Skip to content

general-audit: fold lessons #552#553

Merged
intendednull merged 1 commit into
mainfrom
claude/general-audit-lessons-2026-05-02
May 3, 2026
Merged

general-audit: fold lessons #552#553
intendednull merged 1 commit into
mainfrom
claude/general-audit-lessons-2026-05-02

Conversation

@intendednull
Copy link
Copy Markdown
Owner

@intendednull intendednull commented May 2, 2026

caveman PR. folds 6 lessons from 2026-05-02 audit run into .claude/skills/general-audit/SKILL.md.

Closes #552. Master audit issue: #513.

Edits applied

  • Pass 1 / Sibling-of-closed: commit-prefix filter when N merged PRs > 5. Drops docs:/chore:/skill-only commits, keeps fix:/feat:/perf:/refactor:. Auto-fix-batch PRs especially benefit.
  • Pass 3 / cargo-audit: document first-run advisory-db prefetch. cargo audit -n fails on fresh runners; drop -n for first run, keep for cached subsequent runs.
  • Synthesis / dedup: forbid bare-keyword search_issues queries (e.g. "general-audit", label:audit alone). They overflow the 78k-char tool-result cap. Always pin a file path, symbol, or RUSTSEC ID.
  • Synthesis / verification: drop partially-verified findings whose body claim contradicts spot-check, not just FAILED. Caught F28 (lock-ok marker present at line 23 contradicting "missing at line 31" claim) + F52 (aria-live present in chat.rs:387 contradicting "no aria-live for chat" claim) this run.
  • File the issues / Filing performance: budget for ~2N+2 MCP calls. Batch issue creates (8-10/msg) + sub-issue links (10-14/msg) in parallel.
  • Agent prompts / Read ±10 lines: require sweep agents to Read ±10 lines around any cited line before claiming "missing"/"absent"/"no X exists". Cheapest fix for false-premise findings.

Edits skipped

(none)

Auto-generated by /general-audit. Human review required before merge.

Generated by Claude Code

@claude
chore(skill): fold audit lessons #552
e4bc091 
apply 6 lessons from 2026-05-02 audit run:

- pass 1 sibling-of-closed: commit-prefix filter when N merged PRs > 5
- pass 3 cargo-audit: document first-run advisory-db prefetch (no -n)
- synthesis dedup: forbid bare-keyword search_issues queries (78k cap)
- synthesis verification: drop partially-verified findings whose body claim contradicts spot-check
- file the issues: budget for batched MCP calls (≈ 2N+2)
- agent prompts: require ±10 line read around any cited line before claiming "missing"/"absent"

closes #552
@intendednull intendednull merged commit 6404719 into main May 3, 2026
8 checks passed
@intendednull intendednull deleted the claude/general-audit-lessons-2026-05-02 branch May 3, 2026 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

general-audit lessons: 2026-05-02

2 participants

@intendednull @claude