5.7 KiB
5.7 KiB
Workflow: Audit Plugin
Comprehensive plugin evaluation against standards.
Who should do this work
| Phase | Model | Why |
|---|---|---|
| Research | Haiku | File gathering, structural validation |
| Deep analysis | Sonnet | Pattern matching, standards checking |
| Synthesis | Opus | Report writing, quality decisions |
| Cleanup | Haiku | File deletion |
When to use
- Evaluating plugin from marketplace
- Checking plugin-architect standards compliance
- Comprehensive review
Inputs required
- plugin_path - Path to plugin directory
- audit_components -
all(default),manifest-only,skills,agents,commands
Output
.claude/plugin-data/plugin-architect/audits/<plugin-name>-audit.md(gitignored)- Summary with verdict (Ready / Not Ready)
- Delete report after user acts on findings
Phases
Phase 1: Research and Setup (Haiku)
Purpose: Gather all inputs, validate requirements, perform initial structural checks.
Tasks:
- Validate plugin path exists and is directory
- Verify
.claude-plugin/plugin.jsonexists - Extract plugin name and create scratch workspace
- Inventory components: count skills, agents, commands
- Check for reversion protection artifacts:
invariants.mdin plugin root.decisions/directoryexamples/golden/
- Check for config infrastructure:
workflows/config.md(config workflow for programmatic use)commands/config.md(slash command for user invocation)- Run the Ruby config audit script for marketplace/installed/settings state:
Parse the JSON output and include check results (marketplace, installed, settings) in the research output. If the script is unavailable, fall back to manual file checks.ruby ${CLAUDE_PLUGIN_ROOT}/scripts/plugin_config/plugin_config.rb audit \ --plugin=<plugin-name> \ --marketplace=<marketplace-id> \ --project=<project-path> \ --marketplace_file=<path-to-marketplace.json>
- Read plugin manifest and validate structure
- Check documentation existence (
CLAUDE.md,README.md) - List all component entry files (SKILL.md, agent.md, command.md)
References:
${CLAUDE_PLUGIN_ROOT}/references/layout/plugin-structure.md
Output: scratch/research.md
- Plugin metadata (name, version, component counts)
- Reversion protection inventory (invariants/decisions/golden examples)
- Config infrastructure status (workflows/config.md, commands/config.md)
- Manifest structure validation
- Documentation checklist
- Component file listing
Phase 2: Deep Analysis (Sonnet)
Purpose: Perform detailed audits of manifest, documentation, and components.
Tasks:
- Read
scratch/research.mdfor context - Validate manifest fields:
- Required fields:
name,version,description - Name kebab-case format
- Version semver compliance
- Description non-empty and meaningful
- Required fields:
- Audit documentation quality:
CLAUDE.mdmeaningful (not boilerplate)- Documentation matches actual contents
- README presence (optional but noted)
- Audit config infrastructure:
- Check if
workflows/config.mdexists -> flag as minor if missing - Check if
commands/config.mdexists -> flag as minor if missing - If either missing, add recommendation to create config infrastructure
- Check if
- If
audit_components != manifest-only:- Check entry file naming (kebab-case)
- Check description style consistency
- Pattern analysis:
workflows/at plugin root -> Role-Workflow candidate- Skills dispatching 2+ subagent workflows -> Should use Role-Workflow
- Optionally delegate to component-specific audit workflows:
- Skills:
${CLAUDE_PLUGIN_ROOT}/workflows/audit-skill.md - Workflows:
${CLAUDE_PLUGIN_ROOT}/workflows/audit-workflow.md - Commands:
${CLAUDE_PLUGIN_ROOT}/workflows/audit-command.md
- Skills:
- Classify all findings by severity (significant/minor/polish)
References:
${CLAUDE_PLUGIN_ROOT}/references/tool-patterns/severity-guide.mdreferences/tool-patterns/role-workflow-pattern.md
Severity for plugins:
- Significant: Invalid manifest, missing CLAUDE.md, broken component refs
- Minor: Missing README, inconsistent patterns, missing config infrastructure
- Polish: Documentation wording, organization
Output: scratch/findings.md
- Manifest findings (with severity)
- Documentation findings (with severity)
- Config infrastructure findings (with severity and recommendations)
- Component findings (with severity)
- Pattern recommendations
- Delegated audit summaries (if any)
Phase 3: Synthesis and Cleanup (Opus for report, Haiku for cleanup)
Purpose: Generate final audit report with verdict, act on findings, clean up artifacts.
Tasks (Opus):
- Read
scratch/research.mdandscratch/findings.md - Synthesize findings into cohesive report:
- Include reversion protection context
- Group by severity (significant -> minor -> polish)
- Include delegated audit summaries
- Calculate verdict: Ready (0 significant) or Not Ready (1+ significant)
- Write final report:
.claude/plugin-data/plugin-architect/audits/<plugin-name>-audit.md - Present findings to user:
- Walk through significant findings first
- Offer to fix or let user handle
- Prompt for decision recording if significant architectural decisions made
Tasks (Haiku cleanup):
- After user acts on findings, delete audit report
- Delete scratch workspace
- If decision recording requested:
- Template:
references/tool-patterns/templates/decision-record-template.md - Write:
<plugin_path>/.decisions/YYYY-MM-DD-<topic>.md
- Template:
Decision recording triggers:
- Plugin-wide pattern decisions
- Exceptions to standards
- Component organization rationale