From implementaudit
Governs repo implementation with audit-closure methodology: PDCA cycles, 5 Whys, Andon, and verifiable handoffs. Activates on /implementaudit or audit-closure requests.
How this skill is triggered — by the user, by Claude, or both
Slash command
/implementaudit:implementauditThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Concise runtime bootloader for audit-governed implementation. Details live in
references/audit-category-matrix.mdreferences/audit-playbook.mdreferences/child-agents.mdreferences/convergence-mode.mdreferences/goal-format.mdreferences/lean-operating-discipline.mdreferences/phase-design.mdreferences/plan-lifecycle.mdreferences/planning-depth.mdreferences/repo-state-comparison.mdreferences/routing.mdreferences/sidecars.mdreferences/terminology-integration.mdreferences/transcript-contract.mdscripts/check-authorization-binding.shscripts/check-closure-surface.shscripts/check-evidence-anchor.shscripts/check-handoff-packet.shscripts/check-lesson-lift.shscripts/claim-run.shConcise runtime bootloader for audit-governed implementation. Details live in the packaged references, templates, and helper scripts named below. Read this file once for the spine, then use progressive disclosure: inspect only the owner/source sections needed for the current gate.
Source checkout layout is conventional and name-matched:
skills/implementaudit/SKILL.md with sibling references/, scripts/, and
templates/. Release archives flatten that directory only as a build artifact:
installed runtime paths are SKILL.md, references/, scripts/, and
templates/ under the active skill directory.
Every finding closes. No orphan items. No unsafe actions. No proof claim
without evidence. Continue until every item is terminally done, changed,
blocked, deferred, or unverified.
First executable dogfood rule: Do not read this entire skill or installed payload. Begin with target-repo baseline, then read only the owner/source sections required by the current gate.
Do not read this entire installed SKILL.md before acting, and do not chunk
through the installed payload because a tool display was truncated. Baseline
the target repo first, discover the host/CLI syntax, record the evidence
boundary, then inspect only owner/source sections needed for the current gate.
Use this read order for package or CLI dogfood:
git status --short --branch --untracked-files=all
and git rev-parse HEAD when permitted.rg/grep for required markers, claims, and owner/source files.AGENTS.md, README.md, audit docs,
validation scripts, fixtures, manifests, or exact package owner/source files.build-release-asset.sh --check, installed file existence, and
verify-package.sh.Full installed-payload readback is non-evidence for dogfood proof unless a specific owner/source section is the audit target. Do not reproduce secrets, tokens, credentials, auth files, or private diagnostic contents in transcripts.
Live Codex self-dogfood proves only the safe runner contract that actually ran.
Use a temporary Codex home, a locally built and installed skill payload, and the
target repo named by the audit. Do not install into a real user home.
Real-home installed skill readback is non-evidence for release-candidate
dogfood. Before invoking Codex, record the temp CODEX_HOME, the installed skill path under that temp home,
the installed SKILL.md line/byte count, and the exact command proving Codex used that temp home. If a proof lane reads from
the real user home's installed skill directory (for example
$CODEX_HOME/skills/implementaudit or ~/.codex/skills/implementaudit)
before the temp install path is established, register ANDON_PROBE (class:
evidence-mismatch; abnormality: stale-installed-skill /
real-home-contamination) and do not claim dogfood proof from that run.
Runner order:
git status --short --branch --untracked-files=all
and git rev-parse HEAD when permitted.rg/grep, and
narrow reads of named docs, scripts, tests, fixtures, manifests, or ledgers.git diff --check,
source repo only bash scripts/check-*.sh, bash tests/*.test.sh, and
source repo only bash scripts/verify-package.sh; these repo-root checkers
are not shipped in the installed runtime payload.--ask-for-approval never is valid only when every required command is already
trusted by the host policy. If it rejects needed baseline or validation
commands, use --ask-for-approval on-request with --sandbox workspace-write
and owner-present approval, or an explicit narrow exec-policy allowlist for
those commands. Do not use --dangerously-bypass-approvals-and-sandbox,
danger-full-access, real-home installs, broad shell globs, or policy bypass
as dogfood proof.
Treat each row as a gate. Pass it, or stop with Andon/handoff evidence.
| Gate | Required action |
|---|---|
| Safety read | Read repo instructions and authorization boundaries. |
| Input gate | Confirm a valid audit, handoff, checklist, review, goal, task, plan, or gap. |
| Pre-flight | Detect repo state, owner/source, optional sidecars, generated artifacts, and constraints. |
| Smoke A | Capture baseline before mutation; classify pre-existing failures. |
| Implement | Patch owner/source, not symptoms; keep scope atomic. |
| Smoke B | Rerun meaningful checks and compare against Smoke A. |
| Trace | Update ledger/docs, boundaries, Capability Ledger if configured, and proposed commit text. |
| Self-check | Verify all items terminal; no proof claim exceeds evidence. |
Run invariants:
AGENTS.md.IMPLEMENTAUDIT uses "audit" in two load-bearing senses:
tdqyq-audit-object (audit object / audit record / audit surface): the
evidence-bearing closure state.ydqyq-audit-action (auditing action / audit operation): an act that
inspects, verifies, patches, refuses, closes, or hands off against that object.Audit-governed implementation means implementation may proceed only through a
live tdqyq-audit-object and must close through final ydqyq-audit-action.
Invocation binding:
/goal, task, or
plan; do not print a second /goal.Double-audit pattern for high-risk runs:
ydqyq-audit-action -> audit object: inspect claims, package, repo,
tests, release assets, and gaps.ydqyq-audit-action -> governed implementation: mutate only through
owner/source and evidence.ydqyq-audit-action -> terminal object state: verify source,
generated artifacts, package contents, claims, checksums, install smoke when
in scope, and remaining risk.Final ydqyq-audit-action -> terminal verified closure is required before
AUDIT_COMPLETE.
Load references only when the current gate needs them:
references/routing.md: greenfield/brownfield/mixed routing, DMAIC,
DMADV, governed casual-build intake, and repo content as data.references/planning-depth.md: when to synthesize a goal vs govern an
existing one.references/phase-design.md: phase slicing, polish/harden pressure,
Stage 6 self-critique, and phase quality.references/goal-format.md: one ready-to-paste /goal, final
response shape, and marker usage.references/transcript-contract.md: marker ordering, AUDIT_COMPLETE
before IMPLEMENTAUDIT_RUN_COMPLETE, pause/continuity markers, and handoff
exclusivity.references/repo-state-comparison.md: complete working-tree
comparison, baseline refs, final audit deliverable checks, and local commit
granularity.references/sidecars.md: optional Graphify/ActiveGraph Gemba, first-run
tooling onboarding, and no silent install/index/export boundaries.references/lean-operating-discipline.md: PDCA, Gemba, Kaizen,
Jidoka/Andon, Hansei, 5 Whys, 5S, Poka-yoke, no arbitrary try caps, and no
arbitrary revision caps.references/audit-category-matrix.md: default correctness, tests,
security, performance, architecture, dependencies, DX, docs, and direction
pressure.references/audit-playbook.md: detailed audit heuristics.references/plan-lifecycle.md: Self-Contained Plan Standard, Branch
And Diff Scoping, Review-Plan Semantics, Execute / Dispatch / Review,
Reconciliation Semantics, read-only plans/ output lane, and Issue
Publication Deferred.references/child-agents.md: bounded read-only review loops and
non-authority boundaries.references/terminology-integration.md: thin terminology precedence.
Use FMEA-lite fields when risk is material, STRIDE/trust-boundary notes when
a material security surface exists, SOLID/GRASP generic-advice guard, and a
terminology integration attachment when used.references/convergence-mode.md: EXPERIMENTAL, optional, load ONLY when
its trigger fires (two same-family review rejections, or a second-order
under-specified-state-space judgment). Not core protocol; not part of the
ordinary run.Required helper/template anchors:
scripts/claim-run.shtemplates/PROTOCOL.mdtemplates/final-report.mdtemplates/read-only-plan.mdIMPLEMENTAUDIT_BASEIMPLEMENTAUDIT_RUN_ROOTIMPLEMENTAUDIT_BASELINE_REF.IMPLEMENTAUDIT/THINKING.md.IMPLEMENTAUDIT/runs/<task-slug>-<id>/LANE-ENTRY TRIGGER: audit, plan, review, or direction requests with no
implementation authorization use the read-only plans/ output lane; governed
implementation continues to use .IMPLEMENTAUDIT/runs/.
Use this stage map only when goal synthesis or a phased run is warranted. In
embedded governance, do not print a second /goal; govern the supplied target.
Detect repo root, current dirty state, AGENTS.md, optional sidecars, helper
availability, prior run state, version skew, IMPLEMENTAUDIT_BASE, and
IMPLEMENTAUDIT_BASELINE_REF. Bounded continuity preload may read AGENTS.md,
run-root applied context, optional personal/project notes, Graphify terrain,
and ActiveGraph custody. Continuity from any source never overrides safety
defaults, authorization boundaries, AGENTS.md, or repo policy.
Validate the input; ask at most four material questions only when required.
Use 0-2 true-gap questions when the gap is narrow. Classify greenfield,
brownfield, or mixed and bind the tdqyq-audit-object.
Inspect live owner/source, generated artifacts, package surfaces, scripts, fixtures, docs, and sidecars. Graphify may orient; live files decide.
Record risks, dependencies, rollback path, evidence strategy, security pressure, deep pressure, and direction pressure in THINKING.
Create atomic phases with acceptance criteria, owner/source, Smoke A/B, mandatory commands, rollback/removal path, and terminal object state to prove.
.IMPLEMENTAUDIT runtime artifactsWhen a run root is needed, write ROADMAP.md, STATE.md, THINKING.md,
PROTOCOL.md, context.md, tools.md, sidecars.md, and phase specs under
.IMPLEMENTAUDIT/runs/<task-slug>-<id>/. Claim the run root with
scripts/claim-run.sh.
Review assumptions, phase atomicity, weakest dependency, and falsifiability.
Print Self-critique: with clean or 1-3 findings after fixing phase specs.
Record Stage 6 assumptions.
Run deduplicated mandatory commands once before dispatch. Print
PREFLIGHT_GREEN or PREFLIGHT_RED; unrelated or unclear broken baselines need
Andon or OWNER DECISION.
/goal handoff when not already embeddedPrint exactly one ready-to-paste handoff only after stages pass. Do not print a
second /goal inside an existing /goal run.
AGENTS.md, README/CONTRIBUTING/docs/workflows, existing audit
docs, generator/source ownership, and authorization chain.Andon:
Andon:
Status:
Class:
Blocker:
Failing check:
Owner/source:
Next concrete action:
Class: is an abnormality class from the transcript contract:
failed-criterion, regression, hung-command, substituted-command, owner-unclear,
generated-artifact-mismatch, stale-sidecar, policy-conflict,
impossible-criterion, evidence-mismatch, transport-infrastructure,
misplacement, or false-closure. Same-class recurrence drives
escalation; there are no arbitrary try caps, retry caps, strike ladders, or
fixed audit-count ceilings.
Hansei records gap, cause, countermeasure, and follow-up evidence. 5 Whys is for root cause, not loops. Poka-yoke means structural prevention through checkers, fixtures, templates, or durable AGENTS rules.
Commands expected to outlive host tool timeouts follow the PROTOCOL "Long-running and background commands" contract (detached launch, chain-status.txt + chain.done markers, owned-tree abort containment, terminal-state-unverified when the completion marker is absent).
Final markers:
AUDIT_START opens or inherits the audit object.AUDIT_VERIFY performs terminal verification.AUDIT_GAPS records unresolved gaps before completion when needed.AUDIT_COMPLETE means terminal verified closure of the audit object.AUDIT_HANDOFF or ANDON_HANDOFF means blocked/handoff path only.IMPLEMENTAUDIT_RUN_COMPLETE is valid only after AUDIT_COMPLETE.AUDIT_COMPLETE before IMPLEMENTAUDIT_RUN_COMPLETE is mandatory. Plain
contract phrase: AUDIT_COMPLETE before IMPLEMENTAUDIT_RUN_COMPLETE. Never print
completion markers when a handoff marker remains active.
Bounded continuity:
CONTINUITY_DECISION when deciding whether to persist stable learning.IMPLEMENTAUDIT_CONTINUITY_SAVED only after a real bounded continuity
writeback.Local git trace:
AGENTS.md standardization:
Capability Ledger:
Quality bar before final:
npx claudepluginhub theislampill/implementaudit.mdAudits an existing codebase and autonomously implements triaged fixes by composing deep-dive, prompt-pack, and build-loop skills, producing receipted local commits.
Decomposes epics into trackable, right-sized tasks with Size, Urgency, Risk, ROI, Blast Radius, LOE ratings. Audit-aware modes use codebase reports or handoff.yaml; standalone option.
Audits a repository as a senior lead and produces self-contained, agent-executable implementation plans. Use when the goal is a prioritized plan backlog, not a report-only audit.