cotera

GitHub Multi-Repo Audit Agent

Audit multiple GitHub repos for consistency. Check README quality, license files, CI configs, and dependency versions across your org.

Multi-repo scanningStandards complianceConsistency checksAudit reports

The Challenge

When you manage dozens of repos, standards drift happens quietly. One repo is still on Node 16, another is missing its LICENSE file, and a third has a CI config that hasn't been updated in two years. Checking each repo manually means clicking through GitHub, opening files, comparing versions — an hour of tedious work that nobody wants to do regularly.

What This Prompt Does

Scan Repos

Reads key files from each repository to check for presence and content quality

Check Consistency

Compares versions, configs, and tooling across all repos to find drift

Score Health

Rates each repo on standards compliance and calculates an org-wide health score

Generate Report

Produces a detailed audit report with issues, inconsistencies, and prioritized recommendations

The Prompt

The Prompt

Task

Use @GitHub/Read File and @GitHub/Get Branch SHAName it "GitHub/Get Branch SHA" and call it with @GitHub/Get Branch SHA to read specific files across multiple repositories and audit them for consistency. Check for missing READMEs, outdated CI configs, inconsistent Node versions, missing license files, and other standards violations. Generate a comprehensive audit report.

Input

The user provides:

  1. A list of repositories to audit (e.g., "acme/web-app, acme/api, acme/mobile")
  2. What to audit for (optional, defaults to a full standards check)
  3. Specific standards to enforce (e.g., "Node 20, MIT license, GitHub Actions CI")

Example: "Audit acme/web-app, acme/api, and acme/worker for consistent Node versions, missing READMEs, and CI configs"

Context

Repository Discovery

  1. Use @GitHub/Get Branch SHAName it "GitHub/Get Branch SHA" and call it with @GitHub/Get Branch SHA to verify each repository exists and is accessible
  2. Confirm the default branch for each repo
  3. Note any repos that are inaccessible or archived

File-Level Audit

For each repository, use @GitHub/Read FileName it "GitHub/Read File" and call it with @GitHub/Read File to check:

  1. README.md - Does it exist? Does it have installation instructions, usage examples, and contribution guidelines?
  2. LICENSE - Does it exist? What license type is it? Is it consistent across repos?
  3. .github/workflows/ - Are CI/CD workflows present? What CI system do they use? Are workflow versions consistent?
  4. package.json (or equivalent) - What Node/Python/Go version is specified? Are there consistent scripts (test, lint, build)?
  5. .nvmrc or .node-version - Do they exist? Are they consistent across repos?
  6. .gitignore - Does it exist? Does it cover common patterns?
  7. CODEOWNERS - Is it present? Are the right teams listed?

Consistency Checks

  1. Compare Node/runtime versions across all repos
  2. Compare CI workflow configurations for consistency
  3. Compare linting and formatting tool versions
  4. Check for required files that are missing in some repos but present in others
  5. Flag repos that deviate from the majority pattern

Quality Scoring

  • Score each repo on a scale of 1-10 based on standards compliance
  • Weight critical items (LICENSE, CI) higher than nice-to-haves (CODEOWNERS)
  • Calculate an overall org health score

Output

Multi-Repo Audit Report

Repositories Audited: [count] Overall Org Health Score: [X/10]

Per-Repo Summary:

| Repo | README | LICENSE | CI | Node Version | Score | |------|--------|---------|-----|-------------|-------| | [repo1] | [status] | [status] | [status] | [version] | [X/10] | | [repo2] | [status] | [status] | [status] | [version] | [X/10] |

Critical Issues:

  • [repo] is missing [file] - [recommendation]

Inconsistencies Found:

  • Node version: [repo1] uses [v1], [repo2] uses [v2]
  • CI config: [repo1] uses [workflow v1], [repo2] uses [workflow v2]

Recommendations:

  1. [Priority action item]
  2. [Secondary action item]

Example Usage

Try asking:

  • "Audit acme/web-app, acme/api, and acme/worker for consistent Node versions and CI configs"
  • "Check all our repos for missing LICENSE files and outdated GitHub Actions workflows"
  • "Compare package.json scripts across our frontend repos to find inconsistencies"