cc-os/plugins/cc-architect/workflows/audit-command.md

146 lines
3.0 KiB
Markdown

---
status: legacy
note: "For maintenance of existing commands only. Prefer skills for new functionality."
model_tier:
setup: main
frontmatter: main
description: opus
instructions: main
report: main
cleanup: haiku
---
# Workflow: Audit Command (LEGACY)
> **LEGACY WORKFLOW**: This workflow is for maintaining existing slash commands. For new functionality, prefer creating skills via `/cc-architect` (create-skill workflow) instead.
## When to use
- Evaluating slash command for quality and compliance
- Checking slash-command-architect standards
- Reviewing description and tool permissions
## Inputs required
- **command_path** - Path to command file (e.g., `plugin/commands/my-command.md`)
## Output
- `.claude/plugin-data/slash-command-architect/audits/<command-name>-audit.md` (gitignored)
- Summary with verdict (Ready / Not Ready)
- Delete report after user acts on findings
---
## Note on scope
Commands are simpler than skills. This audit is lighter-weight with fewer subtasks.
---
## Subtasks
### 1. Pre-audit context loading
Subagent: Main.
**Check for:**
- `invariants.md` in command's plugin root
- `.decisions/` directory
**Record in scratch:**
- Applicable invariants (or "none")
- Prior decisions affecting commands (or "none")
---
### 2. Validate path and setup
Subagent: Main.
- Verify `command_path` exists, is `.md` file
- Verify in `commands/` directory
- Extract command name
---
### 3. Frontmatter audit
Subagent: Main (inline).
**Checks:**
- Valid YAML frontmatter
- Required fields: `name`, `description`
- Name kebab-case, matches filename
- If `allowed-tools`: valid tool names array
---
### 4. Description compliance audit
Subagent: opus.
Read: `${CLAUDE_PLUGIN_ROOT}/references/layout/descriptions.md`
**Checks:**
- Follows "When/Why, Not How"
- No implementation details
- No escape hatches ("if needed", "when appropriate")
- Clear trigger
Write: `scratch/description-findings.md`
---
### 5. Instruction completeness audit
Subagent: Main.
**Checks:**
- Clear context section
- Instructions actionable
- Handles user request interpretation
- Tool permissions match requirements
---
### 6. Assemble report
Subagent: Main.
**Do:**
- Combine findings
- Classify by severity (significant/minor/polish)
- Verdict: Ready (0 significant) or Not Ready (1+ significant)
- Write: `.claude/plugin-data/slash-command-architect/audits/<command-name>-audit.md`
**Severity for commands:**
- **Significant:** Invalid frontmatter, missing fields, escape hatches
- **Minor:** Broad tool permissions, unclear instructions
- **Polish:** Wording, organization
---
### 7. Act on findings
Subagent: Main.
- Walk through significant findings first
- Offer to fix or let user handle
- After user confirms: delete report
---
### 8. Record decisions
Subagent: Main.
**When to record:**
- Exceptions to description formula
- Unusual tool permission grants
**How:**
- Template: `references/tool-patterns/templates/decision-record-template.md`
- Write: `<plugin_path>/.decisions/YYYY-MM-DD-<topic>.md`
Prompt: "Were any significant decisions made?"