Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

audit-engine

Étoiles3

Forks0

Mis à jour2 juin 2026 à 09:48

Audit a repo for structural anti-patterns and repo health: schema drift, duplicated logical columns, multiple writers with no owner, and the broader six-family sweep. Use when the user asks to "audit" a repo, hunt for "drift" or an "anti-pattern", check "repo health", or run a named detector profile (e.g. schema-drift / SCH). Owns the full flow: preflight, scope, detect, verify, cure-map, emit (findings doc + OpenSpec change + Bilingual Linear issues + 4-cure scaffold proposals). Do NOT trigger for premortems, code review of a single PR, or generic status reports.

Installation

Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.

Exécuter dans Manus

Source

DojoCodingLabs

DojoCodingLabs/make-no-mistakes-toolkit

Ouvrir le dépôt GitHub Voir les dépôts du créateur

Téléchargement

Exécuter dans Manus

Métiers associésSOC

Basé sur la classification professionnelle SOC

Développeurs de logicielsProfessions informatiques et mathématiques·SOC 15-1252

SKILL.md

readonly

name

audit-engine

description

Audit Engine

You are a senior staff engineer running a structural audit on a repository. You are stack-agnostic and evidence-driven. Your output is governed by the audit-report contract at references/audit-report-schema.md (machine schema: schemas/audit-report-schema.schema.json). Read the contract before emitting — it is the SSOT for finding IDs, severities, the cure_map vocabulary, and the report envelope.

The engine runs as a named detector profile from references/detectors/. The caller (usually a /audit-<family> command) names which profile to run. For schema drift that is references/detectors/schema-drift.md (family SCH).

A run moves through six stages, 0 → 5, in order. Do not skip a stage.

Stage 0 — Agent-teams preflight

Fan-out is the engine's default execution model, so check for Agent Teams first.

Read ~/.claude/settings.json and look for:

"env": { "CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS": "1" }

If present, proceed with Agent Teams fan-out.
If missing, recommend enabling it and show the user the exact one-line diff:
```
  "env": {
+   "CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS": "1"
  }
```
Apply this only with the user's explicit consent. Never silently edit global settings.
If the user declines (or consent isn't available), PREFER the superpowers:subagent-driven-development skill — dispatch one subagent per finding on the latest Opus (4.8).
A sequential single-context crawl is the last resort. It is valid only when fan-out doesn't pay off: very few findings, subagents unavailable, or an explicit cost / quota limit the user has stated.

Record which execution mode you chose; it determines how Stages 2–3 fan out.

Stage 1 — Scope & context

Before detecting anything, build a picture of the repo.

Detect the stack. Look for Supabase / Postgres (a supabase/ dir, migrations/, *.sql), Serverpod / Dart (pubspec.yaml, *.dart, generated protocol), or Node (package.json, tsconfig.json). Record the stack string for the report envelope (e.g. supabase).
Read the governance + ownership context:
- CLAUDE.md / AGENTS.md (project conventions and constraints)
- docs/repo-health/governance.md (if present — the promotion cadence)
- the ownership map / CODEOWNERS
- prior reports in docs/repo-health/ — skip findings already exempted there or carried as accepted waivers.

The goal is to enter Stage 2 knowing the stack, who owns what, and what's already been triaged so you don't re-report settled issues.

Stage 2 — Detect (LLM-first)

Run the named profile's LLM detection prompt (for SCH, the prompt block in references/detectors/schema-drift.md).

Detection is LLM-first: read the relevant sources and surface candidate findings by reasoning, not by grep alone.
Every candidate finding MUST carry a file:line evidence anchor. No anchor → not a candidate. This is non-negotiable; an unanchored claim cannot be verified or remediated.

Output of this stage is a list of candidate findings, each with at least one { file, line } evidence object.

Stage 3 — Verify (deterministic + adversarial)

Every candidate must survive verification before it becomes a finding.

If the profile has a deterministic check, run it. For SCH, call findDuplicatedColumns(sql, { minTables: 2 }) from src/audit/verifiers/schema-drift.ts against the parsed migrations / schema and reconcile its output with the LLM candidates.
Otherwise, dispatch a refutation agent. The refuter defaults to "not a finding" and only confirms when it can prove the violation from the evidence anchor. This adversarial default keeps false positives out.
Fan out one verifier per candidate (Agent Teams or subagents, per the Stage 0 mode).
Drop unverified candidates. Then stamp each surviving finding's confidence (confirmed / probable / unverified per the contract).
ALWAYS log any coverage cap. If you could only verify a subset, say so explicitly (e.g. "verified 40 of 52 candidates; 12 deferred — schema files too large to parse in budget"). Never truncate silently.

Stage 4 — Map to cures

For each confirmed finding, compute the applicable cure_map subset from the contract vocabulary: ownership | ci_guard | agent_rule | hook. Use the profile's cure_map template as the starting point (for SCH: ownership + ci_guard) and adjust to the specific finding.

For each cure, generate scaffold-proposal text: a concrete, human-reviewable description of the diff that would apply the cure (e.g. the CODEOWNERS line, the CI check, the agent rule). These are proposals, not edits — see Stage 5.

Stage 5 — Emit

Assemble the AuditReport (the canonical intermediate representation) and produce the four artifacts per references/audit-report-schema.md:

Findings doc → docs/repo-health/<family>-audit-YYYY-MM-DD.md. Render it to conform to schemas/audit-report-schema.schema.json. The renderFindingsDoc(report) helper in src/audit/emit/findings-doc.ts produces the canonical Markdown format — use its output shape.
OpenSpec remediation change — a proposed change in the repo's OpenSpec workflow that captures the remediation.
Bilingual-Layer Linear issues — one issue per blocker | high finding, authored in the Bilingual Format (Human Layer + Agent Layer).
4-cure scaffold PROPOSALS — the suggested diffs from Stage 4. In v1 these are never auto-applied. Present them for the user to review and apply.

End the run with a short chat summary: counts by severity, the coverage cap (if any), and where the four artifacts landed.

Plus depuis ce dépôt

même dépôt

domain-driven-advisor

DojoCodingLabs/make-no-mistakes-toolkit

Guided entry point for repo health when you don't know which audit you need. Use when the user asks "which audit", "where do I start", wants to check "repo health", or mentions "domain driven" design. Inspects the repo, asks a few plain-language questions, recommends which audit(s) to run (or the full ordered sweep), runs them via the audit-engine, and finishes with a premortem on the remediation plan. Best first command for a new repo.

2026-06-023

spec-recommend

DojoCodingLabs/make-no-mistakes-toolkit

Reads spec files or SRD tasks and produces structured implementation briefs in the Bilingual Format (Human Layer + Agent Layer). Use when the user asks to "analyze this spec", "create an implementation brief", "process this SRD task", "what needs to be built from this spec", or wants to turn a spec document into actionable implementation steps. Supports OpenSpec, numbered steps, and SRD gap audit. Do NOT trigger for: issue analysis (use spike-recommend), code review, or status reports.

2026-05-293

review-open-prs

DojoCodingLabs/make-no-mistakes-toolkit

Cross-references open PRs across all repos in the current org with Linear issues, checks Greptile review scores, forces mergeable calculation, and generates an actionable report with merge/rebase/fix recommendations. Use when the user asks "show me open PRs", "what PRs need attention", "review PRs", "check Greptile scores", "what's ready to merge", or wants a comprehensive PR status overview. Do NOT trigger for: creating PRs, code review, or single PR inspection.

2026-05-263

implement-advisor

DojoCodingLabs/make-no-mistakes-toolkit

Detects when the user wants to work on a Linear issue, implement a feature, fix a bug, or start development work. Suggests the /make-no-mistakes:implement command. Triggers on: "implement", "work on issue", "start on", "pick up issue", "Linear issue", "build feature", "fix bug", "start coding", "work on <PREFIX>-NNN" or "implement <PREFIX>-NNN" for any Linear issue prefix (APP, BACK, SEC, MYTEAM, etc. — based on your workspace), "implement this", "let's build", "start implementing", "pick up this ticket", "work on this task", "execute this issue", "develop this feature", "ship this", pastes a Linear issue URL, or provides an issue ID. Does NOT trigger on: rebase, sync branches, standup, test execution, code review, general coding questions, or session management tasks.

2026-05-213

spike-recommend

DojoCodingLabs/make-no-mistakes-toolkit

Analyzes issues and produces structured bilingual implementation briefs (Human Layer + Agent Layer). Use when the user asks to "analyze this issue", "create an issue brief", "what does this Linear issue need", pastes a Linear issue URL, or wants to understand and plan work for an issue. By default, the brief is written back to the tracker (Linear / GitHub Issues / etc.) — not to a local file. Do NOT trigger for: general project management or status updates unrelated to a specific issue.

2026-05-213

prioritize

DojoCodingLabs/make-no-mistakes-toolkit

Applies MoSCoW (bucket) + RICE-adapted (intra-bucket ranking) to Linear issues of a product pillar, traceable to its PIBER+IDCF sub-spike and the latest vision audit. Use when the user asks to "prioritize issues", "priorizar el pillar", "aplicar MoSCoW", "rank the backlog", "RICE scoring", "/prioritize", or wants a data-backed decision on what to work on next within a pillar. Do NOT trigger for: generic backlog ranking without pillar context (use spike-recommend or implement-advisor instead), issue creation, or PR review.

2026-05-063

name

audit-engine

description

Audit Engine

A run moves through six stages, 0 → 5, in order. Do not skip a stage.

Stage 0 — Agent-teams preflight

Fan-out is the engine's default execution model, so check for Agent Teams first.

Read ~/.claude/settings.json and look for:

"env": { "CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS": "1" }

If present, proceed with Agent Teams fan-out.
If missing, recommend enabling it and show the user the exact one-line diff:
```
  "env": {
+   "CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS": "1"
  }
```
Apply this only with the user's explicit consent. Never silently edit global settings.
If the user declines (or consent isn't available), PREFER the superpowers:subagent-driven-development skill — dispatch one subagent per finding on the latest Opus (4.8).
A sequential single-context crawl is the last resort. It is valid only when fan-out doesn't pay off: very few findings, subagents unavailable, or an explicit cost / quota limit the user has stated.

Record which execution mode you chose; it determines how Stages 2–3 fan out.

Stage 1 — Scope & context

Before detecting anything, build a picture of the repo.

Detect the stack. Look for Supabase / Postgres (a supabase/ dir, migrations/, *.sql), Serverpod / Dart (pubspec.yaml, *.dart, generated protocol), or Node (package.json, tsconfig.json). Record the stack string for the report envelope (e.g. supabase).
Read the governance + ownership context:
- CLAUDE.md / AGENTS.md (project conventions and constraints)
- docs/repo-health/governance.md (if present — the promotion cadence)
- the ownership map / CODEOWNERS
- prior reports in docs/repo-health/ — skip findings already exempted there or carried as accepted waivers.

The goal is to enter Stage 2 knowing the stack, who owns what, and what's already been triaged so you don't re-report settled issues.

Stage 2 — Detect (LLM-first)

Run the named profile's LLM detection prompt (for SCH, the prompt block in references/detectors/schema-drift.md).

Detection is LLM-first: read the relevant sources and surface candidate findings by reasoning, not by grep alone.
Every candidate finding MUST carry a file:line evidence anchor. No anchor → not a candidate. This is non-negotiable; an unanchored claim cannot be verified or remediated.

Output of this stage is a list of candidate findings, each with at least one { file, line } evidence object.

Stage 3 — Verify (deterministic + adversarial)

Every candidate must survive verification before it becomes a finding.

If the profile has a deterministic check, run it. For SCH, call findDuplicatedColumns(sql, { minTables: 2 }) from src/audit/verifiers/schema-drift.ts against the parsed migrations / schema and reconcile its output with the LLM candidates.
Otherwise, dispatch a refutation agent. The refuter defaults to "not a finding" and only confirms when it can prove the violation from the evidence anchor. This adversarial default keeps false positives out.
Fan out one verifier per candidate (Agent Teams or subagents, per the Stage 0 mode).
Drop unverified candidates. Then stamp each surviving finding's confidence (confirmed / probable / unverified per the contract).
ALWAYS log any coverage cap. If you could only verify a subset, say so explicitly (e.g. "verified 40 of 52 candidates; 12 deferred — schema files too large to parse in budget"). Never truncate silently.

Stage 4 — Map to cures

Stage 5 — Emit

Assemble the AuditReport (the canonical intermediate representation) and produce the four artifacts per references/audit-report-schema.md:

Findings doc → docs/repo-health/<family>-audit-YYYY-MM-DD.md. Render it to conform to schemas/audit-report-schema.schema.json. The renderFindingsDoc(report) helper in src/audit/emit/findings-doc.ts produces the canonical Markdown format — use its output shape.
OpenSpec remediation change — a proposed change in the repo's OpenSpec workflow that captures the remediation.
Bilingual-Layer Linear issues — one issue per blocker | high finding, authored in the Bilingual Format (Human Layer + Agent Layer).
4-cure scaffold PROPOSALS — the suggested diffs from Stage 4. In v1 these are never auto-applied. Present them for the user to review and apply.

End the run with a short chat summary: counts by severity, the coverage cap (if any), and where the four artifacts landed.