What is repomatic-audit?

Escenario recomendado: Perfect for GitHub Workflow Agents needing comprehensive repository audits and optimization of package management workflows. Resumen localizado: Audit downstream repo alignment with upstream repomatic reference, covering workflows, configs, and conventions. It covers apt, cli-tools, cyclonedx workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

How do I install repomatic-audit?

Run the command: npx killer-skills add kdeldycke/meta-package-manager/repomatic-audit. It works with Cursor, Windsurf, VS Code, Claude Code, and 19+ other IDEs.

What are the use cases for repomatic-audit?

Key use cases include: Caso de uso: Auditing workflow files for version pin drift and missing triggers, Caso de uso: Identifying downstream innovations for contribution back to repomatic, Caso de uso: Debugging YAML scalar style issues and outdated integration patterns.

Which IDEs are compatible with repomatic-audit?

This skill is compatible with Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Use the Killer-Skills CLI for universal one-command installation.

Are there any limitations for repomatic-audit?

Limitacion: Only applicable to downstream repositories. Limitacion: Requires gh api access for fetching reference files. Limitacion: Python environment needed for execution.

repomatic-audit | AI Agent Skills

Name: repomatic-audit
Availability: InStock
Author: kdeldycke

repomatic-audit

Install repomatic-audit, an AI agent skill for AI agent workflows and automation. Review the use cases, limitations, and setup path before rollout.

SKILL.md

Readonly

Upstream Repository Material

The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.

Supporting Evidence

Context

!ls .github/workflows/*.yaml 2>/dev/null !grep -h 'uses:.*kdeldycke/repomatic' .github/workflows/*.yaml 2>/dev/null | head -5 !grep -A5 '\[tool.repomatic\]' pyproject.toml 2>/dev/null || echo "No [tool.repomatic] section" ![ -f repomatic/__init__.py ] && echo "CANONICAL_REPO" || echo "DOWNSTREAM"

Instructions

You perform a comprehensive audit of a downstream repository against the upstream kdeldycke/repomatic reference. This goes beyond what repomatic workflow sync handles — it catches stale action versions in custom job content, missing workarounds, outdated configs, and conventions that can be borrowed from upstream.

This skill is for downstream repos only. If the context shows CANONICAL_REPO, tell the user this skill is not applicable.

Scope selection

all (default when $ARGUMENTS is empty): Run all audits below.
workflows: Audit workflow files only.
configs: Audit non-workflow config files only.
claude: Audit claude.md alignment only.
upstream: Identify downstream innovations that could be contributed back to repomatic.

Fetching reference files

Use gh api repos/kdeldycke/repomatic/contents/{path} --jq '.content' | base64 -d to fetch upstream reference files.

1. Workflow audit (`workflows`)

Thin-caller workflows

Compare each local thin-caller workflow against its reference. These should be identical (except for files listed in exclude). Flag:

Extra triggers (e.g., spurious workflow_dispatch).
Missing triggers.
Version pin drift (different @vX.Y.Z tag).

Header-only workflows (e.g., `tests.yaml`)

The header (name, on:, concurrency:) is synced automatically, but custom job content is not. Compare the job content against the reference for:

Stale action versions: e.g., actions/checkout, astral-sh/setup-uv, codecov/* — compare pinned versions.
Missing workarounds: e.g., the "Force native ARM64 Python on Windows ARM64" step that sets UV_PYTHON.
Missing matrix exclusions: e.g., windows-11-arm + Python 3.10 (no native ARM64 build).
Outdated integration patterns: e.g., using codecov-action when upstream migrated to codecov-cli via uvx.
Missing pytest output flags: e.g., --cov-report=xml, --junitxml=junit.xml needed for codecov-cli.
YAML scalar style issues: e.g., run: | where run: > is needed for multi-line single commands.

Excluded workflows

Respect exclude entries from [tool.repomatic] in pyproject.toml. Report excluded files but do not flag them as drift.

2. Config file audit (`configs`)

Compare these files against the upstream reference:

File	What to check
`renovate.json5`	Missing `assignees`, missing package rules, stale binary versions in `postUpgradeTasks`
`pyproject.toml` `[tool.typos]`	Missing `default.extend-identifiers` for common capitalizations (GitHub, macOS, PyPI, iOS, etc.)
`pyproject.toml` `[tool.bumpversion]`	Missing `ignore_missing_files`
`pyproject.toml` `[tool.ruff]`	Missing or divergent lint rules, preview settings
`pyproject.toml` `[tool.mypy]`	Missing settings compared to reference
`.github/ISSUE_TEMPLATE/`	Filename conventions (hyphens, not underscores), missing labels
`.github/code-of-conduct.md`	Stale or non-canonical attribution URLs
`.github/funding.yml`	Compare with reference
`.gitignore`	Compare with reference
`lychee.toml`	Note differences (usually project-specific, just flag for review)

Skip files that are intentionally excluded via exclude in [tool.repomatic].

3. `claude.md` audit (`claude`)

Fetch the upstream claude.md and identify universally applicable sections that the local claude.md is missing. Focus on:

Terminology and spelling rules.
Version formatting conventions.
Modern typing practices.
Python version compatibility caveats.
Testing guidelines (e.g., "no test classes" rule).
Common maintenance pitfalls.
Command-line option conventions.

Do not flag upstream sections that are project-specific (e.g., CLI abstractions, workflow design, release checklists, agent conventions).

4. Upstream contribution opportunities (`upstream`)

Scan the downstream repo for patterns, workarounds, or configurations that are better than or missing from the upstream reference. These are candidates for contributing back to kdeldycke/repomatic. Look for:

Broader test matrices: e.g., more OS variants, extra Python versions, additional architecture coverage that upstream could adopt as defaults.
Workarounds for known issues: Steps or configs that fix CI failures or edge cases that upstream hasn't addressed yet.
Better tool configurations: e.g., ruff extend-include patterns, pytest addopts, coverage settings that are more complete than upstream.
Useful pyproject.toml patterns: e.g., dependency group definitions, build config, or tool settings that could be generalized.
Custom workflow steps: Reusable patterns in header-only workflows (e.g., package install verification, environment variable passing) that could become part of the reference workflow.
Documentation improvements: claude.md sections, issue templates, or repo metadata patterns that would benefit all downstream repos.

For each candidate, assess:

Generalizability: Would this benefit most downstream repos, or is it project-specific?
Complexity: Is it a simple config change or a significant workflow redesign?
Action: Suggest filing as a GitHub issue or PR at kdeldycke/repomatic, with a draft title and description.

Output format

For each audit area, produce:

A summary table: item, status (MATCH / DRIFT / MISSING / N/A), brief description.
For each issue: what the current state is, what the reference has, and the recommended fix.
Prioritize: group by severity (breaking/functional issues first, then consistency, then cosmetic).

After running

Suggest the user run:

/repomatic-sync to fix thin-caller workflow drift automatically.
Manual edits for header-only workflow drift and config changes.
/repomatic-lint to validate after fixes are applied.

repomatic-audit — for Claude Code repomatic-audit, meta-package-manager, community, for Claude Code, ide skills, cli-tools, cyclonedx, flatpak, mac-app-store, package-manager

Acerca de este Skill

Características

# Core Topics

Killer-Skills Review

¿Por qué usar esta habilidad?

Mejor para

↓ Casos de uso accionables for repomatic-audit

! Seguridad y limitaciones

Why this page is reference-only

Source Boundary

Decide The Next Action Before You Keep Reading Repository Material

Start With Installation And Validation

Cross-Check Against Trusted Picks

Move To Workflow Collections For Team Rollout

Browser Sandbox Environment

⚡️ Ready to unleash?

FAQ & Installation Steps

? Frequently Asked Questions

What is repomatic-audit?

How do I install repomatic-audit?

What are the use cases for repomatic-audit?

Which IDEs are compatible with repomatic-audit?

Are there any limitations for repomatic-audit?

↓ How To Install

! Reference-Only Mode

Upstream Repository Material

repomatic-audit

Context

Instructions

Scope selection

Fetching reference files

1. Workflow audit (workflows)

Thin-caller workflows

Header-only workflows (e.g., tests.yaml)

Excluded workflows

2. Config file audit (configs)

3. claude.md audit (claude)

4. Upstream contribution opportunities (upstream)

Output format

After running

Habilidades relacionadas

Looking for an alternative to repomatic-audit or another community skill for your workflow? Explore these related open-source skills.

openclaw-release-maintainer

widget-generator

flags

pr-review

1. Workflow audit (`workflows`)

Header-only workflows (e.g., `tests.yaml`)

2. Config file audit (`configs`)

3. `claude.md` audit (`claude`)

4. Upstream contribution opportunities (`upstream`)