grokkit/todo/queued/audit.md

# `grokkit audit`
**Description**: Comprehensive AI-powered code audit for security, performance, best practices, and potential bugs across single files or entire projects.

**Benefits**:
- Deep analysis beyond static linters: vulns (e.g., SQLi, race cond), perf hotspots, Go idioms violations.
- Generates actionable report + diff previews for fixes.
- Multi-language support (reuse testgen/lint patterns).
- Boosts code quality/PR readiness.

**High-level implementation**:
- Detect lang/files (internal/linter), collect code snippets/context.
- Prompt Grok: "Audit for security, perf, best practices, bugs. List issues prioritized + suggested code fixes."
- Output: Markdown report (sections: Critical/High/Med/Low), optional `--fix` generates edit previews.
- Reuse `edit` preview/apply workflow; add `--apply` flag.

**CLI example**:
```
grokkit audit main.go                    # Single file report
grokkit audit ./cmd --lang=go             # Dir, lang filter
grokkit audit . --fix                     # Report + fix previews
grokkit audit . --fix --yes               # Auto-apply fixes (dangerous, preview first)
```

**Similar to**: lint/review but deeper, proactive fixes.
**Effort**: Medium (prompt tuning, multi-file handling ~300 LOC).
**ROI**: High - daily dev essential, esp. before releases.