القائمة
Audit build and CI configuration for correctness risks
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
| name | audit-build-ci |
| description | Audit build and CI configuration for correctness risks |
| context | fork |
| agent | auditor |
| disable-model-invocation | true |
Audit the build and CI configuration for subtle correctness risks.
Read the build files and CI workflows before analyzing:
build.gradle.kts (root and caffeine module)gradle/plugins/ (custom Gradle plugins).github/workflows/ (GitHub Actions)gradle.propertiesConsider:
Report only issues that could cause incorrect artifacts, missing failures, or false confidence in test results.
Audit the adaptive window hill-climber and region-resize logic for implementation defects (not algorithm quality)
JSR-107 (JCache) spec-conformance audit
Audit explicit state machines (drain status, node lifecycle, async-value lifecycle) for illegal or missed transitions
Heavyweight history-mining bug audit. Walks the caffeine module's git history chronologically (oldest to HEAD), maintains a forward-tracked issue database, and surfaces concerns introduced by past commits that were never resolved. Catches bugs that snapshot mining cannot — half-fixes invisible from current state, latent+trigger pairs across multi-commit interactions, and partial refactors. Slow (model/effort-dependent; ~24h on Opus + max effort) and rare-run (every several months or before a major release).
Differential audit comparing matched code paths that should behave identically. Spawns one auditor per sibling pair (sync/async, bounded/unbounded, view consistency, bulk vs single, generated node variants, read fast vs slow, adapter conformance) and requires a concrete witness scenario where the two paths diverge observably.
Find places where documented API contracts and the implementation diverge