M
MCP.directory

data-safety-auditor

by ananddtyagi
2
0
Source

Comprehensive data safety auditor for Vue 3 + Pinia + IndexedDB + PouchDB applications. Detects data loss risks, sync issues, race conditions, and browser-specific vulnerabilities with actionable remediation guidance.

Install

mkdir -p .claude/skills/data-safety-auditor && curl -L -o skill.zip "https://mcp.directory/api/skills/download/3569" && unzip -o skill.zip -d .claude/skills/data-safety-auditor && rm skill.zip

Installs to .claude/skills/data-safety-auditor

About this skill

Data Safety Auditor

Purpose: Comprehensive audit tool that identifies data loss risks in Vue 3 + Pinia + IndexedDB + PouchDB applications with actionable remediation guidance.

Philosophy

This skill provides rigorous data safety analysis with:

  • Zero tolerance for data loss - Identifies every potential failure point
  • Complete coverage - Storage, sync, hydration, integrity, testing
  • Evidence-based findings - Code locations, patterns, severity
  • Actionable fixes - Specific remediation with code examples
  • Test generation - Creates missing safety tests

What It Detects

CRITICAL Risks (Deployment Blockers)

  • QUOTA_EXCEEDED - Storage full, data can't save
  • SAFARI_ITP_EXPIRATION - 7-day data loss on Safari
  • UNHANDLED_QUOTA_ERROR - QuotaExceededError not caught
  • NO_CONFLICT_RESOLUTION - PouchDB conflicts not handled
  • NON_ATOMIC_UPDATES - Multi-item updates can partially fail

HIGH Risks (Must Fix)

  • HYDRATION_RACE_CONDITION - Pinia data loads after render
  • NO_SYNC_ERROR_HANDLING - Sync failures silently fail
  • INCOMPLETE_SYNC_UNDETECTED - Stranded data not detected
  • RACE_CONDITION_SAME_KEY - Concurrent LocalForage writes
  • UNHANDLED_STORAGE_ERROR - Storage calls have no try/catch

MEDIUM Risks (Should Fix)

  • NO_CHECKSUM_VERIFICATION - Data corruption undetected
  • NO_PRIVATE_MODE_HANDLING - Private mode data loss unhandled
  • NO_PERSISTENT_STORAGE_REQUEST - PWA not requesting persist
  • STORAGE_PARTITIONING_UNACCOUNTED - iframe storage isolated
  • DRIVER_VALIDATION_MISSING - LocalForage driver not checked

LOW Risks (Consider Fixing)

  • NO_PERSISTENCE_TESTS - Missing persistence test coverage
  • NO_OFFLINE_TESTS - Offline sync not tested
  • MISSING_SAFARI_TESTS - Safari-specific tests missing

Detection Categories

A. Browser-Specific Data Loss Vectors

  • Storage quota limits and eviction policies per browser
  • Safari ITP 7-day storage limitations
  • Private/incognito mode behavior
  • Storage partitioning impacts

B. Storage-Specific Patterns

  • LocalForage race conditions
  • Concurrent write conflicts
  • Driver fallback behavior
  • Configuration issues

C. Sync Patterns

  • PouchDB/CouchDB conflict detection
  • Network failure handling
  • Incomplete sync detection
  • Sync integrity verification

D. Vue/Pinia Risks

  • Hydration race conditions
  • beforeRestore/afterRestore hooks
  • Object reference breakage
  • Multiple persistence sources

E. Data Integrity Checks

  • Schema validation on load
  • Checksum verification
  • Corruption detection
  • Backup/recovery validation

F. Testing & Compliance

  • Persistence test coverage
  • Quota failure tests
  • OWASP compliance
  • GDPR data integrity

Usage

const auditor = new DataSafetyAuditor();

// Full project audit
const report = await auditor.auditVueApp('./src');
console.log(report.toConsole());

// Targeted audits
const quotaFindings = await auditor.checkQuotaRisks(codeAST);
const itpFindings = await auditor.checkSafariCompat(codeAST);
const piniaFindings = await auditor.checkPiniaPersistence(piniaStore);
const syncFindings = await auditor.checkSyncIntegrity(pouchdbCode);

// Generate missing tests
const tests = await auditor.generateTestSuite();

// Get detailed remediation
const fixes = await auditor.suggestRemediations(findings);

Report Formats

  • Console - Colored, readable CLI output with severity indicators
  • JSON - Machine-readable for CI/CD integration
  • Markdown - Documentation and reports
  • HTML - Interactive dashboard view

Deployment Gate

The auditor enforces deployment gates:

  • CRITICAL findings = Deployment blocked
  • HIGH findings = Warning, recommend fixing
  • MEDIUM/LOW = Information only

When to Use

Use this skill when:

  • Before deploying to production
  • After adding new persistence features
  • When debugging data loss issues
  • During code review of storage code
  • Setting up CI/CD quality gates
  • Auditing third-party storage libraries

Integration

CI/CD Pipeline

const report = await auditor.auditVueApp('./src');
if (report.hasBlockers()) {
  console.error('DEPLOYMENT BLOCKED: Critical data safety issues found');
  process.exit(1);
}

Custom Rules

auditor.rules.addRule('MUST_USE_ENCRYPTION', (code) => {
  if (code.includes('sensitive_data') && !code.includes('crypto.subtle')) {
    return { severity: 'CRITICAL', msg: 'Sensitive data must be encrypted' };
  }
});

MANDATORY USER VERIFICATION REQUIREMENT

Policy: No Safety Claims Without User Confirmation

CRITICAL: Before claiming ANY data safety issue is "fixed", "resolved", or "safe", the following verification protocol is MANDATORY:

Step 1: Technical Verification

  • Run full audit with all detectors
  • Verify no CRITICAL or HIGH findings
  • Take screenshots/evidence of clean audit

Step 2: User Verification Request

REQUIRED: Use the AskUserQuestion tool to explicitly ask the user to verify:

"I've completed the data safety audit. Before confirming your app is safe, please verify:
1. [Specific storage operations to test]
2. [Sync scenarios to test]
3. [Browser-specific tests to run]

Please confirm the data persists correctly, or let me know what's failing."

Step 3: Wait for User Confirmation

  • DO NOT claim app is "data safe" until user confirms
  • DO NOT approve deployment without user verification
  • DO NOT skip any CRITICAL finding verification

Remember: The user is the final authority on data safety. No exceptions.

More by ananddtyagi

View all →

math-tools

ananddtyagi

Deterministic mathematical computation using SymPy. Use for ANY math operation requiring exact/verified results - basic arithmetic, algebra (simplify, expand, factor, solve equations), calculus (derivatives, integrals, limits, series), linear algebra (matrices, determinants, eigenvalues), trigonometry, number theory (primes, GCD/LCM, factorization), and statistics. Ensures mathematical accuracy by using symbolic computation rather than LLM estimation.

781

master-plan-manager

ananddtyagi

Safe MASTER_PLAN.md management with backup, validation, and intelligent updates. Use when updating task tracking, adding features to roadmap, or modifying project documentation.

00

api-contract-sync-manager

ananddtyagi

Validate OpenAPI, Swagger, and GraphQL schemas match backend implementation. Detect breaking changes, generate TypeScript clients, and ensure API documentation stays synchronized. Use when working with API spec files (.yaml, .json, .graphql), reviewing API changes, generating frontend types, or validating endpoint implementations.

20

skill-creator-doctor

ananddtyagi

Create, repair, maintain, and consolidate skills. This skill should be used when users want to create new skills, fix broken skills that won't load, diagnose skill system issues, maintain skill health, or consolidate duplicate/obsolete skills. Automatically detects and repairs common skill loading problems including missing registry entries, metadata format issues, and structural problems. Provides comprehensive skill ecosystem management including duplicate detection, merge workflows, and archival processes.

30

document-sync

ananddtyagi

A robust skill that analyzes your app's actual codebase, tech stack, configuration, and architecture to ensure ALL documentation is current and accurate. It never assumes—always verifies and compares the live system with every documentation file to detect code-doc drift and generate actionable updates.

40

plugin-creator

ananddtyagi

Create, validate, and publish Claude Code plugins and marketplaces. Use this skill when building plugins with commands, agents, hooks, MCP servers, or skills.

200

You might also like

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

238775

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

182404

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

169268

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

194225

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

154189

rust-coding-skill

UtakataKyosui

Guides Claude in writing idiomatic, efficient, well-structured Rust code using proper data modeling, traits, impl organization, macros, and build-speed best practices.

157171

Stay ahead of the MCP ecosystem

Get weekly updates on new skills and servers.