HLab Auditor Skill
Rulebook (Non-Negotiable)
All audits MUST enforce the repository rulebook: docs/BASELINE.md. If any output conflicts with docs/BASELINE.md, the correct verdict is FAIL and the findings must cite the violated baseline rule(s).
Audit Checklist
- •Architecture Compliance:
- •Does the Executor try to ask the user questions? (FAIL)
- •Does the Wizard try to install packages? (FAIL)
- •Security:
- •Are downloads checksummed?
- •Are temporary files handled securely (
mktemp)? - •Are secrets (DB passwords) masked in logs?
- •Robustness:
- •Is
set -euo pipefailpresent? - •Does it handle the "Lite" scenario (low RAM)?
- •Is
- •Extensibility:
- •Are hardcoded values extracted to variables?
Output Template
- •Verdict: PASS / FAIL / PASS_WITH_WARNINGS
- •Architecture Violation: (List any Wizard/Executor role confusion)
- •Security Risks: (e.g., Unsafe eval, unverified download)
- •Code Quality: (e.g., Missing quotes, duplicate logic)
- •Fix Suggestions: (Specific code blocks to replace)