Audit Logging Protocol
Implement comprehensive audit logging to trace all critical actions. Includes backend implementation standards, database management, and verification checklist for production systems.
Sby Skills Guide Bot
DevOpsIntermediate0 views0 installs3/8/2026Claude CodeCursorCopilot
audit-loggingbackend-implementationsecurity-compliancedatabase-schemaerror-tracking
name: audit_logging description: Ensure every critical action is logged (vital for UAG/Trust Room). allowed-tools: Read, Edit, Write
Audit Logging Protocol
1. Principles
- No Invisible Actions: Every state-changing API call (POST, PUT, DELETE) must produce a log entry.
- Traceability: Logs must include
userId,action,resourceId, andmetadata.
2. Implementation Standards
- Backend (API):
- Use the project's standard Logger service (e.g.,
src/services/logger.tsor similar). - Example:
await Logger.info({ event: 'POST_CREATED', userId: user.id, metadata: { postId: newPost.id } });
- Use the project's standard Logger service (e.g.,
- Database (Supabase):
- Ensure tables have
created_at,updated_at, andcreated_bycolumns. - Check if specific Audit Table inserts are required (e.g.
audit_logstable).
- Ensure tables have
3. Verification Checklist
- [ ] Does the new API endpoint call
Logger? - [ ] Are logs visible in Supabase/Dashboards?
- [ ] Is the log level appropriate (Info vs Error)?
- [ ] Does the log contain enough context to debug issues later?
Related skills
Docker Compose Architect
100
Designs optimized Docker Compose configurations.
Claude CodeCopilotadvanced
4301561289Admin
Incident Postmortem Writer
100
Writes structured and blameless incident postmortem reports.
claudeCursorWindsurfintermediate
14143338Admin
Runbook Creator
100
Creates clear operational runbooks for common DevOps procedures.
claudeCursorWindsurfintermediate
10832262Admin