vm-codebase-audit

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Codebase Audit Skill

代码库审计Skill

Comprehensive codebase auditing with SEO, security, performance, accessibility, and technical checks.

针对代码库进行全面审计，涵盖SEO、安全、性能、可访问性及技术检查。

Mode Selection

模式选择

ALWAYS start by asking the user to select a mode using the ask_user_input tool:

python

ask_user_input_v0({
  "questions": [
    {
      "question": "Select audit mode:",
      "type": "single_select",
      "options": [
        "Normal - Core checks (technical, content, mobile, UX, security, accessibility)",
        "Strict - Normal + performance, links, crawlability, schema, URL structure",
        "Expert - All checks including E-E-A-T, legal, social, local SEO, video"
      ]
    },
    {
      "question": "Select operation type:",
      "type": "single_select",
      "options": [
        "Complete Audit - Full codebase crawl with cross-reference analysis",
        "PR Review - Uncommitted changes only"
      ]
    }
  ]
})

After mode selection, respond:

AWESOME! The CLANKER is now... Loading... bEEp BooP 🤖

Then proceed with the audit.

请始终先使用ask_user_input工具让用户选择模式：

python

ask_user_input_v0({
  "questions": [
    {
      "question": "Select audit mode:",
      "type": "single_select",
      "options": [
        "Normal - Core checks (technical, content, mobile, UX, security, accessibility)",
        "Strict - Normal + performance, links, crawlability, schema, URL structure",
        "Expert - All checks including E-E-A-T, legal, social, local SEO, video"
      ]
    },
    {
      "question": "Select operation type:",
      "type": "single_select",
      "options": [
        "Complete Audit - Full codebase crawl with cross-reference analysis",
        "PR Review - Uncommitted changes only"
      ]
    }
  ]
})

用户选择模式后，回复：

太棒了！CLANKER正在...加载中...哔 啵 🤖

随后开始执行审计。

Execution Strategy

执行策略

PR Review Mode

PR审查模式

Run
```
git status
```
and
```
git diff
```
to find uncommitted changes
Analyze only modified/new files
Focus on changes that impact audit categories
Cross-reference with related files when necessary

运行
```
git status
```
和
```
git diff
```
查找未提交的变更
仅分析已修改/新增的文件
重点关注会影响审计类别的变更
必要时与相关文件进行交叉引用

Complete Audit Mode

完整审计模式

Scan entire codebase recursively
Build file inventory with categorization
Analyze each file against audit rules
Cross-reference across files for consistency
Generate comprehensive report

递归扫描整个代码库
构建带分类的文件清单
根据审计规则分析每个文件
跨文件交叉引用以确保一致性
生成综合报告

Audit Categories by Mode

各模式对应的审计类别

Normal Mode

普通模式

Technical Problems
Content Quality
Mobile Friendliness
User Experience
Security
Accessibility

技术故障
内容质量
移动端适配性
用户体验
安全
可访问性

Strict Mode (Normal +)

严格模式（普通模式+）

Performance
Links (internal/external)
Crawlability
Schema.org Markup
URL Structure
Keyword Analysis

性能
链接（内部/外部）
可抓取性
Schema.org标记
URL结构
关键词分析

Expert Mode (Strict +)

专家模式（严格模式+）

E-E-A-T (Expertise, Experience, Authority, Trust)
Legal Compliance
Social Media Integration
Local SEO
Video Optimization
Dead Code Detection
Code Consistency

E-E-A-T（专业度、体验度、权威性、可信度）
合规性
社交媒体集成
本地SEO
视频优化
死代码检测
代码一致性

Audit Rules

审计规则

SEO Issues

SEO问题

Meta Tags (Error: 9)

python

undefined

元标签（错误等级：9）

python

undefined

Check: Missing or duplicate meta descriptions

检查：缺失或重复的元描述

Example:

示例：


**Title Tags** (Error: 10)
```python


**标题标签**（错误等级：10）
```python

Check: Title length, uniqueness, keyword placement

检查：标题长度、唯一性、关键词位置

<title>Home</title> # ❌ Generic, too short <title>Premium Running Shoes | Brand Name - Shop Now</title> # ✅ Optimal (50-60 chars) ```

Canonical URLs (Warning: 8)

html

<!-- Check: Missing or incorrect canonical tags -->
<link rel="canonical" href="http://example.com/page"> <!-- ❌ HTTP not HTTPS -->
<link rel="canonical" href="https://example.com/page"> <!-- ✅ Correct -->

Open Graph (Warning: 6)

html

<!-- Check: Missing OG tags for social sharing -->
<meta property="og:title" content="Page Title">
<meta property="og:description" content="Description">
<meta property="og:image" content="https://example.com/image.jpg">
<meta property="og:url" content="https://example.com/page">

<title>Home</title> # ❌ 通用化且过短 <title>Premium Running Shoes | Brand Name - Shop Now</title> # ✅ 最优（50-60字符） ```

规范URL（警告等级：8）

html

<!-- 检查：缺失或错误的规范标签 -->
<link rel="canonical" href="http://example.com/page"> <!-- ❌ 使用HTTP而非HTTPS -->
<link rel="canonical" href="https://example.com/page"> <!-- ✅ 正确 -->

Open Graph标签（警告等级：6）

html

<!-- 检查：缺失用于社交分享的OG标签 -->
<meta property="og:title" content="Page Title">
<meta property="og:description" content="Description">
<meta property="og:image" content="https://example.com/image.jpg">
<meta property="og:url" content="https://example.com/page">

Technical Problems

技术故障

Broken Links (Error: 9)

python

undefined

失效链接（错误等级：9）

python

undefined

Check: 404s, redirect chains, external link validity

检查：404错误、重定向链、外部链接有效性

Detect:

检测：

Dead internal links: <a href="/deleted-page">
Redirect chains: /a → /b → /c (max 1 redirect)
Broken external: <a href="https://dead-site.com">


**Redirect Chains** (Warning: 7)
```python

失效内部链接：<a href="/deleted-page">
重定向链：/a → /b → /c（最多允许1次重定向）
失效外部链接：<a href="https://dead-site.com">


**重定向链**（警告等级：7）
```python

Check: Multiple redirects before final destination

检查：最终目标前存在多次重定向

Example:

示例：

/old → /temp → /new # ❌ 2 hops /old → /new # ✅ 1 hop


**Mobile Friendliness** (Error: 9)
```html
<!-- Check: Viewport meta, responsive design -->
<!-- Missing viewport: -->
❌ No viewport tag

<!-- Correct: -->
✅ <meta name="viewport" content="width=device-width, initial-scale=1">

Mixed Content (Error: 10)

html

<!-- Check: HTTP resources on HTTPS pages -->
<script src="http://example.com/script.js"> <!-- ❌ HTTP on HTTPS page -->
<script src="https://example.com/script.js"> <!-- ✅ HTTPS -->

/old → /temp → /new # ❌ 2次跳转 /old → /new # ✅ 1次跳转


**移动端适配性**（错误等级：9）
```html
<!-- 检查：视口元标签、响应式设计 -->
<!-- 缺失视口标签： -->
❌ 无viewport标签

<!-- 正确写法： -->
✅ <meta name="viewport" content="width=device-width, initial-scale=1">

混合内容（错误等级：10）

html

<!-- 检查：HTTPS页面中存在HTTP资源 -->
<script src="http://example.com/script.js"> <!-- ❌ HTTPS页面使用HTTP资源 -->
<script src="https://example.com/script.js"> <!-- ✅ 使用HTTPS -->

Performance

性能

Page Load Time (Warning: 8)

python

undefined

页面加载时间（警告等级：8）

python

undefined

Check: Bundle size, render-blocking resources

检查：包大小、阻塞渲染的资源

Detect:

检测：

Large JS bundles (> 200KB)
Unminified CSS/JS
Missing compression (gzip/brotli)
Render-blocking scripts in <head>


**Resource Usage** (Warning: 6)
```javascript
// Check: Unused dependencies, duplicate code
// Example:
import { huge-library } from 'library'; // ❌ Full library import
import { specific-function } from 'library'; // ✅ Tree-shaking friendly

Caching (Warning: 7)

python

undefined

大型JS包（>200KB）
未压缩的CSS/JS
缺失压缩（gzip/brotli）
<head>中存在阻塞渲染的脚本


**资源使用**（警告等级：6）
```javascript
// 检查：未使用的依赖、重复代码
// 示例：
import { huge-library } from 'library'; // ❌ 导入完整库
import { specific-function } from 'library'; // ✅ 支持摇树优化

缓存（警告等级：7）

python

undefined

Check: Cache headers, static asset versioning

检查：缓存头、静态资源版本控制

Example:

示例：

Cache-Control: no-cache # ❌ Not cached Cache-Control: public, max-age=31536000 # ✅ Long-term cache for static assets


**Image Optimization** (Warning: 8)
```html
<!-- Check: Format, size, lazy loading -->
<img src="photo.png" width="2000"> <!-- ❌ Large PNG, not optimized -->
<img src="photo.webp" loading="lazy" width="800"> <!-- ✅ WebP, lazy load -->

Cache-Control: no-cache # ❌ 不缓存 Cache-Control: public, max-age=31536000 # ✅ 静态资源长期缓存


**图片优化**（警告等级：8）
```html
<!-- 检查：格式、大小、懒加载 -->
<img src="photo.png" width="2000"> <!-- ❌ 大型PNG，未优化 -->
<img src="photo.webp" loading="lazy" width="800"> <!-- ✅ WebP格式，懒加载 -->

Content Quality

内容质量

Heading Structure (Warning: 7)

html

<!-- Check: H1 uniqueness, logical hierarchy -->
<h1>Title</h1>
<h3>Subtitle</h3> <!-- ❌ Skipped H2 -->

<h1>Title</h1>
<h2>Section</h2> <!-- ✅ Correct order -->

Image Alt Text (Error: 9)

html

<!-- Check: Missing alt, decorative images -->
<img src="photo.jpg"> <!-- ❌ Missing alt -->
<img src="photo.jpg" alt=""> <!-- ✅ Decorative (intentionally empty) -->
<img src="photo.jpg" alt="Red sports car on mountain road"> <!-- ✅ Descriptive -->

Content Analysis (Notice: 5)

python

undefined

标题层级结构（警告等级：7）

html

<!-- 检查：H1唯一性、逻辑层级 -->
<h1>Title</h1>
<h3>Subtitle</h3> <!-- ❌ 跳过H2 -->

<h1>Title</h1>
<h2>Section</h2> <!-- ✅ 正确顺序 -->

图片替代文本（错误等级：9）

html

<!-- 检查：缺失alt文本、装饰性图片 -->
<img src="photo.jpg"> <!-- ❌ 缺失alt -->
<img src="photo.jpg" alt=""> <!-- ✅ 装饰性图片（故意留空） -->
<img src="photo.jpg" alt="Red sports car on mountain road"> <!-- ✅ 描述性文本 -->

内容分析（提示等级：5）

python

undefined

Check: Reading level, thin content, keyword stuffing

检查：阅读难度、内容单薄、关键词堆砌

Detect:

检测：

Pages < 300 words (thin content)
Keyword density > 3% (stuffing)
Duplicate content across pages

undefined

页面内容<300词（内容单薄）
关键词密度>3%（堆砌）
跨页面重复内容

undefined

Security

安全

Leaked Secrets (Error: 10)

python

undefined

密钥泄露（错误等级：10）

python

undefined

Check: API keys, passwords, tokens in code

检查：代码中的API密钥、密码、令牌

Detect patterns:

检测模式：

API_KEY = "sk-1234567890abcdef" # ❌ Exposed secret PASSWORD = "admin123" # ❌ Hardcoded password DB_CONNECTION = "postgres://user:pass@host" # ❌ Credentials in code

API_KEY = "sk-1234567890abcdef" # ❌ 暴露的密钥 PASSWORD = "admin123" # ❌ 硬编码密码 DB_CONNECTION = "postgres://user:pass@host" # ❌ 代码中包含凭证

✅ Use environment variables

✅ 使用环境变量

API_KEY = os.getenv('API_KEY')


**HTTPS Usage** (Error: 10)
```python

API_KEY = os.getenv('API_KEY')


**HTTPS使用**（错误等级：10）
```python

Check: All resources over HTTPS

检查：所有资源均使用HTTPS

Detect:

检测：

http://api.example.com # ❌ HTTP API https://api.example.com # ✅ HTTPS


**Security Headers** (Warning: 8)
```python

http://api.example.com # ❌ HTTP API https://api.example.com # ✅ HTTPS API


**安全头**（警告等级：8）
```python

Check: CSP, HSTS, X-Frame-Options, etc.

检查：CSP、HSTS、X-Frame-Options等

Required headers:

必填头：

Content-Security-Policy: default-src 'self' Strict-Transport-Security: max-age=31536000 X-Frame-Options: DENY X-Content-Type-Options: nosniff


**Dependencies** (Warning: 7)
```python

Content-Security-Policy: default-src 'self' Strict-Transport-Security: max-age=31536000 X-Frame-Options: DENY X-Content-Type-Options: nosniff


**依赖项**（警告等级：7）
```python

Check: Known vulnerabilities in package.json/requirements.txt

检查：package.json/requirements.txt中的已知漏洞

Flag outdated packages with CVEs

标记存在CVE的过时包

undefined

undefined

Accessibility

可访问性

Color Contrast (Error: 8)

css

/* Check: WCAG AA compliance (4.5:1 for normal text) */
.text { color: #777; background: #fff; } /* ❌ 4.47:1 - Fails AA */
.text { color: #666; background: #fff; } /* ✅ 5.74:1 - Passes AA */

Keyboard Navigation (Error: 9)

html

<!-- Check: Tab order, focus indicators -->
<div onclick="submit()"> <!-- ❌ Not keyboard accessible -->
<button onclick="submit()"> <!-- ✅ Keyboard accessible -->

<a href="#" style="outline: none;"> <!-- ❌ Removed focus outline -->
<a href="#"> <!-- ✅ Default focus visible -->

ARIA Labels (Warning: 7)

html

<!-- Check: Proper ARIA usage -->
<button>⚙️</button> <!-- ❌ Icon only, no label -->
<button aria-label="Settings">⚙️</button> <!-- ✅ Accessible label -->

Form Labels (Error: 9)

html

<!-- Check: Every input has associated label -->
<input type="text" placeholder="Email"> <!-- ❌ Placeholder not label -->
<label for="email">Email</label>
<input type="text" id="email"> <!-- ✅ Proper label -->

颜色对比度（错误等级：8）

css

/* 检查：符合WCAG AA标准（普通文本对比度4.5:1） */
.text { color: #777; background: #fff; } /* ❌ 4.47:1 - 未通过AA标准 */
.text { color: #666; background: #fff; } /* ✅ 5.74:1 - 通过AA标准 */

键盘导航（错误等级：9）

html

<!-- 检查：Tab顺序、焦点指示器 -->
<div onclick="submit()"> <!-- ❌ 无法通过键盘访问 -->
<button onclick="submit()"> <!-- ✅ 可通过键盘访问 -->

<a href="#" style="outline: none;"> <!-- ❌ 移除了焦点轮廓 -->
<a href="#"> <!-- ✅ 默认可见焦点 -->

ARIA标签（警告等级：7）

html

<!-- 检查：正确使用ARIA -->
<button>⚙️</button> <!-- ❌ 仅图标，无标签 -->
<button aria-label="Settings">⚙️</button> <!-- ✅ 可访问标签 -->

表单标签（错误等级：9）

html

<!-- 检查：每个输入框都有关联标签 -->
<input type="text" placeholder="Email"> <!-- ❌ 占位符不能替代标签 -->
<label for="email">Email</label>
<input type="text" id="email"> <!-- ✅ 正确关联标签 -->

User Experience

用户体验

Form Validation (Warning: 6)

javascript

// Check: Client-side validation, error messages
// Example:
<input type="email"> // ✅ HTML5 validation
<input type="text"> // ❌ No validation for email field

// Error messages:
"Invalid" // ❌ Not helpful
"Please enter a valid email address" // ✅ Clear guidance

Error Handling (Warning: 7)

javascript

// Check: User-friendly error pages, fallbacks
try {
  fetchData();
} catch (e) {
  console.log(e); // ❌ Silent failure
}

try {
  fetchData();
} catch (e) {
  showErrorMessage("Unable to load data. Please try again."); // ✅ User feedback
}

User Flow (Notice: 5)

python

undefined

表单验证（警告等级：6）

javascript

// 检查：客户端验证、错误提示
// 示例：
<input type="email"> // ✅ HTML5原生验证
<input type="text"> // ❌ 邮箱字段无验证

// 错误提示：
"Invalid" // ❌ 无帮助性
"Please enter a valid email address" // ✅ 清晰指引

错误处理（警告等级：7）

javascript

// 检查：用户友好的错误页面、降级方案
try {
  fetchData();
} catch (e) {
  console.log(e); // ❌ 静默失败
}

try {
  fetchData();
} catch (e) {
  showErrorMessage("Unable to load data. Please try again."); // ✅ 用户反馈
}

用户流程（提示等级：5）

python

undefined

Check: Dead ends, broken checkout flows, complex navigation

检查：死胡同、失效的结账流程、复杂导航

Analyze:

分析：

Pages with no CTA
Forms with > 10 fields (break into steps)
Navigation depth > 4 levels

undefined

无CTA的页面
字段>10个的表单（建议拆分步骤）
导航深度>4级

undefined

链接

Broken Internal Links (Error: 9)

html

<!-- Check: All internal links resolve -->
<a href="/deleted-page">Link</a> <!-- ❌ 404 -->
<a href="/existing-page">Link</a> <!-- ✅ Valid -->

External Link Validation (Warning: 6)

python

undefined

失效内部链接（错误等级：9）

html

<!-- 检查：所有内部链接均可访问 -->
<a href="/deleted-page">Link</a> <!-- ❌ 404错误 -->
<a href="/existing-page">Link</a> <!-- ✅ 有效链接 -->

外部链接验证（警告等级：6）

python

undefined

Check: External links return 200, have rel="noopener" for security

检查：外部链接返回200状态码，为安全添加rel="noopener"

<a href="https://external.com" target="_blank"> # ❌ Missing rel <a href="https://external.com" target="_blank" rel="noopener noreferrer"> # ✅ Secure


**Anchor Text** (Notice: 4)
```html
<!-- Check: Descriptive anchor text -->
<a href="/page">Click here</a> <!-- ❌ Generic -->
<a href="/page">Read our privacy policy</a> <!-- ✅ Descriptive -->

<a href="https://external.com" target="_blank"> # ❌ 缺失rel属性 <a href="https://external.com" target="_blank" rel="noopener noreferrer"> # ✅ 安全配置


**锚文本**（提示等级：4）
```html
<!-- 检查：描述性锚文本 -->
<a href="/page">Click here</a> <!-- ❌ 通用化 -->
<a href="/page">Read our privacy policy</a> <!-- ✅ 描述性文本 -->

E-E-A-T (Expert Mode)

E-E-A-T（专家模式）

Expertise (Notice: 6)

python

undefined

专业度（提示等级：6）

python

undefined

Check: Author credentials, bio pages

检查：作者资质、个人简介页面

Detect:

检测：

Missing author bylines
No author bio/credentials
Lack of citations/references


**Experience** (Notice: 5)
```python

缺失作者署名
无作者简介/资质
缺乏引用/参考资料


**体验度**（提示等级：5）
```python

Check: First-hand experience indicators

检查：一手体验指标

Look for:

查找：

Personal anecdotes
Original research
Case studies
Product testing details


**Authority** (Notice: 6)
```python

个人轶事
原创研究
案例研究
产品测试细节


**权威性**（提示等级：6）
```python

Check: Domain authority signals

检查：域名权威信号

Analyze:

分析：

Backlinks from authoritative sites
Industry recognition
Expert endorsements


**Trustworthiness** (Warning: 7)
```python

权威网站的反向链接
行业认可
专家背书


**可信度**（警告等级：7）
```python

Check: Trust signals

检查：信任信号

Detect:

检测：

Missing contact information
No privacy policy
Insecure forms (HTTP)
Fake reviews

undefined

缺失联系信息
无隐私政策
不安全的表单（HTTP）
虚假评论

undefined

Crawlability (Strict/Expert Mode)

可抓取性（严格/专家模式）

robots.txt (Warning: 7)

python

undefined

robots.txt（警告等级：7）

python

undefined

Check: Proper robots.txt configuration

检查：正确配置robots.txt

Issues:

问题：

User-agent: * Disallow: / # ❌ Blocks all crawlers

User-agent: * Disallow: /admin/ # ✅ Selective blocking Allow: /


**Sitemap.xml** (Warning: 6)
```xml
<!-- Check: Valid sitemap, submitted to search engines -->
<!-- Missing: -->
❌ No sitemap.xml found

<!-- Valid: -->
✅ sitemap.xml with < 50,000 URLs, submitted to GSC

Meta Robots (Warning: 7)

html

<!-- Check: Proper indexing directives -->
<meta name="robots" content="noindex, nofollow"> <!-- ❌ Blocking important page -->
<meta name="robots" content="index, follow"> <!-- ✅ Allowing indexing -->

User-agent: * Disallow: / # ❌ 阻止所有爬虫

User-agent: * Disallow: /admin/ # ✅ 选择性阻止 Allow: /


**Sitemap.xml**（警告等级：6）
```xml
<!-- 检查：有效的站点地图，已提交至搜索引擎 -->
<!-- 缺失： -->
❌ 未找到sitemap.xml

<!-- 有效配置： -->
✅ sitemap.xml包含<50000个URL，已提交至GSC

Meta Robots（警告等级：7）

html

<!-- 检查：正确的索引指令 -->
<meta name="robots" content="noindex, nofollow"> <!-- ❌ 阻止重要页面索引 -->
<meta name="robots" content="index, follow"> <!-- ✅ 允许索引 -->

Schema Markup (Strict/Expert Mode)

Schema标记（严格/专家模式）

Structured Data (Warning: 7)

html

<!-- Check: Valid Schema.org markup -->
<!-- Missing: -->
❌ No structured data on product page

<!-- Valid: -->
<script type="application/ld+json">
{
  "@context": "https://schema.org",
  "@type": "Product",
  "name": "Product Name",
  "offers": {
    "@type": "Offer",
    "price": "29.99",
    "priceCurrency": "USD"
  }
}
</script>

Rich Snippets (Notice: 5)

python

undefined

结构化数据（警告等级：7）

html

<!-- 检查：有效的Schema.org标记 -->
<!-- 缺失： -->
❌ 产品页面无结构化数据

<!-- 有效配置： -->
<script type="application/ld+json">
{
  "@context": "https://schema.org",
  "@type": "Product",
  "name": "Product Name",
  "offers": {
    "@type": "Offer",
    "price": "29.99",
    "priceCurrency": "USD"
  }
}
</script>

富摘要（提示等级：5）

python

undefined

Check: Breadcrumbs, Reviews, FAQ schema

检查：面包屑、评论、FAQ schema

Common schemas:

常见schema：

Product
Article
BreadcrumbList
FAQPage
Review

undefined

Product
Article
BreadcrumbList
FAQPage
Review

undefined

Legal Compliance (Expert Mode)

合规性（专家模式）

Privacy Policy (Warning: 8)

python

undefined

隐私政策（警告等级：8）

python

undefined

Check: Privacy policy exists, linked in footer, GDPR/CCPA compliant

检查：存在隐私政策，页脚有链接，符合GDPR/CCPA要求

Required elements:

必填要素：

Data collection disclosure
Cookie usage
Third-party sharing
User rights (access, deletion)


**Terms of Service** (Warning: 7)
```python

数据收集披露
Cookie使用说明
第三方共享说明
用户权利（访问、删除）


**服务条款**（警告等级：7）
```python

Check: ToS exists, clear user agreements

检查：存在服务条款，用户协议清晰

Required for:

适用场景：

E-commerce sites
SaaS platforms
User-generated content


**Cookie Consent** (Warning: 8)
```javascript
// Check: GDPR/CCPA cookie consent
// Required:
- Consent banner before tracking
- Opt-out mechanism
- Clear cookie policy

Accessibility Compliance (Warning: 9)

python

undefined

电商网站
SaaS平台
用户生成内容平台


**Cookie同意**（警告等级：8）
```javascript
// 检查：符合GDPR/CCPA的Cookie同意机制

Check: WCAG 2.1 AA compliance (ADA requirement)

必填项：

Critical:

—

All images have alt text
Forms are keyboard accessible
Color contrast meets standards
Screen reader compatibility

undefined

跟踪前显示同意横幅
退出机制
清晰的Cookie政策


**可访问性合规**（警告等级：9）
```python

Social Media (Expert Mode)

检查：符合WCAG 2.1 AA标准（ADA要求）

—

关键项：

Open Graph Validation (Warning: 6)

html

<!-- Check: Complete OG tags, correct image dimensions -->
<meta property="og:image" content="small.jpg" width="200"> <!-- ❌ Too small -->
<meta property="og:image" content="large.jpg" width="1200" height="630"> <!-- ✅ Optimal -->

Twitter Cards (Warning: 5)

html

<!-- Check: Twitter card meta tags -->
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:title" content="Page Title">
<meta name="twitter:image" content="https://example.com/image.jpg">

Social Share Buttons (Notice: 3)

python

undefined

所有图片均有alt文本
表单可通过键盘访问
颜色对比度达标
兼容屏幕阅读器

undefined

Check: Share buttons present, functional

社交媒体（专家模式）

Validate:

—

Share URLs encode properly
Open in new window
Include proper tracking parameters

undefined

Open Graph验证（警告等级：6）

html

<!-- 检查：完整的OG标签，正确的图片尺寸 -->
<meta property="og:image" content="small.jpg" width="200"> <!-- ❌ 尺寸过小 -->
<meta property="og:image" content="large.jpg" width="1200" height="630"> <!-- ✅ 最优尺寸 -->

Twitter卡片（警告等级：5）

html

<!-- 检查：Twitter卡片元标签 -->
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:title" content="Page Title">
<meta name="twitter:image" content="https://example.com/image.jpg">

社交分享按钮（提示等级：3）

python

undefined

URL Structure (Strict/Expert Mode)

检查：存在分享按钮且功能正常

—

验证：

URL Length (Warning: 5)

python

undefined

分享URL编码正确
在新窗口打开
包含正确的跟踪参数

undefined

Check: URL < 75 characters for optimal display

URL结构（严格/专家模式）

example.com/very/long/url/path/that/goes/on/forever # ❌ > 75 chars example.com/short-page # ✅ Concise


**Hyphens vs Underscores** (Notice: 4)
```python

URL长度（警告等级：5）

python

undefined

Check: Hyphens preferred over underscores

检查：URL<75字符以获得最佳显示效果

example.com/my_page # ❌ Underscores example.com/my-page # ✅ Hyphens (SEO-friendly)


**Keywords in URL** (Notice: 5)
```python

example.com/very/long/url/path/that/goes/on/forever # ❌ >75字符 example.com/short-page # ✅ 简洁


**连字符vs下划线**（提示等级：4）
```python

Check: Descriptive URLs with keywords

检查：优先使用连字符而非下划线

example.com/p=123 # ❌ No keywords example.com/running-shoes-men # ✅ Descriptive

undefined

example.com/my_page # ❌ 使用下划线 example.com/my-page # ✅ 使用连字符（SEO友好）


**URL中的关键词**（提示等级：5）
```python

Local SEO (Expert Mode)

检查：包含关键词的描述性URL

NAP Consistency (Warning: 8)

python

undefined

example.com/p=123 # ❌ 无关键词 example.com/running-shoes-men # ✅ 描述性URL

undefined

Check: Name, Address, Phone consistent across pages

本地SEO（专家模式）

Issues:

—

Footer: "123 Main St" Contact: "123 Main Street" # ❌ Inconsistent

NAP一致性（警告等级：8）

python

undefined

All pages should match exactly

检查：名称、地址、电话在所有页面保持一致

—

问题：


**Geo Metadata** (Warning: 6)
```html
<!-- Check: Geographic targeting -->
<meta name="geo.region" content="US-CA">
<meta name="geo.placename" content="San Francisco">
<meta name="geo.position" content="37.774929;-122.419415">

Local Business Schema (Warning: 7)

json

{
  "@context": "https://schema.org",
  "@type": "LocalBusiness",
  "name": "Business Name",
  "address": {
    "@type": "PostalAddress",
    "streetAddress": "123 Main St",
    "addressLocality": "San Francisco",
    "addressRegion": "CA",
    "postalCode": "94102"
  },
  "telephone": "+1-415-555-0100"
}

页脚："123 Main St" 联系页："123 Main Street" # ❌ 不一致

Video SEO (Expert Mode)

所有页面需完全匹配

VideoObject Schema (Warning: 7)

json

{
  "@context": "https://schema.org",
  "@type": "VideoObject",
  "name": "Video Title",
  "description": "Video description",
  "thumbnailUrl": "https://example.com/thumbnail.jpg",
  "uploadDate": "2024-01-15",
  "duration": "PT2M30S"
}

Video Accessibility (Error: 8)

html

<!-- Check: Captions, transcripts -->
<video>
  <source src="video.mp4">
  <track kind="captions" src="captions.vtt"> <!-- ✅ Captions -->
</video>


**地理元数据**（警告等级：6）
```html
<!-- 检查：地理定位 -->
<meta name="geo.region" content="US-CA">
<meta name="geo.placename" content="San Francisco">
<meta name="geo.position" content="37.774929;-122.419415">

本地商家Schema（警告等级：7）

json

{
  "@context": "https://schema.org",
  "@type": "LocalBusiness",
  "name": "Business Name",
  "address": {
    "@type": "PostalAddress",
    "streetAddress": "123 Main St",
    "addressLocality": "San Francisco",
    "addressRegion": "CA",
    "postalCode": "94102"
  },
  "telephone": "+1-415-555-0100"
}

Dead Code Detection (Expert Mode)

视频SEO（专家模式）

Unused Imports (Notice: 4)

javascript

// Check: Imported but never used
import { unused } from 'library'; // ❌ Never referenced
import { used } from 'library'; 
const result = used(); // ✅ Used

Unreachable Code (Warning: 6)

javascript

// Check: Code after return/throw
function example() {
  return true;
  console.log("Never runs"); // ❌ Unreachable
}

Duplicate Code (Notice: 5)

python

undefined

VideoObject Schema（警告等级：7）

json

{
  "@context": "https://schema.org",
  "@type": "VideoObject",
  "name": "Video Title",
  "description": "Video description",
  "thumbnailUrl": "https://example.com/thumbnail.jpg",
  "uploadDate": "2024-01-15",
  "duration": "PT2M30S"
}

视频可访问性（错误等级：8）

html

<!-- 检查：字幕、文字转录 -->
<video>
  <source src="video.mp4">
  <track kind="captions" src="captions.vtt"> <!-- ✅ 字幕 -->
</video>

Check: Identical code blocks > 5 lines

死代码检测（专家模式）

Suggest: Extract to shared function

—

undefined

未使用的导入（提示等级：4）

javascript

// 检查：已导入但从未使用
import { unused } from 'library'; // ❌ 未引用
import { used } from 'library'; 
const result = used(); // ✅ 已使用

不可达代码（警告等级：6）

javascript

// 检查：return/throw后的代码
function example() {
  return true;
  console.log("Never runs"); // ❌ 不可达
}

重复代码（提示等级：5）

python

undefined

Code Consistency (Expert Mode)

检查：>5行的相同代码块

—

建议：提取为共享函数

Naming Conventions (Notice: 4)

javascript

// Check: Consistent camelCase, PascalCase, snake_case
const user_name = ""; // ❌ Inconsistent with camelCase
const userName = ""; // ✅ Consistent

File Organization (Notice: 3)

python

undefined

undefined

Check: Similar files grouped logically

代码一致性（专家模式）

/components/Button.jsx /styles/button.css # ❌ Separated /components/Button.jsx /components/Button.css # ✅ Co-located

undefined

命名规范（提示等级：4）

javascript

// 检查：一致的驼峰式、帕斯卡式、蛇形命名
const user_name = ""; // ❌ 与驼峰式不一致
const userName = ""; // ✅ 一致性命名

文件组织（提示等级：3）

python

undefined

Report Output

检查：相似文件逻辑分组

Generate a comprehensive report with:

/components/Button.jsx /styles/button.css # ❌ 分离存放 /components/Button.jsx /components/Button.css # ✅ 同目录存放

undefined

1. Health Score (0-100)

报告输出

Overall Score: 73/100 🟡

Calculation:
- Critical errors: -5 points each
- Warnings: -2 points each
- Notices: -0.5 points each

生成包含以下内容的综合报告：

2. Category Breakdown

1. 健康评分（0-100）

📊 Category Scores:
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
SEO               ████████░░ 82/100
Technical         ██████░░░░ 65/100
Performance       ███████░░░ 71/100
Security          █████░░░░░ 54/100 ⚠️
Accessibility     ████████░░ 78/100
UX                ███████░░░ 73/100
Content           ████████░░ 81/100

Overall Score: 73/100 🟡

计算方式：
- 严重错误：每项扣5分
- 警告：每项扣2分
- 提示：每项扣0.5分

3. Issue Summary

2. 类别细分

🔴 Critical (10): 3 issues
🟡 Warnings (7-9): 12 issues
🔵 Notices (1-6): 8 issues

Top Priority Fixes:
1. [Error-10] Leaked API keys in config.js
2. [Error-10] Missing HTTPS on checkout flow
3. [Error-9] 15 broken internal links

📊 类别评分：
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
SEO               ████████░░ 82/100
Technical         ██████░░░░ 65/100
Performance       ███████░░░ 71/100
Security          █████░░░░░ 54/100 ⚠️
Accessibility     ████████░░ 78/100
UX                ███████░░░ 73/100
Content           ████████░░ 81/100

4. Detailed Findings

3. 问题摘要

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔴 SECURITY: Leaked Secrets (Error, Rank: 10)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Issue: Hardcoded API key found in codebase
File: src/config.js:12
Code:
  const API_KEY = "sk-1234567890abcdef";

Fix:
  const API_KEY = process.env.API_KEY;

Impact: Critical security vulnerability
Priority: Fix immediately
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

🔴 严重问题（10级）：3个
🟡 警告（7-9级）：12个
🔵 提示（1-6级）：8个

最高优先级修复：
1. [Error-10] config.js中存在泄露的API密钥
2. [Error-10] 结账流程未使用HTTPS
3. [Error-9] 15个失效内部链接

5. Actionable Recommendations

4. 详细发现

Quick Wins (< 1 hour):
✓ Add missing alt text to 8 images
✓ Fix 3 broken internal links
✓ Add viewport meta tag to mobile.html

High Impact (1-4 hours):
✓ Implement HTTPS across all pages
✓ Add security headers to server config
✓ Optimize 12 large images to WebP

Strategic (> 4 hours):
✓ Implement comprehensive Schema.org markup
✓ Build XML sitemap and submit to GSC
✓ Conduct full accessibility audit and remediation

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔴 安全：密钥泄露（错误等级：10）
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

问题：代码库中发现硬编码的API密钥
文件：src/config.js:12
代码：
  const API_KEY = "sk-1234567890abcdef";

修复方案：
  const API_KEY = process.env.API_KEY;

影响：严重安全漏洞
优先级：立即修复
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

6. Files Analyzed

5. 可执行建议

Total Files: 247
Analyzed: 189
Skipped: 58 (node_modules, .git, build artifacts)

File Types:
- HTML: 34 files
- CSS: 28 files
- JavaScript: 67 files
- Images: 45 files
- Other: 15 files

快速修复（<1小时）：
✓ 为8张图片添加缺失的alt文本
✓ 修复3个失效内部链接
✓ 为mobile.html添加视口元标签

高影响修复（1-4小时）：
✓ 所有页面启用HTTPS
✓ 为服务器配置添加安全头
✓ 将12张大型图片优化为WebP格式

战略性优化（>4小时）：
✓ 实现完整的Schema.org标记
✓ 生成XML站点地图并提交至GSC
✓ 进行全面的可访问性审计与修复

Output Format

6. 已分析文件

Always use concise examples rather than verbose explanations. Show code snippets with ❌ (bad) and ✅ (good) examples.

Issue template:

[Severity-Rank] Category: Issue Title
File: path/to/file.ext:line
Problem: Brief description
Example: Code snippet
Fix: Corrected code
Impact: User/SEO/Security impact
Priority: When to fix

总文件数：247
已分析：189
已跳过：58（node_modules、.git、构建产物）

文件类型：
- HTML：34个
- CSS：28个
- JavaScript：67个
- 图片：45个
- 其他：15个

Severity Levels

输出格式

Error (10): Critical issues that break functionality or pose security risks
Error (9): Major issues affecting SEO, accessibility, or user experience
Error (8): Serious issues with measurable impact
Warning (7-8): Important but not critical
Warning (6-7): Moderate impact
Warning (5-6): Minor improvements
Notice (4-5): Best practices
Notice (1-3): Optional enhancements

请始终使用简洁示例而非冗长说明。展示代码片段并标注❌（错误）和✅（正确）示例。

问题模板：

[严重等级-分数] 类别：问题标题
文件：path/to/file.ext:行号
问题：简要描述
示例：代码片段
修复：修正后的代码
影响：对用户/SEO/安全的影响
优先级：修复时间建议

Tech Stack Detection

严重等级

Auto-detect framework/CMS and apply specific rules:

React: Check hooks, component structure, prop-types
Next.js: Check SSR/SSG, routing, Image component
WordPress: Check theme functions, plugins, database queries
Vue: Check composition API, reactivity
Django/Flask: Check templates, ORM queries, middleware

Error (10)：严重问题，破坏功能或存在安全风险
Error (9)：主要问题，影响SEO、可访问性或用户体验
Error (8)：严重问题，存在可衡量的影响
Warning (7-8)：重要但非严重问题
Warning (6-7)：中等影响
Warning (5-6)：微小改进
Notice (4-5)：最佳实践
Notice (1-3)：可选增强

Execution Notes

技术栈检测

Prefer concise examples over verbose explanations
Show visual indicators: ❌ ✅ 🔴 🟡 🔵
Provide immediate actionable fixes
Rank issues by business impact
Include estimated fix time
Cross-reference related issues
Detect patterns (e.g., all images missing alt text)
Suggest batch fixes when applicable

自动检测框架/CMS并应用特定规则：

React：检查hooks、组件结构、prop-types
Next.js：检查SSR/SSG、路由、Image组件
WordPress：检查主题函数、插件、数据库查询
Vue：检查组合式API、响应式
Django/Flask：检查模板、ORM查询、中间件

Git Integration (PR Mode)

执行说明

bash

undefined

优先使用简洁示例而非冗长说明
使用视觉标识：❌ ✅ 🔴 🟡 🔵
提供可立即执行的修复方案
按业务影响对问题排序
包含预估修复时间
交叉引用相关问题
检测模式（如：所有图片均缺失alt文本）
适用时建议批量修复

Get uncommitted changes

Git集成（PR模式）

git status --porcelain git diff HEAD

bash

undefined

Analyze only:

获取未提交的变更

Modified files (M)
Added files (A)
Renamed files (R)

git status --porcelain git diff HEAD

Compare with main branch

仅分析：

git diff main...HEAD

undefined

修改的文件（M）
新增的文件（A）
重命名的文件（R）

File Exclusions

与主分支对比

Always skip:

node_modules/
.git/
dist/, build/, .next/
vendor/
*.min.js, *.min.css
package-lock.json, yarn.lock
Binary files (images analyzed separately)

git diff main...HEAD

undefined

Final Report Structure

文件排除规则

markdown

undefined

始终跳过：

node_modules/
.git/
dist/、build/、.next/
vendor/
.min.js、.min.css
package-lock.json、yarn.lock
二进制文件（图片单独分析）

Codebase Audit Report

最终报告结构

Mode: [Normal/Strict/Expert] Type: [Complete Audit/PR Review] Date: YYYY-MM-DD Files Analyzed: N

markdown

undefined

Executive Summary

代码库审计报告

[Overall score, top issues, quick wins]

模式: [普通/严格/专家] 类型: [完整审计/PR审查] 日期: YYYY-MM-DD 已分析文件数: N

Health Score: XX/100

执行摘要

[Visual score breakdown]

[总体评分、核心问题、快速修复项]

Critical Issues (Fix Immediately)

健康评分: XX/100

[Top 5 errors ranked 9-10]

[可视化评分细分]

Important Issues (Fix Soon)

严重问题（立即修复）

[Warnings ranked 7-8]

[排名前5的9-10级错误]

Recommendations (Improve Over Time)

重要问题（尽快修复）

[Notices and strategic improvements]

[7-8级警告]

Category Details

优化建议（逐步改进）

[Detailed breakdown by category]

[提示项与战略性改进]

Appendix

类别详情

[Full file list, methodology, tool versions]

undefined

[按类别细分的详细内容]

—

附录

—

[完整文件列表、方法论、工具版本]

undefined