Framework Audit Skill
Comprehensive governance audit for the academicOps framework.
NO RATIONALIZATION: An audit reports ALL discrepancies. Do NOT justify ignoring files as "generated", "acceptable", or "probably don't need to be tracked". Every gap is reported. The user decides what's acceptable - not the auditor.
Workflow Entry Point
IMMEDIATELY call TodoWrite with the following items, then work through each one:
TodoWrite(todos=[
{content: "Phase 0: Run health metrics script", status: "pending", activeForm: "Running health audit"},
{content: "Phase 1: Structure audit - compare filesystem to INDEX.md", status: "pending", activeForm: "Auditing structure"},
{content: "Phase 2: Reference graph - invoke Skill(skill='framework') then run link audit scripts", status: "pending", activeForm: "Building reference graph"},
{content: "Phase 3: Skill content audit - check size and actionability", status: "pending", activeForm: "Auditing skill content"},
{content: "Phase 4: Justification audit - check specs for file references", status: "pending", activeForm: "Auditing file justifications"},
{content: "Phase 4b: Instruction justification - verify every instruction traces to enforcement-map.md", status: "pending", activeForm: "Auditing instruction justifications"},
{content: "Phase 5: Documentation accuracy - verify README.md flowchart vs hooks", status: "pending", activeForm": "Verifying documentation"},
{content: "Phase 6: Regenerate indices - invoke Skill(skill='flowchart') for README.md flowchart", status: "pending", activeForm: "Regenerating indices"},
{content: "Phase 7: Other updates", status: "pending", activeForm: "Finalizing updates"},
{content: "Phase 8: Save audit report to $ACA_DATA/projects/aops/audit/YYYY-MM-DD-HHMMSS-audit.md", status: "pending", activeForm: "Persisting report"},
{content: "Phase 9: Create tasks for actionable findings", status: "pending", activeForm: "Creating tasks"}
])
CRITICAL: Work through EACH phase in sequence. When a phase requires a skill, invoke it explicitly as shown below.
Specialized Workflows
Session Effectiveness Audit
Qualitative assessment of session transcripts to evaluate framework performance.
Skill(skill="audit", args="session-effectiveness /path/to/transcript.md")
Workflow defined in workflows/session-effectiveness.md.
Individual Scripts (Reference Only)
These scripts run individual checks. They are NOT a substitute for the full workflow:
uv run python scripts/audit_framework_health.py -m # Phase 0 only
uv run python scripts/check_skill_line_count.py
uv run python scripts/check_broken_wikilinks.py
uv run python scripts/check_orphan_files.py
Phase Instructions
Phase 0: Health Metrics
Run comprehensive health audit first:
cd $AOPS && uv run python scripts/audit_framework_health.py \
--output /tmp/health-$(date +%Y%m%d).json
This generates:
/tmp/health-YYYYMMDD.json- Machine-readable metrics/tmp/health-YYYYMMDD.md- Human-readable report
Metrics tracked: Component counts, hook coverage, skill sizes, wikilink validation
→ Continue to Phase 1 (do not stop here)
Phase 1: Structure Audit
Compare filesystem to documentation:
- Scan filesystem:
find $AOPS -type f -not -path "*/.git/*" -not -path "*/__pycache__/*" | sort - Compare to INDEX.md: Flag missing or extra entries
- Check cross-references: Verify
→references point to existing files - Find broken wikilinks: Grep for
[[...]]patterns, validate targets exist
Phase 2: Reference Graph & Link Audit
First: Invoke Skill(skill="framework") to load framework conventions for linking rules.
Then build reference graph and check linking conventions:
cd $AOPS
# Generate graph
uv run python skills/audit/scripts/build_reference_map.py
# Find orphans and violations
uv run python skills/audit/scripts/find_orphans.py
# Or use the health script for wikilink/orphan checks
uv run python scripts/check_broken_wikilinks.py
uv run python scripts/check_orphan_files.py
Linking rules to enforce (from framework skill):
- Skills via invocation (
Skill(skill="x")), not file paths - No backward links (children → parent)
- Parents must reference children
- Use wikilinks, not backticks for graph connectivity
- Full relative paths in wikilinks
Phase 3: Skill Content Audit
For each $AOPS/skills/*/SKILL.md:
- Size check: Must be <500 lines
- Actionability test: Each section must tell agents WHAT TO DO
- Content separation violations:
- ❌ Multi-paragraph "why" → move to spec
- ❌ Historical context → delete
- ❌ Reference material >20 lines → move to
references/
Phase 4: Justification Audit (Files)
For each significant file in $AOPS/:
- Search specs: Grep
$AOPS/specs/for references - Check core docs: JIT-INJECTION.md, README.md, INDEX.md
- Classify: Justified / Implicit / Orphan
Skip: __pycache__/, .git/, individual files within skills, tests, assets
Phase 4b: Instruction Justification Audit
Every behavioral instruction injected to agents must trace to enforcement-map.md.
Unjustified instructions are bloat - they cost tokens and create confusion about what's actually enforced.
Sources to scan (files injected at SessionStart or via hooks):
FRAMEWORK-PATHS.md- core instructionsAXIOMS.md,HEURISTICS.md- principle statementsskills/*/SKILL.md- skill-specific instructionscommands/*.md- command instructionsagents/*.md- agent instructions
What constitutes a "behavioral instruction":
- Imperative statements: "always do X", "never do Y", "you MUST", "you SHOULD"
- Conditional rules: "when X, do Y", "if X then Y"
- Workflow requirements: "invoke skill X first", "before doing X, check Y"
Validation process:
- Extract behavioral instructions from each source file (look for imperatives, MUSTs, SHOULDs, "always", "never", "before", "first")
- For each instruction, search enforcement-map.md for:
- Direct reference to the instruction text
- Reference to the source file + line number
- Mapping to an axiom or heuristic that covers this instruction
- Classify each instruction:
- Justified: Appears in enforcement-map.md with axiom/heuristic mapping
- Implicit: Derives from a documented axiom/heuristic but not explicitly in enforcement-map.md
- Orphan: No traceability - FLAG FOR REVIEW
Example orphan (discovered in session):
FRAMEWORK-PATHS.md:35 - "When working with session logs, always invoke Skill(skill='transcript') first"
→ NOT in enforcement-map.md
→ No axiom/heuristic reference
→ ORPHAN - needs justification or removal
Output format:
### Instruction Justification Status
**Justified** (N instructions):
- FRAMEWORK-PATHS.md:78 "NEVER hardcode paths" → [[axioms/dry-modular-explicit.md]]
**Implicit** (N instructions):
- skills/python-dev/SKILL.md:42 "use uv run" → derives from [[axioms/use-standard-tools.md]]
**Orphan** (N instructions) - REQUIRES ACTION:
- FRAMEWORK-PATHS.md:35 "invoke transcript skill first for session logs" → NO JUSTIFICATION
- commands/learn.md:56 "..." → NO JUSTIFICATION
Resolution for orphans:
- Create heuristic if rule is valuable
- Add to enforcement-map.md with axiom/heuristic mapping
- Or DELETE the instruction if it's not worth formalizing
Phase 5: Documentation Accuracy
Verify README.md flowchart reflects actual hook architecture:
- Parse Mermaid for hook names
- Compare to hooks/router.py dispatch mappings
- Compare to settings.json hook events
- Flag drift
Phase 6: Regenerate Generated Indices
Generated indices are root-level files for agent consumption (INDEX.md, enforcement-map.md, WORKFLOWS.md, SKILLS.md, AXIOMS.md, HEURISTICS.md, docs/ENFORCEMENT.md). The core loop flowchart is maintained in README.md.
Regenerate each deterministically from sources:
AXIOMS.md and HEURISTICS.md
cd $AOPS && uv run python scripts/generate_principle_indices.py
Reads axioms/ and heuristics/ folders, generates machine-readable indices sorted by priority (1-100 bands: 1-20 core, 21-40 behavioral, 41-60 domain, 61-80 derived, 81-100 experimental).
SKILLS.md
cd $AOPS && uv run python scripts/generate_skills_index.py
Scans aops-core/ and aops-tools/ for skills and commands, extracts frontmatter (name, description), and generates routing index. Preserves existing triggers from previous SKILLS.md. Reports components missing triggers.
INDEX.md
- Scan
$AOPS/directory structure - Extract file purposes from frontmatter/headers
- Output annotated file tree
enforcement-map.md
Hook→Axiom Declaration Convention:
Every hook that enforces an axiom MUST declare it in its module docstring:
"""
Hook description.
Enforces: current-state-machine (Current State Machine)
"""
Multiple axioms: Enforces: fail-fast-code, trust-version-control (Fail-Fast, Trust Version Control)
Derivation sources:
hooks/*.pydocstrings - parse "Enforces:" lines for axiom mappingsconfig/claude/settings.json- deny rules map to axioms via comments.pre-commit-config.yaml- commit-time checks
Cross-reference validation:
- Parse all hooks for "Enforces:" declarations
- Compare against enforcement-map.md Axiom→Enforcement table
- Flag discrepancies:
- Hook declares axiom but enforcement-map.md shows "Prompt" level only
- enforcement-map.md lists hook but hook lacks "Enforces:" declaration
- Axiom has Hard/Soft Gate in enforcement-map.md but no hook declares it
Output: Table mapping each axiom to its enforcement mechanism, hook, trigger point, and level.
WORKFLOWS.md
Derive task routing from:
skills/*/SKILL.mdfrontmatter - what task types each skill handlesskills/*/workflows/*.md- skill-specific workflow files (e.g.,skills/framework/workflows/05-feature-development.md)agents/*.md- what workflows each agent usesenforcement-map.md(Soft Gate Guardrails section) - type→guardrail mappings
Skill workflow discovery: Scan all skills/*/workflows/*.md files and extract:
- Workflow name from filename (e.g.,
05-feature-development.md→feature-development) - Purpose from first heading or frontmatter description
- Parent skill from directory path (e.g.,
skills/framework/workflows/→frameworkskill)
Include in output:
- A "Skill Workflows" section listing all discovered workflow files
- Path reference for each (e.g.,
[[skills/framework/workflows/05-feature-development]]) - Brief description extracted from file
Output: Table of task types, when to use each, workflow, and skill. Plus skill workflow index.
README.md (Core Loop Flowchart)
First: Invoke Skill(skill="flowchart") to load Mermaid diagram conventions.
Regenerate the core loop flowchart section in README.md from hook architecture sources:
- Parse
hooks/router.pyfor dispatch mappings (event→handler) - Parse
config/claude/settings.jsonfor hook event registrations - Parse
hooks/*.pyfor hook implementations and "Enforces:" declarations - Generate Mermaid flowchart following flowchart skill conventions:
- Use decision diamonds for conditional logic
- Apply classDef for semantic coloring (hooks, skills, tools, outcomes)
- Group by execution phase (SessionStart, UserPromptSubmit, PreToolUse, PostToolUse, Stop)
- Label edges with event types and conditions
Structure:
- Vertical main flow showing session lifecycle
- Horizontal insertion points for each hook event
- Subgraphs for phase groupings
Location: Replace the "Core Loop" section in README.md (after the Quick Start section)
docs/ENFORCEMENT.md
Derive practical enforcement guide from:
docs/ENFORCEMENT.md(existing mechanism ladder content - preserve)specs/enforcement.md"Component Responsibilities" section - root cause model
Root Cause Analysis section (append to end):
- Copy root cause definition from spec
- Copy responsibility tables (Pre/Execution/Post phases)
- Copy root cause categories
- Add failure→responsibility mapping examples from observed patterns
Each generated index must include header:
> **Generated by audit skill** - Do not edit manually.
Phase 7: Other Updates
- Fix README.md: Update tables including sub-workflows (see below)
- Report orphans: Flag for human review (do NOT auto-delete)
- Report violations: List with file:line refs
Sub-Workflow Extraction for README.md
Skills with multiple workflows/modes MUST have each sub-workflow documented separately in the Skills table.
Detection: For each skills/*/SKILL.md:
- Grep for
^## Workflow:or^## Modeheaders - Check for
workflows/subdirectory with separate workflow files - Check for
## Modessection listing multiple invocation patterns
Output format (add third column to Skills table):
| Skill | Purpose | Sub-workflows |
| ---------------- | --------------------------- | -------------------------------------------- |
| session-insights | Session transcript analysis | Current (default), Batch, Issues |
| audit | Framework governance | Full audit (default), Session effectiveness |
| tasks | Task lifecycle | View/archive/create (default), Email capture |
Rules:
- Mark default workflow with "(default)"
- List workflows in order they appear in SKILL.md
- If only one workflow exists, leave sub-workflows column as "—"
- Extract workflow names from
## Workflow: Xheaders orworkflows/*.mdfilenames
Phase 8: Persist Report (MANDATORY)
Every audit MUST save a written report to $ACA_DATA/projects/aops/audit/.
# Create directory if needed
mkdir -p "$ACA_DATA/projects/aops/audit"
# Generate timestamped filename (format: YYYY-MM-DD-HHMMSS-audit.md)
REPORT_PATH="$ACA_DATA/projects/aops/audit/$(date +%Y-%m-%d-%H%M%S)-audit.md"
Use the Write tool to save the complete audit report (see Report Format below) to $REPORT_PATH.
Report file MUST include:
- YAML frontmatter with date, duration, and summary stats
- All phase results from Phase 0-7
- Clear pass/fail status for each validation criterion
After writing, confirm: Audit report saved to: [path]
Phase 9: Create Tasks for Actionable Findings
Create tasks for findings that require human action.
For each finding from Phases 0-7 that requires action:
- Classify finding type using the mapping below
- Create task with appropriate metadata via tasks MCP
- Track task IDs for summary
Finding Type → Issue Mapping
| Finding Type | Priority | Issue Type | Labels |
|---|---|---|---|
| Broken wikilinks | P2 | bug | audit,documentation |
| Orphan files | P3 | chore | audit,cleanup |
| Skill >500 lines | P2 | chore | audit,refactor |
| Explanatory content in skill | P2 | chore | audit,refactor |
| Missing from INDEX.md | P3 | chore | audit,documentation |
| Orphan instruction (no enforcement-map.md trace) | P2 | bug | audit,governance |
| README.md flowchart drift | P2 | bug | audit,documentation |
| Hook→Axiom mismatch | P2 | bug | audit,governance |
Task Creation Pattern
mcp__plugin_aops-core_tasks__create_task(
title="[Finding Type]: [specific details]",
type="task",
priority=[2|3],
tags=["audit", "[category]"],
body="[context from audit]"
)
Skip Conditions
Do NOT create issues for:
- Regenerated indices (Phase 6 actions) - already handled
- Pass status findings - no action needed
- Justified files (Phase 4) - no action needed
- Implicit files (Phase 4) - acceptable, no action needed
Output Summary
After creating tasks, add to audit report:
### Tasks Created
Created N tasks:
- ns-xxx: Broken wikilink: [[foo.md]] in bar.md
- ns-yyy: Orphan file: docs/old.md
- ns-zzz: Skill over limit: skills/big/SKILL.md
Report Format
See [[references/report-format]] for the complete report template and validation criteria.