wrxck/auto-audit

25 stars · Last commit 2026-04-26

Autonomous Claude Code plugin that audits a GitHub repo, triages findings, fixes in PRs, and independently reviews before merging.

PluginWorkflow & Automation TDD & Testing Debugging Documentation Design & UI DevOps & Infra Productivity AI & Prompting Data & ML Security

README preview

# auto-audit

[![CI](https://github.com/wrxck/auto-audit/actions/workflows/ci.yml/badge.svg)](https://github.com/wrxck/auto-audit/actions/workflows/ci.yml)
[![audited by auto-audit](https://img.shields.io/badge/audited_by-auto--audit-6366f1?logo=github&logoColor=white)](https://auto-audit.hesketh.pro)

An autonomous security auditor for Claude Code. Point it at a GitHub repo; it scans for security vulnerabilities, triages false positives, writes a proof of concept, fixes each confirmed bug in its own PR, independently reviews the fix, and merges when the review is clean. It keeps doing that until the queue is drained, then rescans, until you stop it or the session ends.

## Quick install

auto-audit is available from the [`wrxck-claude-plugins`](https://github.com/wrxck/claude-plugins) marketplace. From Claude Code:

```
/plugin marketplace add wrxck/claude-plugins
/plugin install auto-audit@wrxck-claude-plugins
```

Full requirements and alternative install paths are [in the Install section below](#install).

## How it works

View full repository on GitHub →