Skip to content

[AUDIT] Project-wide improvement tracker — 10 sustainable optimizations #131

Description

@muraschal

Management summary

A four-lens self-review (frontend/UX · prompt library · repo engineering · product strategy) of the whole project surfaced 10 high-leverage, durable improvements — a mix of cheap integrity hardening, SEO/content leverage on already-built assets, and strategic distribution bets. The codebase is in genuinely strong shape (it dogfoods its own audits); these are the real levers, not nitpicks.

In progress now (autonomous): items 1–3 (the release/CI-automation cluster) are being implemented end-to-end → #128, #129, #130.


Tier A — Integrity & quality floor

# Finding Effort Issue
1 Automate checksum regeneration + CI-enforce it. Trust anchor rots on any manual miss (fired live this session). Fold regen into bump-version.mjs; add an un-gated CI diff check. M #128
2 Self-verifying releases. Tag-triggered gate asserting the 3 version pins (full-audit, llms.txt, content.ts VERSION) == git tag. M #129
3 ESLint + jsx-a11y gate in web CI. The one missing quality floor; dogfoods the project's own a11y/frontend audits. S #130
4 Kill silent i18n/detail drift. principleDe/proofRows are index-coupled to content.ts; audit-details.ts (57 KB) + i18n.ts untested. Re-key by stable id + invariant tests (every key has en+de; counts match). M todo
5 Fix the front door. llms.txt:4-6 summary enumerates 12 audits and omits lean — the newest differentiating template is invisible in the first paragraph an agent reads. S todo

Tier B — Distribution & SEO (compounds on the new per-audit subpages)

# Finding Effort Issue
6 Turn the 26 audit pages into ranking destinations. Add each audit's real domain checklist + standards-with-explanations as content; add TechArticle+BreadcrumbList JSON-LD (subpages currently have none). S–M todo
7 Per-audit OG share images. All 13 detail pages share one site-wide OG image; renderOgImage already takes {title, subtitle}. M todo
8 Make the output visible + prove the differentiator. A /reports gallery of full real audits on well-known OSS repos + a "why this isn't AI slop" exhibit (refuted findings; vs a naive single-prompt audit). Biggest activation + trust lever. M todo

Tier C — Strategic bets

# Finding Effort Issue
9 Meet users where the agents live. Package as an MCP server / installable skill (@auditor run security); optionally a thin checksum-verifying npx/GitHub-Action runner for CI re-audits. M–L todo
10 Harden the prompt contract + lower contribution friction. Normalize repo-audit to the canonical skeleton; extend check-prompts.mjs to enforce heading order + required finding-schema fields; document the trust root; English CONTRIBUTING + CODEOWNERS + Prettier. M todo

Bonus micro-wins

  • optimizePackageImports: ["lucide-react"] in next.config — durable bundle hygiene.
  • title.template: "%s — auditor" in shell.tsx — stop hand-rolling the suffix per route.

Progress

Generated from a 4-agent self-review. Items 1–3 are being implemented autonomously; 4–10 are queued for prioritization.

Metadata

Metadata

Assignees

No one assigned

    Labels

    auditBefund aus einem auditor-AudittrackingTracking-/Epic-Issue

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions