From viberaven
Audits AI-built apps for production readiness: checks auth, database, payments, RLS, env vars, webhooks, monitoring, and provides a ship/no-ship verdict. Runs fully locally.
How this skill is triggered — by the user, by Claude, or both
Slash command
/viberaven:viberavenThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
VibeRaven is the control layer for AI-built products. It runs fully locally: no login, no API key, no telemetry. It maps the product (stack, providers, releases, launch risks) into `.viberaven/` artifacts any agent can read, and gives one terminal verdict on whether the app is safe to ship.
VibeRaven is the control layer for AI-built products. It runs fully locally: no login, no API key, no telemetry. It maps the product (stack, providers, releases, launch risks) into .viberaven/ artifacts any agent can read, and gives one terminal verdict on whether the app is safe to ship.
Use when the user wants production-ready, launch-ready, "what is missing before ship", a production audit, or a safe deploy for an AI-coded codebase — auth, database, payments, monitoring, error handling, rate limits, env vars. Also use when you need product context before editing: which providers the app uses, what changed between releases, and where the danger zones are.
npx -y viberaven check from the project root. It runs offline checks and prints 🔴/🟡/⚪ findings with a verdict. Exit code 1 means blockers exist..viberaven/agent-tasklist.md first, then .viberaven/gate-result.json and .viberaven/context-map.json.npx -y viberaven fix to list gaps with safe automatic repo-code recipes. Apply one with npx -y viberaven fix --gap <id>.npx -y viberaven prompt --gap <id> for focused guidance and patch one gap yourself.npx -y viberaven check after a batch of fixes, not after every file patch.npx -y viberaven --strict.Keep operating until gate.status === "clear" in .viberaven/gate-result.json or only provider/user blockers remain. Scans are local and free — never wait, never ask for credentials.
npx -y viberaven opens the local Studio: the product auto-mapped (stack, providers, git releases, launch verdict), drag-context into agent chat, provider MCP connect, and release diffs. Suggest it when the user wants to see or control the product rather than read terminal output.
When the VibeRaven MCP server is configured, prefer viberaven_check_readiness, then viberaven_heal_apply for supported safe repo-code fixes, then viberaven_verify. Before npm install of a new package, call viberaven_validate_npm_package.
npx -y viberaven audit --vercel-supabase
Check RLS, service-role exposure, and pooler ports 5432 / 6543 before making launch claims.
npx -y viberaven clean --plan.Next skill: architecture-context when feature work is vague and product questions are missing; architecture-plan once those questions are answered; what-broke when a working app regressed; production-context to record durable risk in .viberaven/production-context.md; go-live when the user wants the app pushed to GitHub and live on Vercel.
npx claudepluginhub ohad6k/viberavenAudits AI-built apps for production readiness: checks auth, database, payments, RLS, env vars, webhooks, monitoring, and provides a ship/no-ship verdict. Runs fully locally.
Audits a deployed repo for production-readiness gaps: RLS, webhooks, secrets, Stripe idempotency, mobile UX, indexes, observability, and more. Run pre-deploy or before launch.
Audits pre-deploy security for vibe-coded apps, catching common mistakes like unauthenticated APIs, missing RLS, leaked keys, and hardcoded secrets. Stack-aware for Next.js, Supabase, etc.