workflow-compliance-audit

Systematic audit of whether agents are following established workflows — cross-review, plan approval, TDD compliance, and document intelligence status.

5 stars

Best use case

workflow-compliance-audit is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Systematic audit of whether agents are following established workflows — cross-review, plan approval, TDD compliance, and document intelligence status.

Teams using workflow-compliance-audit should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/workflow-compliance-audit/SKILL.md --create-dirs "https://raw.githubusercontent.com/vamseeachanta/workspace-hub/main/.agents/skills/coordination/workflow-compliance-audit/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/workflow-compliance-audit/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How workflow-compliance-audit Compares

Feature / Agentworkflow-compliance-auditStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Systematic audit of whether agents are following established workflows — cross-review, plan approval, TDD compliance, and document intelligence status.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

# Workflow Compliance Audit

Audit whether agents are following established workflows (plan review, cross-review, TDD, document intelligence) by examining git history, review artifacts, session data, and intelligence pipelines.

## What Gets Audited

| Area | What to Check | Evidence Sources |
|------|-------------|------------------|
| **Cross-Review** | Are engineering commits getting reviewed? | `scripts/review/results/`, git log |
| **Plan Review** | Are plans written and approved before implementation? | Issue comments, `.planning/` files |
| **TDD Compliance** | Are tests written before implementation? | Commit order, test file timestamps |
| **Doc Intelligence** | Is the document index healthy and current? | `data/document-index/index.jsonl`, `standards-transfer-ledger.yaml` |
| **Resource Intelligence** | Is the resource maturity tracker being updated? | `data/document-index/resource-intelligence-maturity.yaml` |
| **Session Governance** | Any runaway sessions, bypass patterns? | Session logs, bypass logs |

## Audit Procedure

### 1. Cross-Review Status

Check `scripts/review/results/` for recent artifacts:
```
ls -lt scripts/review/results/ | head -15
```
- Find the date of the most recent review artifact
- Count engineering commits since that date
- Calculate review compliance rate: reviews / engineering_commits

**Engineering commits** = commits with `feat:`, `fix:`, `refactor:` prefixes that touch `digitalmodel/`, `worldenergydata/`, `assetutilities/`, or have `cat:engineering` labels.

### 2. Plan Review Compliance

Check if engineering issues had plans before implementation:
```
gh issue list --state open --label cat:engineering --json number,title | python3 -c "..."
```
- For recent engineering commits, check if the referenced issue had a plan comment before the implementation commit date
- Check `.planning/` for phase plans that were approved

### 3. Document Intelligence Health

Check the primary index file:
```
wc -l data/document-index/index.jsonl
python3 -c "import json; d=json.loads(open('data/document-index/index.jsonl').readline()); print(d.get('summary_done'), d.get('content_type'))"
```
- Total records count
- Sample a few records - check if `summary_done` and `content_type` fields are populated
- **Verify index metadata coverage** (post #1878): `content_type` should be populated for 100% of records; `summary_done=True` for ~16% (the rest are mostly CAD files). If either coverage has regressed, run `scripts/data/document-index/validate-index-metadata.py` — exit 1 indicates a regression. `online-resource-registry.yaml` and `standards-transfer-ledger.yaml` remain useful for curated engineering lookups.
- Conference papers indexed? Check `conference-index-batch.jsonl`

### 4. Resource Intelligence Status

Read `data/document-index/resource-intelligence-maturity.yaml`:
- Documents marked read: count and percentage
- Target: typically >80% within 3 months
- Key calculations implemented: list with percentages
- Check the `generated` field — is the tracker being updated or is it stale?

### 5. Bypass Pattern Analysis

Check for agents bypassing established gates:
```
grep -r "SKIP_REVIEW_GATE\|GIT_PRE_PUSH_SKIP\|skip.*plan\|bypass" logs/ docs/handoffs/ 2>/dev/null
```
- Count bypass events
- Check if bypasses are justified or habitual

## Expected Output

Structured audit report with:
- **Status**: HEALTHY | WARNING | CRITICAL for each area
- **Evidence**: Specific dates, commit hashes, file paths
- **Trend**: Improving | Stable | Declining (if historical data available)
- **Action Items**: What needs fixing

## Example Finding Format

```
## Cross-Review: CRITICAL
Last review artifact: Apr 2 (one Codex retroactive review)
Prior review cluster: Mar 24
542 commits since reviews stopped
Compliance rate: ~0.2%
```

## Pitfalls

- **Session signals directory**: `.Codex/state/session-signals/` may have stale data. The `check_claude_usage.sh` script may never have run, so generated log files don't exist.
- **Hermes sessions**: Not tracked in the same way as Codex sessions. Check `~/.hermes/sessions/` for Hermes-specific data.
- **Auto-sync noise**: `chore(sync): auto-sync` commits inflate total commit counts. Filter these out.
- **Review artifacts vs review execution**: Having review files in `scripts/review/results/` doesn't mean the review was performed — check file sizes and content. Some artifacts are empty or contain only error messages.
- **Document index vs registry**: The index.jsonl is NOT the same as the online-resource-registry.yaml or standards-transfer-ledger.yaml. The index tracks all documents (647K+), while registries track specific collections.
- **Resource maturity YAML vs Markdown**: The YAML is authoritative, the Markdown is generated. Always check the YAML for current state.

## Related

- `engineering-issue-workflow` skill — the workflow being audited
- `hermes-workflow-audit` — cron and agent health specifically
- Issue #1839 — workflow hard-stops and session governance
- Issue #1515 — AI review routing policy

Related Skills

llm-wiki-audit-feedback-loop

5
from vamseeachanta/workspace-hub

Durable feedback loop for correcting llm-wiki pages without losing the correction to chat history. Use when (1) a human notices a wiki page is wrong, outdated, or contradicts a source, (2) processing the `audit/` inbox of a domain wiki, (3) reviewing what feedback has been resolved vs deferred, (4) needing to leave a comment on a specific text range that survives line- number drift. Implements the anchored-text audit file pattern from lewislulu/llm-wiki-skill, adapted for workspace-hub's domain-wiki layout under /mnt/local-analysis/llm-wiki/wikis/<domain>/. Extends the 5-op model (compile/ingest/query/lint) from research/llm-wiki with the missing `audit` op. Never silently delete feedback — rejected audits stay archived with rejection rationale.

digitalmodel-orcawave-orcaflex-proof-workflows

5
from vamseeachanta/workspace-hub

Class-level digitalmodel OrcaWave/OrcaFlex readiness, semantic-proof, fixture-proof, and closeout workflows.

pre-completion-cleanup-audit

5
from vamseeachanta/workspace-hub

Audit and dispose of session residue (orphan files, scratch dirs, sibling-repo state, locks, trash-stages) BEFORE claiming a task complete. Required gate before any agent says "all done", "task complete", or hands work back to user/orchestrator.

repo-mission-portfolio-audit

5
from vamseeachanta/workspace-hub

Audit the workspace-hub repo portfolio to extract each repo's mission, identify documentation gaps, and prioritize a plan/approval sequence with explicit LLM-wiki weighting for future issue triage.

provider-session-ecosystem-audit-and-exporters

5
from vamseeachanta/workspace-hub

Build and maintain cross-provider session-log audits for Codex, Codex, Hermes, and Gemini, including exporter design, normalization, and behavioral verification.

orcawave-orcaflex-readiness-audit

5
from vamseeachanta/workspace-hub

Audit the real readiness of digitalmodel OrcaWave/OrcaFlex spec-driven workflows by reconciling workspace-hub issues, source/tests, semantic-equivalence boundaries, and wiki synthesis gaps.

read-only-pre-implementation-audit

5
from vamseeachanta/workspace-hub

Systematic cross-check workflow to validate assumptions before TDD coding begins

portable-pattern-verification-workflow

5
from vamseeachanta/workspace-hub

Multi-package implementation with verification strategy for cross-platform configuration hardening

plan-gated-issue-validation-workflow

5
from vamseeachanta/workspace-hub

Systematic validation pattern for plan-approved GitHub issues with pre-existing deliverables

multi-year-tax-filing-verification-workflow

5
from vamseeachanta/workspace-hub

Verify and reconcile complex multi-form tax filings by cross-referencing source documents, identifying data dependencies, and validating line-by-line against authoritative records.

multi-file-tax-reconciliation-workflow

5
from vamseeachanta/workspace-hub

Systematic parallel review and reconciliation of multi-document tax filings with cross-reference validation

metadata-only-wiki-sweep-workflow

5
from vamseeachanta/workspace-hub

Disciplined inventory process for cataloging documents by filename/path without content claims, using parent-centric grouping to prevent stub proliferation