数据库性能审计工具 - 协调4大审计工作器，优化持久化与运行时性能

ln-650-persistence-performance-auditor by levnikolaevich/claude-code-skills

141 周安装量

245 GitHub Stars

安装命令

npx skills add https://github.com/levnikolaevich/claude-code-skills --skill ln-650-persistence-performance-auditor

🇨🇳中文介绍

Paths: File paths (shared/, references/, ../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root. If shared/ is missing, fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}.

持久化与性能审计器 (L2 协调器)

协调 4 个专门的审计工作器，执行数据库效率、事务正确性、运行时性能和资源生命周期分析。

目的与范围

协调 4 个审计工作器 (ln-651, ln-652, ln-653, ln-654) 并行运行
通过 MCP 工具对检测到的 DB、ORM、异步框架的研究当前最佳实践（仅一次）
将共享上下文传递给所有工作器（令牌高效）
将工作器结果聚合成单一的综合报告
将报告写入 docs/project/persistence_audit.md（基于文件，不创建任务）

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

元数据	来源	示例
数据库类型	tech_stack.md, docker-compose.yml	PostgreSQL 16
ORM	导入, requirements.txt	SQLAlchemy 2.0
异步框架	导入, requirements.txt	asyncio, FastAPI
会话配置	grep `create_async_engine`, `sessionmaker`	`expire_on_commit=False`
触发器/NOTIFY	迁移文件	`pg_notify('job_events', ...)`
连接池	引擎配置	`pool_size=10, max_overflow=20`

阶段 2：研究最佳实践（仅一次）

针对每个检测到的技术：

技术	研究重点
SQLAlchemy	会话生命周期、expire_on_commit、批量操作、急切/惰性加载
PostgreSQL	NOTIFY/LISTEN 语义、事务隔离、批量操作
asyncio	to_thread、阻塞检测、事件循环最佳实践
FastAPI	依赖注入作用域、后台任务、异步端点

构建 contextStore：

{
  "tech_stack": {"db": "postgresql", "orm": "sqlalchemy", "async": "asyncio"},
  "best_practices": {"sqlalchemy": {...}, "postgresql": {...}, "asyncio": {...}},
  "db_config": {
    "expire_on_commit": false,
    "triggers": [{"table": "jobs", "event": "UPDATE", "function": "notify_job_events", "channel_name": "job_events"}],
    "event_subscribers": [{"channel_name": "job_events", "file": "src/listeners/job_listener.py", "line": 12, "technology": "postgresql"}],
    "pool_size": 10
  },
  "codebase_root": "/project",
  "output_dir": "docs/project/.audit/ln-650/{YYYY-MM-DD}"
}

阶段 3：准备输出目录

mkdir -p {output_dir}   # 工作器文件在聚合后清理（阶段 8）

阶段 4：委托给工作器

必须阅读： 加载 shared/references/task_delegation_pattern.md 和 shared/references/audit_worker_core_contract.md。

工作器（全部 4 个并行执行）：

| 工作器 | 优先级 | 审计内容

---|---|---|---
1 | ln-651-query-efficiency-auditor | 高 | 冗余查询、N-UPDATE 循环、过度获取、缓存范围
2 | ln-652-transaction-correctness-auditor | 高 | 提交模式、触发器交互、事务范围、回滚
3 | ln-653-runtime-performance-auditor | 中 | 异步中的阻塞 IO、分配、同步休眠、字符串连接
4 | ln-654-resource-lifecycle-auditor | 高 | 会话范围不匹配、流资源持有、池配置、清理

调用（4 个工作器并行执行）：

FOR EACH worker IN [ln-651, ln-652, ln-653, ln-654]:
  Agent(description: "Audit via " + worker,
       prompt: "Execute audit worker.

Step 1: Invoke worker:
  Skill(skill: \"" + worker + "\")

CONTEXT:
" + JSON.stringify(contextStore),
       subagent_type: "general-purpose")

工作器输出契约（基于文件）：

工作器遵循共享的基于文件的审计契约，将报告写入 {output_dir}/，并返回紧凑的分数/严重性摘要以供聚合。

预期的摘要格式：

Report written: docs/project/.audit/ln-650/{YYYY-MM-DD}/651-query-efficiency.md
Score: 6.0/10 | Issues: 8 (C:0 H:3 M:4 L:1)

阶段 5：聚合结果（基于文件）

必须阅读： 加载 shared/references/audit_coordinator_aggregation.md 和 shared/references/context_validation.md。

使用共享的聚合模式来解析工作器摘要、汇总严重性总数、读取工作器文件并组装最终报告。

本协调器的本地规则：

总体分数 = 4 个类别分数的平均值。
在最终报告中按 4 个工作器类别对发现进行分组。
追加一行结果日志，包含 Skill=ln-650、Metric=overall_score、Scale=0-10。

上下文验证：

对合并的发现应用规则 1 和 6：

FOR EACH finding WHERE severity IN (HIGH, MEDIUM):
  # 规则 1: ADR/计划覆盖
  IF finding matches ADR → advisory "[Planned: ADR-XXX]"

  # 规则 6: 执行上下文
  IF finding.check IN (blocking_io, redundant_fetch, transaction_wide, cpu_bound):
    context = 0
    - Function in __init__/setup/bootstrap/migrate → context += 1
    - File in tasks/jobs/cron/                      → context += 1
    - Has timeout/safeguard nearby                  → context += 1
    - Small data (<100KB file, <100 items dataset)  → context += 1
    IF context >= 3 → advisory
    IF context >= 1 → severity -= 1

Downgraded findings → "Advisory Findings" section in report.
Recalculate overall score excluding advisory findings from penalty.

豁免： 关键路径中缺少回滚 CRITICAL、N-UPDATE 循环。

## 持久化与性能审计报告 - [DATE]

### 执行摘要
[关于整体持久化/性能健康状况的 2-3 句话]

### 合规性分数

| 类别 | 分数 | 备注 |
|----------|-------|-------|
| 查询效率 | X/10 | ... |
| 事务正确性 | X/10 | ... |
| 运行时性能 | X/10 | ... |
| 资源生命周期 | X/10 | ... |
| **总体** | **X/10** | |

### 严重性摘要

| 严重性 | 数量 |
|----------|-------|
| 严重 | X |
| 高 | X |
| 中 | X |
| 低 | X |

### 按类别列出的发现

#### 1. 查询效率

| 严重性 | 位置 | 问题 | 建议 | 工作量 |
|----------|----------|-------|----------------|--------|
| 高 | job_processor.py:434 | 冗余实体获取 | 传递对象而非 ID | 小 |

#### 2. 事务正确性

| 严重性 | 位置 | 问题 | 建议 | 工作量 |
|----------|----------|-------|----------------|--------|
| 严重 | job_processor.py:412 | 缺少中间提交 | 在里程碑处添加提交 | 小 |

#### 3. 运行时性能

| 严重性 | 位置 | 问题 | 建议 | 工作量 |
|----------|----------|-------|----------------|--------|
| 高 | job_processor.py:444 | 异步中的阻塞 read_bytes() | 使用 aiofiles/to_thread | 小 |

#### 4. 资源生命周期

| 严重性 | 位置 | 问题 | 建议 | 工作量 |
|----------|----------|-------|----------------|--------|
| 严重 | sse_stream.py:112 | DbSession 在整个 SSE 流期间被持有 | 将会话范围限制在仅限身份验证检查 | 中 |

### 推荐操作（按优先级排序）

| 优先级 | 类别 | 位置 | 问题 | 建议 | 工作量 |
|----------|----------|----------|-------|----------------|--------|
| 严重 | 事务 | ... | 缺少提交 | 添加策略性提交 | 小 |
| 高 | 查询 | ... | 冗余获取 | 传递对象而非 ID | 小 |

### 参考来源
- SQLAlchemy 最佳实践: [URL]
- PostgreSQL NOTIFY 文档: [URL]
- Python asyncio-dev: [URL]

阶段 6：撰写报告

将综合报告写入 docs/project/persistence_audit.md，使用上述输出格式。

阶段 7：追加结果日志

必须阅读： 加载 shared/references/results_log_pattern.md

向 docs/project/.audit/results_log.md 追加一行，包含：Skill=ln-650、Metric=overall_score、Scale=0-10、来自阶段 6 报告的分数。计算与上一个 ln-650 行的差值。如果文件缺失，则创建带标题的文件。滚动窗口：最多 50 条条目。

单次上下文收集： 仅研究一次最佳实践，将 contextStore 传递给所有工作器
并行执行： 所有 4 个工作器并行运行
触发器发现： 在委托之前扫描迁移文件中的触发器/NOTIFY（传递给 ln-652）
仅加载元数据： 协调器加载元数据；工作器加载完整的文件内容
不进行审计： 协调器仅进行编排；审计逻辑存在于工作器中

阶段 8：清理工作器文件

rm -rf {output_dir}

删除带日期的输出目录 (docs/project/.audit/ln-650/{YYYY-MM-DD}/)。综合报告和结果日志已经保存了所有审计数据。

技术栈已发现（数据库类型、ORM、异步框架）
数据库特定元数据已提取（触发器、会话配置、池设置）
已通过 MCP 工具研究最佳实践
已构建 contextStore，其中 output_dir = docs/project/.audit/ln-650/{YYYY-MM-DD}
已创建输出目录用于工作器报告
所有 4 个工作器已并行调用并完成；每个工作器已将报告写入 {output_dir}/
已从返回值（分数）和文件读取（发现表格）中聚合结果
已计算每个类别和总体的合规性分数
已包含执行摘要
报告已写入 docs/project/persistence_audit.md
已列出参考来源及其 URL
工作器输出目录在聚合后已清理

阶段 9：元分析

必须阅读： 加载 shared/references/meta_analysis_protocol.md

技能类型：review-coordinator（仅限工作器）。在所有阶段完成后运行。使用 review-coordinator — workers only 格式输出到聊天。

技术栈：docs/project/tech_stack.md
看板：docs/tasks/kanban_board.md
任务委托模式： shared/references/task_delegation_pattern.md
聚合模式： shared/references/audit_coordinator_aggregation.md
必须阅读： shared/references/research_tool_fallback.md

版本： 1.1.0 最后更新： 2026-03-15

🇺🇸English

Paths: File paths (shared/, references/, ../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root. If shared/ is missing, fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}.

Persistence & Performance Auditor (L2 Coordinator)

Coordinates 4 specialized audit workers to perform database efficiency, transaction correctness, runtime performance, and resource lifecycle analysis.

Purpose & Scope

Coordinates 4 audit workers (ln-651, ln-652, ln-653, ln-654) running in parallel
Research current best practices for detected DB, ORM, async framework via MCP tools ONCE
Pass shared context to all workers (token-efficient)
Aggregate worker results into single consolidated report
Write report to docs/project/persistence_audit.md (file-based, no task creation)
Manual invocation by user; not part of Story pipeline
Independent from ln-620 (can be run separately or after ln-620)

Workflow

MANDATORY READ: Load shared/references/two_layer_detection.md for detection methodology.

Discovery: Load tech_stack.md, package manifests, detect DB/ORM/async framework, auto-discover Team ID
Research: Query MCP tools for DB/ORM/async best practices ONCE
Build Context: Create contextStore with best practices + DB-specific metadata
Prepare Output: Create output directory
Delegate: 4 workers in PARALLEL
Aggregate: Collect worker results, calculate scores
Write Report: Save to docs/project/persistence_audit.md
Results Log: Append trend row
Cleanup: Delete worker files

Phase 1: Discovery

Load project metadata:

docs/project/tech_stack.md - detect DB, ORM, async framework
Package manifests: requirements.txt, pyproject.toml, package.json, go.mod
Auto-discover Team ID from docs/tasks/kanban_board.md

Extract DB-specific metadata:

Metadata	Source	Example
Database type	tech_stack.md, docker-compose.yml	PostgreSQL 16
ORM	imports, requirements.txt	SQLAlchemy 2.0
Async framework	imports, requirements.txt	asyncio, FastAPI
Session config	grep `create_async_engine`, `sessionmaker`	`expire_on_commit=False`
Triggers/NOTIFY	migration files	`pg_notify('job_events', ...)`
Connection pooling

Scan for triggers and event channels:

Grep("pg_notify|NOTIFY|CREATE TRIGGER", path="alembic/versions/")
  OR path="migrations/"
→ Store: db_config.triggers = [{table, event, function, channel_name}]

Grep("LISTEN\s+\w+|\.subscribe\(|\.on\(.*channel|redis.*subscribe", path="src/")
  OR path="app/"
→ Store: db_config.event_subscribers = [{channel_name, file, line, technology}]

Phase 2: Research Best Practices (ONCE)

For each detected technology:

Technology	Research Focus
SQLAlchemy	Session lifecycle, expire_on_commit, bulk operations, eager/lazy loading
PostgreSQL	NOTIFY/LISTEN semantics, transaction isolation, batch operations
asyncio	to_thread, blocking detection, event loop best practices
FastAPI	Dependency injection scopes, background tasks, async endpoints

Build contextStore:

{
  "tech_stack": {"db": "postgresql", "orm": "sqlalchemy", "async": "asyncio"},
  "best_practices": {"sqlalchemy": {...}, "postgresql": {...}, "asyncio": {...}},
  "db_config": {
    "expire_on_commit": false,
    "triggers": [{"table": "jobs", "event": "UPDATE", "function": "notify_job_events", "channel_name": "job_events"}],
    "event_subscribers": [{"channel_name": "job_events", "file": "src/listeners/job_listener.py", "line": 12, "technology": "postgresql"}],
    "pool_size": 10
  },
  "codebase_root": "/project",
  "output_dir": "docs/project/.audit/ln-650/{YYYY-MM-DD}"
}

Phase 3: Prepare Output Directory

mkdir -p {output_dir}   # Worker files cleaned up after consolidation (Phase 8)

Phase 4: Delegate to Workers

MANDATORY READ: Load shared/references/task_delegation_pattern.md and shared/references/audit_worker_core_contract.md.

Workers (ALL 4 in PARALLEL):

| Worker | Priority | What It Audits

---|---|---|---
1 | ln-651-query-efficiency-auditor | HIGH | Redundant queries, N-UPDATE loops, over-fetching, caching scope
2 | ln-652-transaction-correctness-auditor | HIGH | Commit patterns, trigger interaction, transaction scope, rollback
3 | ln-653-runtime-performance-auditor | MEDIUM | Blocking IO in async, allocations, sync sleep, string concat
4 | ln-654-resource-lifecycle-auditor | HIGH | Session scope mismatch, streaming resource holding, pool config, cleanup

Invocation (4 workers in PARALLEL):

FOR EACH worker IN [ln-651, ln-652, ln-653, ln-654]:
  Agent(description: "Audit via " + worker,
       prompt: "Execute audit worker.

Step 1: Invoke worker:
  Skill(skill: \"" + worker + "\")

CONTEXT:
" + JSON.stringify(contextStore),
       subagent_type: "general-purpose")

Worker Output Contract (File-Based):

Workers follow the shared file-based audit contract, write reports to {output_dir}/, and return compact score/severity summaries for aggregation.

Expected summary format:

Report written: docs/project/.audit/ln-650/{YYYY-MM-DD}/651-query-efficiency.md
Score: 6.0/10 | Issues: 8 (C:0 H:3 M:4 L:1)

Phase 5: Aggregate Results (File-Based)

MANDATORY READ: Load shared/references/audit_coordinator_aggregation.md and shared/references/context_validation.md.

Use the shared aggregation pattern for parsing worker summaries, rolling up severity totals, reading worker files, and assembling the final report.

Local rules for this coordinator:

Overall score = average of 4 category scores.
Keep findings grouped by the 4 worker categories in the final report.
Append one results-log row with Skill=ln-650, Metric=overall_score, Scale=0-10.

Context Validation:

Apply Rules 1, 6 to merged findings:

FOR EACH finding WHERE severity IN (HIGH, MEDIUM):
  # Rule 1: ADR/Planned Override
  IF finding matches ADR → advisory "[Planned: ADR-XXX]"

  # Rule 6: Execution Context
  IF finding.check IN (blocking_io, redundant_fetch, transaction_wide, cpu_bound):
    context = 0
    - Function in __init__/setup/bootstrap/migrate → context += 1
    - File in tasks/jobs/cron/                      → context += 1
    - Has timeout/safeguard nearby                  → context += 1
    - Small data (<100KB file, <100 items dataset)  → context += 1
    IF context >= 3 → advisory
    IF context >= 1 → severity -= 1

Downgraded findings → "Advisory Findings" section in report.
Recalculate overall score excluding advisory findings from penalty.

Exempt: Missing rollback CRITICAL, N-UPDATE loops in hot paths.

Output Format

## Persistence & Performance Audit Report - [DATE]

### Executive Summary
[2-3 sentences on overall persistence/performance health]

### Compliance Score

| Category | Score | Notes |
|----------|-------|-------|
| Query Efficiency | X/10 | ... |
| Transaction Correctness | X/10 | ... |
| Runtime Performance | X/10 | ... |
| Resource Lifecycle | X/10 | ... |
| **Overall** | **X/10** | |

### Severity Summary

| Severity | Count |
|----------|-------|
| Critical | X |
| High | X |
| Medium | X |
| Low | X |

### Findings by Category

#### 1. Query Efficiency

| Severity | Location | Issue | Recommendation | Effort |
|----------|----------|-------|----------------|--------|
| HIGH | job_processor.py:434 | Redundant entity fetch | Pass object not ID | S |

#### 2. Transaction Correctness

| Severity | Location | Issue | Recommendation | Effort |
|----------|----------|-------|----------------|--------|
| CRITICAL | job_processor.py:412 | Missing intermediate commits | Add commit at milestones | S |

#### 3. Runtime Performance

| Severity | Location | Issue | Recommendation | Effort |
|----------|----------|-------|----------------|--------|
| HIGH | job_processor.py:444 | Blocking read_bytes() in async | Use aiofiles/to_thread | S |

#### 4. Resource Lifecycle

| Severity | Location | Issue | Recommendation | Effort |
|----------|----------|-------|----------------|--------|
| CRITICAL | sse_stream.py:112 | DbSession held for entire SSE stream | Scope session to auth check only | M |

### Recommended Actions (Priority-Sorted)

| Priority | Category | Location | Issue | Recommendation | Effort |
|----------|----------|----------|-------|----------------|--------|
| CRITICAL | Transaction | ... | Missing commits | Add strategic commits | S |
| HIGH | Query | ... | Redundant fetch | Pass object not ID | S |

### Sources Consulted
- SQLAlchemy best practices: [URL]
- PostgreSQL NOTIFY docs: [URL]
- Python asyncio-dev: [URL]

Phase 6: Write Report

Write consolidated report to docs/project/persistence_audit.md with the Output Format above.

Phase 7: Append Results Log

MANDATORY READ: Load shared/references/results_log_pattern.md

Append one row to docs/project/.audit/results_log.md with: Skill=ln-650, Metric=overall_score, Scale=0-10, Score from Phase 6 report. Calculate Delta vs previous ln-650 row. Create file with header if missing. Rolling window: max 50 entries.

Critical Rules

Single context gathering: Research best practices ONCE, pass contextStore to all workers
Parallel execution: All 4 workers run in PARALLEL
Trigger discovery: Scan migrations for triggers/NOTIFY before delegating (pass to ln-652)
Metadata-only loading: Coordinator loads metadata; workers load full file contents
Do not audit: Coordinator orchestrates only; audit logic lives in workers

Phase 8: Cleanup Worker Files

rm -rf {output_dir}

Delete the dated output directory (docs/project/.audit/ln-650/{YYYY-MM-DD}/). The consolidated report and results log already preserve all audit data.

Definition of Done

Tech stack discovered (DB type, ORM, async framework)
DB-specific metadata extracted (triggers, session config, pool settings)
Best practices researched via MCP tools
contextStore built with output_dir = docs/project/.audit/ln-650/{YYYY-MM-DD}
Output directory created for worker reports
All 4 workers invoked in PARALLEL and completed; each wrote report to {output_dir}/
Results aggregated from return values (scores) + file reads (findings tables)
Compliance score calculated per category + overall
Executive Summary included
Report written to docs/project/persistence_audit.md
Sources consulted listed with URLs
Worker output directory cleaned up after consolidation

Workers

Phase 9: Meta-Analysis

MANDATORY READ: Load shared/references/meta_analysis_protocol.md

Skill type: review-coordinator (workers only). Run after all phases complete. Output to chat using the review-coordinator — workers only format.

Reference Files

Tech stack: docs/project/tech_stack.md
Kanban board: docs/tasks/kanban_board.md
Task delegation pattern: shared/references/task_delegation_pattern.md
Aggregation pattern: shared/references/audit_coordinator_aggregation.md
MANDATORY READ: shared/references/research_tool_fallback.md

Version: 1.1.0 Last Updated: 2026-03-15

Weekly Installs

141

Repository

levnikolaevich/…e-skills

GitHub Stars

245

First Seen

Feb 7, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykWarn

Installed on

cursor131

opencode131

claude-code131

codex130

gemini-cli130

github-copilot129

Skills CLI 使用指南：AI Agent 技能包管理器安装与管理教程

36,300 周安装