Audit Packs: Pick Your Plate

February 21, 20262 min read

Audit Packs: Pick Your Plate

With 86 audit prompts in the library, the first question is always: "Where do I start?" That's what packs are for.

Two kinds of packs

Project-type packs

These are tailored to what you're building. Pick the one that matches your app:

SaaS — auth, billing, multi-tenancy, API design
AI App — prompt injection, data privacy, token optimization
Marketing Site — SEO, analytics, page speed, conversion
E-Commerce — cart UX, payment security, PCI, order management (7 audits)
Chrome Extension — permissions, data privacy, store readiness
Mobile — offline storage, permissions, navigation, store readiness
Directory & Listing — search, schema, maps, moderation
Booking & Scheduling — calendar, booking flow, notifications
Community Platform — moderation, engagement, real-time, privacy
Government — Section 508, FISMA/FedRAMP, plain language
Financial Services — encryption, disclosures, form validation, session security, audit trails

Focus-area packs

These cut across project types. Use them when you want deep coverage in a specific domain:

Security — 5 audits, 124 checks. Headers, auth, data protection, API security, infrastructure hardening.
Performance — 2 audits, 58 checks. Core Web Vitals baseline plus a deep-dive optimization pass.
Accessibility — 2 audits, 64 checks. Fundamentals plus full WCAG compliance.
SEO — 1 audit, 30 checks. Advanced technical SEO beyond the free fundamentals audit.
Pre-Launch — 2 audits, 44 checks. Deployment readiness and error resilience — the go-live checklist.
Privacy Compliance — 4 audits, 78 checks. GDPR, CCPA, COPPA, and cookie consent.
Communications Compliance — 4 audits, 74 checks. Email/SMS rules, FTC compliance, subscription law, legal pages.

How packs work with your dashboard

When you create a project on AuditBuffet, we recommend a set of audits based on your project type. Your dashboard tracks progress against that recommended set — showing which audits you've completed and which are still waiting.

Run audits outside your recommended set? They still count. They show up in a separate "Other Completed Audits" section on your project page. But your overall health score is based on the recommended set, so you get a clear picture of baseline coverage.

You don't need all of them

A SaaS app doesn't need the E-Commerce cart audit. A marketing site doesn't need FISMA/FedRAMP. The pack system exists so you can load your plate with what matters and skip what doesn't.