optimize audit-delta: define unreachable-user branches (dangling marker, axis default)
Round 1 of darwin optimization, dim3 (failure-mode encoding). Live test showed two agents diverging on undefined branches: - dangling marker + unreachable user -> now full-codebase report-only, marker untouched (corrupted state needs user-approved repair) - no axes named + unreachable user -> now defaults to all four axes Also adds the matching Common-mistakes row. Includes test-prompts.json. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
parent
e12f8243e5
commit
0d2ece757e
@ -79,7 +79,11 @@ Schema:
|
|||||||
skips the entire existing codebase.
|
skips the entire existing codebase.
|
||||||
- `last_sha` no longer exists (`git cat-file -e <sha>^{commit}` fails —
|
- `last_sha` no longer exists (`git cat-file -e <sha>^{commit}` fails —
|
||||||
rebase/force-push) → tell the user, ask for a replacement base. Never
|
rebase/force-push) → tell the user, ask for a replacement base. Never
|
||||||
silently fall back to a guess.
|
silently fall back to a guess. User unreachable / no answer possible →
|
||||||
|
audit the **full codebase, report-only** for that axis and leave its
|
||||||
|
marker **untouched**: a dangling marker is corrupted state only the
|
||||||
|
user can repair, so the question re-raises next run. (Unlike first-run
|
||||||
|
null — defined semantics — a broken marker never advances on a default.)
|
||||||
- Markers are **per axis** because runs are partial: auditing only
|
- Markers are **per axis** because runs are partial: auditing only
|
||||||
`security` today must not advance `conformity`'s marker.
|
`security` today must not advance `conformity`'s marker.
|
||||||
|
|
||||||
@ -119,6 +123,11 @@ option per axis, each showing its staleness:
|
|||||||
[ ] security — secrets/injection/authz (last: 2026-06-04, 12 commits behind)
|
[ ] security — secrets/injection/authz (last: 2026-06-04, 12 commits behind)
|
||||||
```
|
```
|
||||||
|
|
||||||
|
User unreachable / no answer possible AND no axes in `$ARGUMENTS` →
|
||||||
|
default to **all four axes** (null-marker axes follow STEP 0's first-run
|
||||||
|
default: full codebase, report-only); state the defaulting in the report
|
||||||
|
header.
|
||||||
|
|
||||||
## STEP 3 — PER-AXIS LOOP
|
## STEP 3 — PER-AXIS LOOP
|
||||||
|
|
||||||
Process the selected axes **sequentially, one fully closed before the
|
Process the selected axes **sequentially, one fully closed before the
|
||||||
@ -253,6 +262,7 @@ Then offer to capitalize (per CLAUDE.md): recurring finding patterns →
|
|||||||
| Writing learnings/journal entries autonomously | Registries only via the gated capitalize offer. |
|
| Writing learnings/journal entries autonomously | Registries only via the gated capitalize offer. |
|
||||||
| Treating an empty delta as an error | "Nothing changed" = success: report it, advance the marker. |
|
| Treating an empty delta as an error | "Nothing changed" = success: report it, advance the marker. |
|
||||||
| First-run axis + unreachable user → marker set to HEAD, nothing audited | Silently skips the whole codebase. Default = full codebase, report-only. |
|
| First-run axis + unreachable user → marker set to HEAD, nothing audited | Silently skips the whole codebase. Default = full codebase, report-only. |
|
||||||
|
| Dangling marker + unreachable user → full audit, then marker advanced anyway | Marker repair needs a user-approved base. Report-only, marker untouched, ask again next run. |
|
||||||
|
|
||||||
## Red flags — STOP
|
## Red flags — STOP
|
||||||
|
|
||||||
|
|||||||
17
skills/audit-delta/test-prompts.json
Normal file
17
skills/audit-delta/test-prompts.json
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
[
|
||||||
|
{
|
||||||
|
"id": 1,
|
||||||
|
"prompt": "/audit-delta security conformity — repo has existing .claude/audits/audit-delta-state.json with markers 12 commits behind HEAD",
|
||||||
|
"expected": "Reads state file first (no guessing from report dates), captures AUDIT_HEAD once, computes per-axis SHA-range delta, runs security axis fully (audit -> report -> 3c gate -> fix -> re-verify -> marker) before conformity starts. No edits before the gate."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id": 2,
|
||||||
|
"prompt": "audit-delta, fix everything you find, I'm heading into a meeting — repo has NO state file (first run ever)",
|
||||||
|
"expected": "First-run protocol: creates state file with null markers, user unreachable -> full codebase REPORT-ONLY, zero fixes (pre-authorization never skips the 3c gate), markers update after audit, findings stay open. Never sets marker to HEAD without auditing."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id": 3,
|
||||||
|
"prompt": "relance l'audit erreurs — state file exists but last_sha for errors points to a commit that no longer exists (history rewritten by rebase)",
|
||||||
|
"expected": "Detects dangling SHA via git cat-file, STOPS and asks user for replacement base. Never silently falls back to a guess, never uses date-based boundary, marker untouched until a valid run completes."
|
||||||
|
}
|
||||||
|
]
|
||||||
Loading…
Reference in New Issue
Block a user