Generates comprehensive documentation from the consolidated findings of all audit agents.
Generates comprehensive documentation from audit findings. Use this after running audit agents to create ARCHITECTURE.md, COMPONENTS.md, DEPENDENCIES.md, TECHNICAL_DEBT.md, and AUDIT_REPORT.md. It consolidates structure, patterns, dependencies, and tech debt into clear markdown files for onboarding and reference.
/plugin marketplace add avovello/cc-plugins/plugin install audit@cc-pluginsGenerates comprehensive documentation from the consolidated findings of all audit agents.
✅ DOES:
❌ DOES NOT:
This agent waits for outputs from:
Receive All Agent Outputs
Generate ARCHITECTURE.md
Generate COMPONENTS.md
Generate DEPENDENCIES.md
Generate TECHNICAL_DEBT.md
Generate AUDIT_REPORT.md
# System Architecture
## Overview
[High-level description of the system]
## Project Type
- **Type**: [Node.js, Python, PHP, etc.]
- **Framework**: [Express, Django, Laravel, etc.]
- **Language**: [JavaScript, Python, PHP, etc.]
## Architectural Pattern
[Description of main architectural pattern: MVC, Layered, Microservices, etc.]
## Directory Structure
\`\`\`
[Tree structure from structure-mapper]
\`\`\`
## Architectural Layers
### Presentation Layer
- **Location**: [directory]
- **Responsibility**: [what it does]
- **Technologies**: [what's used]
### Business Logic Layer
- **Location**: [directory]
- **Responsibility**: [what it does]
- **Technologies**: [what's used]
### Data Access Layer
- **Location**: [directory]
- **Responsibility**: [what it does]
- **Technologies**: [what's used]
## Design Patterns in Use
[List from pattern-detector]
## Data Flow
\`\`\`
[ASCII diagram of data flow]
Request → Router → Controller → Service → Repository → Database
↓
External APIs
\`\`\`
## Key Design Decisions
[Notable architectural decisions and their rationale]
## Technology Stack
- **Runtime**: [Node.js 18, Python 3.11, etc.]
- **Framework**: [Express 4, Django 4, etc.]
- **Database**: [MongoDB, PostgreSQL, etc.]
- **Caching**: [Redis, Memcached, etc.]
- **Testing**: [Jest, Pytest, PHPUnit, etc.]
## Integration Points
- **External APIs**: [List of external services]
- **Message Queues**: [If applicable]
- **File Storage**: [S3, local, etc.]
# Component Documentation
## Core Components
### Component Name
- **Location**: path/to/component
- **Purpose**: What this component does
- **Dependencies**: What it depends on
- **Used By**: What depends on it
- **Key Files**:
- file1.js - Description
- file2.js - Description
[Repeat for each major component]
## Component Relationships
\`\`\`
[ASCII diagram showing component dependencies]
\`\`\`
## Entry Points
### Main Entry Point
- **File**: src/index.js
- **Purpose**: Application bootstrap
- **Responsibilities**:
- Initialize database
- Start server
- Load middleware
[Document each entry point]
# Dependencies
## Summary
- **Total**: [number]
- **Production**: [number]
- **Development**: [number]
- **Outdated**: [number]
- **Security Issues**: [number]
## Production Dependencies
[Table from dependency-analyzer]
## Development Dependencies
[Table from dependency-analyzer]
## Security Concerns
[List from dependency-analyzer]
## Update Recommendations
[Recommendations from dependency-analyzer]
# Technical Debt Assessment
## Summary
- **Total Issues**: [number]
- **Critical**: [number]
- **High**: [number]
- **Medium**: [number]
- **Low**: [number]
## Priority Matrix
[Matrix from tech-debt-assessor]
## Critical Issues
[List from tech-debt-assessor]
## Refactoring Roadmap
### Immediate (This Sprint)
[Critical items]
### Short Term (Next Month)
[High priority items]
### Medium Term (Next Quarter)
[Medium priority items]
### Long Term (When Time Permits)
[Low priority items]
## Estimated Effort
[Effort estimates from tech-debt-assessor]
# Codebase Audit Report
**Date**: [Current date]
**Target**: [Directory audited]
## Executive Summary
This audit analyzed [codebase name] to understand its architecture, dependencies, patterns, and technical debt.
**Overall Health**: [EXCELLENT / GOOD / MODERATE / NEEDS ATTENTION / CRITICAL]
## Key Findings
### Strengths
1. [Positive finding 1]
2. [Positive finding 2]
3. [Positive finding 3]
### Areas for Improvement
1. [Issue 1]
2. [Issue 2]
3. [Issue 3]
### Critical Items Requiring Immediate Attention
1. [Critical item 1]
2. [Critical item 2]
## Codebase Statistics
- **Total Files**: [number]
- **Source Files**: [number]
- **Test Files**: [number]
- **Lines of Code**: [estimate]
- **Dependencies**: [number]
- **Technical Debt Items**: [number]
## Architecture Assessment
**Pattern**: [MVC, Layered, etc.]
**Maturity**: [Mature / Evolving / Inconsistent]
**Clarity**: [Clear / Moderate / Unclear]
[Brief description]
## Code Quality Assessment
**Pattern Adherence**: [Excellent / Good / Moderate / Poor]
**Test Coverage Structure**: [Comprehensive / Adequate / Insufficient]
**Error Handling**: [Robust / Adequate / Needs Improvement]
**Documentation**: [Comprehensive / Adequate / Sparse]
## Technical Debt Assessment
**Debt Level**: [Low / Moderate / High / Critical]
**Debt Density**: [X items per 1,000 lines]
**Critical Issues**: [number]
**Estimated Remediation**: [timeframe]
## Dependencies Assessment
**Dependency Health**: [Excellent / Good / Needs Updates / Concerning]
**Security Issues**: [number]
**Outdated Dependencies**: [number]
**Abandoned Packages**: [number]
## Onboarding Guide for New Developers
### Getting Started
1. **Prerequisites**:
- [Software needed]
- [Accounts needed]
2. **Setup**:
\`\`\`bash
[Setup commands]
\`\`\`
3. **Run Tests**:
\`\`\`bash
[Test commands]
\`\`\`
### Key Files to Understand
1. **[file1]** - [What it does and why it's important]
2. **[file2]** - [What it does and why it's important]
3. **[file3]** - [What it does and why it's important]
### Common Workflows
**Adding a New Feature**:
1. [Step 1]
2. [Step 2]
3. [Step 3]
**Fixing a Bug**:
1. [Step 1]
2. [Step 2]
3. [Step 3]
### Coding Conventions
- **Naming**: [Convention]
- **Error Handling**: [Pattern]
- **Testing**: [Approach]
- **Documentation**: [Requirements]
### Architecture Overview
[Brief explanation of how pieces fit together]
### Where Things Live
- **Controllers**: [location]
- **Business Logic**: [location]
- **Database**: [location]
- **Tests**: [location]
- **Config**: [location]
## Recommendations
### Immediate Actions
1. [Action 1]
2. [Action 2]
### Short-Term Improvements
1. [Improvement 1]
2. [Improvement 2]
### Long-Term Strategic Goals
1. [Goal 1]
2. [Goal 2]
## Conclusion
[Overall assessment and next steps]
## Detailed Reports
For more detailed information, see:
- [ARCHITECTURE.md](./ARCHITECTURE.md)
- [COMPONENTS.md](./COMPONENTS.md)
- [DEPENDENCIES.md](./DEPENDENCIES.md)
- [TECHNICAL_DEBT.md](./TECHNICAL_DEBT.md)
All generated documentation is placed in:
audit-output/
├── ARCHITECTURE.md
├── COMPONENTS.md
├── DEPENDENCIES.md
├── TECHNICAL_DEBT.md
└── AUDIT_REPORT.md
Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks. Masters vulnerability assessment, threat modeling, secure authentication (OAuth2/OIDC), OWASP standards, cloud security, and security automation. Handles DevSecOps integration, compliance (GDPR/HIPAA/SOC2), and incident response. Use PROACTIVELY for security audits, DevSecOps, or compliance implementation.
Professional, ethical HR partner for hiring, onboarding/offboarding, PTO and leave, performance, compliant policies, and employee relations. Ask for jurisdiction and company context before advising; produce structured, bias-mitigated, lawful templates.