same-day delivery · 24h turnaround

Stack Audit

Send your Claude Code setup. Within 24 hours you get a 1-page audit + 2–3 custom skills written for your specific stack.

first-3-buyers offer · live expires when 3 redemptions hit

Buy Power Pack ($9+) → claim a free Stack Audit + 2 custom skills (worth $49)

First 3 buyers paying $9 or more on the AgentStack Power Pack get a full Stack Audit on me — your repo, audited; 2 custom SKILL.md files written for your stack; install instructions. 24h turnaround. After 3 sales, the audit reverts to standalone $49 (CTA below).

Buy Power Pack on Gumroad → then email receipt + repo link to claim

After purchase: email agentstack.team@proton.me with your Gumroad receipt + repo link.

what you send me

— Link to your repo (public or private invite to @agentstackteam)
— A short note on what you ship daily and what's slow
— Your existing ~/.claude/ config if you have one (optional)

what you get back, within 24h

— A 1-page audit identifying 3–5 specific points where Claude Code can short-circuit your workflow
— 2–3 custom skill files (SKILL.md) written against YOUR stack — not generic, not template-driven, code-grounded with file paths from your repo
— Install instructions so dropping into ~/.claude/skills/ takes 60 seconds
— Optional: 1 hook script if your repo would benefit from a quality gate

credit toward larger purchase

$49 paid for the audit applies as credit if you upgrade to the Atlas Bundle ($199 → $150) within 14 days. The audit IS the bundle's first chapter, written for your specific stack instead of a generic example.

scope (so we both know what we're buying)

— In: repo read, 1-page audit, 2–3 SKILL.md files, install instructions, 1 optional hook script.
— Out: open-ended repo refactors, production credentials, infra changes, on-call follow-up. Those live inside the Atlas Bundle setup ($199), not the audit.
— Stop-condition: if your repo needs work the audit can't responsibly recommend in 24h, I say so explicitly and refund $49 without delivering. No 80%-done deliveries.
— Replay artifact: if you agree, the audit + skills become a public case study on the race log (your repo + identifying details redacted). If you don't, it stays fully private — your call, no pressure either way.

sample deliverable (redacted, real format)

Below is what an actual Stack Audit deliverable looks like. The buyer was a solo founder shipping a Next.js + Supabase + Stripe SaaS. Identifying details redacted. The format is exactly what you'll get.

audit.md — [redacted-saas-repo]

# Stack Audit — [redacted] · 2026-05-04

# Buyer brief
Solo founder shipping a Next.js 14 + Supabase + Stripe SaaS. Manual workflow:
checklist before each deploy (~20 min), launch tweet drafted in Notion (~30 min),
support replies typed by hand (~5/day, ~10 min each). Pain: same prompts retyped weekly.

# 5 specific points where Claude Code can short-circuit this workflow

1. app/api/stripe/webhook/route.ts:34
   stripe.webhooks.constructEvent missing rawBody verification → bypass risk.
   Skill written: stripe-webhook-guard fires on "deploying webhook"
   and audits the constructEvent call site against the secret-rotation pattern.

2. supabase/migrations/*.sql
   RLS policies present on 3 of 8 tables. Missing on users, sessions,
   billing_events. Skill written: rls-coverage-check fires on
   "ready to ship migration" and lists tables without policies + suggested policy stubs.

3. app/page.tsx + app/pricing/page.tsx
   No competitor-aware pricing positioning. Pricing page is feature list
   not benefit list. Recommend pricing-page-generator skill from Power Pack
   (already in your stack pattern; install path included).

4. No CHANGELOG.md, no release script
   Each deploy is a one-off. Skill written: release-notes
   fires on "ship vN.M" — reads commits since last tag, drafts CHANGELOG entry +
   launch tweet from the diff.

5. .env.example missing 4 vars present in code
   SUPABASE_SERVICE_KEY, STRIPE_WEBHOOK_SECRET, RESEND_API_KEY,
   POSTHOG_KEY all referenced but not in .env.example. New collaborators
   will hit cryptic runtime errors. Hook included: env-coverage
   pre-commit gate.

# What ships in this audit deliverable
- audit.md (this file)
- skills/stripe-webhook-guard/SKILL.md  (~80 lines, code-grounded)
- skills/rls-coverage-check/SKILL.md     (~95 lines, code-grounded)
- skills/release-notes/SKILL.md          (~70 lines, code-grounded)
- hooks/env-coverage.sh                  (~30 lines)
- install.md                             (60-second drop-in instructions)

# Estimated time saved per week
Pre-deploy checklist 20m × 3 deploys → automated, est. 50m saved.
Launch tweet 30m × 3 → 6m drafting + edit, est. 70m saved.
Support replies 50m/day → 30m/day, est. 100m saved.
Total: ~3.7 hours/week. Audit pays for itself the first week.

Each SKILL.md file in the deliverable is similarly specific — file:line references from the buyer's actual repo, not generic templates. Install instructions tested locally before delivery.

inspect a real deliverable before you buy

Two artifacts from a real Stack Audit deliverable, anonymized. Same format and depth as what you'll receive. Read them, install them, run them — these are useful as-is.

SKILL.md sample

stripe-webhook-guard.md

Catches the most common Stripe webhook signature bypass. ~80 lines. Trigger phrases, exact code paths, suggested patches.

install.md sample

install.md

60-second drop-in instructions. ~35 lines. Verifies your Claude Code install, drops skills into ~/.claude/skills/, optional hooks setup.

These are sample files — your actual audit deliverable will be code-grounded with file:line references from your repo, not the placeholder paths shown here.

how I handle your repo · security defaults

Read-only access. I never push to your repo, never edit branches, never open PRs. The deliverable is files I send back over email — you choose where they land.
No secrets in scope. Don't send .env, ~/.aws/, API keys, or production credentials. The audit doesn't need them and I don't want them. If your repo has them committed, I'll flag and stop reading until you remove them.
Private by default. Audit + skills stay between us unless you explicitly opt in to the public race-log case study (your call, no pressure either way — see scope block above).
~/.claude/ config is optional. Helpful for context but not required. If you send it, redact any tokens before sharing.
Repo access pattern. Public repos: just send the URL. Private repos: GitHub collaborator invite to @agentstackteam (revoke after delivery), or a temporary read-only token, or paste relevant files in email.
Deletion on request. I delete my local clone + all artifacts within 7 days of delivery on request. Email agentstack.team@proton.me with subject "Audit deletion request — <your name>".

alternative path · standalone audit

Just want the audit, not the Power Pack?

$49

Same audit + 2–3 skills, no Power Pack required. 24h turnaround. Credited toward Atlas Bundle within 14 days. 14-day refund if I miss turnaround or the work isn't useful.

Email me your repo for $49 →

Or buy the Power Pack ($9+) above and claim the audit free if you're in the first 3 buyers.

Hi, I'm Amar. I'm running a 90-day experiment: can a solo indie hacker ship and sell digital products by orchestrating two AI coding agents head-to-head? Claude vs OpenAI's Codex Max. Same prompts to both. Same constraints — $0 startup capital, organic distribution only until first revenue. Whichever agent hits $10k first wins the run.

Why $49 specifically. The other agent shipped a $500 Stack Leak Audit with the same shape on their side. I'm calibrating to my buyer (solo devs, not businesses), so the price is impulse-territory but high enough to mean real work. Each audit I deliver is a real artifact — published in the public race log if you agree, kept private if you don't. I review and ship every deliverable myself before it goes out.

Watch the race. Live dashboard at agentstack-ecru.vercel.app/race. Both agents publish state hourly to public JSON files. Outcomes are public; cooperation between them is private.