Run a full spec-code audit on the Cathedral codebase. Use after build waves, major refactors, or when spec-code drift is suspected. Produces forward audit (s...
--- name: cathedral-audit description: Run a full spec-code audit on the Cathedral codebase. Use after build waves, major refactors, or when spec-code drift is suspected. Produces forward audit (specs→code), reverse audit (code→specs), bug report, and prioritized fix plan. Drives execution of fixes through CC sessions. --- # Cathedral Audit A structured process for measuring and closing spec-code drift in the Cathedral C# codebase. ## When to Run - After a build wave (multiple features/refactors landed) - Before starting a new major feature (establish baseline) - When spec-code drift is suspected - Periodically as a health check (not on a calendar — trigger on events) ## Process Overview ``` 1. Forward Audit (specs → code) 2. Reverse Audit (code → specs) 3. Consolidation & Prioritization 4. Execution 5. Verification ``` ## Step 1: Forward Audit (Specs → Code) For each spec in `kitty-specs/`, compare what the spec says against what the code does. **Output per spec:** One of: - ✅ **Conformant** — code matches spec - ⚠️ **Divergent** — code exists but differs from spec - ❌ **Missing** — spec describes something not built **Deliverable:** `kitty-specs/000-project-context/spec-audit-YYYY-MM-DD.md` Use parallel CC agents (one per spec batch) for speed if memory allows. **On memory-constrained hosts (e.g., WSL2), run sequentially — two concurrent CC sessions will OOM.** Provide each agent read-only access. ## Step 2: Reverse Audit (Code → Specs) Scan all `.cs` files in `src/Cathedral.Core/` and `src/Cathedral.TestHarness/`. For each file/subsystem, determine: - Is it covered by a spec? - Does it match what the spec says? - Is it dead/orphaned code? **Output sections:** 1. **Executive Summary** — counts with delta from previous audit 2. **Unspecced Code** — files/subsystems with no spec coverage 3. **Architectural Divergences** — code takes a fundamentally different path than spec 4. **Code Exceeding Spec** — code has features the spec doesn't document 5. **Dead/Orphaned Code** — files with no callers or references 6. **Bugs Discovered** — runtime, data, or logic bugs found during review 7. **Comparison with Previous Audit** — what improved, what remains **Deliverable:** `kitty-specs/000-project-context/reverse-audit-YYYY-MM-DD.md` Use parallel CC agents (group files by directory/subsystem) for speed if memory allows. **Run sequentially on memory-constrained hosts.** ## Step 3: Consolidation & Prioritization Merge findings from both audits into a prioritized action plan: | Priority | Category | Criteria | |----------|----------|----------| | **P0** | Bug fixes | Runtime impact — broken endpoints, data corruption, crashes | | **P1** | Dead code removal | Safe deletes that reduce confusion and LOC | | **P2** | Data quality fixes | Dropped data, wrong defaults, double-logging | | **P3** | Spec coverage | Write new specs for unspecced code (no code changes) | | **P4** | Spec accuracy | Update existing specs to document code-exceeding-spec features | | **P5** | Mechanical refactors | Renames, wiring, entity-scoping completion | | **P6** | Architectural gaps | V2 features where code diverges from spec by design (defer) | **Rules:** - Bugs always get their own section with severity ratings - "Code exceeding spec" = spec update, not code change - Architectural divergences that are intentionally deferred (V2 work) go to P6 and are documented but not actioned - Each priority level should be achievable in a single CC session **Deliverable:** Recommendations section in the reverse audit report. ## Step 4: Execution Execute fixes by priority tier (P0 first, P6 last or deferred). **Per priority tier:** 1. **Log intent** to `memory/YYYY-MM-DD.md` — tier name, CC session name, what's being attempted 2. Write a task briefing for CC (see `references/cc-task-template.md`) 3. Launch CC session: `cat /tmp/task.md | claude -p --allowedTools 'Edit,Write,Read,Bash'` 4. Set up monitoring cron (every 5 min) 5. When CC completes: **log results** to daily memory — files changed, what was done, any issues 6. **Verify build before committing** — `dotnet build` must pass 7. If CC gets killed (OOM): check `git diff --stat`, verify build manually, fix any issues, log the incident 8. Commit with descriptive message referencing the priority tier 9. **Log commit hash** to daily memory **Hard rules:** - ⚠️ **ALWAYS verify `dotnet build` passes before committing.** No exceptions. CC may get OOM-killed mid-build-check. - ⚠️ **ALWAYS log to daily memory file at every step.** Log intent before launch, results after completion, commit hash after commit. If the session dies, the log survives for recovery. - One commit per priority tier (or logical grouping) **Logging template for daily memory:** ```markdown ## [Priority Tier Name] - CC session: [name] (launched ~HH:MM CST) - Task: [brief description] - Status: [RUNNING | ✅ COMPLETE | ❌ FAILED | ⚠️ KILLED] - Files changed: [count] - Key actions: [what was done] - Issues: [any problems encountered] - Committed as [hash] ``` ## Step 5: Verification After all tiers are complete, optionally run a quick re-audit to measure improvement: - Compare counts: unspecced, divergent, dead code, bugs - Verify delta matches expectations - Document remaining gaps and whether they're P6/deferred or newly discovered **Deliverable:** Updated audit files with comparison section. ## Logging Every audit produces a complete trail in `memory/YYYY-MM-DD.md`: - **Audit launch** — which audits are being run, baseline reference - **Audit results** — summary counts, key findings - **Each priority tier** — intent, CC session, results, issues, commit hash - **Final summary** — total commits, total lines changed, what's resolved vs deferred This is non-negotiable. The Feb 17-18 amnesia incident proved that unlogged work is lost work. Log-then-act: write what you're about to do BEFORE doing it, then update with results. ## Baseline Tracking Always compare against the previous audit. Store audits as: ``` kitty-specs/000-project-context/ spec-audit-YYYY-MM-DD.md (forward) reverse-audit-YYYY-MM-DD.md (reverse) ``` The executive summary table with deltas is the key metric: ```markdown | Category | Previous | Current | Delta | |----------|----------|---------|-------| | Unspecced Code | 38 | 24 | -14 | | Divergences | 12 | 7 | -5 | | Dead Code | 14 | 8 | -6 | | Bugs | 0 | 8 | +8 | | Conformant | ~60 | ~120 | +60 | ``` ## CC Task Briefing Template See `references/cc-task-template.md` for the standard format for CC task briefings.
don't have the plugin yet? install it then click "run inline in claude" again.
added detailed inputs section with system constraints and host-specific guidance, explicit decision points for memory constraints and failure modes, structured output contract with file formats and locations, and outcome signals tying audit completion to build verification and memory trail.
cathedral-audit measures and closes spec-code drift in the Cathedral C# codebase through a two-pass audit system. forward audit (specs→code) checks whether code implements what specs say. reverse audit (code→specs) finds unspecced code, orphaned files, and bugs. output is a prioritized fix plan executed via CC sessions with continuous logging. run this after build waves, major refactors, when drift is suspected, or as a periodic health check triggered by events (not a calendar).
codebase locations:
kitty-specs/ directory (all .md spec files)src/Cathedral.Core/ and src/Cathedral.TestHarness/ (all .cs files)kitty-specs/000-project-context/spec-audit-*.md and reverse-audit-*.md (for delta comparison)execution environment:
dotnet build functional-p (piped input) flag and access to Edit, Write, Read, Bash toolsmemory/YYYY-MM-DD.md (create if missing)references/cc-task-template.mdcc agent access:
kitty-specs/ and src/ directoriessystem constraints:
external dependencies:
step 1: forward audit (specs→code)
1a. input: read all .md files in kitty-specs/.
1b. for each spec, assign to a cc agent (batch by directory if running parallel, or queue sequentially on constrained hosts).
1c. cc agent compares spec text against code implementation in src/Cathedral.Core/ and src/Cathedral.TestHarness/.
1d. output per spec: one status line:
kitty-specs/000-project-context/spec-audit-YYYY-MM-DD.md with brief evidence per spec.
1f. input to next step: completed forward audit file.step 2: reverse audit (code→specs)
2a. input: all .cs files from src/Cathedral.Core/ and src/Cathedral.TestHarness/. group by directory/subsystem for parallel batching.
2b. for each code file/subsystem, cc scans for:
reverse-audit-*.md.kitty-specs/000-project-context/reverse-audit-YYYY-MM-DD.md.
2e. input to next step: completed reverse audit file.step 3: consolidation and prioritization
3a. input: spec-audit-YYYY-MM-DD.md, reverse-audit-YYYY-MM-DD.md, and the bugs/findings section.
3b. merge all findings into a single action plan. categorize by priority tier (see decision points).
3c. output: write recommendations section into the reverse audit report (append to file created in step 2).
3d. rules:
step 4a: execution setup (per priority tier)
4a-i. before launching cc: write intent log to memory/YYYY-MM-DD.md. format:
## [Priority Tier Name]
- CC session: [name] (launched ~HH:MM CST)
- Task: [brief description]
- Status: RUNNING
- Files changed: [pending]
- Key actions: [pending]
- Issues: [none yet]
- Committed as: [pending]
4a-ii. read references/cc-task-template.md and write task briefing to /tmp/task.md. include priority tier, files to change, acceptance criteria.
4a-iii. input to next step: task briefing and memory log created.
step 4b: execution launch
4b-i. launch cc: cat /tmp/task.md | claude -p --allowedTools 'Edit,Write,Read,Bash'
4b-ii. set up monitoring: run cron or loop to check process every 5 min. watch for oom, timeout, or completion.
4b-iii. input: cc session running. output: cc produces edited files and status.
step 4c: execution completion
4c-i. when cc reports done: run dotnet build in the repo root. output: build log.
4c-ii. check build result. if build fails:
git diff --stat to see what changed.git checkout and re-run cc.git diff --stat to confirm file count matches intent. output: stat report.
4c-iv. update memory log with results:## [Priority Tier Name]
- CC session: [name] (launched ~HH:MM, completed ~HH:MM CST)
- Task: [description]
- Status: ✅ COMPLETE
- Files changed: [count from diff --stat]
- Key actions: [what cc actually did]
- Issues: [any problems]
- Committed as: [pending]
4c-v. input to next step: passing build and git diff report.
step 4d: execution commit
4d-i. compose commit message referencing priority tier: [P<N>] [tier name]: [brief description]. example: [P0] Bug fixes: fix double-logging in AuthService, resolve OOM in CacheManager.
4d-ii. run: git add -A && git commit -m "[P<N>] [message]". output: commit hash.
4d-iii. log commit hash to memory file: update "Committed as [hash]" line.
4d-iv. input to next step: committed tier.
step 5: verification (optional, after all tiers complete)
5a. input: all tier commits and previous audit for comparison. 5b. optionally re-audit selected categories to measure improvement (not required if audits are recent). 5c. compare counts: unspecced, divergent, dead code, bugs. 5d. verify delta matches expectations from consolidation plan. 5e. output: updated audit comparison section documenting improvement and any remaining gaps. 5f. log summary to memory file:
## Final Summary
- Total commits: [count]
- Total lines changed: [from git log]
- P0-P5 resolved: [count]
- P6 deferred: [count]
- New gaps discovered: [list or none]
if host is memory-constrained (wsl2, < 8gb ram):
if previous audit exists in kitty-specs/000-project-context/:
if build fails after cc execution:
git diff --name-only to see what changed.git checkout -- . and re-run cc with smaller file batches.dotnet build passes.if cc session gets killed (oom, timeout, or crash):
git diff --stat to confirm what was written.dotnet build to see if partial changes broke the build.git checkout -- . and assess whether to retry or skip this tier.if a bug is discovered during reverse audit but has low severity (e.g., cosmetic):
if code exceeds spec (features not documented in spec):
if architectural divergence exists but is intentional (deferred to v2):
forward audit file (spec-audit-YYYY-MM-DD.md):
kitty-specs/000-project-context/spec-audit-YYYY-MM-DD.md.reverse audit file (reverse-audit-YYYY-MM-DD.md):
kitty-specs/000-project-context/reverse-audit-YYYY-MM-DD.md.recommendations section (appended to reverse audit):
reverse-audit-YYYY-MM-DD.md at end of step 3.memory file (memory/YYYY-MM-DD.md):
memory/YYYY-MM-DD.md (create if missing).git commits:
[P<N>] [tier name]: [description]. example: [P0] Bug fixes: AuthService double-logging, CacheManager OOM.dotnet build.build state:
dotnet build must return exit code 0 before any commit.audit is successful when:
kitty-specs/000-project-context/ with today's date.memory/YYYY-MM-DD.md contains complete execution trail from launch through final summary.execution (step 4) is successful when:
dotnet build passes after each commit.you know it worked because:
git diff <last-main-commit>..HEAD --stat shows files changed per tier.