Audit codebase for tool vulnerabilities
codebase-auditworkflowsetup L3★1
mmffdev/vector ↗What it does
Audit repo for orphans, duplication, drift
Best for
Auditing codebases when you need whole-repo cross-slice analysis (orphans, duplication, dead code, architecture drift, HARD-RULE compliance).
Inputs
- · slices (default: all 6: fe-core, fe-routes, be-security, be-data, be-infra, migrations)
Outputs
- · findings per slice: orphans, duplication, dead-code, redundancy, smells, syntax-type, security, architecture-drift; synthesis with severity ranking and recommendations
Requires
- · knip (orphan detection)
- · jscpd (duplication)
- · tsc (TypeScript)
- · go vet
- · deadcode
- · npm/custom lint rules
- · Sonnet synthesizer
Preconditions
Repo must have knip, jscpd, tsc, lint rules installed; backend Go tooling available.
Failure modes
Tool fails (knip hangs, go vet errors); semantic verifier rejects findings; slice definitions incomplete.