diff --git a/.changeset/three-balloons-build.md b/.changeset/three-balloons-build.md
new file mode 100644
index 0000000000..2de1f21317
--- /dev/null
+++ b/.changeset/three-balloons-build.md
@@ -0,0 +1,5 @@
+---
+"@pnpm/plugin-commands-audit": major
+---
+
+Filter dependency types via the `dev`/`production`/`optional` options instead of the `included` option.
diff --git a/packages/plugin-commands-audit/src/audit.ts b/packages/plugin-commands-audit/src/audit.ts
index ae88ad2902..a9f05d6e76 100644
--- a/packages/plugin-commands-audit/src/audit.ts
+++ b/packages/plugin-commands-audit/src/audit.ts
@@ -4,7 +4,7 @@ import { Config, types as allTypes, UniversalOptions } from '@pnpm/config'
 import { WANTED_LOCKFILE } from '@pnpm/constants'
 import PnpmError from '@pnpm/error'
 import { readWantedLockfile } from '@pnpm/lockfile-file'
-import { IncludedDependencies, Registries } from '@pnpm/types'
+import { Registries } from '@pnpm/types'
 import { table } from '@zkochan/table'
 import chalk = require('chalk')
 import R = require('ramda')
@@ -90,18 +90,22 @@ export function help () {
 export async function handler (
   opts: Pick<UniversalOptions, 'dir'> & {
     auditLevel?: 'low' | 'moderate' | 'high' | 'critical'
-    include: IncludedDependencies
     json?: boolean
     lockfileDir?: string
     registries: Registries
-  } & Pick<Config, 'fetchRetries' | 'fetchRetryMaxtimeout' | 'fetchRetryMintimeout' | 'fetchRetryFactor'>
+  } & Pick<Config, 'fetchRetries' | 'fetchRetryMaxtimeout' | 'fetchRetryMintimeout' | 'fetchRetryFactor' | 'production' | 'dev' | 'optional'>
 ) {
   const lockfile = await readWantedLockfile(opts.lockfileDir ?? opts.dir, { ignoreIncompatible: true })
   if (!lockfile) {
     throw new PnpmError('AUDIT_NO_LOCKFILE', `No ${WANTED_LOCKFILE} found: Cannot audit a project without a lockfile`)
   }
+  const include = {
+    dependencies: opts.production !== false,
+    devDependencies: opts.dev !== false,
+    optionalDependencies: opts.optional !== false,
+  }
   const auditReport = await audit(lockfile, {
-    include: opts.include,
+    include,
     registry: opts.registries.default,
     retry: {
       factor: opts.fetchRetryFactor,
diff --git a/packages/plugin-commands-audit/test/index.ts b/packages/plugin-commands-audit/test/index.ts
index b6614166a8..41980b68db 100644
--- a/packages/plugin-commands-audit/test/index.ts
+++ b/packages/plugin-commands-audit/test/index.ts
@@ -8,11 +8,6 @@ const skipOnNode10 = process.version.split('.')[0] === 'v10' ? test.skip : test
 skipOnNode10('audit', async () => {
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, 'packages/has-vulnerabilities'),
-    include: {
-      dependencies: true,
-      devDependencies: true,
-      optionalDependencies: true,
-    },
     registries: {
       default: 'https://registry.npmjs.org/',
     },
@@ -24,11 +19,8 @@ skipOnNode10('audit', async () => {
 test('audit --dev', async () => {
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, 'packages/has-vulnerabilities'),
-    include: {
-      dependencies: false,
-      devDependencies: true,
-      optionalDependencies: false,
-    },
+    dev: true,
+    production: false,
     registries: {
       default: 'https://registry.npmjs.org/',
     },
@@ -42,11 +34,6 @@ test('audit --audit-level', async () => {
   const { output, exitCode } = await audit.handler({
     auditLevel: 'moderate',
     dir: path.join(__dirname, 'packages/has-vulnerabilities'),
-    include: {
-      dependencies: true,
-      devDependencies: true,
-      optionalDependencies: true,
-    },
     registries: {
       default: 'https://registry.npmjs.org/',
     },
@@ -59,11 +46,6 @@ test('audit --audit-level', async () => {
 test('audit: no vulnerabilities', async () => {
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, '../../../fixtures/has-outdated-deps'),
-    include: {
-      dependencies: true,
-      devDependencies: true,
-      optionalDependencies: true,
-    },
     registries: {
       default: 'https://registry.npmjs.org/',
     },
@@ -76,11 +58,6 @@ test('audit: no vulnerabilities', async () => {
 test('audit --json', async () => {
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, 'packages/has-vulnerabilities'),
-    include: {
-      dependencies: true,
-      devDependencies: true,
-      optionalDependencies: true,
-    },
     json: true,
     registries: {
       default: 'https://registry.npmjs.org/',
@@ -96,11 +73,7 @@ test.skip('audit does not exit with code 1 if the found vulnerabilities are havi
   const { output, exitCode } = await audit.handler({
     auditLevel: 'high',
     dir: path.join(__dirname, 'packages/has-vulnerabilities'),
-    include: {
-      dependencies: false,
-      devDependencies: true,
-      optionalDependencies: false,
-    },
+    dev: true,
     registries: {
       default: 'https://registry.npmjs.org/',
     },