audit-context-building
A structured analysis skill for the pre-audit phase of code review.
Setup & Installation
What This Skill Does
A structured analysis skill for the pre-audit phase of code review. It guides Claude through line-by-line function analysis, cross-boundary call tracing, and invariant mapping before any vulnerability hunting begins. The output is a stable, evidence-based mental model of how the system actually works.
Manual pre-audit context building is inconsistent and often skips helper functions or external call edge cases, which is exactly where assumptions propagate into bugs — this skill enforces a repeatable checklist that prevents that.
When to use it
- Mapping data flow across internal and external contract calls before starting a security audit
- Tracing state variable reads and writes across a multi-module codebase
- Documenting per-function preconditions and invariants for a DEX or lending protocol
- Building a trust boundary map showing which actors can reach which entrypoints
- Running a completeness check on function analysis to meet minimum invariant and assumption thresholds
Similar Skills
best-practices
A checklist of modern web development standards covering HTTPS, CSP headers, input sanitization, deprecated API avoidance, and HTML validity.
auth0-android
Adds authentication to native Android apps using the Auth0 SDK.
auth0-angular
Adds authentication to Angular apps using the @auth0/auth0-angular SDK.
auth0-aspnetcore-api
Adds JWT access token validation to ASP.