Interactive system flow tracing across CODE, API, AUTH, DATA, NETWORK layers with SQLite persistence and Mermaid export. Use when auditing system architecture, tracing data flows, documenting security boundaries, or mapping component interactions.
From atum-systemnpx claudepluginhub arnwaldn/atum-system --plugin atum-systemThis skill uses the workspace's default tool permissions.
schema.sqlscripts/audit.pyProvides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.
Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.
Integrates PayPal payments with express checkout, subscriptions, refunds, and IPN. Includes JS SDK for frontend buttons and Python REST API for backend capture.
Audit Flow is a Python-based CLI tool for tracing system flows across five architectural layers (CODE, API, AUTH, DATA, NETWORK) with SQLite persistence and Mermaid diagram export.
The tool supports interactive session-based flow mapping with these features:
Entry sequence (ALWAYS execute first):
schema.sql to understand the database structure.audit/audit.db existsForbidden actions: Deleting the database, recreating tables, or reinitializing when data exists destroys irreplaceable audit history.
DB-first discipline: "SQLite = sole source of truth. Context window: volatile, compacts without notice, hallucinates state."
Sessions begin by collecting: name, purpose (security-audit, documentation, compliance, ideation, debugging, architecture-review, or incident-review), and granularity (fine-grained ~50-200 tuples or coarse-grained ~10-30 tuples).
Flows use seven relation types with specific semantics: TRIGGERS, READS, WRITES, VALIDATES, TRANSFORMS, BRANCHES, and MERGES. Critical constraint: every BRANCHES edge requires a condition label.
Output uses purpose-based directory structure:
docs/audits/{name}-{YYYY-MM-DD}/docs/ideation/{name}-{YYYY-MM-DD}.mdDiagrams automatically include entry point markers, step numbers, legends, and observation separation when exported via the CLI tool.
python audit.py init # Initialize database
python audit.py list # List all sessions
python audit.py show <session> # Show session with flows
python audit.py show <session> <flow> # Show specific flow
python audit.py export <session> [fmt] # Export all flows
python audit.py export <session> <flow> [fmt] # Export specific flow
python audit.py csv-export # Export DB tables to .audit/csv/
python audit.py csv-import # Import .audit/csv/ into DB
python audit.py csv-merge <theirs_dir> # Merge theirs CSVs into ours
| Type | Semantics |
|---|---|
| TRIGGERS | Component A initiates Component B |
| READS | Component reads from data source |
| WRITES | Component writes to data source |
| VALIDATES | Component validates input/state |
| TRANSFORMS | Component transforms data format |
| BRANCHES | Flow splits conditionally (MUST have condition label) |
| MERGES | Multiple flow paths converge |
| Purpose | Use Case |
|---|---|
| security-audit | Trace auth flows, data boundaries, attack surfaces |
| documentation | Map system architecture, component interactions |
| compliance | Audit data handling for regulatory requirements |
| ideation | Explore design alternatives |
| debugging | Trace error propagation paths |
| architecture-review | Evaluate system design decisions |
| incident-review | Post-mortem flow reconstruction |