Deterministic conformance checker for AUDIT.md agent-audit outputs — CyberSkill code-audit-framework
Project description
evals/ — regression gate for AUDIT.md
Every change to AUDIT.md must keep this suite green. The harness validates
agent outputs (a run's docs/BACKLOG.md + docs/HANDOFF.md) against the
machine-checkable subset of the protocol's rules, and proves each rule is
load-bearing by fault injection: a B* fixture plants a known fault set
(usually exactly one; B16 deliberately plants three to verify exact-set
reporting), and the validator must catch exactly that set — no more, no less.
A trap that stops tripping means a rule has silently died. G* fixtures are
the precision half: compliant-but-tricky outputs (negated prose, redaction
markers, adversarial formatting, minimal-valid) that must NOT trip anything —
the suite proves rules fire and don't over-fire.
Two checks make the rest load-bearing: TEMPLATE-NONCONFORMANT (output that
doesn't follow the Phase 2 template can no longer silently escape the other
tripwires — BS-12) and the CONFIG preflight (CONFIG-PLACEHOLDER /
CONFIG-BAD-ENUM, which also auto-loads PROTECTED_AREAS from the target's
AUDIT.md so R3 needs no --protected double entry — BS-13).
Files
| File | Role |
|---|---|
code_audit_validator.py |
The validator implementation. Zero dependencies (stdlib only); published to PyPI as code-audit-validator. |
validate.py |
Repo-side CLI shim over the module above — every documented python3 evals/validate.py … invocation goes through it. |
fixtures/ |
G* = compliant outputs that must pass. B* = fault-injection traps that must fail with declared codes. |
rules.json |
Rule registry: rule → AUDIT.md anchor → violation codes → fixtures proving it. Coverage gaps are declared honestly. |
baseline.json |
Last recorded matrix (fixture → outcome) pinned to an AUDIT.md version + sha256. |
run-evals.sh |
Runner; --record refreshes baseline.json. |
Commands
python3 evals/validate.py --all # full suite, human output
python3 evals/validate.py --all --json # machine-readable
./evals/run-evals.sh --record # run + pin baseline to current AUDIT.md
python3 evals/validate.py --run <dir> # validate a real run's docs/ output
python3 evals/validate.py --run <dir> --report json # structured findings export (schemas/report.v1.json)
python3 evals/validate.py --run <dir> --report sarif # GitHub code-scanning format
python3 evals/validate.py --aggregate r1.json r2.json # portfolio roll-up over report JSONs
python3 evals/scripts/retro-summary.py # retro scores per protocol version (did each release help?)
Point --run at the target repo root (or its docs/): if the target's
AUDIT.md is found, its CONFIG is preflighted and PROTECTED_AREAS is loaded
automatically; --protected extends it.
Waivers. A target repo may carry docs/AUDIT-WAIVERS.yaml — audit-trailed,
expiring suppressions (code + optional file/match + reason +
approved_by + mandatory ISO expires). A valid waiver suppresses the matched
violation and is reported separately; an expired or undated one un-suppresses
it AND flags the stale waiver (WAIVER-EXPIRED). This is the sanctioned
exception channel — eval fixtures, by contrast, may never be weakened.
Parsing notes (precision boundaries, pinned by fixtures). Tables inside
leading-pipe GFM rows — the exact Phase 2 template shape; pipeless variants
read as nonconformant. Protected-area matching is case-insensitive substring —
keep CONFIG entries specific (`src/billing/`, not `src/`). Artifacts must be
UTF-8 and ≤ 10 MB (`MALFORMED-FILE` otherwise, never a crash).
**Version pinning.** The validator checks the *current* protocol's template.
Validating artifacts produced under an older protocol? Pin the matching tag
(validator and protocol release in lockstep: `v1.2.0` ↔ protocol v1.2.0).
## Adding a fixture
1. Create `evals/fixtures/<Gnn|Bnn>-<slug>/` with `fixture.yaml` + `docs/BACKLOG.md` (and `docs/HANDOFF.md` if relevant).
2. `fixture.yaml` is flat `key: value` (no YAML library needed):
```yaml
id: B11-my-trap
description: one line
expect: fail # or pass
expected_violations: [R1-NO-OUTPUT]
exercises_rules: [R1]
protected_areas: []
- For
expect: fail, the validator must report exactlyexpected_violations— plant one fault per fixture unless the fixture's purpose is exact-set verification (B16). Keepdocs/BACKLOG.mdtemplate-conformant (Mode line + tables or the R7 line) so the planted fault is the only signal; ship a near-missG*sibling when adding a new rule, so precision is pinned alongside recall. - Register the fixture in
rules.jsonunder the rule(s) it exercises —validate.py --allfails on registry drift in either direction (BS-10). - Run
./evals/run-evals.sh --record.
What the validator cannot see (declared gaps)
The authoritative register is improve/BLINDSPOTS.md
— one row per blind spot, with status and evidence. Headlines:
- Whether code changes were genuinely valuable (retro item 9 — human judgment).
- Whether findings were padded (retro item 3 — judgment; the validator only guarantees padding is never required).
- Live-agent properties: actual command execution, 3-strike counting, resume behavior (R4). For hard guarantees on those, use deterministic hooks/CI in the target repo, not prompt text.
- Run completeness:
--runaccepts a docs/ directory without HANDOFF.md (legitimate mid-flight). When reviewing a run that claims to be finished, confirm HANDOFF.md exists yourself (BS-09).
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file code_audit_validator-1.3.0.tar.gz.
File metadata
- Download URL: code_audit_validator-1.3.0.tar.gz
- Upload date:
- Size: 35.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7d19db04e4ccc610794bdc1b0928ee764553bb66e13627c9e4ad52bab25d9faa
|
|
| MD5 |
28dadddd392f5ee2bb2d5062d480c39a
|
|
| BLAKE2b-256 |
d8a01059f4861b01e4f4c9d6ab51e6d407b42bda1276321054c2126db5832e20
|
File details
Details for the file code_audit_validator-1.3.0-py3-none-any.whl.
File metadata
- Download URL: code_audit_validator-1.3.0-py3-none-any.whl
- Upload date:
- Size: 27.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
23e0a510a9437c662d48a3f3919d3dae7458601b4bad124d5193268ee58554e8
|
|
| MD5 |
8a994e2b26603b098afb6a6c4f5b8d20
|
|
| BLAKE2b-256 |
766cfdfed68690194b23afb35d6cd73023b50c7d7021ea8ab070ff17166a6fa7
|