How to check if a smart contract is audited?

I'm completely stuck right now. I really need to figure out exactly how to check if a smart contract is audited?

Last night, I almost dumped a painful amount of ETH into this wild new yield farming protocol I found on Crypto Twitter. The APY was completely unhinged. Naturally, my gut screamed at me to pause, take a breath, and actually figure out how to check if a smart contract is audited before blindly apeing in.

But here is the brutally annoying part.

I jumped into their Discord, asked for proof of an audit, and a mod just linked me to a random PDF hosted on Google Drive—which honestly looked like it was typed up by a teenager using Microsoft Word in about fifteen minutes flat. Red flags everywhere. I backed out immediately.

I realize I can't just trust these anonymous developers anymore. I need a repeatable, foolproof system. Seriously, when you guys are evaluating a totally fresh token, how do you personally tackle the whole "how to check if a smart contract is audited?" problem?

My current (very flawed) process

Right now, my workflow is pretty embarrassing.

• Skimming Etherscan: I usually hunt for a verified code tab. (But does a simple green checkmark actually mean it is secure from exploits?)
• Reading the Docs: They always claim they passed security checks with flying colors.
• Googling the Auditor: Half the time it is some obscure security firm I've literally never heard of.

What I actually want to know

Are there specific, highly trusted databases where I can cross-reference the raw contract address directly? Here is what I am trying to figure out:

It's exhausting.

I really want to master exactly how to check if a smart contract is audited without needing a computer science degree. If you've got a specific, battle-tested checklist you run through before risking your own hard-earned cash, please drop it below. I'm utterly tired of guessing.