popup-studio-ai/audit
skills/audit/SKILL.md
View audit logs, decision traces, and session history for AI transparency. ACTION_TYPES (19 entries) include PDCA events (phase_transition, gate_passed/failed, agent_spawned/completed/failed, rollback_executed, destructive_blocked) and Sprint events (sprint_paused, sprint_resumed, master_plan_created — v2.1.13). Triggers: audit, log, decision trace, history, 감사 로그, 결정 추적.
$ install --global
skillsauthnpx skillsauth add popup-studio-ai/bkit-claude-code auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 13, 2026, 6:27 AM206.9s1 file scanned
SKILL.md
- name:
- audit
- classification:
- workflow
- classification-reason:
- Audit logging persists regardless of model advancement
- deprecation-risk:
- none
- effort:
- medium
- description:
- |
- Triggers:
- audit, log, decision trace, history, 감사 로그, 결정 추적.
- argument-hint:
- [log|trace|summary|search] [query]
- user-invocable:
- true
- imports:
- []
- next-skill:
- null
- pdca-phase:
- null
- task-template:
- [Audit] {action}
Audit Skill
User-invocable skill for viewing audit logs, decision traces, and session history.
Arguments
| Argument | Description | Example |
|----------|-------------|---------|
| (none) | Show recent audit log entries (same as log) | /audit |
| log | Show recent audit log entries (last 20) | /audit log |
| trace <feature> | Show decision traces for a feature | /audit trace user-auth |
| summary | Show daily/weekly audit summary | /audit summary |
| search <query> | Search audit logs by action type, feature, or date | /audit search "phase_transition" |
Action Details
log (Default)
Display recent audit log entries.
- Read today's audit log from
.bkit/audit/YYYY-MM-DD.jsonl - If today's log is empty or has fewer than 20 entries, also read yesterday's log
- Parse JSONL entries (one JSON object per line)
- Display the last 20 entries in reverse chronological order
- Format each entry with timestamp, action, feature, and details
JSONL Entry Schema:
{
"timestamp": "2026-03-19T10:30:00.000Z",
"action": "phase_transition",
"feature": "user-auth",
"from": "plan",
"to": "design",
"automationLevel": "semi-auto",
"triggeredBy": "user",
"details": "Plan approved, transitioning to Design"
}
Output Format:
--- Audit Log (Last 20 Entries) -------------------
[2026-03-19 10:30] phase_transition | user-auth
plan -> design (Semi-Auto, user-triggered)
[2026-03-19 10:25] checkpoint_created | user-auth
Checkpoint cp-1710842700000 before Design phase
[2026-03-19 10:20] automation_level_changed | -
L1 -> L2 (trust score: 72)
...
---------------------------------------------------
Total entries today: 45
trace <feature>
Show decision traces for a specific feature.
- Read decision trace files from
.bkit/decisions/YYYY-MM-DD.jsonl - Filter entries matching the specified feature
- Display chronological decision chain with rationale
Decision Trace Entry Schema:
{
"timestamp": "2026-03-19T10:30:00.000Z",
"feature": "user-auth",
"decision": "advance_to_design",
"rationale": "Plan document complete, matchRate N/A at this phase",
"alternatives": ["request_plan_revision", "skip_to_do"],
"chosenBecause": "Plan deliverable exists and passes validation",
"automationLevel": "semi-auto",
"confidence": 0.92
}
Output Format:
--- Decision Trace: user-auth ---------------------
[10:15] START -> pm
Decision: Begin PDCA cycle
Rationale: New feature request detected
[10:20] pm -> plan
Decision: advance_to_plan
Rationale: PRD document generated successfully
Alternatives: [reject_prd, revise_scope]
Confidence: 0.88
[10:30] plan -> design
Decision: advance_to_design
Rationale: Plan document complete, passes validation
Alternatives: [request_plan_revision, skip_to_do]
Confidence: 0.92
---------------------------------------------------
Total decisions: 3
summary
Show daily or weekly audit summary.
- Read audit logs for the current day (and optionally past 7 days)
- Aggregate by action type and count occurrences
- Calculate key metrics:
- Total actions recorded
- Phase transitions count
- Automation vs manual ratio
- Error/recovery events
- Average trust score change
- Display formatted summary
Output Format:
--- Audit Summary (2026-03-19) --------------------
Total Actions : 45
Phase Transitions : 12
Checkpoints Created : 4
Errors Recorded : 1
Recoveries : 1
Action Breakdown:
phase_transition : 12 (27%)
checkpoint_created : 4 (9%)
match_rate_recorded : 8 (18%)
automation_level_change: 2 (4%)
iteration_completed : 6 (13%)
other : 13 (29%)
Automation Ratio: 67% auto / 33% manual
Trust Score Change: +3 (69 -> 72)
---------------------------------------------------
Weekly Trend (last 7 days):
Mon: 32 actions | Tue: 45 actions | Wed: 28 actions
...
search <query>
Search audit logs by action type, feature name, or date range.
- Parse the search query to determine filter type:
- If query matches an action type (e.g.,
phase_transition), filter by action - If query matches a feature name, filter by feature
- If query matches a date (YYYY-MM-DD), filter by date
- Otherwise, perform full-text search across all fields
- If query matches an action type (e.g.,
- Read relevant JSONL files from
.bkit/audit/ - Apply filters and return matching entries (max 50 results)
- Display results in chronological order
Search Examples:
# Search by action type
/audit search "phase_transition"
# Search by feature name
/audit search "user-auth"
# Search by date
/audit search "2026-03-18"
# Full-text search
/audit search "error"
File Locations
| Path | Format | Purpose |
|------|--------|---------|
| .bkit/audit/YYYY-MM-DD.jsonl | JSONL | Daily audit log entries |
| .bkit/audit/summary/ | JSON | Pre-computed daily/weekly summaries |
| .bkit/decisions/YYYY-MM-DD.jsonl | JSONL | Decision trace entries |
Module Dependencies
| Module | Function | Usage |
|--------|----------|-------|
| lib/audit/audit-logger.js | readAuditLog() | Read audit entries |
| lib/audit/audit-logger.js | searchAuditLog() | Search/filter entries |
| lib/audit/decision-tracer.js | getDecisionTrace() | Read decision traces |
Retention Policy
- Audit logs: 30-day retention, auto-cleanup via daily hook
- Decision traces: 30-day retention, linked to audit logs
- Total storage budget: 100MB (auto-prune oldest when exceeded)
Usage Examples
# View recent log entries
/audit
# View decision trace for a feature
/audit trace user-auth
# View daily summary
/audit summary
# Search for phase transitions
/audit search "phase_transition"
# Search by feature
/audit search "user-auth"
Related Skills
popup-studio-ai/sprint
testing
VerifiedTrustedCommunity
Sprint Management — generic sprint capability for ANY bkit user. 16 sub-actions: init, start, status, watch, phase, iterate, qa, report, archive, list, feature, pause, resume, fork, help, master-plan. Triggers: sprint, sprint start, sprint init, sprint status, sprint list, 스프린트, 스프린트 시작, 스프린트 상태, スプリント, スプリント開始, スプリント状態, 冲刺, 冲刺开始, 冲刺状态, sprint, iniciar sprint, estado sprint, sprint, demarrer sprint, statut sprint, Sprint, Sprint starten, Sprint Status, sprint, avviare sprint, stato sprint, master plan, multi-sprint plan, sprint master plan, 마스터 플랜, 멀티 스프린트 계획, 스프린트 마스터 플랜, マスタープラン, マルチスプリント計画, スプリントマスタープラン, 主计划, 多冲刺计划, 冲刺主计划, plan maestro, plan multi-sprint, plan maestro sprint, plan maître, plan multi-sprint, plan maître sprint, Masterplan, Multi-Sprint-Plan, Sprint-Masterplan, piano principale, piano multi-sprint, piano principale sprint.
548SKILL.mdUpdated May 13, 2026
popup-studio-ai/cc-version-analysis
tools
VerifiedTrustedCommunity
CC CLI version upgrade impact analysis — research changes, analyze bkit impact, generate report. Triggers: cc-version-analysis, CC upgrade, version analysis, CC 버전 분석, 버전 영향.
545SKILL.mdUpdated Apr 18, 2026
popup-studio-ai/rollback
testing
VerifiedTrustedCommunity
Manage PDCA checkpoints and rollback — create, list, restore for safe recovery. Rollback events are recorded via lib/audit/audit-logger ACTION_TYPES.rollback_executed. For sprint-level recovery, individual feature rollbacks may be triggered from within sprint phases (sprint itself is forward-only — terminal state is `archived`, not rolled back; v2.1.13). Triggers: rollback, checkpoint, restore, undo, 롤백, 체크포인트, 복원.
539SKILL.mdUpdated Apr 18, 2026
popup-studio-ai/qa-phase
testing
VerifiedTrustedCommunity
QA Phase execution — L1-L5 test planning, generation, execution, and reporting for a single feature. For sprint-level QA (7-Layer dataFlowIntegrity / S1 gate across multiple features) use /sprint qa <sprintId> which delegates to sprint-qa-flow agent (v2.1.13). Triggers: qa phase, QA test, qa run, QA 실행, QAフェーズ, QA阶段, fase QA, phase QA, QA-Phase, fase QA.
539SKILL.mdUpdated Apr 18, 2026