audit▌

Find bugs that static code reading misses: state interaction side effects, race conditions between sequential calls, and handlers that silently undo each other.

Comprehensive website auditing across 251 SEO, technical, performance, security, and AI readiness rules. \n \n Analyzes 20 categories including Core SEO, Performance, Links, Images, Security, JavaScript Rendering, Accessibility, Structured Data, and AI/GEO readiness with pass/warn/fail severity levels \n Returns LLM-optimized XML output (50-70% smaller than JSON) alongside console, JSON, HTML, and markdown formats for flexible reporting \n Supports single-page audits and multi-page crawls up to

If DataForSEO MCP tools are available, spawn the seo-dataforseo agent alongside existing subagents to enrich the audit with live data: real SERP positions, backlink profiles with spam scores, on-page analysis (Lighthouse), business listings, and AI visibility checks (ChatGPT scraper, LLM mentions).

Important: This skill assists with SOX compliance workflows but does not provide audit or legal advice. All testing workpapers and assessments should be reviewed by qualified financial professionals. While "significance" and "materiality" are context-specific concepts that are ultimately assessed by auditors, this skill is intended to assist professionals in the creation and evaluation of effective internal controls and documentation for audits.

Comprehensive guide to auditing web content against WCAG 2.2 guidelines with actionable remediation strategies.

Audit Google Drive files shared outside your organization and manage external access permissions. \n \n Requires the gws-drive skill to execute; queries Google Drive for files with external sharing enabled \n Three core operations: list externally shared files, review permissions on specific files, and revoke access when needed \n Includes a safety caution recommending confirmation with file owners before revoking permissions to prevent unintended access loss \n

$23

$21

Security audit patterns for authorization, data access, action isolation, rate limiting, and sensitive operations in Convex applications. \n \n Covers five core security areas: role-based access control with hierarchical permissions, data access boundaries with ownership verification, action isolation for external API calls, rate limiting with configurable windows, and two-factor confirmation for destructive operations \n Includes complete TypeScript examples for RBAC implementation, permission-

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.