refactor(audits): route all report writes to .claude/audits/

Before: SEO.md, GEO.md, HARDEN.md, VALIDATE.md, BUGS-FOUND.md landed
at project root. After: all five go to .claude/audits/. Covers both
dispatcher write paths and the dispatcher bash commands that parse
each report (test -s, grep score, wc) — otherwise the dispatcher
would look for the file at the old location.

- skills/seo,geo,harden,validate,code-clean — write paths + console
  summaries ("Report: .claude/audits/X.md")
- skills/harden,validate — bash parsing commands (test/grep/wc) aligned
- agents/seo-analyzer,validator-analyzer,code-cleaner — agent-side refs
- agents/validator-analyzer frontmatter description updated

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
bastien 2026-04-23 16:06:54 +02:00
parent 32ccceb548
commit 7b57b2e091
8 changed files with 41 additions and 44 deletions

View File

@ -141,7 +141,7 @@ Do NOT call the `/refactor` skill — invoke the agent directly.
If cleanup reveals actual bugs (not style issues — real defects): If cleanup reveals actual bugs (not style issues — real defects):
- Append each bug to `BUGS-FOUND.md` at project root: - Append each bug to `.claude/audits/BUGS-FOUND.md` (run `mkdir -p .claude/audits` first):
``` ```
## [date] Bug found during code-clean ## [date] Bug found during code-clean
- **File**: <file:line> - **File**: <file:line>
@ -178,7 +178,7 @@ REFACTORED:
SKIPPED (user decision): SKIPPED (user decision):
- <item><reason> - <item><reason>
BUGS FOUND: <N> (logged to BUGS-FOUND.md) BUGS FOUND: <N> (logged to .claude/audits/BUGS-FOUND.md)
TESTS: passing / no test suite / <failures> TESTS: passing / no test suite / <failures>
``` ```
@ -192,7 +192,7 @@ TESTS: passing / no test suite / <failures>
- No "while we're here" scope creep. Only fix approved items. - No "while we're here" scope creep. Only fix approved items.
- Exported/public API symbols require explicit per-item user confirmation - Exported/public API symbols require explicit per-item user confirmation
before deletion — even if they appear unused. before deletion — even if they appear unused.
- Bugs go to BUGS-FOUND.md, not fixed in this workflow. - Bugs go to .claude/audits/BUGS-FOUND.md, not fixed in this workflow.
- If the codebase has no tests and the changes are non-trivial, - If the codebase has no tests and the changes are non-trivial,
warn the user about the risk before executing. warn the user about the risk before executing.
- No plugin check (lightweight skill, not an orchestrator). - No plugin check (lightweight skill, not an orchestrator).

View File

@ -877,7 +877,7 @@ SEO AGENT RESULT (depth: <LOCAL|FULL>)
``` ```
**If standalone `/seo` on a project without `/geo`**: write/update **If standalone `/seo` on a project without `/geo`**: write/update
`SEO.md` at project root. Structure matches classic format, with §7 `.claude/audits/SEO.md` (run `mkdir -p .claude/audits` first). Structure matches classic format, with §7
(GEO) marked as "Not audited — run /geo for GEO/AI optimization". (GEO) marked as "Not audited — run /geo for GEO/AI optimization".
```markdown ```markdown

View File

@ -1,6 +1,6 @@
--- ---
name: validator-analyzer name: validator-analyzer
description: Web standards audit agent — W3C HTML validity (validator.nu), W3C CSS validity (jigsaw.w3.org), WCAG 2.1 accessibility (axe-core, pa11y, WAVE). Dispatched from /validate. Produces scored VALIDATE.md report with concrete diffs for auto-fixable issues and user actions for judgment-required fixes. Complementary to /harden (security), /seo (indexability), /geo (AI extraction). description: Web standards audit agent — W3C HTML validity (validator.nu), W3C CSS validity (jigsaw.w3.org), WCAG 2.1 accessibility (axe-core, pa11y, WAVE). Dispatched from /validate. Produces scored .claude/audits/VALIDATE.md report with concrete diffs for auto-fixable issues and user actions for judgment-required fixes. Complementary to /harden (security), /seo (indexability), /geo (AI extraction).
tools: Read, Edit, Write, Bash, Grep, Glob, WebFetch tools: Read, Edit, Write, Bash, Grep, Glob, WebFetch
--- ---
@ -287,7 +287,7 @@ RGAA 4.1 (French public sector).
--- ---
## STEP 4 — Score + VALIDATE.md ## STEP 4 — Score + .claude/audits/VALIDATE.md
### Scoring ### Scoring
@ -306,7 +306,7 @@ Base 100. Deductions :
Clamp to [0, 100]. Clamp to [0, 100].
### Report structure — write to `<PROJECT_ROOT>/VALIDATE.md` ### Report structure — write to `<PROJECT_ROOT>/.claude/audits/VALIDATE.md` (run `mkdir -p .claude/audits` first)
```markdown ```markdown
# Validation Report — <project name> # Validation Report — <project name>
@ -455,7 +455,7 @@ READY TO APPLY — awaiting dispatcher confirmation
- **Single agent, narrow scope.** W3C HTML + W3C CSS + WCAG 2.1 only. - **Single agent, narrow scope.** W3C HTML + W3C CSS + WCAG 2.1 only.
Drop anything else (meta tags, JSON-LD, perf, security, generic linting). Drop anything else (meta tags, JSON-LD, perf, security, generic linting).
- **Degrade gracefully.** Missing tools → fall back to static checks. - **Degrade gracefully.** Missing tools → fall back to static checks.
Never fail hard. Always produce VALIDATE.md, even in degraded mode. Never fail hard. Always produce .claude/audits/VALIDATE.md, even in degraded mode.
- **Framework awareness.** For SPA/JS frameworks (Next/Astro/Vite/ - **Framework awareness.** For SPA/JS frameworks (Next/Astro/Vite/
SvelteKit/Nuxt), validate built output (`dist/`, `_site/`, `build/`, SvelteKit/Nuxt), validate built output (`dist/`, `_site/`, `build/`,
`out/`), not JSX/TSX source. Note "Validated against built HTML at `out/`), not JSX/TSX source. Note "Validated against built HTML at
@ -464,8 +464,7 @@ READY TO APPLY — awaiting dispatcher confirmation
STOP, return control via `READY TO APPLY`. STOP, return control via `READY TO APPLY`.
- **Cite evidence.** Every finding : `file:line` + tool output quote. - **Cite evidence.** Every finding : `file:line` + tool output quote.
Empty findings or hand-waving = bug. Empty findings or hand-waving = bug.
- **One report.** `VALIDATE.md` at project root (or `docs/VALIDATE.md` - **One report.** `.claude/audits/VALIDATE.md`. On re-run, move previous content to a
if convention exists). On re-run, move previous content to a
`## Historique` section — do not overwrite silently. `## Historique` section — do not overwrite silently.
- **External validators are authoritative.** If validator.nu disagrees - **External validators are authoritative.** If validator.nu disagrees
with `html-validate`, trust validator.nu. If jigsaw disagrees with with `html-validate`, trust validator.nu. If jigsaw disagrees with

View File

@ -7,7 +7,7 @@ description: |
Trigger: "code-clean", "clean up the code", "remove dead code", Trigger: "code-clean", "clean up the code", "remove dead code",
"enforce code style", "cleanup", "nettoyage du code", "code hygiene". "enforce code style", "cleanup", "nettoyage du code", "code hygiene".
For targeted refactoring without audit → use /refactor instead. For targeted refactoring without audit → use /refactor instead.
For bug fixes discovered during cleanup → logged to BUGS-FOUND.md, not fixed here. For bug fixes discovered during cleanup → logged to .claude/audits/BUGS-FOUND.md, not fixed here.
argument-hint: <file, directory, or blank for entire project> argument-hint: <file, directory, or blank for entire project>
disable-model-invocation: false disable-model-invocation: false
allowed-tools: allowed-tools:

View File

@ -37,9 +37,9 @@ $ARGUMENTS
## Note on integration ## Note on integration
If `SEO.md` already exists at project root, the geo-analyzer will If `.claude/audits/SEO.md` already exists, the geo-analyzer will
merge its findings into that file's `§7 — Optimisation GEO / IA` merge its findings into that file's `§7 — Optimisation GEO / IA`
section (rather than writing a separate `GEO.md`). This keeps a section (rather than writing a separate `GEO.md`). This keeps a
single consolidated report when both /seo and /geo have been run. single consolidated report when both /seo and /geo have been run.
If no `SEO.md` exists, the agent writes `GEO.md` at project root. If no `.claude/audits/SEO.md` exists, the agent writes `.claude/audits/GEO.md` (run `mkdir -p .claude/audits` first).

View File

@ -8,7 +8,7 @@ description: |
(.htaccess, nginx.conf, netlify.toml, vercel.json, _headers, _redirects, (.htaccess, nginx.conf, netlify.toml, vercel.json, _headers, _redirects,
wrangler.toml). Dispatches the seo-analyzer agent with a STRICT scope wrangler.toml). Dispatches the seo-analyzer agent with a STRICT scope
filter — no meta/OG/JSON-LD/sitemap/CWV/headings/alt/i18n noise. filter — no meta/OG/JSON-LD/sitemap/CWV/headings/alt/i18n noise.
Produces HARDEN.md at project root. Produces .claude/audits/HARDEN.md.
Trigger: "harden", "web hardening", "ssl audit", "https audit", Trigger: "harden", "web hardening", "ssl audit", "https audit",
"hsts", "csp", "security headers", "http to https", "redirect audit", "hsts", "csp", "security headers", "http to https", "redirect audit",
"htaccess audit", "404 page", "canonical audit", "transport security", "htaccess audit", "404 page", "canonical audit", "transport security",
@ -366,7 +366,7 @@ Agent(
"READY TO APPLY — awaiting dispatcher confirmation" at the end. "READY TO APPLY — awaiting dispatcher confirmation" at the end.
Do NOT apply any Edit/Write — the dispatcher handles STEP 3. Do NOT apply any Edit/Write — the dispatcher handles STEP 3.
OUTPUT — write to <PROJECT_ROOT>/HARDEN.md : OUTPUT — write to <PROJECT_ROOT>/.claude/audits/HARDEN.md (run `mkdir -p .claude/audits` first) :
# Web Hardening Report — <project_name> # Web Hardening Report — <project_name>
@ -504,18 +504,18 @@ cached (now-READY) SSL Labs result.
## STEP 2 — Verify output ## STEP 2 — Verify output
```bash ```bash
test -s HARDEN.md && wc -l HARDEN.md || echo "MISSING HARDEN.md" test -s .claude/audits/HARDEN.md && wc -l .claude/audits/HARDEN.md || echo "MISSING .claude/audits/HARDEN.md"
``` ```
If missing or empty : If missing or empty :
``` ```
⚠️ seo-analyzer did not produce HARDEN.md. Options: ⚠️ seo-analyzer did not produce .claude/audits/HARDEN.md. Options:
A) Retry with same scope A) Retry with same scope
B) Downgrade to LOCAL and retry (if FULL failed on network) B) Downgrade to LOCAL and retry (if FULL failed on network)
C) Abort C) Abort
``` ```
Extract the score and critical-alert count from HARDEN.md for the console summary. Extract the score and critical-alert count from `.claude/audits/HARDEN.md` for the console summary.
--- ---
@ -523,9 +523,9 @@ Extract the score and critical-alert count from HARDEN.md for the console summar
Skip this step if MODE=audit. Skip this step if MODE=audit.
If MODE=fix and HARDEN.md ends with `READY TO APPLY — awaiting dispatcher confirmation` : If MODE=fix and `.claude/audits/HARDEN.md` ends with `READY TO APPLY — awaiting dispatcher confirmation` :
1. Parse the `## 8. Fix bundle` section from HARDEN.md. 1. Parse the `## 8. Fix bundle` section from `.claude/audits/HARDEN.md`.
2. Group by file. For each group, show the combined diff to the user. 2. Group by file. For each group, show the combined diff to the user.
3. Ask : 3. Ask :
``` ```
@ -539,15 +539,15 @@ If MODE=fix and HARDEN.md ends with `READY TO APPLY — awaiting dispatcher conf
A) Apply all A) Apply all
B) Review each diff before applying B) Review each diff before applying
C) Apply only Critique severity C) Apply only Critique severity
D) Abort — keep HARDEN.md as audit report D) Abort — keep .claude/audits/HARDEN.md as audit report
``` ```
4. On `A` : apply each bundle via Edit (targeted old_string/new_string, 4. On `A` : apply each bundle via Edit (targeted old_string/new_string,
never full-file Write on shared templates). never full-file Write on shared templates).
5. On `B` : for each diff, show and ask yes/no/skip. 5. On `B` : for each diff, show and ask yes/no/skip.
6. On `C` : filter to Critique-only, then behave as `A`. 6. On `C` : filter to Critique-only, then behave as `A`.
7. On `D` : stop, leave HARDEN.md untouched. 7. On `D` : stop, leave `.claude/audits/HARDEN.md` untouched.
After applying : append a `## 10. Changes applied` section to HARDEN.md After applying : append a `## 10. Changes applied` section to `.claude/audits/HARDEN.md`
with commit-ready summary lines. with commit-ready summary lines.
Never apply fixes without explicit confirmation. Never use `--no-verify` Never apply fixes without explicit confirmation. Never use `--no-verify`
@ -563,8 +563,8 @@ URL : <url or static>
Depth : LOCAL | FULL Depth : LOCAL | FULL
Mode : audit | fix Mode : audit | fix
Score : XX / 100 (<before><after> if fix applied) Score : XX / 100 (<before><after> if fix applied)
Critical alerts : <N> (voir HARDEN.md § 0) Critical alerts : <N> (voir .claude/audits/HARDEN.md § 0)
Report : HARDEN.md Report : .claude/audits/HARDEN.md
EXTERNAL VALIDATORS (FULL only) : EXTERNAL VALIDATORS (FULL only) :
Mozilla Observatory : <Grade> (score/135) Mozilla Observatory : <Grade> (score/135)
@ -613,6 +613,5 @@ NEXT STEPS :
- **SSL Labs can be slow and fail-soft.** 180s poll cap. If TIMEOUT, - **SSL Labs can be slow and fail-soft.** 180s poll cap. If TIMEOUT,
note it in HARDEN.md and move on. Cached result auto-hits on next run note it in HARDEN.md and move on. Cached result auto-hits on next run
via `maxAge=24`. Never block the whole audit waiting on SSL Labs. via `maxAge=24`. Never block the whole audit waiting on SSL Labs.
- **One report file.** `HARDEN.md` at project root (or `docs/HARDEN.md` - **One report file.** `.claude/audits/HARDEN.md`. On re-run, move previous content to a
if that convention exists). On re-run, move previous content to a
`## Historique` section, do not overwrite silently. `## Historique` section, do not overwrite silently.

View File

@ -5,7 +5,7 @@ description: |
Runs the seo-analyzer (classical search — Google, Bing, DuckDuckGo) Runs the seo-analyzer (classical search — Google, Bing, DuckDuckGo)
and geo-analyzer (AI search — ChatGPT, Perplexity, Claude, Gemini, and geo-analyzer (AI search — ChatGPT, Perplexity, Claude, Gemini,
Google AI Overviews, Copilot) IN PARALLEL, then consolidates their Google AI Overviews, Copilot) IN PARALLEL, then consolidates their
output into a unified SEO.md report. output into a unified .claude/audits/SEO.md report.
Covers: meta, OG, JSON-LD (classical + GEO-optimised schemas), Covers: meta, OG, JSON-LD (classical + GEO-optimised schemas),
sitemap, robots.txt (including AI crawlers), llms.txt, headings, sitemap, robots.txt (including AI crawlers), llms.txt, headings,
alt attrs, canonicals, hreflang, Core Web Vitals, entity SEO alt attrs, canonicals, hreflang, Core Web Vitals, entity SEO
@ -36,7 +36,7 @@ allowed-tools:
# /seo — parallel SEO + GEO dispatcher # /seo — parallel SEO + GEO dispatcher
This skill orchestrates TWO specialist agents running in parallel, then This skill orchestrates TWO specialist agents running in parallel, then
merges their output into a single `SEO.md` report. It is the main merges their output into a single `.claude/audits/SEO.md` report. It is the main
entry point for any SEO/GEO work on a web project. entry point for any SEO/GEO work on a web project.
## STEP 0 — Collect shared context (ONCE) ## STEP 0 — Collect shared context (ONCE)
@ -267,8 +267,8 @@ the dispatcher will merge your output with seo-analyzer's output.
## STEP 2 — Merge envelopes into SEO.md ## STEP 2 — Merge envelopes into SEO.md
Both agents return structured envelopes keyed by SEO.md section Both agents return structured envelopes keyed by SEO.md section
numbers. Consolidate them into a single `SEO.md` at project root numbers. Consolidate them into `.claude/audits/SEO.md`
(or `docs/SEO.md` if that convention exists). (run `mkdir -p .claude/audits` first).
### Combined score calculation ### Combined score calculation

View File

@ -4,7 +4,7 @@ description: |
Web standards audit — W3C HTML validity (validator.nu), W3C CSS Web standards audit — W3C HTML validity (validator.nu), W3C CSS
validity (jigsaw.w3.org/css-validator), WCAG 2.1 accessibility validity (jigsaw.w3.org/css-validator), WCAG 2.1 accessibility
(axe-core, pa11y, WAVE API). Dedicated to syntactic and (axe-core, pa11y, WAVE API). Dedicated to syntactic and
accessibility conformance. Produces VALIDATE.md at project root. accessibility conformance. Produces .claude/audits/VALIDATE.md.
Dispatches the validator-analyzer agent with a STRICT scope Dispatches the validator-analyzer agent with a STRICT scope
filter — no meta/OG/JSON-LD/CWV/security-header noise. filter — no meta/OG/JSON-LD/CWV/security-header noise.
Trigger: "validate", "validation", "w3c", "html validity", Trigger: "validate", "validation", "w3c", "html validity",
@ -220,7 +220,7 @@ Agent(
"READY TO APPLY — awaiting dispatcher confirmation" at the end "READY TO APPLY — awaiting dispatcher confirmation" at the end
of §5. Do NOT apply any Edit/Write — the dispatcher handles STEP 3. of §5. Do NOT apply any Edit/Write — the dispatcher handles STEP 3.
Output: write <PROJECT_ROOT>/VALIDATE.md per the structure in your Output: write <PROJECT_ROOT>/.claude/audits/VALIDATE.md (run `mkdir -p .claude/audits` first) per the structure in your
spec (sections 0-8, score XX/100). spec (sections 0-8, score XX/100).
""" """
) )
@ -231,23 +231,23 @@ Agent(
## STEP 2 — Verify output ## STEP 2 — Verify output
```bash ```bash
test -s VALIDATE.md && wc -l VALIDATE.md || echo "MISSING VALIDATE.md" test -s .claude/audits/VALIDATE.md && wc -l .claude/audits/VALIDATE.md || echo "MISSING .claude/audits/VALIDATE.md"
``` ```
If missing or empty : If missing or empty :
``` ```
⚠️ validator-analyzer did not produce VALIDATE.md. Options : ⚠️ validator-analyzer did not produce .claude/audits/VALIDATE.md. Options :
A) Retry with same scope A) Retry with same scope
B) Downgrade to LOCAL and retry (if FULL failed on network) B) Downgrade to LOCAL and retry (if FULL failed on network)
C) Abort C) Abort
``` ```
Extract the score and critical-alert count from VALIDATE.md for the Extract the score and critical-alert count from `.claude/audits/VALIDATE.md` for the
console summary : console summary :
```bash ```bash
grep -oE '\*\*Score\*\*\s+:\s+[0-9]+ / 100' VALIDATE.md | head -1 grep -oE '\*\*Score\*\*\s+:\s+[0-9]+ / 100' .claude/audits/VALIDATE.md | head -1
grep -c '^### \[Critique\]' VALIDATE.md grep -c '^### \[Critique\]' .claude/audits/VALIDATE.md
``` ```
--- ---
@ -256,7 +256,7 @@ grep -c '^### \[Critique\]' VALIDATE.md
Skip this step if `MODE=audit`. Skip this step if `MODE=audit`.
If VALIDATE.md ends with `READY TO APPLY — awaiting dispatcher confirmation` : If `.claude/audits/VALIDATE.md` ends with `READY TO APPLY — awaiting dispatcher confirmation` :
1. Parse the `## 5. Fix bundle` section. 1. Parse the `## 5. Fix bundle` section.
2. Group by file. For each group, show the combined diff to the user. 2. Group by file. For each group, show the combined diff to the user.
@ -276,7 +276,7 @@ Options :
A) Apply all A) Apply all
B) Review each diff before applying B) Review each diff before applying
C) Apply only Critique + Haute C) Apply only Critique + Haute
D) Abort — keep VALIDATE.md as audit report D) Abort — keep .claude/audits/VALIDATE.md as audit report
``` ```
4. On `A` : apply each bundle via `Edit` (targeted `old_string` / 4. On `A` : apply each bundle via `Edit` (targeted `old_string` /
@ -284,7 +284,7 @@ Options :
overwriting /seo or /geo content — meta tags, JSON-LD). overwriting /seo or /geo content — meta tags, JSON-LD).
5. On `B` : for each diff, show and ask yes/no/skip. 5. On `B` : for each diff, show and ask yes/no/skip.
6. On `C` : filter to Critique + Haute, then behave as `A`. 6. On `C` : filter to Critique + Haute, then behave as `A`.
7. On `D` : stop, leave VALIDATE.md untouched. 7. On `D` : stop, leave `.claude/audits/VALIDATE.md` untouched.
After applying, append a `## 8. Changes applied` section with After applying, append a `## 8. Changes applied` section with
commit-ready summary lines : commit-ready summary lines :
@ -322,7 +322,7 @@ URL : <url or static>
Depth : LOCAL | FULL Depth : LOCAL | FULL
Mode : audit | fix Mode : audit | fix
Score : XX / 100 (<before><after> if fix applied) Score : XX / 100 (<before><after> if fix applied)
Report : VALIDATE.md Report : .claude/audits/VALIDATE.md
BREAKDOWN : BREAKDOWN :
W3C HTML : <N errors / M warnings> W3C HTML : <N errors / M warnings>
@ -367,8 +367,7 @@ Install for better LOCAL coverage :
- **External validators are authoritative on live URLs.** validator.nu - **External validators are authoritative on live URLs.** validator.nu
and jigsaw are the W3C backends. If a local tool disagrees with and jigsaw are the W3C backends. If a local tool disagrees with
them, trust the W3C backend; flag the divergence as a finding. them, trust the W3C backend; flag the divergence as a finding.
- **One report file.** `VALIDATE.md` at project root (or - **One report file.** `.claude/audits/VALIDATE.md`. On re-run, move
`docs/VALIDATE.md` if that convention exists). On re-run, move
previous content to a `## Historique` section, do not overwrite previous content to a `## Historique` section, do not overwrite
silently. silently.
- **Cache dir.** `.validate-cache/` (gitignored) stores raw tool - **Cache dir.** `.validate-cache/` (gitignored) stores raw tool