Awesome-omni-skills audit-context-building

Deep Context Builder Skill (Ultra-Granular Pure Context Mode) workflow skill. Use this skill when the user needs Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

install

source · Clone the upstream repo

git clone https://github.com/diegosouzapw/awesome-omni-skills

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/diegosouzapw/awesome-omni-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/audit-context-building" ~/.claude/skills/diegosouzapw-awesome-omni-skills-audit-context-building && rm -rf "$T"

manifest: skills/audit-context-building/SKILL.md

Deep Context Builder Skill (Ultra-Granular Pure Context Mode)

Overview

This public intake copy packages

plugins/antigravity-awesome-skills-claude/skills/audit-context-building

from

https://github.com/sickn33/antigravity-awesome-skills

into the native Omni Skills editorial shape without hiding its origin.

Use it when the operator needs the upstream workflow, support files, and repository context to stay intact while the public validator and private enhancer continue their normal downstream flow.

This intake keeps the copied upstream files intact and uses

metadata.json

plus

ORIGIN.md

as the provenance anchor for review.

Deep Context Builder Skill (Ultra-Granular Pure Context Mode)

Imported source sections that did not map cleanly to the public headings are still preserved below or in the support files. Notable imported sections: 1. Purpose, 3. How This Skill Behaves, Rationalizations (Do Not Skip), 4. Phase 1 — Initial Orientation (Bottom-Up Scan), 5. Phase 2 — Ultra-Granular Function Analysis (Default Mode), 6. Phase 3 — Global System Understanding.

When to Use This Skill

Use this section as the trigger filter. It should make the activation boundary explicit before the operator loads files, runs commands, or opens a pull request.

Deep comprehension is needed before bug or vulnerability discovery.
You want bottom-up understanding instead of high-level guessing.
Reducing hallucinations, contradictions, and context loss is critical.
Preparing for security auditing, architecture review, or threat modeling.
Vulnerability findings
Fix recommendations

Operating Table

Situation	Start here	Why it matters
First-time use	`metadata.json`	Confirms repository, branch, commit, and imported path before touching the copied workflow
Provenance review	`ORIGIN.md`	Gives reviewers a plain-language audit trail for the imported source
Workflow execution	`SKILL.md`	Starts with the smallest copied file that materially changes execution
Supporting context	`SKILL.md`	Adds the next most relevant copied source file without loading the entire package
Handoff decision	`## Related Skills`	Helps the operator switch to a stronger native skill when the task drifts

Workflow

This workflow is intentionally editorial and operational at the same time. It keeps the imported source useful to the operator while still satisfying the public intake standards that feed the downstream enhancer flow.

Confirm the user goal, the scope of the imported workflow, and whether this skill is still the right router for the task.
Read the overview and provenance files before loading any copied upstream support files.
Load only the references, examples, prompts, or scripts that materially change the outcome for the current request.
Execute the upstream workflow while keeping provenance and source boundaries explicit in the working notes.
Validate the result against the upstream expectations and the evidence you can point to in the copied files.
Escalate or hand off to a related skill when the work moves out of this imported workflow's center of gravity.
Before merge or closure, record what was used, what changed, and what the reviewer still needs to verify.

Imported Workflow Notes

Imported: 1. Purpose

This skill governs how Claude thinks during the context-building phase of an audit.

When active, Claude will:

Perform line-by-line / block-by-block code analysis by default.
Apply First Principles, 5 Whys, and 5 Hows at micro scale.
Continuously link insights → functions → modules → entire system.
Maintain a stable, explicit mental model that evolves with new evidence.
Identify invariants, assumptions, flows, and reasoning hazards.

This skill defines a structured analysis format (see Example: Function Micro-Analysis below) and runs before the vulnerability-hunting phase.

Examples

Example 1: Ask for the upstream workflow directly

Use @audit-context-building to handle <task>. Start from the copied upstream workflow, load only the files that change the outcome, and keep provenance visible in the answer.

Explanation: This is the safest starting point when the operator needs the imported workflow, but not the entire repository.

Example 2: Ask for a provenance-grounded review

Review @audit-context-building against metadata.json and ORIGIN.md, then explain which copied upstream files you would load first and why.

Explanation: Use this before review or troubleshooting when you need a precise, auditable explanation of origin and file selection.

Example 3: Narrow the copied support files before execution

Use @audit-context-building for <task>. Load only the copied references, examples, or scripts that change the outcome, and name the files explicitly before proceeding.

Explanation: This keeps the skill aligned with progressive disclosure instead of loading the whole copied package by default.

Example 4: Build a reviewer packet

Review @audit-context-building using the copied upstream files plus provenance, then summarize any gaps before merge.

Explanation: This is useful when the PR is waiting for human review and you want a repeatable audit packet.

Imported Usage Notes

Imported: 8. Subagent Usage

Claude may spawn subagents for:

Dense or complex functions.
Long data-flow or control-flow chains.
Cryptographic / mathematical logic.
Complex state machines.
Multi-module workflow reconstruction.

Use the

function-analyzer

agent for per-function deep analysis. It follows the full microstructure checklist, cross-function flow rules, and quality thresholds defined in this skill, and enforces the pure-context-building constraint.

Subagents must:

Follow the same micro-first rules.
Return summaries that Claude integrates into its global model.

Best Practices

Treat the generated public skill as a reviewable packaging layer around the upstream repository. The goal is to keep provenance explicit and load only the copied source material that materially improves execution.

Never reshape evidence to fit earlier assumptions.
Update the model.
State the correction explicitly.
Periodically anchor key facts
invariants
state relationships
actor roles

Imported Operating Notes

Imported: 7. Stability & Consistency Rules

(Anti-Hallucination, Anti-Contradiction)

Claude must:

Never reshape evidence to fit earlier assumptions. When contradicted:
- Update the model.
- State the correction explicitly.
Periodically anchor key facts Summarize core:
- invariants
- state relationships
- actor roles
- workflows
Avoid vague guesses Use:
- "Unclear; need to inspect X." instead of:
- "It probably…"
Cross-reference constantly Connect new insights to previous state, flows, and invariants to maintain global coherence.

Troubleshooting

Problem: The operator skipped the imported context and answered too generically

Symptoms: The result ignores the upstream workflow in

plugins/antigravity-awesome-skills-claude/skills/audit-context-building

, fails to mention provenance, or does not use any copied source files at all. Solution: Re-open

metadata.json

ORIGIN.md

, and the most relevant copied upstream files. Load only the files that materially change the answer, then restate the provenance before continuing.

Problem: The imported workflow feels incomplete during review

Symptoms: Reviewers can see the generated

SKILL.md

, but they cannot quickly tell which references, examples, or scripts matter for the current task. Solution: Point at the exact copied references, examples, scripts, or assets that justify the path you took. If the gap is still real, record it in the PR instead of hiding it.

Problem: The task drifted into a different specialization

Symptoms: The imported skill starts in the right place, but the work turns into debugging, architecture, design, security, or release orchestration that a native skill handles better. Solution: Use the related skills section to hand off deliberately. Keep the imported provenance visible so the next skill inherits the right context instead of starting blind.

Related Skills

```
@ai-dev-jobs-mcp
```
- Use when the work is better handled by that native specialization after this imported skill establishes context.
```
@arm-cortex-expert
```
- Use when the work is better handled by that native specialization after this imported skill establishes context.
```
@asana-automation
```
- Use when the work is better handled by that native specialization after this imported skill establishes context.
```
@ask-questions-if-underspecified
```
- Use when the work is better handled by that native specialization after this imported skill establishes context.

Additional Resources

Use this support matrix and the linked files below as the operator packet for this imported skill. They should reflect real copied source material, not generic scaffolding.

Resource family	What it gives the reviewer	Example path
`references`	copied reference notes, guides, or background material from upstream	`references/n/a`
`examples`	worked examples or reusable prompts copied from upstream	`examples/n/a`
`scripts`	upstream helper scripts that change execution or validation	`scripts/n/a`
`agents`	routing or delegation notes that are genuinely part of the imported package	`agents/n/a`
`assets`	supporting assets or schemas copied from the source package	`assets/n/a`

Imported Reference Notes

Imported: 3. How This Skill Behaves

When active, Claude will:

Default to ultra-granular analysis of each block and line.
Apply micro-level First Principles, 5 Whys, and 5 Hows.
Build and refine a persistent global mental model.
Update earlier assumptions when contradicted ("Earlier I thought X; now Y.").
Periodically anchor summaries to maintain stable context.
Avoid speculation; express uncertainty explicitly when needed.

Goal: deep, accurate understanding, not conclusions.

Imported: Rationalizations (Do Not Skip)

Rationalization	Why It's Wrong	Required Action
"I get the gist"	Gist-level understanding misses edge cases	Line-by-line analysis required
"This function is simple"	Simple functions compose into complex bugs	Apply 5 Whys anyway
"I'll remember this invariant"	You won't. Context degrades.	Write it down explicitly
"External call is probably fine"	External = adversarial until proven otherwise	Jump into code or model as hostile
"I can skip this helper"	Helpers contain assumptions that propagate	Trace the full call chain
"This is taking too long"	Rushed context = hallucinated vulnerabilities later	Slow is fast

Imported: 4. Phase 1 — Initial Orientation (Bottom-Up Scan)

Before deep analysis, Claude performs a minimal mapping:

Identify major modules/files/contracts.
Note obvious public/external entrypoints.
Identify likely actors (users, owners, relayers, oracles, other contracts).
Identify important storage variables, dicts, state structs, or cells.
Build a preliminary structure without assuming behavior.

This establishes anchors for detailed analysis.

Imported: 5. Phase 2 — Ultra-Granular Function Analysis (Default Mode)

Every non-trivial function receives full micro analysis.

5.1 Per-Function Microstructure Checklist

For each function:

Purpose
- Why the function exists and its role in the system.
Inputs & Assumptions
- Parameters and implicit inputs (state, sender, env).
- Preconditions and constraints.
Outputs & Effects
- Return values.
- State/storage writes.
- Events/messages.
- External interactions.
Block-by-Block / Line-by-Line Analysis For each logical block:
- What it does.
- Why it appears here (ordering logic).
- What assumptions it relies on.
- What invariants it establishes or maintains.
- What later logic depends on it.
Apply per-block:
- First Principles
- 5 Whys
- 5 Hows

5.2 Cross-Function & External Flow Analysis

(Full Integration of Jump-Into-External-Code Rule)

When encountering calls, continue the same micro-first analysis across boundaries.

Internal Calls

Jump into the callee immediately.
Perform block-by-block analysis of relevant code.
Track flow of data, assumptions, and invariants: caller → callee → return → caller.
Note if callee logic behaves differently in this specific call context.

External Calls — Two Cases

Case A — External Call to a Contract Whose Code Exists in the Codebase Treat as an internal call:

Jump into the target contract/function.
Continue block-by-block micro-analysis.
Propagate invariants and assumptions seamlessly.
Consider edge cases based on the actual code, not a black-box guess.

Case B — External Call Without Available Code (True External / Black Box) Analyze as adversarial:

Describe payload/value/gas or parameters sent.
Identify assumptions about the target.
Consider all outcomes:
- revert
- incorrect/strange return values
- unexpected state changes
- misbehavior
- reentrancy (if applicable)

Continuity Rule

Treat the entire call chain as one continuous execution flow. Never reset context. All invariants, assumptions, and data dependencies must propagate across calls.

5.3 Complete Analysis Example

See FUNCTION_MICRO_ANALYSIS_EXAMPLE.md for a complete walkthrough demonstrating:

Full micro-analysis of a DEX swap function
Application of First Principles, 5 Whys, and 5 Hows
Block-by-block analysis with invariants and assumptions
Cross-function dependency mapping
Risk analysis for external interactions

This example demonstrates the level of depth and structure required for all analyzed functions.

5.4 Output Requirements

When performing ultra-granular analysis, Claude MUST structure output following the format defined in OUTPUT_REQUIREMENTS.md.

Key requirements:

Purpose (2-3 sentences minimum)
Inputs & Assumptions (all parameters, preconditions, trust assumptions)
Outputs & Effects (returns, state writes, external calls, events, postconditions)
Block-by-Block Analysis (What, Why here, Assumptions, First Principles/5 Whys/5 Hows)
Cross-Function Dependencies (internal calls, external calls with risk analysis, shared state)

Quality thresholds:

Minimum 3 invariants per function
Minimum 5 assumptions documented
Minimum 3 risk considerations for external interactions
At least 1 First Principles application
At least 3 combined 5 Whys/5 Hows applications

5.5 Completeness Checklist

Before concluding micro-analysis of a function, verify against the COMPLETENESS_CHECKLIST.md:

Structural Completeness: All required sections present (Purpose, Inputs, Outputs, Block-by-Block, Dependencies)
Content Depth: Minimum thresholds met (invariants, assumptions, risk analysis, First Principles)
Continuity & Integration: Cross-references, propagated assumptions, invariant couplings
Anti-Hallucination: Line number citations, no vague statements, evidence-based claims

Analysis is complete when all checklist items are satisfied and no unresolved "unclear" items remain.

Imported: 6. Phase 3 — Global System Understanding

After sufficient micro-analysis:

State & Invariant Reconstruction
- Map reads/writes of each state variable.
- Derive multi-function and multi-module invariants.
Workflow Reconstruction
- Identify end-to-end flows (deposit, withdraw, lifecycle, upgrades).
- Track how state transforms across these flows.
- Record assumptions that persist across steps.
Trust Boundary Mapping
- Actor → entrypoint → behavior.
- Identify untrusted input paths.
- Privilege changes and implicit role expectations.
Complexity & Fragility Clustering
- Functions with many assumptions.
- High branching logic.
- Multi-step dependencies.
- Coupled state changes across modules.

These clusters help guide the vulnerability-hunting phase.

Imported: 9. Relationship to Other Phases

This skill runs before:

Vulnerability discovery
Classification / triage
Report writing
Impact modeling
Exploit reasoning

It exists solely to build:

Deep understanding
Stable context
System-level clarity

Imported: 10. Non-Goals

While active, Claude should NOT:

Identify vulnerabilities
Propose fixes
Generate proofs-of-concept
Model exploits
Assign severity or impact

This is pure context building only.

Imported: Limitations

Use this skill only when the task clearly matches the scope described above.
Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.