claude-code-templates / production-code-audit

The skill is presented as an 'audit' tool but its primary instructions are to 'fix everything automatically' and 'transform' the codebase. This mismatch between the stated purpose and the actual behavior (unsupervised code modification) is a red flag for malicious intent.

mediumcli-tool/components/skills/development/production-code-audit:3

The skill uses authoritative language ('corporate-level', 'enterprise-grade') to coerce the user or the agent into accepting highly invasive automated changes without the standard manual review process required for production code.

mediumcli-tool/components/skills/development/production-code-audit:10

The skill mandates a recursive scan of every file in the project. This provides the agent with access to sensitive data such as .env files, SSH keys, and configuration secrets, which is unnecessary for many 'audit' tasks and poses a significant security risk.

highcli-tool/components/skills/development/production-code-audit:28

The instruction to automatically add logging, monitoring, and error tracking services is a common vector for data exfiltration. An agent could be directed to send sensitive project data or discovered secrets to an external, attacker-controlled endpoint under the guise of 'production readiness'.

highcli-tool/components/skills/development/production-code-audit:103

The skill explicitly instructs the agent to perform invasive operations like reading all files and modifying code 'automatically without asking the user'. This is a semantic injection designed to bypass the agent's safety guardrails and user oversight.

criticalcli-tool/components/skills/development/production-code-audit:35