devloop-audit
Audit devloop against Claude Code updates to identify integration opportunities. Use after Claude Code releases, monthly maintenance, or when exploring new features.
Best use case
devloop-audit is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Audit devloop against Claude Code updates to identify integration opportunities. Use after Claude Code releases, monthly maintenance, or when exploring new features.
Teams using devloop-audit should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/devloop-audit/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How devloop-audit Compares
| Feature / Agent | devloop-audit | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Audit devloop against Claude Code updates to identify integration opportunities. Use after Claude Code releases, monthly maintenance, or when exploring new features.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Devloop Audit
Audit devloop against Claude Code's evolving capabilities.
## When to Run
- After major Claude Code releases
- Monthly maintenance check
- When noticing new Claude Code features
## Audit Process
### Step 1: Gather Claude Code Information
1. **Fetch Release Notes**: https://code.claude.com/docs/en/changelog.md
2. **Review Key Docs**: Skills, Plugins, Hooks, Sub-agents at code.claude.com/docs/en/
### Step 2: Analyze Current devloop
```bash
ls plugins/devloop/agents/
ls plugins/devloop/skills/
```
### Step 3: Compare and Identify Gaps
| Category | Questions |
|----------|-----------|
| Overlap | Does native Claude Code now provide this? |
| Enhancement | Can new features improve this? |
| Deprecation | Are we using outdated patterns? |
| Missing | New capabilities to adopt? |
### Step 4: Generate Findings Report
**Priority Ranking:**
- **High**: Native feature replaces devloop, security issue, blocks users
- **Medium**: Partial overlap, improves UX, aligns with best practices
- **Low**: Minor improvement, nice-to-have
**Effort Estimation:**
- **Low**: <1 day, localized change
- **Medium**: 1-3 days, multiple files
- **High**: 3+ days, architectural change
Save to `.devloop/spikes/claude-code-audit-YYYY-MM-DD.md`:
```markdown
# Claude Code Audit Findings
**Date**: YYYY-MM-DD
**Claude Code Version**: X.Y.Z
**devloop Version**: X.Y.Z
## Summary
Brief overview.
## Integration Opportunities
### High Priority
| Finding | Current State | Action | Effort |
|---------|--------------|--------|--------|
### Medium Priority
...
## Deprecated Patterns
| Pattern | Native Alternative | Migration |
|---------|-------------------|-----------|
## New Features to Adopt
| Feature | Use Case | Notes |
|---------|----------|-------|
```
### Step 5: Offer Next Steps
```yaml
AskUserQuestion:
questions:
- question: "Audit complete. What next?"
header: "Action"
options:
- label: "Create spike from findings"
- label: "Create plan from findings"
- label: "Review findings"
```
## Audit Checklist
- [ ] Commands: State detection, run patterns, ship workflow current?
- [ ] Skills: Standard frontmatter, discoverable by Claude?
- [ ] Agents: Standard format, aligned with Agent tool?
- [ ] Hooks: Current API, best practices?
- [ ] Task Management: Plan vs session tasks clear?
- [ ] State: .devloop/ structure current?
## Key Documentation Links
- Full Index: https://code.claude.com/docs/llms.txt
- Skills: https://code.claude.com/docs/en/skills
- Plugins: https://code.claude.com/docs/en/plugins
- Hooks: https://code.claude.com/docs/en/hooks
- Sub-agents: https://code.claude.com/docs/en/sub-agents
## Output
Produces:
1. Findings report at `.devloop/spikes/claude-code-audit-YYYY-MM-DD.md`
2. Summary of integration opportunities
3. Option to create spike/plan for follow-upRelated Skills
devloop
Start development workflow - lightweight entry point
Example Skill
Brief description of what this skill does and the domain expertise it provides.
vulnerability-patterns
Index of vulnerability detection pattern skills. Routes to core patterns (universal) and language-specific patterns for security scanning.
vuln-patterns-languages
Language-specific vulnerability detection patterns for JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. Provides regex patterns and grep commands for common security vulnerabilities.
vuln-patterns-core
Universal vulnerability detection patterns applicable across all programming languages. Includes hardcoded secrets, SQL/command injection, path traversal, and configuration file patterns.
scan
Run a security assessment using deterministic static analysis tools with LLM-powered triage
results
View the most recent security scan results without re-running the scan
remediation-library
Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.
remediation-injection
Security fix patterns for injection vulnerabilities (SQL, Command, XSS). Provides language-specific code examples showing vulnerable and secure implementations.
remediation-crypto
Security fix patterns for cryptographic vulnerabilities (weak algorithms, insecure randomness, TLS issues). Provides language-specific secure implementations.
remediation-config
Security fix patterns for configuration and deployment vulnerabilities (path traversal, debug mode, security headers). Provides language-specific secure implementations.
remediation-auth
Security fix patterns for authentication and authorization vulnerabilities (credentials, JWT, deserialization, access control). Provides language-specific secure implementations.