Audits

Structured quality reviews you can run at any time. Each audit has clear checklists and stage-appropriate expectations.

Why audits?

Checkpoints ask permission

Decision points check if you should proceed. But they don't tell you HOW to check if your work is actually good.

Audits verify quality

Concrete checklists you can run through — alone or with AI — to systematically check different quality dimensions.

Stage-appropriate rigor

POC doesn't need WCAG compliance. Production does. Same audit, different expectations per stage.

When to run audits

At decision points

Before Refine checkpoint, run relevant audits at the target stage level to confirm readiness.

During development

Run targeted audits anytime — after building a new feature, before a demo, or when something feels off.

Per surface

Audit the whole project or focus on a specific surface. Content & SEO applies to web; most others apply everywhere.

With AI

Each audit is designed to be AI-runnable. Ask your coding agent to "run the Security audit at MVP level."

The 8 audits

Each audit covers a distinct quality dimension with 2-4 focused parts.

Data & Security

Is this safe to use?

Auth & AccessData ProtectionAPI Security

View audit

Accessibility & Inclusion

Can everyone use this?

Keyboard & FocusScreen ReadersVisual Clarity

View audit

Design & Experience

Is this pleasant to use?

Design ConsistencyInteraction QualityResponsive Behavior

View audit

Speed & Performance

Is this fast enough?

Load PerformanceRuntime Efficiency

View audit

Code & Testing

Is this maintainable?

Standards & StyleTest CoverageDependencies & Debt

View audit

Deploy & Observe

Can we run and monitor this?

Deployment PipelineObservabilityResilience & Recovery

View audit

Content & SEO

Web

Is content ready for users?

Copy & LegalSearch & Discovery

View audit

Integrations & Services

Do external services work?

Third-Party APIsWebhooks & EventsService Reliability

View audit

Stage expectations

Not every audit matters at every stage. Use this as a guide.

AuditPOCMVPMMPPROD
Data & Security
Accessibility & Inclusion
Design & Experience
Speed & Performance
Code & Testing
Deploy & Observe
Content & SEO
Integrations & Services

Skip

Light check

Full audit

How to use audits

1

Pick the audit

Choose based on what you're checking. Use the stage matrix to know what level of rigor to apply.

2

Work through each part

Each audit has 2-4 parts. Go through the checklist items, noting passes and issues.

3

Document findings

Capture issues with severity. Decide: fix now, fix later, or accept as known limitation.

4

Track over time

Re-run audits as you advance. What was acceptable at MVP may not be at MMP.

Key insight

Audits work best when they're routine, not reactive. Run a quick Security check after adding auth. Run Accessibility after building a form. Small, frequent audits catch issues before they compound.

Start here

Data & Security

The most critical audit. Start here to ensure your app is safe to use.

Start audit

Code & Testing

Establish good habits early. Run this to check your codebase health.

Start audit

Related docs