n\nruns the full audit — it identifies what the code does and applies\nevery matching checklist below. Each topic is also individually invocable\n(click through to read the checklist itself).\n\nWorks with any language or framework.Each checklist names eight common ecosystems in its concept glossary (Rails, Laravel, Django, Spring, Node, Vapor, .NET, Go) — those are recognition shortcuts,nota support list. The invariants and detection smells are framework-free, so the audits apply equally to Phoenix, FastAPI, Ktor, or your in-house stack: the agent supplies the translation.\n\n| Audit | Checks for |\n|---|---|\n`/audit-authorization` |\n\n`/audit-authn-session`\n\n`/audit-idor`\n\n`/audit-data-exposure`\n\n`/audit-crypto`\n\n`/audit-output-encoding`\n\n`/audit-tenant-isolation`\n\n`/audit-csrf`\n\n`/audit-mass-assignment`\n\n| Audit | Checks for |\n|---|---|\n`/audit-injection` |\n\n`/audit-config`\n\n`/audit-secrets`\n\n`/audit-api-validation`\n\n`/audit-file-handling`\n\n`/audit-ssrf`\n\n`/audit-parser-differentials`\n\n| Audit | Checks for |\n|---|---|\n`/audit-atomicity` |\n\n`/audit-idempotency`\n\n`/audit-background-work`\n\n`/audit-state-management`\n\n`/audit-exception-handling`\n\n`/audit-discarded-async`\n\n`/audit-cardinality`\n\n| Audit | Checks for |\n|---|---|\n`/audit-nplus1` |\n\n`/audit-observability`\n\n`/audit-migration-safety`\n\n`/audit-resource-limits`\n\n`/audit-blocking-io-async`\n\n`/audit-schema-design`\n\n`/audit-statelessness`\n\n| Skill | Applies |\n|---|---|\n`/audit-fix-authz` |\n\n`/audit-fix-async`\n\n`/audit-fix-observability`\n\nCopy the `.agents`\n\nfolder into your project — that's the whole install\n(it's just markdown; nothing executes):\n\n```\ngit clone --depth 1 https://github.com/danygiguere/audit-skills /tmp/audit-skills && cp -R /tmp/audit-skills/.agents your-project/\n```\n\n**Cursor** can also install directly from the repo link, and if you use the\n[skills CLI](https://github.com/vercel-labs/skills):\n`npx skills add danygiguere/audit-skills --all`\n\n.\n\nThis repo's [ AGENTS.md](/danygiguere/audit-skills/blob/main/AGENTS.md) is the one-page digest of all 30\ninvariants. Copy its content into your project's\n\n`AGENTS.md`\n\n(append it if\nyou already have one — never replace yours): merged there, it gives every\nagent ambient awareness of the invariants on every prompt; without it, the\nskills only activate when triggered. Its routing table points at the\ninstalled skills folder.**Claude Code note:** Claude Code does not yet read `.agents/skills/`\n\n([anthropics/claude-code#31005](https://github.com/anthropics/claude-code/issues/31005)).\nBridge it with:\n\n```\nmkdir -p .claude && ln -s ../.agents/skills .claude/skills\necho '@AGENTS.md' > CLAUDE.md          # if you don't already have a CLAUDE.md\n```\n\nInstead of copying the skills into every project, you can clone\n`audit-skills`\n\nonce and drop your projects inside the `projects/`\n\nfolder —\nit is gitignored, so your code never shows up in `git status`\n\nand a\n`git pull`\n\n(or `git checkout vX.Y`\n\n) updates the skills without touching\nanything you put there.\n\n```\ngit clone https://github.com/danygiguere/audit-skills\n# drop any project you want to audit inside projects/\ncp -R /path/to/myproject audit-skills/projects/myproject\n```\n\nThen audit from inside this repo:\n\n```\n/audit projects/myproject\n```\n\nTo stay current: `git pull`\n\n— your projects are untouched.\n\nThis is useful when you want to audit a repo you don't own or don't want to modify, or when you'd rather maintain one central copy of the skills instead of one per project.\n\n**Automatic**— ask your agent to \"review this endpoint\" / \"audit this diff\"; the skills trigger on their descriptions.** By command**—`/audit`\n\nfor a full audit, or per topic:`/audit-idor`\n\n,`/audit-injection`\n\n,`/audit-atomicity`\n\n, … All of them audit your current diff by default; name a file, folder, or branch to audit something else.**By name**— \"run the idempotency checklist on this webhook handler\".** Fixes**— after findings are confirmed:`/audit-fix-authz`\n\n,`/audit-fix-async`\n\n,`/audit-fix-observability`\n\n(see \"How fixes work\").\n\nAudits and fixes are deliberately separate steps. `/audit`\n\nand the\n`audit-*`\n\nchecklists only **find and report** — they never change code.\nFixing happens when you ask for it: say \"fix those\" after a report, or run\nan `audit-fix-*`\n\ncommand.\n\nEvery finding has a fix available; what differs is where it lives:\n\n**Most topics — the fix is in the checklist itself.** Each checklist's\n`Example`\n\nsection shows the vulnerable shape next to the fixed shape. For\ntopics like injection, secrets, output encoding, or N+1 queries, the fix is\nmechanical and has one right answer (parameterize the query, move the secret\nto the environment, bulk-load before the loop). When you say \"fix it\", the\nagent applies that fixed shape — no extra command needed.\n\n**Eight topics — the fix is an architectural choice.** Some findings have\nseveral valid fixes with real trade-offs (an idempotency bug: dedupe table,\nidempotency key, UPSERT, or an absolute-state write?). Those topics point to\na remediation playbook that walks the agent through choosing:\n\n| Findings from | Playbook | Command |\n|---|---|---|\n| authorization, IDOR, tenant isolation | `remediation/authz-patterns.md` |\n`/audit-fix-authz` |\n| atomicity, idempotency, background work, state management | `remediation/async-patterns.md` |\n`/audit-fix-async` |\n| observability | `remediation/observability-patterns.md` |\n`/audit-fix-observability` |\n\nEither way, the flow is the same: **audit → confirmed findings → ask for the\nfix.** Fixes follow the same rules everywhere: the smallest change that\nrestores the invariant, matching the surrounding code style, with a test\ndemonstrating the fix — and never mixed with unrelated refactoring.\n\nThe canonical version lives in [ VERSION](/danygiguere/audit-skills/blob/main/VERSION). It is stamped into the\ntwo artifacts that travel into your project: the\n\n`audit`\n\nskill (a `version:`\n\nfield in its frontmatter plus a source footer) and the `AGENTS.md`\n\ndigest\n(footer). Installed copies therefore always say what version they are and\nwhere they come from — compare your stamp against this repo's `VERSION`\n\nto\nknow whether you're outdated. (No need to copy `VERSION`\n\ninto your\nproject — the stamps travel with the artifacts.) Your agent can do it for you: \"check whether\nmy audit-skills are up to date\" gives it everything it needs.", "url": "https://wpnews.pro/news/audit-checklists-for-ai-coding-agents-30-invariants-any-language", "canonical_source": "https://github.com/danygiguere/audit-skills", "published_at": "2026-06-14 19:02:17+00:00", "updated_at": "2026-06-14 19:11:28.807801+00:00", "lang": "en", "topics": ["ai-tools", "ai-safety", "developer-tools", "ai-agents"], "entities": ["Dany Giguere", "Claude Code", "GitHub Copilot", "Cursor", "Codex CLI", "OpenCode", "Vercel", "Anthropic"], "alternates": {"html": "https://wpnews.pro/news/audit-checklists-for-ai-coding-agents-30-invariants-any-language", "markdown": "https://wpnews.pro/news/audit-checklists-for-ai-coding-agents-30-invariants-any-language.md", "text": "https://wpnews.pro/news/audit-checklists-for-ai-coding-agents-30-invariants-any-language.txt", "jsonld": "https://wpnews.pro/news/audit-checklists-for-ai-coding-agents-30-invariants-any-language.jsonld"}}