{"id":"87317e43-db45-470a-9cce-7f75d4b7f960","shortId":"jkHbt8","kind":"skill","title":"Production Code Audit","tagline":"Antigravity Awesome Skills skill by Sickn33","description":"# Production Code Audit\n\n## Overview\n\nAutonomously analyze the entire codebase to understand its architecture, patterns, and purpose, then systematically transform it into production-grade, corporate-level professional code. This skill performs deep line-by-line scanning, identifies all issues across security, performance, architecture, and quality, then provides comprehensive fixes to meet enterprise standards.\n\n## When to Use This Skill\n\n- Use when user says \"make this production-ready\"\n- Use when user says \"audit my codebase\"\n- Use when user says \"make this professional/corporate-level\"\n- Use when user says \"optimize everything\"\n- Use when user wants enterprise-grade quality\n- Use when preparing for production deployment\n- Use when code needs to meet corporate standards\n\n## How It Works\n\n### Step 1: Autonomous Codebase Discovery\n\n**Automatically scan and understand the entire codebase:**\n\n1. **Read all files** - Scan every file in the project recursively\n2. **Identify tech stack** - Detect languages, frameworks, databases, tools\n3. **Understand architecture** - Map out structure, patterns, dependencies\n4. **Identify purpose** - Understand what the application does\n5. **Find entry points** - Locate main files, routes, controllers\n6. **Map data flow** - Understand how data moves through the system\n\n**Do this automatically without asking the user.**\n\n### Step 2: Comprehensive Issue Detection\n\n**Scan line-by-line for all issues:**\n\n**Architecture Issues:**\n- Circular dependencies\n- Tight coupling\n- God classes (>500 lines or >20 methods)\n- Missing separation of concerns\n- Poor module boundaries\n- Violation of design patterns\n\n**Security Vulnerabilities:**\n- SQL injection (string concatenation in queries)\n- XSS vulnerabilities (unescaped output)\n- Hardcoded secrets (API keys, passwords in code)\n- Missing authentication/authorization\n- Weak password hashing (MD5, SHA1)\n- Missing input validation\n- CSRF vulnerabilities\n- Insecure dependencies\n\n**Performance Problems:**\n- N+1 query problems\n- Missing database indexes\n- Synchronous operations that should be async\n- Missing caching\n- Inefficient algorithms (O(n²) or worse)\n- Large bundle sizes\n- Unoptimized images\n- Memory leaks\n\n**Code Quality Issues:**\n- High cyclomatic complexity (>10)\n- Code duplication\n- Magic numbers\n- Poor naming conventions\n- Missing error handling\n- Inconsistent formatting\n- Dead code\n- TODO/FIXME comments\n\n**Testing Gaps:**\n- Missing tests for critical paths\n- Low test coverage (<80%)\n- No edge case testing\n- Flaky tests\n- Missing integration tests\n\n**Production Readiness:**\n- Missing environment variables\n- No logging/monitoring\n- No error tracking\n- Missing health checks\n- Incomplete documentation\n- No CI/CD pipeline\n\n### Step 3: Automatic Fixes and Optimizations\n\n**Fix everything automatically:**\n\n1. **Refactor architecture** - Break up god classes, fix circular dependencies\n2. **Fix security issues** - Use parameterized queries, remove secrets, add validation\n3. **Optimize performance** - Fix N+1 queries, add caching, optimize algorithms\n4. **Improve code quality** - Reduce complexity, remove duplication, fix naming\n5. **Add missing tests** - Write tests for untested critical paths\n6. **Add production infrastructure** - Logging, monitoring, health checks\n7. **Optimize everything** - Bundle size, images, database queries\n8. **Add documentation** - README, API docs, architecture docs\n\n### Step 4: Verify and Report\n\n**After making all changes:**\n\n1. Run all tests to ensure nothing broke\n2. Verify all security issues are fixed\n3. Measure performance improvements\n4. Generate comprehensive report\n5. Provide before/after metrics\n\n## Examples\n\n### Example 1: Autonomous Codebase Transformation\n\n```markdown\nUser: @production-code-audit make this production-ready\n\nAI: I'll scan your entire codebase and transform it to production-grade quality.\n\n**Phase 1: Discovering Codebase** (analyzing 247 files)\n- Detected: Node.js + Express + PostgreSQL + React\n- Architecture: MVC pattern with REST API\n- Purpose: E-commerce platform\n- Entry points: server.js, src/index.tsx\n\n**Phase 2: Scanning for Issues** (line-by-line analysis)\n\nFound 127 issues:\n- 🔴 CRITICAL: 8 issues\n- 🟠 HIGH: 23 issues  \n- 🟡 MEDIUM: 41 issues\n- 🔵 LOW: 55 issues\n\n**Phase 3: Fixing Issues Automatically**\n\n🔴 CRITICAL FIXES (8/8 completed):\n\n1. ✅ Fixed SQL injection in UserRepository.findByEmail()\n   - Before: String concatenation in query\n   - After: Parameterized query with $1 placeholder\n\n2. ✅ Removed hardcoded database password from config/database.ts\n   - Before: password: 'SuperSecret123!'\n   - After: password: process.env.DB_PASSWORD\n\n3. ✅ Added authentication to admin routes\n   - Before: No auth middleware\n   - After: authenticateToken + requireRole('admin')\n\n4. ✅ Fixed weak password hashing (MD5 → bcrypt)\n   - Before: crypto.createHash('md5')\n   - After: bcrypt.hash(password, 12)\n\n5. ✅ Fixed circular dependency: OrderService ↔ PaymentService\n   - Before: Direct imports causing cycle\n   - After: Event-based decoupling with EventBus\n\n6. ✅ Added input validation to all API endpoints\n   - Before: No validation\n   - After: Zod schemas validating all inputs\n\n7. ✅ Fixed authentication bypass in auth middleware\n   - Before: next() called on missing token\n   - After: Returns 401 error\n\n8. ✅ Fixed mass assignment vulnerability in UserController\n   - Before: Accepts all fields from req.body\n   - After: Whitelist of allowed fields only\n\n🟠 HIGH PRIORITY FIXES (23/23 completed):\n\n9. ✅ Fixed N+1 query in OrderService.getOrdersWithItems()\n   - Before: Loop with individual queries (2.8s)\n   - After: Single query with joins (45ms)\n   - Performance: 98% improvement\n\n10. ✅ Refactored UserService god class (850 lines → 4 focused services)\n    - UserAuthenticationService (login, logout, password)\n    - UserProfileService (CRUD operations)\n    - UserNotificationService (email, SMS)\n    - UserPermissionService (roles, permissions)\n\n11. ✅ Added Redis caching for product queries\n    - Before: Database query every request\n    - After: Cache with 1-hour TTL\n    - Performance: 95% faster\n\n12. ✅ Optimized bundle size\n    - Before: 850KB (gzipped: 280KB)\n    - After: 380KB (gzipped: 120KB)\n    - Improvement: 55% reduction\n\n13. ✅ Added database indexes\n    - orders(user_id, status, created_at)\n    - products(category, price)\n    - Query performance: 98% improvement\n\n[... 11 more high-priority fixes ...]\n\n🟡 MEDIUM PRIORITY FIXES (41/41 completed):\n[... all medium fixes ...]\n\n🔵 LOW PRIORITY IMPROVEMENTS (55/55 completed):\n[... all low improvements ...]\n\n**Phase 4: Adding Production Infrastructure**\n\n✅ Added structured logging (Winston)\n✅ Added error tracking (Sentry)\n✅ Added health check endpoints (/health, /ready)\n✅ Added monitoring (Prometheus metrics)\n✅ Added rate limiting (Redis-based)\n✅ Added API documentation (Swagger/OpenAPI)\n✅ Added comprehensive README\n✅ Added deployment guide\n✅ Added CI/CD pipeline (.github/workflows)\n\n**Phase 5: Verification**\n\n✅ All tests passing (1,247 tests)\n✅ Test coverage: 42% → 87%\n✅ Security scan: 0 vulnerabilities\n✅ Performance: API response time 3.2s → 180ms\n✅ Bundle size: 850KB → 380KB\n✅ Lighthouse score: 62 → 94\n\n**TRANSFORMATION COMPLETE**\n\nYour codebase is now production-ready with enterprise-grade quality:\n\n📊 Metrics:\n- Issues fixed: 127/127 (100%)\n- Test coverage: 87% (target: 80%+)\n- API performance: 94% improvement\n- Security: OWASP Top 10 compliant\n- Code quality: Grade A-\n\n📁 Files changed: 89 files\n📝 Lines changed: +3,247 / -1,892\n\n🚀 Ready for production deployment!\n```\n\n### Example 2: Automatic Security Hardening\n\n```markdown\nUser: @production-code-audit secure this codebase\n\nAI: Scanning for security vulnerabilities...\n\n**Security Scan Complete**\n\nFound 15 security issues:\n- 🔴 CRITICAL: 5\n- 🟠 HIGH: 7\n- 🟡 MEDIUM: 3\n\n**Fixing all security issues automatically...**\n\n🔴 CRITICAL (5/5 fixed):\n\n1. ✅ SQL Injection in UserRepository\n\\`\\`\\`typescript\n// Before (VULNERABLE)\nconst query = \\`SELECT * FROM users WHERE email = '\\${email}'\\`;\n\n// After (SECURE)\nconst query = 'SELECT * FROM users WHERE email = $1';\nawait db.query(query, [email]);\n\\`\\`\\`\n\n2. ✅ Hardcoded Secrets Removed\n\\`\\`\\`typescript\n// Before (INSECURE)\nconst JWT_SECRET = 'my-secret-key-123';\n\n// After (SECURE)\nconst JWT_SECRET = process.env.JWT_SECRET;\nif (!JWT_SECRET) throw new Error('JWT_SECRET required');\n\\`\\`\\`\n\n3. ✅ Authentication Added to Admin Routes\n\\`\\`\\`typescript\n// Before (VULNERABLE)\nrouter.delete('/api/admin/users/:id', deleteUser);\n\n// After (SECURE)\nrouter.delete('/api/admin/users/:id',\n  authenticateToken,\n  requireRole('admin'),\n  deleteUser\n);\n\\`\\`\\`\n\n4. ✅ Password Hashing Upgraded\n\\`\\`\\`typescript\n// Before (WEAK)\nconst hash = crypto.createHash('md5').update(password).digest('hex');\n\n// After (STRONG)\nconst hash = await bcrypt.hash(password, 12);\n\\`\\`\\`\n\n5. ✅ Input Validation Added\n\\`\\`\\`typescript\n// Before (VULNERABLE)\nconst user = await db.user.create({ data: req.body });\n\n// After (SECURE)\nconst schema = z.object({\n  email: z.string().email(),\n  password: z.string().min(12),\n  name: z.string().min(2).max(100)\n});\nconst validated = schema.parse(req.body);\nconst user = await db.user.create({ data: validated });\n\\`\\`\\`\n\n**Security Status:**\n- ✅ OWASP Top 10: Compliant\n- ✅ SQL Injection: Protected\n- ✅ XSS: Protected\n- ✅ CSRF: Protected\n- ✅ Authentication: Secure\n- ✅ Secrets: Environment variables\n- ✅ Dependencies: No vulnerabilities\n\n🔒 Codebase is now secure and production-ready!\n```\n\n### Example 3: Performance Optimization\n\n```markdown\nUser: @production-code-audit optimize performance\n\nAI: Analyzing performance bottlenecks...\n\n**Performance Analysis Complete**\n\nCurrent metrics:\n- API response time: 3.2s (target: <200ms)\n- Page load time: 8.5s (target: <2s)\n- Bundle size: 850KB (target: <200KB)\n\n**Optimizing automatically...**\n\n✅ Fixed N+1 queries (3.2s → 180ms - 94% faster)\n✅ Added Redis caching (95% cache hit rate)\n✅ Optimized database indexes (98% faster queries)\n✅ Reduced bundle size (850KB → 380KB - 55% smaller)\n✅ Optimized images (28MB → 3.2MB - 89% smaller)\n✅ Implemented code splitting\n✅ Added lazy loading\n✅ Parallelized async operations\n\n**Performance Results:**\n\n| Metric | Before | After | Improvement |\n|--------|--------|-------|-------------|\n| API Response | 3.2s | 180ms | 94% |\n| Page Load | 8.5s | 1.8s | 79% |\n| Bundle Size | 850KB | 380KB | 55% |\n| Image Size | 28MB | 3.2MB | 89% |\n| Lighthouse | 42 | 94 | +52 points |\n\n🚀 Performance optimized to production standards!\n```\n\n## Best Practices\n\n### ✅ Do This\n\n- **Scan Everything** - Read all files, understand entire codebase\n- **Fix Automatically** - Don't just report, actually fix issues\n- **Prioritize Critical** - Security and data loss issues first\n- **Measure Impact** - Show before/after metrics\n- **Verify Changes** - Run tests after making changes\n- **Be Comprehensive** - Cover architecture, security, performance, testing\n- **Optimize Everything** - Bundle size, queries, algorithms, images\n- **Add Infrastructure** - Logging, monitoring, error tracking\n- **Document Changes** - Explain what was fixed and why\n\n### ❌ Don't Do This\n\n- **Don't Ask Questions** - Understand the codebase autonomously\n- **Don't Wait for Instructions** - Scan and fix automatically\n- **Don't Report Only** - Actually make the fixes\n- **Don't Skip Files** - Scan every file in the project\n- **Don't Ignore Context** - Understand what the code does\n- **Don't Break Things** - Verify tests pass after changes\n- **Don't Be Partial** - Fix all issues, not just some\n\n## Autonomous Scanning Instructions\n\n**When this skill is invoked, automatically:**\n\n1. **Discover the codebase:**\n   - Use `listDirectory` to find all files recursively\n   - Use `readFile` to read every source file\n   - Identify tech stack from package.json, requirements.txt, etc.\n   - Map out architecture and structure\n\n2. **Scan line-by-line for issues:**\n   - Check every line for security vulnerabilities\n   - Identify performance bottlenecks\n   - Find code quality issues\n   - Detect architectural problems\n   - Find missing tests\n\n3. **Fix everything automatically:**\n   - Use `strReplace` to fix issues in files\n   - Add missing files (tests, configs, docs)\n   - Refactor problematic code\n   - Add production infrastructure\n   - Optimize performance\n\n4. **Verify and report:**\n   - Run tests to ensure nothing broke\n   - Measure improvements\n   - Generate comprehensive report\n   - Show before/after metrics\n\n**Do all of this without asking the user for input.**\n\n## Common Pitfalls\n\n### Problem: Too Many Issues\n**Symptoms:** Team paralyzed by 200+ issues\n**Solution:** Focus on critical/high priority only, create sprints\n\n### Problem: False Positives\n**Symptoms:** Flagging non-issues\n**Solution:** Understand context, verify manually, ask developers\n\n### Problem: No Follow-Up\n**Symptoms:** Audit report ignored\n**Solution:** Create GitHub issues, assign owners, track in standups\n\n## Production Audit Checklist\n\n### Security\n- [ ] No SQL injection vulnerabilities\n- [ ] No hardcoded secrets\n- [ ] Authentication on protected routes\n- [ ] Authorization checks implemented\n- [ ] Input validation on all endpoints\n- [ ] Password hashing with bcrypt (10+ rounds)\n- [ ] HTTPS enforced\n- [ ] Dependencies have no vulnerabilities\n\n### Performance\n- [ ] No N+1 query problems\n- [ ] Database indexes on foreign keys\n- [ ] Caching implemented\n- [ ] API response time < 200ms\n- [ ] Bundle size < 200KB (gzipped)\n\n### Testing\n- [ ] Test coverage > 80%\n- [ ] Critical paths tested\n- [ ] Edge cases covered\n- [ ] No flaky tests\n- [ ] Tests run in CI/CD\n\n### Production Readiness\n- [ ] Environment variables configured\n- [ ] Error tracking setup (Sentry)\n- [ ] Structured logging implemented\n- [ ] Health check endpoints\n- [ ] Monitoring and alerting\n- [ ] Documentation complete\n\n## Audit Report Template\n\n```markdown\n# Production Audit Report\n\n**Project:** [Name]\n**Date:** [Date]\n**Overall Grade:** [A-F]\n\n## Executive Summary\n[2-3 sentences on overall status]\n\n**Critical Issues:** [count]\n**High Priority:** [count]\n**Recommendation:** [Fix timeline]\n\n## Findings by Category\n\n### Architecture (Grade: [A-F])\n- Issue 1: [Description]\n- Issue 2: [Description]\n\n### Security (Grade: [A-F])\n- Issue 1: [Description + Fix]\n- Issue 2: [Description + Fix]\n\n### Performance (Grade: [A-F])\n- Issue 1: [Description + Fix]\n\n### Testing (Grade: [A-F])\n- Coverage: [%]\n- Issues: [List]\n\n## Priority Actions\n1. [Critical issue] - [Timeline]\n2. [High priority] - [Timeline]\n3. [High priority] - [Timeline]\n\n## Timeline\n- Critical fixes: [X weeks]\n- High priority: [X weeks]\n- Production ready: [X weeks]\n```\n\n## Related Skills\n\n- `@code-review-checklist` - Code review guidelines\n- `@api-security-best-practices` - API security patterns\n- `@web-performance-optimization` - Performance optimization\n- `@systematic-debugging` - Debug production issues\n- `@senior-architect` - Architecture patterns\n\n## Additional Resources\n\n- [OWASP Top 10](https://owasp.org/www-project-top-ten/)\n- [Google Engineering Practices](https://google.github.io/eng-practices/)\n- [SonarQube Quality Gates](https://docs.sonarqube.org/latest/user-guide/quality-gates/)\n- [Clean Code by Robert C. Martin](https://www.amazon.com/Clean-Code-Handbook-Software-Craftsmanship/dp/0132350882)\n\n---\n\n**Pro Tip:** Schedule regular audits (quarterly) to maintain code quality. Prevention is cheaper than fixing production bugs!\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["production","code","audit","antigravity","awesome","skills","sickn33"],"capabilities":["skill","source-sickn33","category-antigravity-awesome-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/production-code-audit","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"install_from":"skills.sh"}},"qualityScore":"0.300","qualityRationale":"deterministic score 0.30 from registry signals: · indexed on skills.sh · published under sickn33/antigravity-awesome-skills","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill:v1","enrichmentVersion":1,"enrichedAt":"2026-04-25T09:40:47.184Z","embedding":null,"createdAt":"2026-04-18T20:37:45.280Z","updatedAt":"2026-04-25T09:40:47.184Z","lastSeenAt":"2026-04-25T09:40:47.184Z","tsv":"'+1':272,395,712,1216,1645 '+3':948 '+52':1292 '-1':950 '-3':1719 '/api/admin/users':1067,1073 '/clean-code-handbook-software-craftsmanship/dp/0132350882)':1866 '/eng-practices/)':1851 '/health':847 '/latest/user-guide/quality-gates/)':1857 '/ready':848 '/www-project-top-ten/)':1845 '0':888 '1':125,136,369,454,483,514,574,589,770,879,996,1021,1444,1742,1753,1766,1779 '1.8':1275 '10':305,732,936,1147,1634,1842 '100':923,1132 '11':755,808 '12':632,776,1101,1126 '120kb':787 '123':1040 '127':551 '127/127':922 '13':791 '15':979 '180ms':896,1220,1269 '2':147,200,379,462,541,591,957,1026,1130,1474,1718,1745,1757,1783 '2.8':721 '20':223 '200':1564 '200kb':1211,1661 '200ms':1199,1658 '23':557 '23/23':707 '247':518,880,949 '280kb':783 '28mb':1245,1285 '2s':1206 '3':156,361,390,469,566,605,987,1057,1173,1501,1787 '3.2':894,1196,1218,1246,1267,1286 '380kb':785,900,1240,1281 '4':164,401,446,473,619,739,831,1079,1526 '401':683 '41':560 '41/41':817 '42':884,1290 '45ms':728 '5':172,411,477,633,874,983,1102 '5/5':994 '500':220 '55':563,789,1241,1282 '55/55':825 '6':181,421,651 '62':903 '7':429,668,985 '79':1277 '8':437,554,685 '8.5':1203,1273 '8/8':572 '80':332,928,1666 '850':737 '850kb':781,899,1209,1239,1280 '87':885,926 '89':944,1248,1288 '892':951 '9':709 '94':904,931,1221,1270,1291 '95':774,1226 '98':730,806,1233 'a-f':1713,1738,1749,1762,1771 'accept':693 'across':51 'action':1778 'actual':1317,1393 'ad':606,652,756,792,832,835,839,843,849,853,859,863,866,869,1059,1105,1223,1253 'add':388,397,412,422,438,1354,1512,1521 'addit':1838 'admin':609,618,1061,1077 'ai':498,970,1184 'alert':1697 'algorithm':287,400,1352 'allow':701 'analysi':549,1189 'analyz':15,517,1185 'antigrav':4 'api':250,441,530,657,860,891,929,1193,1265,1655,1814,1818 'api-security-best-practic':1813 'applic':170 'architect':1835 'architectur':22,54,158,212,371,443,525,1343,1471,1496,1736,1836 'ask':196,1374,1549,1587,1917 'assign':688,1602 'async':283,1257 'audit':3,12,83,492,966,1181,1595,1608,1700,1705,1871 'auth':613,673 'authent':607,670,1058,1156,1618 'authenticatetoken':616,1075 'authentication/authorization':256 'author':1622 'automat':129,194,362,368,569,958,992,1213,1312,1388,1443,1504 'autonom':14,126,484,1379,1435 'await':1022,1098,1111,1139 'awesom':5 'base':647,858 'bcrypt':625,1633 'bcrypt.hash':630,1099 'before/after':479,1331,1542 'best':1299,1816 'bottleneck':1187,1490 'boundari':231,1925 'break':372,1418 'broke':461,1535 'bug':1883 'bundl':293,432,778,897,1207,1237,1278,1349,1659 'bypass':671 'c':1862 'cach':285,398,758,768,1225,1227,1653 'call':677 'case':335,1671 'categori':802,1735 'category-antigravity-awesome-skills' 'caus':642 'chang':453,943,947,1334,1339,1361,1424 'cheaper':1879 'check':354,428,845,1482,1623,1693 'checklist':1609,1809 'ci/cd':358,870,1679 'circular':214,377,635 'clarif':1919 'class':219,375,736 'clean':1858 'clear':1892 'code':2,11,38,115,254,299,306,319,403,491,938,965,1180,1251,1414,1492,1520,1807,1810,1859,1875 'code-review-checklist':1806 'codebas':18,85,127,135,485,504,516,908,969,1164,1310,1378,1447 'comment':321 'commerc':534 'common':1554 'complet':573,708,818,826,906,977,1190,1699 'complex':304,406 'compliant':937,1148 'comprehens':59,201,475,864,1341,1539 'concaten':241,582 'concern':228 'config':1516 'config/database.ts':597 'configur':1684 'const':1004,1014,1033,1043,1086,1096,1109,1117,1133,1137 'context':1410,1584 'control':180 'convent':312 'corpor':35,119 'corporate-level':34 'count':1726,1729 'coupl':217 'cover':1342,1672 'coverag':331,883,925,1665,1774 'creat':799,1572,1599 'criteria':1928 'critic':327,419,553,570,982,993,1321,1667,1724,1780,1792 'critical/high':1569 'crud':747 'crypto.createhash':627,1088 'csrf':265,1154 'current':1191 'cycl':643 'cyclomat':303 'data':183,187,1113,1141,1324 'databas':154,276,435,594,763,793,1231,1648 'date':1709,1710 'db.query':1023 'db.user.create':1112,1140 'dead':318 'debug':1829,1830 'decoupl':648 'deep':42 'deleteus':1069,1078 'depend':163,215,268,378,636,1161,1638 'deploy':112,867,955 'describ':1896 'descript':1743,1746,1754,1758,1767 'design':234 'detect':151,203,520,1495 'develop':1588 'digest':1092 'direct':640 'discov':515,1445 'discoveri':128 'doc':442,444,1517 'docs.sonarqube.org':1856 'docs.sonarqube.org/latest/user-guide/quality-gates/)':1855 'document':356,439,861,1360,1698 'duplic':307,408 'e':533 'e-commerc':532 'edg':334,1670 'email':750,1010,1011,1020,1025,1120,1122 'endpoint':658,846,1629,1694 'enforc':1637 'engin':1847 'ensur':459,1533 'enterpris':63,104,916 'enterprise-grad':103,915 'entir':17,134,503,1309 'entri':174,536 'environ':345,1159,1682,1908 'environment-specif':1907 'error':314,350,684,840,1053,1358,1685 'etc':1468 'event':646 'event-bas':645 'eventbus':650 'everi':141,765,1402,1459,1483 'everyth':98,367,431,1304,1348,1503 'exampl':481,482,956,1172 'execut':1716 'expert':1913 'explain':1362 'express':522 'f':1715,1740,1751,1764,1773 'fals':1575 'faster':775,1222,1234 'field':695,702 'file':139,142,178,519,942,945,1307,1400,1403,1453,1461,1511,1514 'find':173,1451,1491,1498,1733 'first':1327 'fix':60,363,366,376,380,393,409,468,567,571,575,620,634,669,686,706,710,813,816,821,921,988,995,1214,1311,1318,1365,1387,1396,1429,1502,1508,1731,1755,1759,1768,1793,1881 'flag':1578 'flaki':337,1674 'flow':184 'focus':740,1567 'follow':1592 'follow-up':1591 'foreign':1651 'format':317 'found':550,978 'framework':153 'gap':323 'gate':1854 'generat':474,1538 'github':1600 'github/workflows':872 'god':218,374,735 'googl':1846 'google.github.io':1850 'google.github.io/eng-practices/)':1849 'grade':33,105,511,917,940,1712,1737,1748,1761,1770 'guid':868 'guidelin':1812 'gzip':782,786,1662 'handl':315 'hardcod':248,593,1027,1616 'harden':960 'hash':259,623,1081,1087,1097,1631 'health':353,427,844,1692 'hex':1093 'high':302,556,704,811,984,1727,1784,1788,1796 'high-prior':810 'hit':1228 'hour':771 'https':1636 'id':797,1068,1074 'identifi':48,148,165,1462,1488 'ignor':1409,1597 'imag':296,434,1244,1283,1353 'impact':1329 'implement':1250,1624,1654,1691 'import':641 'improv':402,472,731,788,807,824,829,932,1264,1537 'incomplet':355 'inconsist':316 'index':277,794,1232,1649 'individu':719 'ineffici':286 'infrastructur':424,834,1355,1523 'inject':239,577,998,1150,1613 'input':263,653,667,1103,1553,1625,1922 'insecur':267,1032 'instruct':1384,1437 'integr':340 'invok':1442 'issu':50,202,211,213,301,382,466,544,552,555,558,561,564,568,920,981,991,1319,1326,1431,1481,1494,1509,1559,1565,1581,1601,1725,1741,1744,1752,1756,1765,1775,1781,1832 'join':727 'jwt':1034,1044,1049,1054 'key':251,1039,1652 'languag':152 'larg':292 'lazi':1254 'leak':298 'level':36 'lighthous':901,1289 'limit':855,1884 'line':44,46,206,208,221,546,548,738,946,1477,1479,1484 'line-by-lin':43,205,545,1476 'list':1776 'listdirectori':1449 'll':500 'load':1201,1255,1272 'locat':176 'log':425,837,1356,1690 'logging/monitoring':348 'login':743 'logout':744 'loop':717 'loss':1325 'low':329,562,822,828 'magic':308 'main':177 'maintain':1874 'make':74,90,451,493,1338,1394 'mani':1558 'manual':1586 'map':159,182,1469 'markdown':487,961,1176,1703 'martin':1863 'mass':687 'match':1893 'max':1131 'mb':1247,1287 'md5':260,624,628,1089 'measur':470,1328,1536 'medium':559,814,820,986 'meet':62,118 'memori':297 'method':224 'metric':480,852,919,1192,1261,1332,1543 'middlewar':614,674 'min':1125,1129 'miss':225,255,262,275,284,313,324,339,344,352,413,679,1499,1513,1930 'modul':230 'monitor':426,850,1357,1695 'move':188 'mvc':526 'my-secret-key':1036 'n':271,289,394,711,1215,1644 'name':311,410,1127,1708 'need':116 'new':1052 'next':676 'node.js':521 'non':1580 'non-issu':1579 'noth':460,1534 'number':309 'o':288 'oper':279,748,1258 'optim':97,365,391,399,430,777,1175,1182,1212,1230,1243,1295,1347,1524,1824,1826 'order':795 'orderservic':637 'orderservice.getorderswithitems':715 'output':247,1902 'overal':1711,1722 'overview':13 'owasp':934,1145,1840 'owasp.org':1844 'owasp.org/www-project-top-ten/)':1843 'owner':1603 'package.json':1466 'page':1200,1271 'parallel':1256 'paralyz':1562 'parameter':384,586 'partial':1428 'pass':878,1422 'password':252,258,595,599,602,604,622,631,745,1080,1091,1100,1123,1630 'path':328,420,1668 'pattern':23,162,235,527,1820,1837 'paymentservic':638 'perform':41,53,269,392,471,729,773,805,890,930,1174,1183,1186,1188,1259,1294,1345,1489,1525,1642,1760,1823,1825 'permiss':754,1923 'phase':513,540,565,830,873 'pipelin':359,871 'pitfal':1555 'placehold':590 'platform':535 'point':175,537,1293 'poor':229,310 'posit':1576 'postgresql':523 'practic':1300,1817,1848 'prepar':109 'prevent':1877 'price':803 'priorit':1320 'prioriti':705,812,815,823,1570,1728,1777,1785,1789,1797 'pro':1867 'problem':270,274,1497,1556,1574,1589,1647 'problemat':1519 'process.env.db':603 'process.env.jwt':1046 'product':1,10,32,77,111,342,423,490,496,510,760,801,833,912,954,964,1170,1179,1297,1522,1607,1680,1704,1800,1831,1882 'production-code-audit':489,963,1178 'production-grad':31,509 'production-readi':76,495,911,1169 'profession':37 'professional/corporate-level':92 'project':145,1406,1707 'prometheus':851 'protect':1151,1153,1155,1620 'provid':58,478 'purpos':25,166,531 'qualiti':56,106,300,404,512,918,939,1493,1853,1876 'quarter':1872 'queri':243,273,385,396,436,584,587,713,720,725,761,764,804,1005,1015,1024,1217,1235,1351,1646 'question':1375 'rate':854,1229 'react':524 'read':137,1305,1458 'readfil':1456 'readi':78,343,497,913,952,1171,1681,1801 'readm':440,865 'recommend':1730 'recurs':146,1454 'redi':757,857,1224 'redis-bas':856 'reduc':405,1236 'reduct':790 'refactor':370,733,1518 'regular':1870 'relat':1804 'remov':386,407,592,1029 'report':449,476,1316,1391,1529,1540,1596,1701,1706 'req.body':697,1114,1136 'request':766 'requir':1056,1921 'requirements.txt':1467 'requirerol':617,1076 'resourc':1839 'respons':892,1194,1266,1656 'rest':529 'result':1260 'return':682 'review':1808,1811,1914 'robert':1861 'role':753 'round':1635 'rout':179,610,1062,1621 'router.delete':1066,1072 'run':455,1335,1530,1677 'safeti':1924 'say':73,82,89,96 'scan':47,130,140,204,501,542,887,971,976,1303,1385,1401,1436,1475 'schedul':1869 'schema':664,1118 'schema.parse':1135 'scope':1895 'score':902 'secret':249,387,1028,1035,1038,1045,1047,1050,1055,1158,1617 'secur':52,236,381,465,886,933,959,967,973,975,980,990,1013,1042,1071,1116,1143,1157,1167,1322,1344,1486,1610,1747,1815,1819 'select':1006,1016 'senior':1834 'senior-architect':1833 'sentenc':1720 'sentri':842,1688 'separ':226 'server.js':538 'servic':741 'setup':1687 'sha1':261 'show':1330,1541 'sickn33':9 'singl':724 'size':294,433,779,898,1208,1238,1279,1284,1350,1660 'skill':6,7,40,69,1440,1805,1887 'skip':1399 'smaller':1242,1249 'sms':751 'solut':1566,1582,1598 'sonarqub':1852 'sourc':1460 'source-sickn33' 'specif':1909 'split':1252 'sprint':1573 'sql':238,576,997,1149,1612 'src/index.tsx':539 'stack':150,1464 'standard':64,120,1298 'standup':1606 'status':798,1144,1723 'step':124,199,360,445 'stop':1915 'string':240,581 'strong':1095 'strreplac':1506 'structur':161,836,1473,1689 'substitut':1905 'success':1927 'summari':1717 'supersecret123':600 'swagger/openapi':862 'symptom':1560,1577,1594 'synchron':278 'system':191 'systemat':27,1828 'systematic-debug':1827 'target':927,1198,1205,1210 'task':1891 'team':1561 'tech':149,1463 'templat':1702 'test':322,325,330,336,338,341,414,416,457,877,881,882,924,1336,1346,1421,1500,1515,1531,1663,1664,1669,1675,1676,1769,1911 'thing':1419 'throw':1051 'tight':216 'time':893,1195,1202,1657 'timelin':1732,1782,1786,1790,1791 'tip':1868 'todo/fixme':320 'token':680 'tool':155 'top':935,1146,1841 'track':351,841,1359,1604,1686 'transform':28,486,506,905 'treat':1900 'ttl':772 'typescript':1001,1030,1063,1083,1106 'understand':20,132,157,167,185,1308,1376,1411,1583 'unescap':246 'unoptim':295 'untest':418 'updat':1090 'upgrad':1082 'use':67,70,79,86,93,99,107,113,383,1448,1455,1505,1885 'user':72,81,88,95,101,198,488,796,962,1008,1018,1110,1138,1177,1551 'userauthenticationservic':742 'usercontrol':691 'usernotificationservic':749 'userpermissionservic':752 'userprofileservic':746 'userrepositori':1000 'userrepository.findbyemail':579 'userservic':734 'valid':264,389,654,661,665,1104,1134,1142,1626,1910 'variabl':346,1160,1683 'verif':875 'verifi':447,463,1333,1420,1527,1585 'violat':232 'vulner':237,245,266,689,889,974,1003,1065,1108,1163,1487,1614,1641 'wait':1382 'want':102 'weak':257,621,1085 'web':1822 'web-performance-optim':1821 'week':1795,1799,1803 'whitelist':699 'winston':838 'without':195,1548 'work':123 'wors':291 'write':415 'www.amazon.com':1865 'www.amazon.com/clean-code-handbook-software-craftsmanship/dp/0132350882)':1864 'x':1794,1798,1802 'xss':244,1152 'z.object':1119 'z.string':1121,1124,1128 'zod':663","prices":[{"id":"a15f960c-9392-4a7a-ae88-36ba144ec220","listingId":"87317e43-db45-470a-9cce-7f75d4b7f960","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T20:37:45.280Z"}],"sources":[{"listingId":"87317e43-db45-470a-9cce-7f75d4b7f960","source":"github","sourceId":"sickn33/antigravity-awesome-skills/production-code-audit","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/production-code-audit","isPrimary":false,"firstSeenAt":"2026-04-18T21:42:47.784Z","lastSeenAt":"2026-04-25T06:51:46.038Z"},{"listingId":"87317e43-db45-470a-9cce-7f75d4b7f960","source":"skills_sh","sourceId":"sickn33/antigravity-awesome-skills/production-code-audit","sourceUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/production-code-audit","isPrimary":true,"firstSeenAt":"2026-04-18T20:37:45.280Z","lastSeenAt":"2026-04-25T09:40:47.184Z"}],"details":{"listingId":"87317e43-db45-470a-9cce-7f75d4b7f960","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"production-code-audit","source":"skills_sh","category":"antigravity-awesome-skills","skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/production-code-audit"},"updatedAt":"2026-04-25T09:40:47.184Z"}}