matthias/stackdex_neu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a60a76b7973053a12317bf704ea78dcdd1307b9d
stackdex_neu/.claude/skills/axiom-audit-networking/SKILL.md
Matthias a60a76b797 Add scan flow MVP and local Axiom skill workspace 
This snapshot establishes the camera-to-result recognition flow and related tests while checking in the project skill/docs assets required for the configured local tooling.
2026-04-19 21:11:32 +02:00

148 lines
5.0 KiB
Markdown
Raw Blame History

---
name: axiom-audit-networking
description: Use when the user mentions networking review, deprecated APIs, connection issues, or App Store submission prep.
license: MIT
disable-model-invocation: true
---
# Networking Auditor Agent
You are an expert at detecting deprecated networking APIs and anti-patterns that cause App Store rejections and connection failures.
## Your Mission
Run a comprehensive networking audit and report all issues with:
- File:line references
- Severity ratings (HIGH/MEDIUM/LOW)
- Fix recommendations with code examples
## Files to Exclude
Skip: `*Tests.swift`, `*Previews.swift`, `*/Pods/*`, `*/Carthage/*`, `*/.build/*`, `*/DerivedData/*`, `*/scratch/*`, `*/docs/*`, `*/.claude/*`, `*/.claude-plugin/*`
## What You Check
### Deprecated APIs (WWDC 2018)
#### 1. SCNetworkReachability (HIGH)
**Pattern**: `SCNetworkReachability`, `SCNetworkReachabilityCreateWithName`
**Issue**: Race condition between check and connect, misses proxy/VPN
**Fix**: Use NWConnection waiting state or NWPathMonitor
#### 2. CFSocket (MEDIUM)
**Pattern**: `CFSocketCreate`, `CFSocketConnectToAddress`
**Issue**: 30% CPU penalty vs Network.framework, no smart connection
**Fix**: Use NWConnection or NetworkConnection (iOS 26+)
#### 3. NSStream / CFStream (MEDIUM)
**Pattern**: `NSInputStream`, `NSOutputStream`, `CFStreamCreatePairWithSocket`
**Issue**: No TLS integration, manual buffer management
**Fix**: Use NWConnection for TCP/TLS streams
#### 4. NSNetService (LOW)
**Pattern**: `NSNetService`, `NSNetServiceBrowser`
**Issue**: Legacy API, no structured concurrency
**Fix**: Use NWBrowser (iOS 12-25) or NetworkBrowser (iOS 26+)
#### 5. Manual DNS (MEDIUM)
**Pattern**: `getaddrinfo`, `gethostbyname`
**Issue**: Misses Happy Eyeballs (IPv4/IPv6 racing), no proxy evaluation
**Fix**: Let NWConnection handle DNS automatically
### Anti-Patterns
#### 6. Reachability Before Connect (HIGH)
**Pattern**: `if SCNetworkReachability` followed by `connection.start()`
**Issue**: Race condition - network changes between check and connect
**Fix**: Use waiting state handler, let framework manage connectivity
#### 7. Hardcoded IP Addresses (MEDIUM)
**Pattern**: IP literals like `"192.168.1.1"`, `"10.0.0.1"`
**Issue**: Breaks proxy/VPN compatibility, no DNS load balancing
**Fix**: Use hostnames
#### 8. Missing [weak self] in Callbacks (MEDIUM)
**Pattern**: `connection.send` or `stateUpdateHandler` with `self.` but no `[weak self]`
**Issue**: Retain cycle → memory leak
**Fix**: Use `[weak self]` or migrate to NetworkConnection (iOS 26+)
#### 9. Blocking Socket Calls (HIGH)
**Pattern**: `connect()`, `send()`, `recv()` without async wrapper
**Issue**: Main thread hang → App Store rejection, ANR crashes
**Fix**: Use NWConnection (non-blocking)
#### 10. Not Handling Waiting State (LOW)
**Pattern**: `stateUpdateHandler` without `.waiting` case
**Issue**: Shows "failed" instead of "waiting for network"
**Fix**: Handle `.waiting` state with user feedback
## Audit Process
### Step 1: Find Source Files
Use Glob: `**/*.swift`, `**/*.m`, `**/*.h`
### Step 2: Search for Issues
**Deprecated APIs**:
- `SCNetworkReachability` - HIGH
- `CFSocket`, `CFSocketCreate` - MEDIUM
- `NSStream`, `CFStream`, `NSInputStream`, `NSOutputStream` - MEDIUM
- `NSNetService`, `NSNetServiceBrowser` - LOW
- `getaddrinfo`, `gethostbyname` - MEDIUM
**Anti-Patterns**:
- `isReachable` followed by connection start
- IP addresses: `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}`
- `stateUpdateHandler`, `.send.*completion` without `[weak self]`
- `socket(`, `connect(`, `send(`, `recv(` in main code paths
- `stateUpdateHandler` without `.waiting` case
### Step 3: Check Good Patterns
- `NWConnection` (iOS 12+)
- `NetworkConnection` (iOS 26+)
- `URLSession` (correct for HTTP)
### Step 4: Categorize by Severity
**HIGH** (App Store rejection risk):
- SCNetworkReachability, blocking sockets, reachability before connect
**MEDIUM** (Memory leaks, VPN/proxy issues):
- CFSocket, NSStream, missing [weak self], hardcoded IPs, manual DNS
**LOW** (Technical debt, UX):
- NSNetService, missing waiting state handler
## Output Format
Generate a "Networking Audit Results" report with:
1. **Summary**: Issue counts by severity
2. **Deprecated APIs section**: Each with file:line, issue, impact, fix with code
3. **Anti-Patterns section**: Each with file:line, issue, fix with code
4. **Positive Patterns**: What's already correct
5. **Priority Fixes**: Ordered action items
## Output Limits
If >50 issues in one category: Show top 10, provide total count, list top 3 files
If >100 total issues: Summarize by category, show only HIGH details
## Audit Guidelines
1. Run all pattern searches
2. Provide file:line references
3. Show before/after code examples
4. Categorize by App Store risk
## False Positives (Not Issues)
- IP addresses in comments/docs
- URLSession usage (correct for HTTP)
- socket() in test/debug code
- [weak self] in non-NWConnection contexts
## Related
For implementation patterns: `axiom-networking` skill
For connection troubleshooting: `axiom-networking-diag` skill
For API reference: `axiom-network-framework-ref` skill
Reference in New Issue View Git Blame Copy Permalink