Skill

annotation

Discovers @audit annotations in codebases using grep for all languages and tree-sitter for Rust/Solidity context resolution. Outputs file/line/tag/content as filterable JSON or tables.

Python

Rust

code-quality

developer-tools

npx claudepluginhub joranhonig/grimoire

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Find `@audit` annotations in a codebase and return them as structured JSON.

Supporting Assets

examples/solidity-audit-annotations.mdreferences/annotation-format.mdscripts/find-annotations.pyscripts/main.pyscripts/pyproject.tomlscripts/requirements.txt

SKILL.md

Similar Skills

code-annotation-patterns

129

Annotates code using @ai- prefixed markers for technical debt, security vulnerabilities, performance bottlenecks, and accessibility issues to enable AI-assisted workflows.

6 tools

notetaker

ast-grep

478

Guides writing ast-grep rules for AST-based structural code search to find patterns like unhandled async functions or specific constructs beyond text matching.

1 file

ast-grep

research-phase

Maps codebase structure, patterns, symbols, and dependencies using ast-grep and bash scripts. Outputs factual maps with paths/line numbers to .artifacts/research/.

4 files7 tools

harness-engineering

Stats

Stars60

Forks6

Last CommitMar 19, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Annotation

Find @audit annotations in a codebase and return them as structured JSON.

Workflow

Determine the target directory — the project root, a src/ subdirectory, or whatever the user specified.

Run the discovery script against the target directory.

Present results to the user in their requested format (JSON for programmatic use, table for overview).

Invocation

uv run skills/annotation/scripts/find-annotations.py <directory> [--tag TAG] [--format json|table]

directory — path to scan (usually the project root or src/)

--tag — filter to a specific tag, exact match (e.g., audit-high, audit-todo)

--format — json (default) or table for human-readable output

Output

Each annotation is returned with six fields:

Field

Description

file

Relative path from the scanned directory

line

Line number (1-indexed)

tag

Tag name — audit, audit-ok, audit-high, audit-todo, etc.

content

Text after the tag on the same line

context_type

Enclosing scope type (function, contract, trait, etc.) or unknown

context_name

Name of the enclosing scope or unknown

Language Support

The script has two tiers of support:

All languages — grep-based discovery. Finds annotations in any text file. Context fields are unknown.

Rust and Solidity — tree-sitter parsing resolves context_type and context_name to the enclosing function, contract, trait, impl, or module. Falls back to grep if tree-sitter dependencies are not installed.

Annotation Types

Refer to references/annotation-format.md for the full taxonomy of supported @audit tag types.