---
name: protocol-audit
description: Audit all `.github/copilot-instructions.md` files registered in `references/REPOS.md` for protocol consistency. Two file types are recognized per that registry — **primary** (full numbered AI AGENT CORE PROTOCOL) and **inherit** (reference-only: blockquote pointer to the canonical protocol, no duplicated numbered rules). The skill applies the appropriate invariant set per type. Use when the user asks to "audit protocol", "check instruction consistency", "verify repo rules", "check cross-repo drift", or after modifying the AI AGENT CORE PROTOCOL in any repo. Produces a per-file × invariant table with concrete patch suggestions; does NOT modify any file without explicit consent.
compatibility: Designed for Claude Code and GitHub Copilot (VS). Requires read access to the paths listed in `references/REPOS.md`.
metadata:
  author: Fullepi
  version: "2.2"
---

# Protocol Audit

Verify that all `.github/copilot-instructions.md` files registered in `references/REPOS.md` share a consistent AI AGENT CORE PROTOCOL ecosystem. **Primary** files contain the full numbered protocol; **inherit** files reference the canonical protocol without duplicating the numbered rules.

## Before you start

This skill READS files and REPORTS findings. It MUST NOT modify any file. Patch suggestions are surfaced as diffs for the user to review and approve. Follow Rule #5 (or equivalent) from the active repo's `copilot-instructions.md`.

## Step 1 — Load the repo list

Read `references/REPOS.md` (relative to this SKILL.md). Extract:
- **Primary files table** (with absolute paths and classification)
- **Inherit files table** (with absolute paths and classification)
- **Expected own-dep-repos** tables (one per file type)
- **Known issues** section (pre-flagged expected failures)

The registry file is the **single source of truth** for "which files belong to this workspace's protocol audit". The skill treats its contents as authoritative — it does not hardcode any repo/project names.

## Step 2 — Read each instruction file

For each entry in both tables, read `<abs-path>\.github\copilot-instructions.md` once. Record the full text keyed by the logical name and **file type** (primary / inherit). If a file is empty (0 bytes), record as `EMPTY` and still run the size-sensitive invariants (expected: all fail).

Do NOT re-read a file that is already in your LOADED_DOCS list (per Rule #3 of the active repo's protocol).

## Step 3 — Run invariant checks by file type

Each invariant yields `PASS` / `FAIL` / `N/A` (not-applicable-to-this-type) and, on FAIL, an evidence snippet.

### 3A — Common invariants (applied to ALL 8 files)

**C1. `@repo` block has all 4 required fields**
Inside the `@repo { ... }` block, the keys `name`, `type`, `layer`, `own-dep-repos` must all be present.

**C2. `own-dep-repos` paths resolve to existing directories**
For each `"<dep-name>: <relative-path>"` entry, resolve `<repo-root>/<relative-path>` and check the directory exists.

**C3. `own-dep-repos` matches REPOS.md expectations**
The dep set must equal the expected set in REPOS.md's relevant "Expected own-dep-repos" table.

**C4. `## Session Setup` section present with all three skills**
Header `## Session Setup` must appear. The section body must reference all three skills: `docs-discovery/SKILL.md`, `docs-check/SKILL.md`, and `protocol-audit/SKILL.md`. For inherit files, the section must additionally reference loading the canonical `copilot-instructions.md` (from the host repo — e.g., AyCode.Core). Expected first-response `[LOADED_DOCS]` counts: 4 for primary, 5 for inherit.

### 3B — Primary-only invariants (applied to files classified as **primary** in REPOS.md)

**P1. Rule numbering is contiguous 1..N**
Extract all `^\d+\. \*\*` lines. Numbers must form `1, 2, 3, ..., N` with no gaps and no duplicates.

**P2. Rule count is ≥ 5**
The AI AGENT CORE PROTOCOL has five core rules. Sections after Rule #5 (Conventions etc.) may add more; the first 5 are mandatory.

**P3. Rule #1 uses count+delta format**
Substring `N files (+K this turn` present in Rule #1. Old substring `comma-separated list of .md files currently in your context` must be ABSENT.

**P4. Rule #2 contains `CROSS-REPO HARD-GATE`**

**P5. Rule #2 contains `PER-QUESTION DOC-FIRST`**

**P6. Rule #3 is the NO-RE-READ rule**
Header matches `STRICT NO-RE-READ POLICY (ANTI-LOOP)`.

**P7. Rule #3 contains the "in context" definition**
Substring `lossy compressions` present.

**P8. Rule #4 contains auto-detection triggers**
Substring `Auto-detection triggers` present AND substring `LOADED_DOCS: NONE` present.

**P9. Rule #5 scope is broad**
Substring `any file (code, documentation, configuration, memory, or otherwise)` present.
Negative: substring `delete code/files without` must be ABSENT (old wording).

**P10. `strictly maintain rule 3` reference exists**
Substring `strictly maintain rule 3` present. Old references (`rule 15`, `rule 18`, `rule 19`, `rule 20`, `rule 21`) must be absent.

### 3C — Inherit-only invariants (applied to files classified as **inherit** in REPOS.md)

**I1. References the canonical protocol host**
Substring `follows the AI Agent Core Protocol defined in <HOST>` present, where `<HOST>` is the repo designated as the canonical host in REPOS.md (the file content's literal phrasing must match the host's name — this workspace's files currently say "AyCode.Core"). If REPOS.md designates a different host, both the inherit files and this invariant's expected substring are updated in lockstep.

**I2. Does NOT duplicate numbered Rules #1-5**
Must NOT contain the header `🛑 AI AGENT CORE PROTOCOL (CRITICAL ENFORCEMENT)` (that belongs to primary files only). If the file has `^\d+\. \*\*MANDATORY OUTPUT PREFIX` or similar, flag as FAIL — the inherit file has leaked primary content.

**I3. Has a link to the Decision Log**
Substring `LLM_PROTOCOL_DECISIONS.md` present (via the Protocol History section — see X2 below).

### 3D — Cross-cutting invariants (applied to all files EXCEPT the canonical protocol host)

The **canonical protocol host** is the repo designated in `references/REPOS.md` as housing the shared skills, Decision Log, and registries (typically the first row labeled the "host" in REPOS.md). That host does not need to reference itself. These X invariants apply to every other file registered in REPOS.md.

**X1. `## Shared Agent Skills` section present with all three skills**
Header `## Shared Agent Skills` must appear. All three bullets must be listed: `docs-discovery`, `protocol-audit`, `docs-check`.

**X2. `## Protocol History` section present**
Header `## Protocol History` must appear AND it must reference the Decision Log at the canonical host's location (e.g., `<HOST_REPO>/.github/LLM_PROTOCOL_DECISIONS.md`; the concrete path is resolvable from REPOS.md).

**X3. Docs-sync rule points to `docs-check` skill** *(primary files only)*
In each primary file's docs-sync rule (the numbered rule whose title begins "Keep all .md documentation in sync"), the substring `` `docs-check` `` (backtick-wrapped skill name) must be present, AND a reference to the docs-check skill's `SKILL.md` path (e.g., `.github/skills/docs-check/SKILL.md` or a correct relative variant) must be present.

### Invariant applicability matrix

| Invariant set | Canonical host | Other primary | Inherit |
|---------------|----------------|---------------|---------|
| Common (C1-C4) | ✓ | ✓ | ✓ |
| Primary-only (P1-P10) | ✓ | ✓ | N/A (skip) |
| Inherit-only (I1-I3) | N/A (skip) | N/A (skip) | ✓ |
| Cross-cutting (X1-X2) | N/A (skip — the host does not cross-reference itself) | ✓ | ✓ |
| Cross-cutting (X3) | ✓ | ✓ | N/A (skip — inherit files don't have the numbered docs-sync rule) |

The primary/inherit classification and the "canonical host" designation both come from `references/REPOS.md`. This skill does not hardcode any specific repo or project name.

Use `N/A` in the report cell, not `PASS`, for skipped invariants — so it's obvious the check wasn't applicable.

## Step 4 — Produce the report

Emit a markdown report with three sections:

### 4A — Summary table

One row per file, grouped by type. Columns: the invariant IDs from Step 3 (C1, C2, C3, P1..P10, I1..I3, X1, X2). Cell values: `PASS` / `FAIL` / `N/A` / `MISSING` / `UNREADABLE` / `EMPTY`.

Use short column headers (C1, P1, P2, I1, X1, etc.) — 19 columns is dense but fits in a readable table when values are 2-4 chars.

### 4B — Failure details

For every FAIL, list:
- File name + type (primary / inherit)
- Invariant ID (e.g., P3, I1, X2)
- Evidence — the offending line, missing substring, or unresolved path
- Suggested patch — a concrete `old_string` / `new_string` pair (or "create this section" scaffold) the user can review

### 4C — Known-issues reconciliation

Cross-reference any FAIL with the "Known issues" section in REPOS.md. If a failure is already tracked as a known issue, mark it `FAIL (known)` so the user can distinguish fresh regressions from pre-existing TODOs.

## Step 5 — DO NOT apply patches

End the report with:

> All checks complete. N failures detected (M known, N-M new). To apply any of the suggested patches, reply with "apply patches P3, I1" (or similar IDs). No files have been modified.

Wait for **explicit** user consent before using any edit / write tool. Per Rule #5: phrases like "we are just thinking" / "what do you think" do NOT constitute approval.

## Tool usage

This skill is tool-neutral. Map these capabilities to the host agent's tools (per the active repo's `CLAUDE.md`):

- Reading files: `Read` (Claude Code), `get_file` (Copilot), or equivalent
- Globbing / directory existence: `Glob`, `file_search`, `ls`, `Test-Path`
- Applying patches (only after consent): `Edit`, `replace_string_in_file`

## Edge cases

- **Repo path missing from disk:** Skip that file, record `MISSING` in every invariant cell, continue with the others.
- **File read fails:** Record `UNREADABLE`, continue.
- **File is 0 bytes:** Record `EMPTY`; every content-sensitive invariant returns FAIL. Still run C1-C3 (they'll fail too, which is correct signal).
- **Multiple `@repo` blocks in one file:** Audit the first one; flag the duplicate as its own finding.
- **Rule order differs** (e.g., Rules #3 and #4 swapped in a primary file): invariants P6 and P8 fail independently — do not try to auto-reorder.
- **Unfinished mid-edit:** If a file has obviously truncated content (cut off mid-sentence), record `CORRUPT` and stop that file's audit.
- **Ambiguous file type** (has both `AI AGENT CORE PROTOCOL` header AND the inherit-blockquote substring from I1): flag as FAIL on I2 and P1 — file has structural identity crisis, user must resolve.
- **New file not in REPOS.md:** Do NOT audit it automatically. Report it separately as `"Unregistered .github/copilot-instructions.md found at <path> — add to REPOS.md to include in future audits."`