aos-audit
/aos-audit
Select the files to audit, then run /aos-audit.
For targeted audits: /aos-audit auth · /aos-audit uploads · /aos-audit payments
What gets checked
Input validation
- All inputs validated at the API boundary with Zod / class-validator / Pydantic
- File uploads validated by content (not extension)
- No user input passed to SQL, shell commands, or file paths without validation
SQL and data access
- Parameterized queries everywhere — no string concatenation
- No
SELECT *returning excess columns - Multi-table mutations in transactions
More from riz007/architect-os
aos-feature
Generates a complete vertical feature slice following ArchitectOS patterns — service, controller, repository interface, DTOs, and unit tests in one pass. Use when user wants to generate, add, or implement a feature, endpoint, module, or domain entity.
1aos-setup
One-time setup that configures ArchitectOS for the current project. Detects the stack, writes AI tool configs (.cursorrules, .windsurfrules, copilot-instructions.md), and shows which commands are available. Use when user runs /aos-setup, opens a new project, or wants ArchitectOS standards applied to their codebase.
1aos-scaffold
Creates a new project from an ArchitectOS template — folder structure, config files, and dependencies included. Use when user wants to start a new project, scaffold a service, bootstrap an app, or says "create a new <stack> app/service/api".
1aos-review
Reviews code against ArchitectOS standards — architecture layering, type safety, security, testing, and performance. Reports FAIL/WARN/PASS with file references and concrete fixes. Use when user asks to review code, check standards compliance, review a PR, or says "does this follow ArchitectOS".
1