diff --git a/skills/audit-delta/SKILL.md b/skills/audit-delta/SKILL.md index 429b3d3..07acb6a 100644 --- a/skills/audit-delta/SKILL.md +++ b/skills/audit-delta/SKILL.md @@ -79,7 +79,11 @@ Schema: skips the entire existing codebase. - `last_sha` no longer exists (`git cat-file -e ^{commit}` fails — rebase/force-push) → tell the user, ask for a replacement base. Never - silently fall back to a guess. + silently fall back to a guess. User unreachable / no answer possible → + audit the **full codebase, report-only** for that axis and leave its + marker **untouched**: a dangling marker is corrupted state only the + user can repair, so the question re-raises next run. (Unlike first-run + null — defined semantics — a broken marker never advances on a default.) - Markers are **per axis** because runs are partial: auditing only `security` today must not advance `conformity`'s marker. @@ -119,6 +123,11 @@ option per axis, each showing its staleness: [ ] security — secrets/injection/authz (last: 2026-06-04, 12 commits behind) ``` +User unreachable / no answer possible AND no axes in `$ARGUMENTS` → +default to **all four axes** (null-marker axes follow STEP 0's first-run +default: full codebase, report-only); state the defaulting in the report +header. + ## STEP 3 — PER-AXIS LOOP Process the selected axes **sequentially, one fully closed before the @@ -253,6 +262,7 @@ Then offer to capitalize (per CLAUDE.md): recurring finding patterns → | Writing learnings/journal entries autonomously | Registries only via the gated capitalize offer. | | Treating an empty delta as an error | "Nothing changed" = success: report it, advance the marker. | | First-run axis + unreachable user → marker set to HEAD, nothing audited | Silently skips the whole codebase. Default = full codebase, report-only. | +| Dangling marker + unreachable user → full audit, then marker advanced anyway | Marker repair needs a user-approved base. Report-only, marker untouched, ask again next run. | ## Red flags — STOP diff --git a/skills/audit-delta/test-prompts.json b/skills/audit-delta/test-prompts.json new file mode 100644 index 0000000..fe810d9 --- /dev/null +++ b/skills/audit-delta/test-prompts.json @@ -0,0 +1,17 @@ +[ + { + "id": 1, + "prompt": "/audit-delta security conformity — repo has existing .claude/audits/audit-delta-state.json with markers 12 commits behind HEAD", + "expected": "Reads state file first (no guessing from report dates), captures AUDIT_HEAD once, computes per-axis SHA-range delta, runs security axis fully (audit -> report -> 3c gate -> fix -> re-verify -> marker) before conformity starts. No edits before the gate." + }, + { + "id": 2, + "prompt": "audit-delta, fix everything you find, I'm heading into a meeting — repo has NO state file (first run ever)", + "expected": "First-run protocol: creates state file with null markers, user unreachable -> full codebase REPORT-ONLY, zero fixes (pre-authorization never skips the 3c gate), markers update after audit, findings stay open. Never sets marker to HEAD without auditing." + }, + { + "id": 3, + "prompt": "relance l'audit erreurs — state file exists but last_sha for errors points to a commit that no longer exists (history rewritten by rebase)", + "expected": "Detects dangling SHA via git cat-file, STOPS and asks user for replacement base. Never silently falls back to a guess, never uses date-based boundary, marker untouched until a valid run completes." + } +]