Audit — .agents/skills/colibri-verification/SKILL.md body rewrite
A persistent hygiene gap surfaced across multiple rounds of MEMORY.md (“colibri-verification/SKILL.md body rewrite outstanding”). The R76.H2 top-of-file Phase 0 reality stamp landed, but the body itself never received a full reconcile against the shipped 14-tool surface. R82.K subsequently rewrote the HERITAGE note and Phase Acceptance Criteria tables in place; this round’s audit confirms the file’s current drift surface against the task brief and identifies the four content gaps still remaining.
1. File under audit
.agents/skills/colibri-verification/SKILL.md— CANON skill (perCLAUDE.md §9.2,.agents/zone is CANON forskills/).- 297 lines, 2151 words at the start of this round (commit
86e430fb). - Mirror at
.claude/skills/colibri-verification/SKILL.md(MIRROR zone) — out of scope per task constraint #7; resync is a separate task.
2. Donor-tool-name sweep — current state
The R82.K rewrite already removed code-literal donor-name strings from the body. The full sweep against the donor-pattern set named in the task brief (roadmap_*, unified_*, gsd_*, context_*, memory_*, thought_plan, thought_decide, task_eisenhower, task_deps, task_create_batch, task_link_roadmap, audit_session_set_context, unified_backup, merkle_attest, audit_session_end, task_transition, server_info, server_shutdown, rag_*) yields one match:
| Line | Match | Status |
|---|---|---|
| 20 | “Phase 0 has no analysis / RAG / resume surfaces, and no server_info / server_shutdown.” |
Correctly framed as “what is NOT in Phase 0” — within a HERITAGE note. Keep. |
So the donor-tool-name removal is already complete from R82.K. No code-literal donor names remain in the body.
3. Content gaps against the task acceptance criteria
The task brief (Acceptance Criteria #4, #5) requires references the current body does NOT carry:
| Criterion | Required content | Present in current body? |
|---|---|---|
| AC #4 | Cite writeback hard-block at src/domains/tasks/writeback.ts:97 |
No. §Pre-Execution / §Post-Execution refer to writeback as a checklist item but never name the live-code guard. CLAUDE.md §7 names the guard; this skill should mirror it. |
| AC #4 | Cite chain verifier at src/domains/trail/verifier.ts:119 |
No. §VERIFY Acceptance Criteria mentions audit_verify_chain as a tool but does not anchor it in the verifier’s verifyChain() implementation. |
| AC #5 | Honest acknowledgement that thought_record does NOT accept session_id in Phase 0, so merkle_finalize(session_id) may return zero records |
No. The body shows a verifyCompletion(sessionId, ...) example that calls thought_record({session_id: ..., type, content}) — but the live ThoughtRecordToolInputSchema (at src/domains/trail/repository.ts:114-119) does not include session_id. The example pretends the gap doesn’t exist. |
| AC #5 | Reference ADR-007 (Proposed) as the resolution path for the session_id gap |
No. ADR-007 does not yet exist in docs/architecture/decisions/; the task brief calls it Proposed. Skill should reference it as the Proposed resolution, not as a shipped artifact. |
| AC #6 | Refresh top-of-file reality stamp with this round’s body work | No. The R76.H2 stamp is preserved; an R82.K stamp was added in the trailing italic note; this round’s update needs a third stamp. |
4. Live-code citations needed
Confirmed at this worktree’s tip (86e430fb):
| Citation | File | Line | Function/symbol |
|---|---|---|---|
| Writeback hard-block | src/domains/tasks/writeback.ts |
97 | enforceWriteback(db, taskId) — throws WritebackRequiredError when thought_records.task_id count is 0 (lines 101-113). |
| Hard-block call site | src/domains/tasks/repository.ts |
475 | inside updateTask, label “P0.3.3: block status→DONE without a ζ thought_record” (already in CLAUDE.md §7 — consistent). |
| Chain verifier | src/domains/trail/verifier.ts |
119 | verifyChain(records) — walks records validating computeHash(record) === record.hash AND record.prev_hash === records[i-1].hash (lines 130-138). |
thought_record MCP input schema |
src/domains/trail/repository.ts |
114-119 | CreateThoughtRecordInputSchema = z.object({ type, task_id, agent_id, content }). No session_id. |
merkle_finalize query |
src/tools/merkle.ts |
296-300 | SELECT hash FROM thought_records WHERE session_id = ? ORDER BY rowid ASC. |
| DB column reality | src/db/migrations/006_eta.sql |
14-15, 54 | “thought_records.session_id (nullable TEXT) … Existing rows get NULL; P0.7.2 API does not read it.” |
Net implication: the column exists at the DB layer, but the MCP tool does not write it. Calling merkle_finalize(session_id="X") after thought_record({task_id, ...}) yields NoThoughtRecordsError because every thought_records row has NULL session_id. This is the gap ADR-007 (Proposed) would address.
5. Frontmatter audit
Frontmatter (name, description) is canonical and stable:
name: colibri-verification
description: "Colibri verification checklists for pre-execution, execution, and post-execution phases. Greek: η (eta) — Proof Store, π (pi) — Verifier. Use when verifying task readiness, execution safety, and completion proof. Provides acceptance criteria for all Phase 0 executor chain phases on the 14-tool surface."
Two fields, both quoted-string compatible with gray-matter. No version or updated field exists in the current frontmatter — the skill follows the name/description-only convention shared by every colibri-* skill in the corpus. Task brief permits a semver bump but, per the existing convention across 22 skills, adding a version field would itself be a drift introduction. Decision: leave frontmatter unchanged (criterion #1 — preserved); body changes are stamped via the trailing italic note.
6. Body sections — disposition map
| Section | Lines | Disposition |
|---|---|---|
| Top header + reality stamp | 6-9 | Refresh. Add this round’s stamp after the R76 line (or merge inline). |
| HERITAGE note (post-R82.K) | 11-21 | Keep. Already prose-form, factually correct, no donor-literal strings. |
| Quick Reference table | 24-37 | Keep. Pure navigation. |
| Pre-Execution Readiness Checklist | 40-69 | Augment. Add a one-line note at “Audit Session” pointing at the writeback hard-block as the runtime gate, with file:line citation. |
| Execution Safety Checklist | 72-101 | Keep. Tool references already 14-surface. |
| Post-Execution Completion Checklist | 104-138 | Augment. “Task status updated” is the trigger for the writeback hard-block — cite it with file:line. |
| Phase Acceptance Criteria (GATHER…CLOSE) | 141-223 | Keep. All tool references already 14-surface. The VERIFY row should pick up a verifier.ts:119 citation. |
| Verification Tools Quick Reference (code block) | 227-259 | Augment. Add a Phase 0 reality note acknowledging the session_id gap; convert the example to either (a) accept the gap explicitly, or (b) show the Phase 0 reality (no session_id in thought_record call) with a TODO/ADR-007 marker. |
| Common Verification Failures | 263-273 | Augment. Add one row covering the merkle_finalize zero-records failure mode that arises from the session_id gap. |
| Integration with Tier-1 Chains | 276-284 | Keep. Reference-only. |
| See Also | 288-293 | Keep / extend. Add a pointer to docs/agents/writeback-protocol.md and to ADR-007 (Proposed). |
| Trailing italic stamp | 297 | Replace. Append this round’s reconcile note. |
7. Out-of-scope
.claude/skills/colibri-verification/SKILL.md— MIRROR zone, do not touch (criterion #7).- Other
colibri-*skills (criterion: “DO NOT touch other skills”). CLAUDE.md,AGENTS.md,colibri-system.md(task constraint).- ADR-007 itself — task brief notes it as Proposed; this skill references it but does not author it.
- Source code edits — task is doc-only; npm gates run as a no-op safety check.
8. Risks
- The
verifyCompletionJS example currently showsthought_record({session_id: ...}). Rewriting it to match shipped reality is the honest move but creates a documentation precedent that other skills (which copy-paste this snippet) will diverge from. Mitigation: keep the example correct + add an inline// TODO ADR-007:comment so other skills know there is a Proposed unification. - Adding live-code line citations creates a maintenance burden if those lines move. Mitigation: the same citation already lives in CLAUDE.md §7; this skill is mirroring a canonical citation, not introducing a new one.