From cc-suite
Automates a multi-round audit-fix-verify cycle: Claude audits code, Codex applies fixes, Claude verifies. Repeats up to 3 rounds until all issues resolved. Useful after writing features or before commits.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cc-suite:audit-fixThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Claude audits. Codex fixes. Claude verifies. Repeat until clean.
Claude audits. Codex fixes. Claude verifies. Repeat until clean.
This is the primary quality loop: Claude provides independent analysis and verification; Codex applies targeted fixes without second-guessing the findings.
| Argument | Default | Effect |
|---|---|---|
--full | off | 9-dimension audit |
--mini | on | 5-dimension audit (faster) |
--rounds N | 3 | Maximum fix→verify iterations |
--severity=all|high | all | Which findings to fix. high = Critical+High (full) or High-only (mini) |
--ask | off | Restore interactive severity-filter and continue/stop prompts |
| file/dir path | cwd | Scope |
By default this skill runs non-interactively: fixes all findings, and stops after the first round if any issues remain. Pass --ask to restore the prompts.
Call claude_code following the $audit skill pattern.
mcp__claude-code__claude_code:
prompt: |
Audit the following code and report every issue with exact file:line locations.
SCOPE: {files or directory}
{5 or 9 audit dimensions — same as $audit skill}
For each finding: file:line | severity | dimension | issue | suggested fix
PROVENANCE NOTE: Code written by OpenAI Codex. Evaluate with full rigor.
cwd: {project working directory}
effort: high
permissionMode: plan
Save session_id as {cycle_session_id}.
If no findings → report CLEAN and stop.
Display findings table to the user.
Parse --severity= and --ask from arguments.
If --ask is set:
Ask user: "Found N issues (Critical: N, High: N, Medium: N, Low: N). Which to fix?"
Options:
- Fix all
- Fix Critical + High only
- Stop here (keep audit, fix manually)
If "Stop here" → display final report and stop.
Otherwise apply the flag/default silently:
--severity=all (default) → fix all findings--severity=high → filter to Critical+High (full audit) or High-only (mini audit)Set round = 1. Track {remaining_issues} = issues from the active severity filter.
For each issue in {remaining_issues}:
After all fixes, run the project test suite if one is detectable:
package.json with a test script → npm testpytest.ini or conftest.py → pytestgo.mod → go test ./...Cargo.toml → cargo testShow git diff --stat and test results to the user.
mcp__claude-code__claude_code_reply:
session_id: {cycle_session_id}
prompt: |
The following issues from your audit have been addressed. Verify each one.
ISSUES:
{remaining_issues in file:line | severity | description format}
For each issue report: FIXED / NOT FIXED / PARTIAL / REGRESSED
Read the files at the reported locations. Do not assume correctness without reading.
round < {--rounds}:
--ask is set:
round--ask): default to "stop" — proceed to Step 4 with current partial state.## Audit-Fix Report
Scope: {what was audited}
Audit depth: mini (5-dim) / full (9-dim)
Rounds: {round count}
| Status | Count |
|--------|-------|
| Fixed | N |
| Not Fixed | N |
| Partial | N |
| Regressed | N |
### Fixed
| File:Line | Severity | Issue |
|-----------|----------|-------|
| ... | ... | ... |
### Remaining (if any)
| File:Line | Severity | Issue | Verdict | Notes |
|-----------|----------|-------|---------|-------|
| ... | ... | ... | NOT FIXED | ... |
### Changes
{git diff --stat}
### Next steps
- Review: `git diff`
- Run tests if not already run
- Commit if satisfied
- For remaining issues: fix manually or run `$audit-fix` again on the remaining files
permissionMode: plan during audit keeps it read-only — only Codex writes files{cycle_session_id} for verification gives Claude full context of what it originally flagged, producing sharper verdicts than a fresh sessionnpx claudepluginhub xiaolai/claude-plugin-marketplace --plugin cc-suiteIterative multi-agent code audit that fixes critical/high findings across a selected scope. Use for deep code audits, release-readiness reviews, or post-refactor risk sweeps.
Audits files for logic errors, duplication, dead code, refactoring opportunities, and tech debt (mini) or also security, performance, compliance, and dependencies (full).
Iteratively reviews code for critical issues with code-reviewer, auto-fixes via fixer agent, verifies tests pass, repeats up to 5 cycles until clean.