We run audit checks as part of our build pipelines, but sometimes it's not possible to fix package audit issues in a timely manner when a critical fix needs to be deployed, and having your build pipeline failing on audit checks and stopping the quick fix deployment is not ideal.
The following is a script which would allow us to skip the audit steps only once if the last commit message contains skip-audit.
if ! git log -1 --stat | grep -q "skip-audit"; then
yarn audit --level high --groups dependencies
exit $(( $? >= 8 ? 1 : 0 ))
fi