provider-audit-bootstrap-and-path-classification
Fix provider-session ecosystem audit failures caused by source-checkout imports and over-aggressive symbolic-path classification.
Best use case
provider-audit-bootstrap-and-path-classification is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Fix provider-session ecosystem audit failures caused by source-checkout imports and over-aggressive symbolic-path classification.
Teams using provider-audit-bootstrap-and-path-classification should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/provider-audit-bootstrap-and-path-classification/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How provider-audit-bootstrap-and-path-classification Compares
| Feature / Agent | provider-audit-bootstrap-and-path-classification | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Fix provider-session ecosystem audit failures caused by source-checkout imports and over-aggressive symbolic-path classification.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Provider session audit: source-checkout bootstrap + read classification repair
Use when `scripts/analysis/provider_session_ecosystem_audit.py` or its cron wrapper fails in a repo checkout, or when the audit misclassifies repo paths as symbolic reads.
## When to use
- `bash scripts/cron/provider-session-ecosystem-audit.sh` fails with `ModuleNotFoundError: No module named 'workspace_hub'`
- the audit works in pytest/importlib contexts but fails from the wrapper or shell
- slash-delimited paths such as `scripts/hooks/post-merge` or `.Codex/work-queue/WRK-149.md` are being counted as symbolic instead of repo paths
- Codex symbolic-read output looks suspicious while missing-repo counts look artificially low
## Symptoms
- Wrapper log shows:
- `ModuleNotFoundError: No module named 'workspace_hub'`
- `scripts/analysis/provider_session_ecosystem_audit.py` imports `workspace_hub.workstations.resolver`
- `tests/conftest.py` makes pytest pass by inserting `src/` into `sys.path`, masking the runtime failure
- Audit output shows false symbolic reads for paths that should be repo-relative missing paths
## Root causes
1. The audit script may insert only `REPO_ROOT` into `sys.path`, but the importable package actually lives under `src/workspace_hub`.
2. The wrapper may invoke `uv run --no-project python ...` in a source checkout without exporting `PYTHONPATH=$REPO_ROOT/src`.
3. `classify_read_target()` may treat any slash-delimited symbolic-looking string as symbolic when the real first path component exists in the repo.
## Fix pattern
### 1. Bootstrap imports inside the script
At the top of `scripts/analysis/provider_session_ecosystem_audit.py` ensure both roots are added:
```python
REPO_ROOT = Path(__file__).resolve().parents[2]
SRC_ROOT = REPO_ROOT / "src"
if str(SRC_ROOT) not in sys.path:
sys.path.insert(0, str(SRC_ROOT))
if str(REPO_ROOT) not in sys.path:
sys.path.insert(0, str(REPO_ROOT))
```
Why:
- direct shell execution needs `src/`
- keeping `REPO_ROOT` also preserves access to sibling script modules like `scripts.bash_command_prefixes`
### 2. Harden the wrapper for source checkouts
In `scripts/cron/provider-session-ecosystem-audit.sh`, before calling Python:
```bash
export PYTHONPATH="${REPO_ROOT}/src${PYTHONPATH:+:${PYTHONPATH}}"
uv run --no-project python scripts/analysis/provider_session_ecosystem_audit.py "$@" \
>> "${LOG_FILE}" 2>&1
```
Why:
- the wrapper should work from cron/non-pytest contexts
- this avoids relying on an editable install or ambient shell state
### 3. Repair slash-path classification
In `classify_read_target()` keep truly symbolic slash names symbolic only when the repo does not contain the first path component and the candidate path does not exist.
Use this rule:
```python
if SYMBOLIC_SLASH_NAME_RE.fullmatch(text):
first_component = text.split("/", 1)[0]
candidate = repo_root / text
if not text.startswith(".") and not safe_exists(repo_root / first_component) and not safe_exists(candidate):
return text, "symbolic", False
```
Effect:
- `coordination/workspace/repo-capability-map` remains symbolic when the repo has no `coordination/`
- `scripts/hooks/post-merge` becomes a repo path if `scripts/` exists
- `.Codex/work-queue/WRK-149.md` becomes a repo path instead of a symbolic read
## Regression tests to add
### Wrapper test
Update `tests/cron/test_provider_session_ecosystem_audit_wrapper.py` to assert the wrapper exports `PYTHONPATH="${REPO_ROOT}/src...`.
### Script bootstrap test
Add a test in `tests/analysis/test_provider_session_ecosystem_audit.py` asserting the script text contains:
- `REPO_ROOT / "src"`
- `sys.path.insert(0, str(SRC_ROOT))`
### Classification tests
Add tests proving:
- `scripts/hooks/post-merge` is classified as `repo` when `scripts/` exists
- `.Codex/work-queue/WRK-149.md` is classified as `repo` when `.Codex/` exists
- true symbolic names like `coordination/workspace/repo-capability-map` remain `symbolic`
## Verification sequence
Run all of these:
```bash
uv run pytest tests/analysis/test_provider_session_ecosystem_audit.py tests/cron/test_provider_session_ecosystem_audit_wrapper.py -q
bash scripts/cron/provider-session-ecosystem-audit.sh
env -u PYTHONPATH uv run --no-project python scripts/analysis/provider_session_ecosystem_audit.py > /tmp/provider-session-audit-smoke.out
uv run --no-project python scripts/cron/validate-schedule.py
```
Expected:
- pytest passes
- wrapper exits 0
- direct source-checkout smoke run succeeds even without inherited `PYTHONPATH`
- schedule validation remains green
## Operational impact
- Fixes false wrapper failures in cron/source checkout environments
- Makes Codex symbolic-read output more trustworthy
- Prevents repo-missing-path debt from being hidden behind over-broad symbolic classification
- Produces a more accurate stale-path remediation report for follow-on issue creation
## Pitfalls
- pytest may already pass because `tests/conftest.py` inserts `src/`; do not treat that as proof the wrapper is healthy
- do not classify all slash-delimited names as symbolic; check whether the repo owns the first path component
- keep `docs/ops/legacy-Codex-reference-map.md` and historical audit reports separate from current instructional surfaces when acting on stale-path findingsRelated Skills
llm-wiki-audit-feedback-loop
Durable feedback loop for correcting llm-wiki pages without losing the correction to chat history. Use when (1) a human notices a wiki page is wrong, outdated, or contradicts a source, (2) processing the `audit/` inbox of a domain wiki, (3) reviewing what feedback has been resolved vs deferred, (4) needing to leave a comment on a specific text range that survives line- number drift. Implements the anchored-text audit file pattern from lewislulu/llm-wiki-skill, adapted for workspace-hub's domain-wiki layout under /mnt/local-analysis/llm-wiki/wikis/<domain>/. Extends the 5-op model (compile/ingest/query/lint) from research/llm-wiki with the missing `audit` op. Never silently delete feedback — rejected audits stay archived with rejection rationale.
pre-completion-cleanup-audit
Audit and dispose of session residue (orphan files, scratch dirs, sibling-repo state, locks, trash-stages) BEFORE claiming a task complete. Required gate before any agent says "all done", "task complete", or hands work back to user/orchestrator.
repo-mission-portfolio-audit
Audit the workspace-hub repo portfolio to extract each repo's mission, identify documentation gaps, and prioritize a plan/approval sequence with explicit LLM-wiki weighting for future issue triage.
provider-session-ecosystem-audit-and-exporters
Build and maintain cross-provider session-log audits for Codex, Codex, Hermes, and Gemini, including exporter design, normalization, and behavioral verification.
orcawave-orcaflex-readiness-audit
Audit the real readiness of digitalmodel OrcaWave/OrcaFlex spec-driven workflows by reconciling workspace-hub issues, source/tests, semantic-equivalence boundaries, and wiki synthesis gaps.
read-only-pre-implementation-audit
Systematic cross-check workflow to validate assumptions before TDD coding begins
python-import-path-mismatch-debugging
Diagnose and fix ModuleNotFoundError when a package is installed but imports still fail due to environment/path mismatches
python-import-path-debugging
Diagnose ModuleNotFoundError when a package is installed but still fails to import
boundary-policy-classification-by-role
Classify artifacts as durable vs transient by their functional role rather than directory path, using multi-layer architectural validation
learned-git-worktree-hook-path-and-real-hook-shape-review
Catch hook-installation and governance bugs that only appear in linked git worktrees or against the real generated hook shape, not simplified test fixtures.
overnight-worktree-uv-warmup-and-log-path-guardrails
Prevent false stalls and missing-log failures in overnight Codex worktree batches by pre-warming uv environments, using exact log-path directory creation, and interpreting buffered logs correctly.
gtm-site-readiness-audit-local-vs-production
Audit GTM feature work by separating local artifact readiness from production deployment state, then fix common blockers in aceengineer-website and GTM collateral.