From idea-to-ship
Audits an existing codebase and autonomously implements triaged fixes by composing deep-dive, prompt-pack, and build-loop skills, producing receipted local commits.
How this skill is triggered — by the user, by Claude, or both
Slash command
/idea-to-ship:audit-and-fixThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
`audit-and-fix` points at an **existing repo**, runs a rigorous **read-only audit**, makes a **value judgment about what's worth fixing**, takes **one human go**, then autonomously **sequences and implements** the triaged fixes — receipted, unit by unit, one commit per verified boundary — and **stops at local commits**.
audit-and-fix points at an existing repo, runs a rigorous read-only audit, makes a value judgment about what's worth fixing, takes one human go, then autonomously sequences and implements the triaged fixes — receipted, unit by unit, one commit per verified boundary — and stops at local commits.
It is an orchestrator: it composes the existing skills and never reimplements them. It invokes deep-dive, prompt-pack, and build-loop, carries each one's file output into the next, and adds only the connective tissue — the triage verdict, the single gate, the regression fence, the receipt discipline, the resume contract, and the honest ledger. If a phase tempts you to paste a sub-skill's procedure into this run, stop: invoke the skill instead.
It is autopilot pointed backwards. autopilot builds something that doesn't exist and risks inventing demand; audit-and-fix repairs something that does and risks breaking working software. Dropping ideate isn't a shortcut — the codebase replaces it as the source of truth. There is nothing to invent, so there's no grounding firewall to hold; the analogous rule here is a green test is not a fixed bug, and a non-reproduction is not a fix.
Strong triggers — invoke without asking:
deep-dive briefing already landed. That's this skill, entering at Phase 3 (and see the gate table: the findings were read, so no gate — within the bound).Do NOT use this for:
deep-dive, and it's cheaper.prompt-pack (+ build-loop). Nothing to discover.autopilot. There's no codebase to be the grounding.git init first — this isn't a receipt technicality: the baseline SHA, the fence proof, the commit-per-unit cadence, and resume are all defined in terms of git. Without it there is no run, not a degraded one.Routing tie-breaker: deep-dive answers "is it sound?" and stops. audit-and-fix answers "is it sound, what's worth fixing given where you're headed — now go fix it, receipted, and stop before you publish." If the user shows no intent to change the code, it's deep-dive.
Load-bearing, stated up front so no one reads an autonomous fix run as more than it is.
Produces: a read-only evidence package, a triage verdict, a durable fix pack, a sequence of verified local commits with receipts, and an honest ledger of what's checked vs. what only a human can clear.
The 6 eyes-open limits it does NOT escape:
tree-exact means recorded against the sealed tree — never proven correct. What's proven is that the recorded commands passed on that tree. Never translate a grade upward.deep-dive's confidence is capped by its ground-truth tally, and its fan-out is the same model — it surfaces where independent reasoning diverges, never an error every lane shares. Report that cap verbatim; never launder a judgment call into a fact.resume.deep-dive → triage → pack half has run for real, repeatedly — though "it ran" is not "it was right" (see the triage note below). The build-loop-per-unit seam has never actually run: the runs this skill distills hand-rolled that discipline and never invoked the skill. The seam is clean on paper and untested in fact — expect it to need real use before you trust it. Don't read the gap as a virtue.The triage is a judgment, not a measurement. It is the highest-authority call in the run — it produces the scope — and it has never once been vetoed, which is not evidence it was right: an un-vetoed triage and an unchecked triage look identical from here (n=1 user; see references/triage-guide.md). It's the call most needing humility. Invite a correction to the lens; don't merely permit one.
Hard rule: invoke each skill and carry its file forward; never inline its content. Phase-by-phase orchestration (what each invocation gets, what carries forward, where the gates are): references/audit-fix-playbook.md.
.gitignore was silently degrading every receipt in the run. A gate you haven't proven works is not a gate.)deep-dive (codebase-audit variant, pure research — do NOT patch) → the evidence package + executive briefing. This skill owns the edit phase; deep-dive's own patch phase stays dark. Read-only against the pinned baseline. Ask it for three extras, all inside its competence but none of them default output: the frozen core (what correctness and safety depend on — derived from the codebase, before and independently of any fix list); a non-regression oracle (a measurable invariant captured before any change, so the build phase can prove "enhanced, not damaged" rather than assert it); and a falsifier per Tier 0/1 finding (a runnable trigger that makes the defect observably fail at the baseline — this is what Phase 4 turns into a red-first regression test). If any genuinely doesn't exist, say so — never fake one.references/triage-guide.md.prompt-pack (Mode A) → the fix pack + a mandatory status ledger. Re-ground first — the audit's line refs have a shelf life. The tier sizing composes losslessly: deep-dive's Tier 0/1/2/3 fix list is already "sized for one work session each" — that sizing is prompt-pack's unit; the frozen core → each prompt's "What MUST NOT change"; the falsifiers → each prompt's verification matrix → build-loop's acceptance criteria. Three overrides must be named when you invoke it (durable path, mandatory ledger, and the inverted commit rule) — see the playbook, and get them wrong and the pack fights the run.build-loop, per unit, in pack order → the fix + a per-unit ledger + one commit. Most audit fixes are non-browser surfaces — build-loop's own carve-out means no see step and plain-but-clear; if a fix touches a UI, design is load-bearing and its mandatory visual loop applies (its rule, not this skill's call). build-loop reports one of four stop-conditions, and PASS is the only one that commits — see Pitfalls.deep-dive Standard scoped to the cumulative diff (<baseline>..HEAD, not the units). Unit-level green is not sufficient evidence for the whole: in a real run this caught a Blocker every green unit test missed. Prove the oracle reproduces and the fence is zero-diff — don't assert it.Exactly one mandatory stop, between the audit and the first write. The audit is read-only — zero blast radius, nothing to approve. Everything after the go is autonomous.
The gate exists because the fix set is discovered, not specified. The skill's whole input is a repo path; without the gate, one command turns an unattended agent loose to decide what's wrong with working software and rewrite it — against the user's own standing constraint, "does not damage the functionality of the system."
| Invocation | Behavior |
|---|---|
| Bare, or "audit this repo and fix what you find" | Default. Audit → triage → one gate → implement to completion. |
| "…and proceed as you see fit" / "don't stop to ask" | Gate waived — within the bound below. Post the triage verdict + run contract before unit 1 dispatches, as an FYI, not a question. |
A deep-dive briefing already delivered → "plan and execute these fixes" | No gate — the findings were reported and read. Re-ground, triage, proceed. |
Every waiver waives the approval, not the bound — row 3 included. A waiver holds only when triage produces no redesign-class unit and no unit touching the frozen core. If it does, the gate stands regardless of phrasing or history — post the verdict and say why. Row 2's authorization is given at t=0, before the audit exists, so it can't be informed consent for a scope nobody had yet; row 3's user genuinely read the findings — that's the precedent deep-dive sets ("if the request already said 'apply the fixes,' that counts as approval") — but reading findings is not approving a redesign. Neither waiver reaches that far.
Row 3 enters at Phase 3 without Phase 1's three extras — the existing briefing was never asked for a frozen core, an oracle, or falsifiers. Commission them before authoring the pack (a scoped pass, not a full re-audit), or proceed with them explicitly absent and say so in the ledger — a run with no fence and no oracle cannot claim it proved anything about damage.
The gate never re-opens. After the go: no plan approval, no per-unit approval, no pause offers. Report at unit boundaries in plain English with an explicit "nothing needed from you." Anything inside the skill's competence gets decided and explained, never surfaced as a menu. Stopping because the evidence says stop is not re-opening the gate — the no-pause rule governs asking permission to continue, never halting when a unit can't go green honestly.
Hard gates — no up-front phrasing and no pre-authorization unlocks these: push, merge, tag, publish, spend money, touch a live account. Each needs its own explicit, in-the-moment request made after the commits exist — and that is a separate act outside this skill's run, which ends at the ledger.
Where autonomy actually ends: it covers what this run can reverse by resetting its own commits. It does not cover — local or not — deleting or cleaning untracked files, git clean, rewriting history, amending or force-moving branches, resetting past the baseline, running migrations, or touching any uncommitted work that isn't this run's (other agents may be in this tree). If a reset of your own commits can't undo it, it's a hard gate.
Wrap every load-bearing verification in the project's receipt tool when one is configured (this system uses didrun — see the user's CLAUDE.md). The split is principled: the audit is deliberately UNRECEIPTED and labeled so (a read-only audit can't touch the repo's ledger without breaking its own contract); the build phase is fully receipted, per unit. The ritual, the honest grades, the verify --strict loop (not a checkpoint), and the known tool bugs: references/receipt-discipline.md. Anything not run through the wrapper is UNRECEIPTED and must be called that. Never fake a receipt.
resume — a first-class one-word verbLong packs will hit usage limits and reboots; a real run lost its final unit to one at 5.3 hours. Make every unit cache-resumable — one unit = one commit = one durable status row, and every commit subject carries its unit ID (that's what lets git prove which units landed when the ledger is stale). On the bare word resume, with zero further input: locate the run state → establish git truth — git wins over the ledger, always reconcile the ledger to git, never the reverse → verify HEAD still descends from the pinned baseline (if it doesn't, the pack is stale against the tree: stop, don't resume) → discard any half-done unit's partial work and re-dispatch it whole → continue at the first unit not proven landed by git. Never re-run a landed unit. Never re-open the gate. One line of report, then keep going. Full contract: the playbook.
build-loop and never invoked it.build-loop stops on PASS, PLATEAU, BUDGET, or BLOCKED — and only PASS commits. Any non-PASS stop with an open Blocker/High/Medium stops the pack: record the condition verbatim with its open-defect queue, mark the remaining units NOT ATTEMPTED, then still run Phase 5 and the ledger against what actually landed — a partially-fixed tree must still be proven not-damaged. Never re-dispatch build-loop to route around its own BUDGET — that counter is what guarantees the run terminates.deep-dive's default output path is inside it, so override it or the "read-only" audit isn't. Other agents may be working in there, and a session scratchpad is not durable.stale for no code reason. Build to cache; check git status before receipting. Diagnose staleness honestly; never weaken the gate to clear it.| Situation | What audit-and-fix runs |
|---|---|
| Medium repo, a real fix set | deep-dive Standard (3–5 lanes) → triage → 4–8 units, sequential → verification unit. Budget two Standard dives, not one — Phase 5's cumulative red-team costs roughly what Phase 1 did. |
| Large / high-stakes / pre-live-test | deep-dive Exhaustive (5–6 lanes) → triage → 8–14 units + verification unit + cumulative red-team. Hours, millions of tokens — expect a resume. |
| Triage yields ≤3 small, low-collision fixes | Skip the pack, not the run. The pack machinery is overhead at that size — say so at the gate and just fix them: still receipted, still one commit per verified boundary, still Phase 5 and the honest ledger. (You can't know this before Phase 1 — it's a Phase 2 call, not a routing rule.) |
| Concurrent agents active in the repo | Mandatory regardless of size: artifacts outside the repo, baseline SHA pinned into every subagent, re-ground before the pack, docs units last, worktrees if going parallel. |
| A very large pack (>~8 units) | Parallel units in isolated git worktrees, fanned out by file-collision risk, never severity alone — but see the receipt/worktree caveat in references/receipt-discipline.md. Sequential is the default for a reason. |
| The audit finds nothing worth fixing | A valid, honest outcome. Deliver the briefing, say so, stop. |
audit-and-fix is the autonomous tier pointed at code that already exists: it turns a rigorous audit into verified, receipted commits and an honest ledger — eyes open on the 6 limits, stopping at the line where a human has to look.
npx claudepluginhub nelsonwerd/idea-to-ship-skills --plugin idea-to-shipGoverns repo implementation with audit-closure methodology: PDCA cycles, 5 Whys, Andon, and verifiable handoffs. Activates on /implementaudit or audit-closure requests.
Runs an iterative multi-agent code audit that fixes critical and high findings until resolved or a cap is reached. Useful for deep code audits, release-readiness reviews, and post-refactor risk sweeps.
Audits codebases as a senior advisor, producing prioritized implementation plans for other agents to execute. Read-only — never edits code directly.