Install command
Provided
Production codebase auditor specialized in Zod schema validation coverage, security vulnerability detection, and dead code elimination
Open the source and read safety notes before installing.
Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
Decision playbook
Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.
0
78
—
No baseline selected
No major trust-signal divergence detected in the current selection.
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Source provenance statusRequired
Marked as source-backed.
Metadata reviewed
Registry metadata indicates a reviewed listing.
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Trust level risk gateRequired
Trust level does not block evaluation.
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Package verification flag
No package verification flag provided.
Checksum metadata
No checksum provided for downloaded artifact.
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
Baseline comparison available
No baseline peer selected yet.
Diverging trust signals identified
No major trust-signal divergence found.
Setup at a glance
Copy-ready — paste the snippet to get started.
Install command
Provided
Config snippet
Not provided
Copy snippet
Provided
Prerequisites
None
Platforms
1 listed
Difficulty
65/100
Adoption plan
Current risk score 16/100. Use staged verification before broader rollout.
Validate source and review signals before any execution.
Confirm source provenanceRequired
Source URL/provenance metadata is present.
Confirm metadata review state
Listing has review metadata.
Verify install payload
Install/config payload exists and can be inspected.
Confirm safety, privacy, and package integrity signals.
Review safety notesRequired
Safety notes are present.
Review privacy notesRequired
Privacy notes are present.
Verify package integrity metadata
No package verification/checksum metadata.
Adopt in controlled steps based on the selected plan.
Run in isolated sandbox firstRequired
Use a constrained sandbox and observe behavior across multiple tasks.
Roll out graduallyRequired
Roll out to a small cohort before wider usage.
Set monitoring and fallback
Define rollback path and monitor errors after adoption.
Evidence readiness
Required evidence gates are covered (5/6 signals complete).
Source repository/provenance is listed.
Required in this preset
Review metadata is present.
Required in this preset
Safety notes are present.
Required in this preset
Privacy notes are present.
Optional in this preset
Package integrity metadata is missing.
Optional in this preset
Install payload is available.
Required in this preset
Required evidence gates are covered for this preset.
Decision timeline
5/6 steps complete with no blocking gaps for this preset.
triage
Source/provenance metadata is available.
triage
Review metadata is available.
verify
Safety notes are available.
verify
Privacy notes are available.
verify
Package integrity metadata is missing.
rollout
Install payload is available.
No required blockers for this timeline preset.
Safety & privacy surface
2 safety and 1 privacy notes across 3 risk areas. Review closely: permissions & scopes, network access.
/zod-audit security apps/webpwdls -lafind . -type f \( -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" \) -not -path "*/node_modules/*" -not -path "*/dist/*" | head -20[ -f package.json ] && cat package.json | grep -A 20 '"dependencies"'Audit Type: ${1:-full} Target Path: ${2:-.}
allowed-tools:
- Bash(find:*)
- Bash(grep:*)
- Bash(rg:*)
- Bash(ls:*)
- Read
- Write
- Edit
- Grep
- Glob
- Task
argument-hint: [audit-type=full|security|duplication|validation|zod] [path]
description: Audits codebase for Zod validation coverage, security gaps, and code quality issues
model: sonnet
Perform a comprehensive codebase audit focusing on:
Provide a structured report with:
This audit assumes an open-source production codebase:
Create command directory:
mkdir -p .claude/commands
Create command file: audit-codebase.md in the commands directory
Copy the command content with YAML frontmatter format
Usage:
/audit-codebase - Execute the full audit/audit-codebase security - Security-focused audit/audit-codebase validation - Validation coverage checkConfig Format: Markdown file with YAML frontmatter
Config Paths:
.claude/commands/audit-codebase.md~/.claude/commands/audit-codebase.mdWhen auditing:
Prioritize findings by:
/zod-audit - Zod Auditor Command for Claude Code side by side with its closest alternative on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
| Field | Production codebase auditor specialized in Zod schema validation coverage, security vulnerability detection, and dead code elimination Open dossier | Deploy 100 specialized sub-agents for comprehensive enterprise-grade security, performance, and optimization audit of production codebase Open dossier |
|---|---|---|
| Next steps | ||
| Trust | ||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trust | Package not verified | Package not verified |
| Source provenance | Source-backed | Source-backed |
| Submitter | — | — |
| Install risk | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | — | — |
| Category | commands | commands |
| Source | source-backed | source-backed |
| Author | JSONbored | JSONbored |
| Added | 2025-09-26 | 2025-10-25 |
| Platforms | Claude Code | Claude Code |
| Source repo | — | — |
| Safety notes | ✓Review generated changes and commands before applying them; slash commands can ask the agent to read, write, edit, or run tools in the current project. Limit scope to the intended files and run in a trusted checkout when the command analyzes code, tests, security findings, or generated output. | ✓Review generated changes and commands before applying them; slash commands can ask the agent to read, write, edit, or run tools in the current project. Limit scope to the intended files and run in a trusted checkout when the command analyzes code, tests, security findings, or generated output. |
| Privacy notes | ✓Reads the source files it audits, which may include schema definitions and sample data, and sends them to the model as part of the request; it does not transmit them anywhere else. | ✓Prompts, source files, logs, errors, dependency metadata, and generated reports may be sent to the configured AI model during command execution. Redact secrets, customer data, private repository details, and proprietary code before sharing command output outside the workspace. |
| Prerequisites | — none listed | — none listed |
| Install | | |
| Config | — | — |
| Citations | ||
| Claim | Unclaimed | Unclaimed |
Source-backed guides for putting this to work.
Master MCP server development from scratch.
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.