sirius-cc-wu/audit-artifacts
skills/audit-artifacts/SKILL.md
Audits proposals, features, subfeatures, and slices for drift, missing files, broken links, and planning-versus-execution mismatches.
$ install --global
skillsauthnpx skillsauth add sirius-cc-wu/sirius-skills audit-artifactsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 17, 2026, 4:36 AM149.7s11 files scanned
SKILL.md
- name:
- audit-artifacts
- description:
- Audits proposals, features, subfeatures, and slices for drift, missing files, broken links, and planning-versus-execution mismatches.
Audit Artifacts
Use this skill when a maintainer needs one read-only view of artifact health across proposals, canonical features, durable subfeatures, and execution slices.
Responsibilities
- Inventory the current proposal, planning, subfeature, and slice artifacts.
- Reuse existing owner-script validators where available.
- Surface registry drift, missing required files, invalid metadata, broken cross-artifact links, planning-to-execution handoff drift, subfeature traceability drift, and slice relation problems.
- Emit findings without mutating repository artifacts.
- Distinguish broken active slice state from intentionally pruned archived slice history retained through planning-layer summaries.
Preferred Input
- no arguments for a full audit
- optional artifact-type filtering when the user only wants one layer
Tooling
# Audit all supported artifact types
python3 skills/audit-artifacts/scripts/audit_artifacts.py
# Limit the audit to selected artifact types
python3 skills/audit-artifacts/scripts/audit_artifacts.py \
--artifact-type proposal \
--artifact-type slice
# Emit machine-readable output
python3 skills/audit-artifacts/scripts/audit_artifacts.py --json
Output
- default: grouped human-readable findings
--json: structured findings with summary counts
Interpret warnings as audit evidence, not automatic state promotion:
- closed execution slices under a subfeature can mean its planning metadata is stale
- that does not mean the parent feature is fully implemented unless the rest of the feature artifacts agree
Exit behavior:
0when no findings are present3when findings are present2for runtime or usage errors
Audit Coverage
The first version audits:
- proposal registry and proposal metadata
- top-level planning registry plus canonical feature folders
- feature-local subfeature registries plus subfeature folders
- planning-to-execution handoff consistency for canonical features
- grouped
slice-traceability.mdrows that would block deterministic planned-slice to execution-slice writeback - subfeature
slice-traceability.mdexecution links versus actual slice state - stale subfeature status or
affected_slice_idswhen all traced execution slices are already closed - execution slice registry, slice metadata, and slice relation health
Guardrails
- Keep the audit read-only; do not repair or rewrite registries or metadata.
- Reuse owner-script validation logic instead of copying lifecycle rules into a second state machine.
- Surface metadata read failures as findings instead of crashing on the first malformed artifact.
- Treat this skill as the inspection layer; repair, report, trace, and archive behaviors belong to their own capabilities.
- Do not flag intentionally pruned archived slices as missing active directories when retained summary history is still present.
Related Skills
sirius-cc-wu/ship-worktree
tools
VerifiedTrustedCommunity
Create or resume a dedicated git worktree for one feature or subfeature, drive `ship` inside that worktree, and hand the finished branch back as a pull request to the original branch.
4SKILL.mdUpdated May 6, 2026
sirius-cc-wu/reconcile-execution
testing
VerifiedTrustedCommunity
Reviews one completed feature or subfeature against final implementation and slice artifacts, then records a durable reconciliation block before archive.
4SKILL.mdUpdated May 6, 2026
sirius-cc-wu/governance-update
development
VerifiedTrustedCommunity
Tightens durable repo-level rules in AGENTS.md and adjacent governance surfaces when repeated drift reveals a policy gap.
4SKILL.mdUpdated Apr 29, 2026
sirius-cc-wu/ship
data-ai
VerifiedTrustedCommunity
Resolves one reviewed feature or subfeature backlog into remaining planned slices and routes each active slice to the next owning execution step with one commit per completed slice.
4SKILL.mdUpdated Apr 22, 2026