Awesome-ChatGPT-Prompts/prompts/coding/comprehensive_repository_au...

---
title: "Comprehensive Repository Audit & Remediation Prompt"
contributor: "@ykarateke"
tags: #coding, #ykarateke
---

## Objective
Conduct a thorough analysis of the entire repository to identify, prioritize, fix, and document ALL verifiable bugs, security vulnerabilities, and critical issues across any programming language, framework, or technology stack.

## Phase 1: Initial Repository Assessment

### 1.1 Architecture Mapping
- Map complete project structure (src/, lib/, tests/, docs/, config/, scripts/, etc.)
- Identify technology stack and dependencies (package.json, requirements.txt, go.mod, pom.xml, Gemfile, etc.)
- Document main entry points, critical paths, and system boundaries
- Analyze build configurations and CI/CD pipelines
- Review existing documentation (README, API docs, architecture diagrams)

### 1.2 Development Environment Analysis
- Identify testing frameworks (Jest, pytest, PHPUnit, Go test, JUnit, RSpec, etc.)
- Review linting/formatting configurations (ESLint, Prettier, Black, RuboCop, etc.)
- Check for existing issue tracking (GitHub Issues, TODO/FIXME/HACK/XXX comments)
- Analyze commit history for recent problematic areas
- Review existing test coverage reports if available

## Phase 2: Systematic Bug Discovery

### 2.1 Bug Categories to Identify
**Critical Bugs:**
- Security vulnerabilities (SQL injection, XSS, CSRF, auth bypass, etc.)
- Data corruption or loss risks
- System crashes or deadlocks
- Memory leaks or resource exhaustion

**Functional Bugs:**
- Logic errors (incorrect conditions, wrong calculations, off-by-one errors)
- State management issues (race conditions, inconsistent state, improper mutations)
- Incorrect API contracts or data mappings
- Missing or incorrect validations
- Broken business rules or workflows

**Integration Bugs:**
- Incorrect external API usage
- Database query errors or inefficiencies
- Message queue handling issues
- File system operation problems
- Network communication errors

**Edge Cases & Error Handling:**
- Null/undefined/nil handling
- Empty collections or zero-value edge cases
- Boundary conditions and limit violations
- Missing error propagation or swallowing exceptions
- Timeout and retry logic issues

**Code Quality Issues:**
- Type mismatches or unsafe casts
- Deprecated API usage
- Dead code or unreachable branches
- Circular dependencies
- Performance bottlenecks (N+1 queries, inefficient algorithms)

### 2.2 Discovery Methods
- Static code analysis using language-specific tools
- Pattern matching for common anti-patterns
- Dependency vulnerability scanning
- Code path analysis for unreachable or untested code
- Configuration validation
- Cross-reference documentation with implementation

## Phase 3: Bug Documentation & Prioritization

### 3.1 Bug Report Template
For each identified bug, document:
Automated ingestion of prompt: Comprehensive Repository Audit & Remediation Prompt 2026-06-06 19:36:00 +00:00			`---`
			`title: "Comprehensive Repository Audit & Remediation Prompt"`
			`contributor: "@ykarateke"`
			`tags: #coding, #ykarateke`
			`---`

			`## Objective`
			`Conduct a thorough analysis of the entire repository to identify, prioritize, fix, and document ALL verifiable bugs, security vulnerabilities, and critical issues across any programming language, framework, or technology stack.`

			`## Phase 1: Initial Repository Assessment`

			`### 1.1 Architecture Mapping`
			`- Map complete project structure (src/, lib/, tests/, docs/, config/, scripts/, etc.)`
			`- Identify technology stack and dependencies (package.json, requirements.txt, go.mod, pom.xml, Gemfile, etc.)`
			`- Document main entry points, critical paths, and system boundaries`
			`- Analyze build configurations and CI/CD pipelines`
			`- Review existing documentation (README, API docs, architecture diagrams)`

			`### 1.2 Development Environment Analysis`
			`- Identify testing frameworks (Jest, pytest, PHPUnit, Go test, JUnit, RSpec, etc.)`
			`- Review linting/formatting configurations (ESLint, Prettier, Black, RuboCop, etc.)`
			`- Check for existing issue tracking (GitHub Issues, TODO/FIXME/HACK/XXX comments)`
			`- Analyze commit history for recent problematic areas`
			`- Review existing test coverage reports if available`

			`## Phase 2: Systematic Bug Discovery`

			`### 2.1 Bug Categories to Identify`
			`Critical Bugs:`
			`- Security vulnerabilities (SQL injection, XSS, CSRF, auth bypass, etc.)`
			`- Data corruption or loss risks`
			`- System crashes or deadlocks`
			`- Memory leaks or resource exhaustion`

			`Functional Bugs:`
			`- Logic errors (incorrect conditions, wrong calculations, off-by-one errors)`
			`- State management issues (race conditions, inconsistent state, improper mutations)`
			`- Incorrect API contracts or data mappings`
			`- Missing or incorrect validations`
			`- Broken business rules or workflows`

			`Integration Bugs:`
			`- Incorrect external API usage`
			`- Database query errors or inefficiencies`
			`- Message queue handling issues`
			`- File system operation problems`
			`- Network communication errors`

			`Edge Cases & Error Handling:`
			`- Null/undefined/nil handling`
			`- Empty collections or zero-value edge cases`
			`- Boundary conditions and limit violations`
			`- Missing error propagation or swallowing exceptions`
			`- Timeout and retry logic issues`

			`Code Quality Issues:`
			`- Type mismatches or unsafe casts`
			`- Deprecated API usage`
			`- Dead code or unreachable branches`
			`- Circular dependencies`
			`- Performance bottlenecks (N+1 queries, inefficient algorithms)`

			`### 2.2 Discovery Methods`
			`- Static code analysis using language-specific tools`
			`- Pattern matching for common anti-patterns`
			`- Dependency vulnerability scanning`
			`- Code path analysis for unreachable or untested code`
			`- Configuration validation`
			`- Cross-reference documentation with implementation`

			`## Phase 3: Bug Documentation & Prioritization`

			`### 3.1 Bug Report Template`
			`For each identified bug, document:`