Claude-elixir-phoenix phx:audit
Project health audit and health check — architecture, performance, security, tests, dependencies. Use quarterly, before releases, after refactors, or when asked about project health.
git clone https://github.com/oliver-kriska/claude-elixir-phoenix
T=$(mktemp -d) && git clone --depth=1 https://github.com/oliver-kriska/claude-elixir-phoenix "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/elixir-phoenix/skills/audit" ~/.claude/skills/oliver-kriska-claude-elixir-phoenix-phx-audit && rm -rf "$T"
plugins/elixir-phoenix/skills/audit/SKILL.mdProject Health Audit
Comprehensive project-wide health assessment using 5 parallel specialist subagents.
Usage
/phx:audit # Full audit (default) /phx:audit --quick # 2-3 minute pulse check /phx:audit --focus=security # Deep dive single area /phx:audit --focus=performance /phx:audit --since abc123 # Incremental audit since commit /phx:audit --since HEAD~10 # Audit last 10 commits
When to Use
- Quarterly health checks
- Before major releases
- After large refactors
- New team member onboarding (understand codebase health)
Iron Laws
- Wait for ALL agents before synthesizing — Partial results create misleading health scores because cross-category correlations get missed
- Scope agent prompts to specific directories — Vague prompts like "analyze the codebase" produce generic findings that waste tokens and miss real issues
- Never compare scores across projects — Scoring methodology depends on project size and maturity; only track trends within the same project
- Quick mode before full mode — Run
first to catch compile/test failures before spending tokens on 5 parallel agents--quick
Subagent Architecture
Spawn 5 specialists in parallel using Agent tool:
| Subagent | Focus | Output File |
|---|---|---|
| Architecture Reviewer | Structure quality, coupling, cohesion | |
| Performance Auditor | N+1, indexes, bottlenecks, scalability | |
| Security Auditor | OWASP scan, auth patterns, secrets | |
| Test Health Auditor | Coverage, quality, flaky tests | |
| Dependency Auditor | Vulnerabilities, outdated, unused | |
Workflow
Step 1: Create Task List and Spawn All 5 Auditors (Parallel)
Create Claude Code tasks for real-time progress visibility:
For each auditor: TaskCreate({subject: "{Area} audit", activeForm: "Auditing {area}..."}) TaskUpdate({taskId, status: "in_progress"})
Then spawn all 5 agents with Agent tool (parallel):
Agent(subagent_type: "general-purpose", prompt: "Architecture audit...", run_in_background: true) Agent(subagent_type: "general-purpose", prompt: "Performance audit...", run_in_background: true) Agent(subagent_type: "general-purpose", prompt: "Security audit...", run_in_background: true) Agent(subagent_type: "general-purpose", prompt: "Test health audit...", run_in_background: true) Agent(subagent_type: "general-purpose", prompt: "Dependency audit...", run_in_background: true)
Agent prompts must be FOCUSED. Scope each prompt to the relevant directories and patterns. Do NOT give vague prompts like "analyze the codebase."
Output efficiency: Tell each agent: "Report ONLY issues found. Do NOT list clean checks, passing categories, or 'What's Good'. One summary line per clean area suffices."
Step 2: Collect Results
Wait for ALL auditors to complete. Mark each auditor's task as
completedTaskUpdateRead reports from
.claude/audit/reports/Step 3: Compress Findings
After all 5 auditors complete, spawn context-supervisor:
Agent(subagent_type: "context-supervisor", prompt: """ Compress audit findings. Input: .claude/audit/reports/ Output: .claude/audit/summaries/ Priority: Health scores per category, critical findings only, cross-category correlations, deduplicate findings found by 2+ agents. """)
Read
.claude/audit/summaries/consolidated.mdStep 4: Calculate Health Score
Each category scores 0-100. See
${CLAUDE_SKILL_DIR}/references/scoring-methodology.mdStep 5: Generate Report
Write to
.claude/audit/summaries/project-health-{date}.mdOutput Format
Report includes: Executive summary with health score (A-F, numeric/100), per-category score table (Architecture, Performance, Security, Tests, Dependencies), critical issues, top recommendations, and action plan (Immediate/Short-term/Long-term).
Quick Mode (--quick
)
--quickOnly run essential checks (~2-3 minutes):
Run
mix compile --warnings-as-errorsmix hex.audit && mix deps.auditmix xref graph --format statsmix test --trace 2>&1 | tail -20Skip: Full security scan, N+1 analysis, test quality metrics, architecture deep dive.
Focus Mode (--focus=area
)
--focus=areaDeep dive single area with full specialist resources:
| Focus | Subagent | Extra Checks |
|---|---|---|
| security-analyzer | Full OWASP, sobelow, manual patterns |
| (performance subagent) | Profile-level analysis, query explain |
| (arch subagent) | Full xref, coupling matrix, cohesion |
| testing-reviewer | Coverage by context, quality metrics |
| (deps subagent) | License audit, maintenance status |
Incremental Mode (--since <commit>
)
--since <commit>Analyze only changes since a specific commit. Useful for pre-merge checks:
Run
git diff --name-only <commit>...HEADCombines with other flags:
/phx:audit --since HEAD~5 --focus=securityRelationship to Other Commands
| Command | Scope | Frequency |
|---|---|---|
| Changed files (diff) | Every PR |
| Entire project | Quarterly |
| Context structure | On-demand |
| Compile/test pass | Anytime |
References
- How scores are calculated${CLAUDE_SKILL_DIR}/references/scoring-methodology.md
- Detailed architecture criteria${CLAUDE_SKILL_DIR}/references/architecture-checks.md