Skill

llm-externalizer-scan

Use when scanning an entire project or codebase for bugs, security issues, or code quality problems. Trigger with "scan project", "audit codebase", "scan codebase", "full scan", "run project scan", "check whole project", "scan all files".

npx claudepluginhub emasoft/emasoft-plugins --plugin llm-externalizer

Configuration

Arguments: [folder-path | . | glob-pattern] [focus: bugs|security|all]
Effort: medium
Context: Runs in forked subagent
Agent: llm-externalizer-reviewer-agent

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Scan `$ARGUMENTS` with the LLM Externalizer ensemble and return only report file paths. Runs in the `llm-externalizer-reviewer-agent` forked subagent — verbose scan output stays out of the orchestrator.

Supporting Assets

references/tool-reference.mdreferences/usage-patterns.md

SKILL.md

Similar Skills

cache-components

139.4k

Guides Next.js Cache Components and Partial Prerendering (PPR): 'use cache' directives, cacheLife(), cacheTag(), revalidateTag() for caching, invalidation, static/dynamic optimization. Auto-activates on cacheComponents: true.

cache-components

pdf

131.6k

Processes PDFs: extracts text/tables/images, merges/splits/rotates pages, adds watermarks, creates/fills forms, encrypts/decrypts, OCRs scans. Activates on PDF mentions or output requests.

11 files

document-skills

Stats

Stars1

Forks0

Last CommitApr 18, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

LLM Externalizer — Full Project Scan

Scan $ARGUMENTS with the LLM Externalizer ensemble and return only report file paths. Runs in the llm-externalizer-reviewer-agent forked subagent — verbose scan output stays out of the orchestrator.

Overview

Codebase scan via the LLM Externalizer MCP server, active profile (default: remote-ensemble, parallel). One report per file. context: fork runs work in the llm-externalizer-reviewer-agent subagent (Sonnet, no Write/Edit); only report paths come back.

Prerequisites

LLM Externalizer MCP server running (auto-started by the plugin)
Active profile in ~/.llm-externalizer/settings.yaml
For remote profiles: OpenRouter key — set via plugin userConfig.openrouter_api_key (keychain) OR $OPENROUTER_API_KEY shell env

Instructions

Copy this checklist and track your progress:

Parse $ARGUMENTS for target (folder/file/glob, default .), focus (bugs/security/duplicate-check/etc.), budget (free flag if user asked).
mcp__llm-externalizer__discover. Abort [FAILED] — service offline if offline.
Pick the tool:
- Duplicate check / "already implemented?" → search_existing_implementations with feature_description, folder_path, and optional source_files / diff_path.
- General audit on a folder → scan_folder with use_gitignore: true, answer_mode: 0.
- ≤5 files → code_task with answer_mode: 0, max_retries: 3.
- Glob → Glob to expand, then code_task.
Call the tool. Pass free: true only if asked (warn about prompt logging first).
Default rubric: "Report REAL bugs only — logic errors, crashes, security with exploit paths, data corruption, functionality mismatch, local broken references. DO NOT report missing error handling / null checks / input validation / logging / style preferences / refactoring suggestions. Respect the source file's coding style. Cite function names + line numbers. Be terse."
Collect report paths. Do NOT read or summarize report contents.
Return paths using the Output format below.

Limitations

.md files EXCLUDED by default. Pass instructions describing a semantic search to include them. Use CPV or claude plugin validate . for structural validation — not the LLM.
LLM sees only 1–5 files per request — CANNOT cross-check a ref in file A against file B. For cross-file API validation use check_against_specs with an explicit spec. For "already implemented?" hunts use search_existing_implementations.

Output

Reports under <project>/reports_dev/llm_externalizer/. Filenames embed the source filename or group id.

answer_mode: 0=per-file (scan_folder default), 1=per-group (subfolder/extension/basename, 1 MB cap), 2=merged. Controls disk output only, not LLM visibility.

Reply format (exact, no preamble):

[DONE] scan-<label> — <N> reports
<absolute-path-1>
<absolute-path-2>

On failure: [FAILED] scan-<label> — <one-line reason>

Error Handling

Error	Fix
Service offline	Restart Claude Code; abort
Auth 401	Set `userConfig.openrouter_api_key` or `$OPENROUTER_API_KEY`
Credit 402	Server auto-falls back to free Nemotron
Empty response	Server auto-retries up to 15× (2s backoff)
No files found	Verify target path and `use_gitignore`

Examples

See Usage patterns for representative tool calls — scan folder with gitignore, filter by extensions, exclude dirs, custom rubrics, grouped processing, etc.

Resources

Tool reference — Read-only analysis tools, Utility tools, Standard Input Fields, Advanced Parameters, File Grouping, Critical Constraints, Safety Features
Usage patterns — Scan a codebase for issues, Analyze multiple files in parallel, Apply same check to each file independently, Compare two file versions (pair mode), Compare files in batch mode, Compare files via git diff, Check for broken code references after refactoring, Check for broken file imports, Reuse instructions across operations, Simple task with ensemble off (save tokens), Quick factual answer with low max_tokens, Code review with persona, Scan folder with gitignore + excluded dirs, Use folder_path on any tool, Redact custom patterns, Check source against specification, Check entire folder against specification, Grouped file processing (isolated reports), Code-optimized analysis