repo-compliance-audit

📁 okwinds/miscellany 📅 Today

总安装量

周安装量

#53919

全站排名

安装命令

npx skills add https://github.com/okwinds/miscellany --skill repo-compliance-audit

Agent 安装分布

amp 1

trae 1

trae-cn 1

opencode 1

codex 1

Skill 文档

Repo Compliance Audit

å·¥ä½æµï¼Audit â äººç±»å¾é â Remediationï¼

1) Auditï¼åªè¯»å®¡è®¡ï¼é»è®¤ä¸æ¹ä»åºï¼

å¨ç®æ ä»åºæ ¹ç®å½è¿è¡ï¼æç¨ --repo æå®ï¼ï¼

python3 scripts/audit_repo.py --repo . --out /tmp/repo-compliance-audit

è¾åºï¼

report.mdï¼äººç±»å¯è¯»å®¡è®¡æ¥åï¼ç»è®ºæè¦ãé£é©åçº§ãè¯æ®ãæ´æ¹æ¸åï¼
findings.jsonï¼æºå¨å¯è¯»åç°åè¡¨ï¼åå« finding.idãè¯æ®ä¸å»ºè®®ä¿®å¤ï¼

CI / é¨ç¦ç¨æ³ï¼å¯éï¼ï¼

python3 scripts/audit_repo.py --repo . --out /tmp/repo-compliance-audit --fail-on high

æ¨èé¨ç¦çç¥ï¼é¢åâæ§è¡è¿ç¨å¯¹é½ AGENTS.mdâï¼

æå°é¨ç¦ï¼æ¨èé»è®¤ï¼ï¼ç¨ --fail-on highï¼ä¸»è¦æ¦æªï¼
- è§åæä»¶å®æ´æ§é«é£é©ï¼AGENTS_MD_DELETED / AGENTS_MD_MODIFIED
- è¿ç¨è¯æ®é«é£é©ï¼AGENTS_EXECUTION_TEST_EVIDENCE_MISSING
- ææ¾å®å¨é£é©ï¼POSSIBLE_SECRET_FOUND
ä¸¥æ ¼é¨ç¦ï¼æéå¯ç¨ï¼ï¼ç¨ --fail-on mediumï¼ä¼é¢å¤æ¦æªï¼
- Spec-first è¯æ®ç¼ºå¤±ç±»ï¼ä¾å¦ SPEC_ENTRYPOINT_MISSINGãAGENTS_EXECUTION_SPEC_FIRST_EVIDENCE_MISSINGï¼
- worklog è¿ç¨è¯æ®ç¼ºå¤±ç±»ï¼ä¾å¦ AGENTS_EXECUTION_WORKLOG_EVIDENCE_MISSINGï¼

è¾åºè±æï¼å±äº«æ¥åæ¶å»ºè®®å¼å¯ï¼ï¼

# ä»è±æ report.mdï¼ä¿ç findings.json ä¾ç³»ç»ç¼æ/æ´æ¹ä½¿ç¨ï¼
python3 scripts/audit_repo.py --repo . --out /tmp/repo-compliance-audit --redact report

# report.md + findings.json åè±æï¼å¯¹å¤å±äº«ï¼
python3 scripts/audit_repo.py --repo . --out /tmp/repo-compliance-audit --redact all

éä½æ³é²/åªå£°ï¼å¯éï¼ï¼

python3 scripts/audit_repo.py --repo . --out /tmp/repo-compliance-audit --no-git-meta
python3 scripts/audit_repo.py --repo . --out /tmp/repo-compliance-audit --no-secret-scan

2) äººç±»å¾éè¦æ´æ¹çæ¡ç®

python3 scripts/remediate_repo.py \
  --repo . \
  --findings /tmp/repo-compliance-audit/findings.json \
  --select DOCS_INDEX_MISSING,ENV_EXAMPLE_MISSING

çº¦æï¼

é»è®¤ä»æ§è¡ safe_to_autofix=true çä¿®å¤é¡¹
é»è®¤ä¸è¦çå·²ææä»¶ï¼é¤éæ¾å¼ --overwriteï¼
é»è®¤ä¸æ¹ä¸å¡é»è¾ï¼åªåâåè§éª¨æ¶/è¯æ®/ä»åºå«çâç±»ä¿®å¤ï¼

è¾åºå¦ä½è¢«ç³»ç»ä½¿ç¨ï¼å¼ºç»æ vs çæå¼å®¹ï¼

æ§å¶é¢å¼ºç»æï¼findings.json ç¨äºç³»ç»çº§äº¤äºï¼å¯ç¼æãå¯å®¡è®¡ãå¯åé¨ç¦ï¼ã
å¯¹äººç±»çæåå¥½ï¼report.md ä»¥å¯è¯»æ§ä¼åï¼ä¸å¼ºå¶ç»æå JSONã
é¿åæ¯ä¸ªèç¹é½å¼ºå¶ç»æåï¼ä»å¨âé¨ç¦/èç¹ç¡®å®éè¦æºå¨å¯è¯»å¤æâæ¶å¯ç¨ --fail-on æåªå¯¹æäº finding å gateã
è§åæä»¶å®æ´æ§ä¼åï¼å¦æä½ å³æ³¨ç¼ç æºè½ä½çè§åè¢«âå é¤/ç¯¡æ¹âï¼å¯ä»¥éç¹å³æ³¨å®¡è®¡è¾åºä¸ç AGENTS_MD_DELETED/AGENTS_MD_MODIFIED/AGENTS_MD_UNTRACKEDï¼åºäº git åè¯ï¼è¥é git ä»åºåä»è½æç¤ºï¼ã

èµæº

skills/repo-compliance-audit/scripts/audit_repo.pyï¼å®¡è®¡å¥å£

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台

repo-compliance-audit

Agent 安装分布

Skill 文档

Repo Compliance Audit

å·¥ä½æµï¼Audit â äººç±»å¾é â Remediationï¼

1) Auditï¼åªè¯»å®¡è®¡ï¼é»è®¤ä¸æ¹ä»åºï¼

2) äººç±»å¾éè¦æ´æ¹çæ¡ç®

3) Remediationï¼éæ©æ§æ´æ¹ï¼é»è®¤åªè· safe-to-autofixï¼

è¾åºå¦ä½è¢«ç³»ç»ä½¿ç¨ï¼å¼ºç»æ vs çæå ¼å®¹ï¼

èµæº

å·¥ä½æµï¼Audit â äººç±»å¾é â Remediationï¼

1) Auditï¼åªè¯»å®¡è®¡ï¼é»è®¤ä¸æ¹ä»åºï¼

2) äººç±»å¾éè¦æ´æ¹çæ¡ç®

3) Remediationï¼éæ©æ§æ´æ¹ï¼é»è®¤åªè· safe-to-autofixï¼

è¾åºå¦ä½è¢«ç³»ç»ä½¿ç¨ï¼å¼ºç»æ vs çæå¼å®¹ï¼

èµæº