Agent Skills: Auditing WoW Addons

>

UncategorizedID: falkicon/mechanic/s-audit

Repository

FalkiconLicense: NOASSERTION
174

Install this agent skill to your local

pnpm dlx add-skill https://github.com/Falkicon/Mechanic/tree/HEAD/.agent/skills/s-audit

Skill Files

Browse the full folder contents for s-audit.

Download Skill

Loading file tree…

.agent/skills/s-audit/SKILL.md

Skill Metadata

Name
s-audit
Description
>

Auditing WoW Addons

Expert guidance for comprehensive addon quality analysis.

Related Commands

MCP Tools

| Task | MCP Tool | |------|----------| | Security Analysis | addon.security(addon="MyAddon") | | Complexity Analysis | addon.complexity(addon="MyAddon") | | Deprecation Scan | addon.deprecations(addon="MyAddon") | | Dead Code Detection | addon.deadcode(addon="MyAddon") |

Capabilities

  1. Security Analysis — Combat lockdown, secret values, taint, unsafe eval
  2. Complexity Analysis — Deep nesting, long functions, magic numbers, duplicates
  3. Deprecation Scanning — 100+ deprecated APIs with migration paths
  4. Dead Code Detection — Unused functions, orphaned files, dead exports

Analysis Categories

Security (addon.security)

| Category | Description | Severity | |----------|-------------|----------| | combat_violation | Protected API without InCombatLockdown() guard | Error | | secret_leak | Logging/storing secret values (12.0+) | Error | | taint_risk | Unsafe global modifications | Warning | | unsafe_eval | loadstring/RunScript with variable input | Warning | | addon_comm | Unvalidated message parsing | Info |

Complexity (addon.complexity)

| Category | Threshold | Description | |----------|-----------|-------------| | deep_nesting | > 5 levels | Excessive if/for/while nesting | | long_function | > 100 lines | Functions too long to understand | | long_file | > 500 lines | Files that should be split | | magic_number | pattern-based | Unexplained numeric literals | | duplicate_code | > 10 lines | Near-identical code blocks |

Deprecations (addon.deprecations)

| Category | Example APIs | Since | |----------|--------------|-------| | addons | GetAddOnInfo → C_AddOns.GetAddOnInfo | 11.0 | | spells | GetSpellInfo → C_Spell.GetSpellInfo | 11.0 | | items | GetItemInfo → C_Item.GetItemInfo | 11.0 | | containers | GetContainerItemInfo → C_Container | 10.0 | | unit | UnitHealth (returns secret for enemies) | 12.0 |

Dead Code (addon.deadcode)

| Category | Description | |----------|-------------| | unused_function | Functions defined but never called | | orphaned_file | Lua files not in TOC | | dead_export | Exported values never used | | unused_library | Libraries in Libs/ never used |

Workflow

Quick Audit

1. addon.security   → Critical issues (combat, secrets)
2. addon.deprecations (min_severity=error) → Breaking changes
3. Report critical findings

Full Audit

1. addon.security   → All security issues
2. addon.complexity → All maintainability issues
3. addon.deprecations → All deprecated APIs
4. addon.deadcode   → All dead code
5. Comprehensive report with priority order

Interpreting Results

Priority Order

  1. Critical (Fix immediately):

    • Combat lockdown violations (will cause bugs)
    • Secret value leaks (12.0+ breaking)
    • Deprecated APIs with severity: error
  2. High (Fix before release):

    • Taint risks
    • Deprecated APIs with severity: warning
    • Orphaned files
  3. Medium (Fix when convenient):

    • Deep nesting (maintainability)
    • Long functions
    • Magic numbers
  4. Low (Consider fixing):

    • Code duplicates
    • Suspicious dead code

Best Practices

  1. Run before release — Catch breaking changes early
  2. Start with critical — Security and deprecations first
  3. Filter by severity — Use include_suspicious=false for focused results
  4. Check 12.0 readiness — Secret value APIs are breaking changes
  5. Review complexity — High complexity = high bug risk