Дмитрийdocs/audit — audit procedures and artifacts
This directory is the home of the D3 «Аудит и управление рисками» section of
the automation map (docs/automation-graph.html). It holds repeatable audit
procedures and their artifacts.
Toolset
/security-review— the customized Anthropic security-review command (.claude/commands/security-review.md).- Trail of Bits Skills — the
trailofbitsmarketplace audit plugins. - Security Guidance — the Anthropic warn-only inline-vulnerability hook.
audit-portal— the project skill encoding the 14-phase portal audit.
Boundaries
- Closed decisions and their residual risks →
docs/adr/(see ADR-003). - Open product, business, and legal risks →
docs/Открытые_вопросы_v8_3.md.
Procedures
toolchain-attack-surface.md— manual audit of the Claude Code plugin and MCP-server attack surface.