audit_logging
SKILL.md
Audit Logging Protocol
1. Principles
- No Invisible Actions: Every state-changing API call (POST, PUT, DELETE) must produce a log entry.
- Traceability: Logs must include
userId,action,resourceId, andmetadata.
2. Implementation Standards
- Backend (API):
- Use the project's standard Logger service (e.g.,
src/services/logger.tsor similar). - Example:
await Logger.info({ event: 'POST_CREATED', userId: user.id, metadata: { postId: newPost.id } });
- Use the project's standard Logger service (e.g.,
- Database (Supabase):
- Ensure tables have
created_at,updated_at, andcreated_bycolumns. - Check if specific Audit Table inserts are required (e.g.
audit_logstable).
- Ensure tables have
3. Verification Checklist
- Does the new API endpoint call
Logger? - Are logs visible in Supabase/Dashboards?
- Is the log level appropriate (Info vs Error)?
- Does the log contain enough context to debug issues later?
Weekly Installs
2
Repository
cityfish91159/maihousesFirst Seen
1 day ago
Installed on
opencode2
codex2
claude-code2
antigravity2
gemini-cli2
windsurf1