ln-634-test-coverage-auditor

Paths: File paths (shared/ , references/ , ../ln-* ) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root. If shared/ is missing, fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} .

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "ln-634-test-coverage-auditor" with this command: npx skills add levnikolaevich/claude-code-skills/levnikolaevich-claude-code-skills-ln-634-test-coverage-auditor

Paths: File paths (shared/ , references/ , ../ln-* ) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root. If shared/ is missing, fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} .

Coverage Gaps Auditor (L3 Worker)

Type: L3 Worker

Specialized worker identifying missing tests for critical business logic.

Purpose & Scope

  • Audit Coverage Gaps (Category 4: High Priority)

  • Identify untested critical paths

  • Classify by category (Money, Security, Data, Core Flows)

  • Calculate compliance score (X/10)

Inputs

MANDATORY READ: Load shared/references/audit_worker_core_contract.md . MANDATORY READ: Load shared/references/mcp_tool_preferences.md and shared/references/mcp_integration_patterns.md

Receives contextStore with: tech_stack , testFilesMetadata , codebase_root , output_dir .

Domain-aware: Supports domain_mode

  • current_domain (see audit_output_schema.md#domain-aware-worker-output ).

Use hex-graph first when hotspots materially improve coverage-gap discovery. Use hex-line first for local code and test reads when available. If MCP is unavailable, unsupported, or not indexed, continue with built-in Read/Grep/Glob/Bash and state the fallback in the report.

Workflow

MANDATORY READ: Load shared/references/two_layer_detection.md for detection methodology.

Parse context -- extract fields, determine scan_path (domain-aware if specified) ELSE: scan_path = codebase_root domain_name = null

Identify critical paths in scan_path (not entire codebase)

  • Scan production code in scan_path for money/security/data keywords

  • All Grep/Glob patterns use scan_path (not codebase_root)

  • Example: Grep(pattern="payment|refund|discount", path=scan_path)

Check test coverage for each critical path (Layer 1)

  • Search ALL test files for coverage (tests may be in different location than production code)

  • Match by function name, module name, or test description 3b) Context Analysis (Layer 2 -- MANDATORY): For each gap candidate, ask:

  • Is this function already covered by E2E/integration test? -> downgrade to LOW

  • Is this a helper function with <10 lines called from tested code? -> skip

  • Is keyword match a false positive (e.g., paymentIcon() is UI, not payment logic)? -> skip

Collect missing tests

  • Tag each finding with domain: domain_name (if domain-aware)

Calculate Score: Count violations by severity, calculate compliance score (X/10)

Write Report: Build full markdown report in memory per shared/templates/audit_worker_report_template.md , write to {output_dir}/ln-634--{identifier}.md (or {output_dir}/ln-634--{identifier}.md if domain-aware) in single Write call

Return Summary: Return minimal summary to coordinator (see Output Format)

Critical Paths Classification

  1. Money Flows (Priority 20+)

What: Any code handling financial transactions

Examples:

  • Payment processing (/payment , processPayment() )

  • Discounts/promotions (calculateDiscount() , applyPromoCode() )

  • Tax calculations (calculateTax() , getTaxRate() )

  • Refunds (processRefund() , /refund )

  • Invoices/billing (generateInvoice() , createBill() )

  • Currency conversion (convertCurrency() )

Min Priority: 20

Why Critical: Money loss, fraud, legal compliance

  1. Security Flows (Priority 20+)

What: Authentication, authorization, encryption

Examples:

  • Login/logout (/login , authenticate() )

  • Token refresh (/refresh-token , refreshAccessToken() )

  • Password reset (/forgot-password , resetPassword() )

  • Permissions/RBAC (checkPermission() , hasRole() )

  • Encryption/hashing (custom crypto logic, NOT bcrypt/argon2)

  • API key validation (validateApiKey() )

Min Priority: 20

Why Critical: Security breach, data leak, unauthorized access

  1. Data Integrity (Priority 15+)

What: CRUD operations, transactions, validation

Examples:

  • Critical CRUD (createUser() , deleteOrder() , updateProduct() )

  • Database transactions (withTransaction() )

  • Data validation (custom validators, NOT framework defaults)

  • Data migrations (runMigration() )

  • Unique constraints (checkDuplicateEmail() )

Min Priority: 15

Why Critical: Data corruption, lost data, inconsistent state

  1. Core User Journeys (Priority 15+)

What: Multi-step flows critical to business

Examples:

  • Registration -> Email verification -> Onboarding

  • Search -> Product details -> Add to cart -> Checkout

  • Upload file -> Process -> Download result

  • Submit form -> Approval workflow -> Notification

Min Priority: 15

Why Critical: Broken user flow = lost customers

Audit Rules

  1. Identify Critical Paths

Process:

  • Scan codebase for money-related keywords: payment , refund , discount , tax , price , currency

  • Scan for security keywords: auth , login , password , token , permission , encrypt

  • Scan for data keywords: transaction , validation , migration , constraint

  • Scan for user journeys: multi-step flows in routes/controllers

  1. Check Test Coverage

For each critical path:

  • Search test files for matching test name/description

  • If NO test found -> add to missing tests list

  • If test found but inadequate (only positive, no edge cases) -> add to gaps list

  1. Categorize Gaps

Severity by Priority:

  • CRITICAL: Priority 20+ (Money, Security)

  • HIGH: Priority 15-19 (Data, Core Flows)

  • MEDIUM: Priority 10-14 (Important but not critical)

  • Downgrade when: Function already covered by E2E test -> LOW. Helper with <10 lines called from tested code -> skip

  1. Provide Justification

For each missing test:

  • Explain WHY it's critical (money loss, security breach, etc.)

  • Suggest test type (E2E, Integration, Unit)

  • Estimate effort (S/M/L)

Scoring Algorithm

MANDATORY READ: Load shared/references/audit_worker_core_contract.md and shared/references/audit_scoring.md .

Severity mapping by Priority:

  • Priority 20+ (Money, Security) missing test -> CRITICAL

  • Priority 15-19 (Data Integrity, Core Flows) missing test -> HIGH

  • Priority 10-14 (Important) missing test -> MEDIUM

  • Priority <10 (Nice-to-have) -> LOW

Output Format

MANDATORY READ: Load shared/references/audit_worker_core_contract.md and shared/templates/audit_worker_report_template.md .

Write JSON summary per shared/references/audit_summary_contract.md . In managed mode the caller passes both runId and summaryArtifactPath ; in standalone mode the worker generates its own run-scoped artifact path per shared contract.

Write report to {output_dir}/ln-634--{identifier}.md (global) or {output_dir}/ln-634--{identifier}.md (domain-aware) with category: "Coverage Gaps" and checks: money_flow_coverage, security_flow_coverage, data_integrity_coverage, core_journey_coverage.

Return summary per shared/references/audit_summary_contract.md .

When summaryArtifactPath is absent, write the standalone runtime summary under .hex-skills/runtime-artifacts/runs/{run_id}/evaluation-worker/{worker}--{identifier}.json and optionally echo the same summary in structured output.

Report written: .hex-skills/runtime-artifacts/runs/{run_id}/audit-report/ln-634--{identifier}.md Score: X.X/10 | Issues: N (C:N H:N M:N L:N)

Critical Rules

MANDATORY READ: Load shared/references/audit_worker_core_contract.md .

  • Domain-aware scanning: If domain_mode="domain-aware" , scan ONLY scan_path production code (not entire codebase)

  • Tag findings: Include domain field in each finding when domain-aware

  • Test search scope: Search ALL test files for coverage (tests may be in different location than production code)

  • Match by name: Use function name, module name, or test description to match tests to production code

Definition of Done

MANDATORY READ: Load shared/references/audit_worker_core_contract.md .

  • contextStore parsed successfully (including output_dir, domain_mode, current_domain)

  • scan_path determined (domain path or codebase root)

  • Critical paths identified in scan_path (Money, Security, Data, Core Flows)

  • Test coverage checked for each critical path

  • Missing tests collected with severity, priority, justification, domain

  • Score calculated using penalty algorithm

  • Report written to {output_dir}/ln-634--{identifier}.md or ln-634--{identifier}.md (atomic single Write call)

  • Summary written per contract

Reference Files

  • Audit output schema: shared/references/audit_output_schema.md

Version: 3.0.0 Last Updated: 2025-12-23

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

ln-624-code-quality-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
376-levnikolaevich
Security

ln-620-codebase-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
318-levnikolaevich
Security

ln-626-dead-code-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
316-levnikolaevich
Security

ln-621-security-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
302-levnikolaevich