Summary
Runs a battery of nine static analysis tools to find hardcoded values, magic numbers, and leaked secrets in your codebase. It's overkill in a good way: combines Python-specific tools like Ruff PLR2004 and Bandit with language-agnostic scanners like ast-grep, Semgrep, TruffleHog for entropy detection, and Gitleaks for regex-based secret scanning. You get both JSON and compiler-style text output showing exactly where constants need extraction or credentials are exposed. Use it when you're doing a security audit, tracking down configuration that should be in environment variables, or just want to find all those mystery numbers scattered through the code. The preflight check is smart, the tool matrix is well documented, and it respects .gitignore so you won't scan node_modules for an hour.
Install to Claude Code
npx -y skills add terrylica/cc-skills --skill code-hardcode-audit --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →First SeenJun 3, 2026
