Skills
.Work. You
Rest

route-auditor

Community

Automated API route compliance checks

Software Engineering#security#jwt#zod#nextjs#prisma#code-review#api-audit
AuthorCleanExpo
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Many Next.js API route handlers drift from established security and architecture patterns, introducing vulnerabilities like raw JWT verification, missing validation, exposed error messages, duplicate utilities, and missing organization scoping; this Skill finds those issues before they reach production and enforces the SYNTHEX route standard.

Core Features & Use Cases

  • Critical enforcement checks: Detects raw jwt.verify usage, forbidden as any casts, and duplicated local JWT utilities.
  • Higher-level validations: Ensures Zod input validation, sanitized error responses, proper Prisma scoping by user/org, and correct NextRequest types.
  • Automated fixes & reporting: Produces grouped reports with line numbers, suggested fixes, and can safely auto-apply fixes for a subset of issues.
  • Integration & workflows: Run during route creation, PR reviews, bulk audits across app/api/, or as part of a senior-reviewer agent pipeline.

Quick Start

Run a full audit on app/api/ to identify auth drift, missing validation, and org-scoping gaps and receive a grouped report with suggested fixes.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: route-auditor
Download link: https://github.com/CleanExpo/Synthex/archive/main.zip#route-auditor

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.