{"id":48496459,"url":"https://github.com/thoughtbot/rails-audit-thoughtbot","last_synced_at":"2026-04-07T12:30:46.094Z","repository":{"id":335514876,"uuid":"1131183471","full_name":"thoughtbot/rails-audit-thoughtbot","owner":"thoughtbot","description":"Claude skill to run code audits","archived":false,"fork":false,"pushed_at":"2026-03-27T17:45:50.000Z","size":73,"stargazers_count":68,"open_issues_count":1,"forks_count":4,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-28T01:42:57.561Z","etag":null,"topics":["ai","ai-agents","artificial-intelligence","claude","rails","ruby-on-rails"],"latest_commit_sha":null,"homepage":"https://thoughtbot.com","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thoughtbot.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"thoughtbot"}},"created_at":"2026-01-09T15:49:14.000Z","updated_at":"2026-03-27T17:29:29.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/thoughtbot/rails-audit-thoughtbot","commit_stats":null,"previous_names":["thoughtbot/rails-audit-thoughtbot"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/thoughtbot/rails-audit-thoughtbot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thoughtbot%2Frails-audit-thoughtbot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thoughtbot%2Frails-audit-thoughtbot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thoughtbot%2Frails-audit-thoughtbot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thoughtbot%2Frails-audit-thoughtbot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thoughtbot","download_url":"https://codeload.github.com/thoughtbot/rails-audit-thoughtbot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thoughtbot%2Frails-audit-thoughtbot/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31513375,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T03:10:19.677Z","status":"ssl_error","status_checked_at":"2026-04-07T03:10:13.982Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-agents","artificial-intelligence","claude","rails","ruby-on-rails"],"created_at":"2026-04-07T12:30:45.408Z","updated_at":"2026-04-07T12:30:46.082Z","avatar_url":"https://github.com/thoughtbot.png","language":null,"funding_links":["https://github.com/sponsors/thoughtbot"],"categories":["Others"],"sub_categories":[],"readme":"# Rails Audit Skill (thoughtbot Best Practices)\n\nA [Claude Code][claude-code] skill that performs comprehensive code audits of\nRuby on Rails applications based on [thoughtbot's][thoughtbot] Ruby Science and\nTesting Rails best practices.\n\n[claude-code]: https://docs.anthropic.com/en/docs/claude-code\n[thoughtbot]: https://thoughtbot.com\n\n## Quick links\n\n- **[Ruby Science][ruby-science]** - thoughtbot's guide to fixing code smells\n- **[Testing Rails][testing-rails]** - thoughtbot's guide to testing Rails applications\n- **[Rails Antipatterns][rails-antipatterns]** - Best practices for Ruby on \n  Rails refactoring (Chad Pytel \u0026 Tammer Saleh)\n\n[ruby-science]: https://github.com/thoughtbot/ruby-science\n[testing-rails]: https://github.com/thoughtbot/testing-rails\n[rails-antipatterns]: https://www.informit.com/store/rails-antipatterns-best-practice-ruby-on-rails-refactoring-9780321604811\n\n## Table of contents\n\n- [Overview](#overview)\n- [Installation](#installation)\n- [Usage](#usage)\n  - [Full application audit](#full-application-audit)\n  - [Targeted audit](#targeted-audit)\n- [Optional data collection](#optional-data-collection)\n  - [SimpleCov (test coverage)](#simplecov-test-coverage)\n  - [RubyCritic (code quality)](#rubycritic-code-quality)\n- [Reference materials](#reference-materials)\n- [Contributing](#contributing)\n- [License](#license)\n- [About thoughtbot](#about-thoughtbot)\n\n## Overview\n\nThis skill analyses Rails applications and generates detailed audit reports\ncovering:\n\n- Testing practices (RSpec)\n- Test coverage via [SimpleCov](#optional-data-collection) (optional)\n- Code quality metrics via [RubyCritic](#optional-data-collection) (optional)\n- Security vulnerabilities\n- Code design (skinny controllers, domain models, POROs with ActiveModel)\n- Rails conventions\n- Database optimisation (missing indexes, migrations hygiene)\n- External services (timeouts, error handling, background jobs)\n- Performance antipatterns (Ruby vs SQL, silent failures)\n- Ruby best practices\n\n## Installation\n\nCopy the skill directory to your Claude Code skills folder:\n\n```bash\ncp -r rails-audit-thoughtbot ~/.claude/skills/\n```\n\nOr clone directly:\n\n```bash\ngit clone https://github.com/thoughtbot/rails-audit-thoughtbot ~/.claude/skills/rails-audit-thoughtbot\n```\n\n## Usage\n\nIf you are in your terminal and not in a Claude session, you can invoke the \nskill directly by using the below. You need to be in the root directory of your \nRails project.\n\n### Full application audit\n\n```\nclaude audit\n```\n\nIf you are in a Claude session, you can reference the skill directly:\n\n```\n/rails-audit-thoughtbot\n```\n\n### Targeted audit\n\nIn a Claude session you can also run targeted audits:\n\n```\n/rails-audit-thoughtbot audit controllers\n```\n\nThis focuses the audit on specific files or directories.\n\n## Optional data collection\n\nDuring the audit, the skill offers to run optional data-collection steps that\nenrich the report with tool-measured metrics. Each step is opt-in — you will be\nprompted before anything is installed or executed. If the tool is already in your\nGemfile, the skill uses it directly without modifying your project.\n\n### SimpleCov (test coverage)\n\nRuns your test suite with [SimpleCov](https://github.com/simplecov-ruby/simplecov)\nto capture actual line and branch coverage percentages. The report will include\nper-directory coverage breakdowns, lowest-coverage files, and zero-coverage files.\n\n- Temporarily adds `simplecov` to the Gemfile (if not already present)\n- Runs the full test suite (RSpec or Minitest)\n- Restores the original Gemfile after collection\n- Cleans up all generated coverage files\n\n### RubyCritic (code quality)\n\nRuns [RubyCritic](https://github.com/whitesmith/rubycritic) to measure code\ncomplexity, duplication, and code smells using Reek, Flay, and Flog. The report\nwill include per-file ratings (A-F), worst-rated files, most common smells, and\nmost complex files.\n\n- Temporarily adds `rubycritic` to the Gemfile (if not already present)\n- Analyzes `app/` and `lib/` (or targeted paths)\n- Restores the original Gemfile after collection\n- Cleans up all generated report files\n\n## Reference materials\n\nThe skill includes reference documentation based on thoughtbot best practices.\nAll the materials are compacted information from the books mentioned above.\n\nRecommendations of PORO objects are based on different thoughtbot sources and\n[Service objects are poorly-named models][service-objects-poro].\n\n[service-objects-poro]: https://dimiterpetrov.com/blog/service-objects-are-poorly-named-models/\n\n| File | Description |\n|------|-------------|\n| `references/code_smells.md` | Code smell patterns to identify (Ruby Science) |\n| `references/testing_guidelines.md` | Testing best practices (Testing Rails) |\n| `references/poro_patterns.md` | PORO and ActiveModel patterns |\n| `references/security_checklist.md` | Security vulnerability checklist |\n| `references/rails_antipatterns.md` | Rails-specific antipatterns: external services, migrations, performance |\n| `references/report_template.md` | Audit report structure template |\n| `agents/simplecov_agent.md` | Subagent for SimpleCov test coverage collection |\n| `agents/rubycritic_agent.md` | Subagent for RubyCritic code quality metrics |\n\n## Contributing\n\nContributions are welcome! If you'd like to improve the audit patterns or add\nnew detection rules:\n\n1. Fork the repository\n2. Create your feature branch (`git checkout -b my-new-feature`)\n3. Commit your changes (`git commit -am 'Add some feature'`)\n4. Push to the branch (`git push origin my-new-feature`)\n5. Create a new Pull Request\n\n## License\n\nThis skill is open source and available under the [MIT License](LICENSE).\n\n## About thoughtbot\n\n![thoughtbot](https://thoughtbot.com/thoughtbot-logo-for-readmes.svg)\n\nThis skill is inspired by and based on thoughtbot's excellent guides:\n\n- [Ruby Science](https://github.com/thoughtbot/ruby-science)\n- [Testing Rails](https://github.com/thoughtbot/testing-rails)\n- [Rails Antipatterns](https://www.informit.com/store/rails-antipatterns-best-practice-ruby-on-rails-refactoring-9780321604811) by Chad Pytel \u0026 Tammer Saleh\n\nThe names and logos for thoughtbot are trademarks of thoughtbot, inc.\n\nWe love open source software!\nSee [thoughtbot's other projects][community].\n\n[community]: https://thoughtbot.com/community?utm_source=github\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthoughtbot%2Frails-audit-thoughtbot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthoughtbot%2Frails-audit-thoughtbot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthoughtbot%2Frails-audit-thoughtbot/lists"}