Documentation Index
Fetch the complete documentation index at: https://mintlify.com/jorgeferrando/sdd-skills/llms.txt
Use this file to discover all available pages before exploring further.
/sdd-audit analyzes your code against the project’s conventions and classifies violations as Critical (blocks PR), Important (technical debt), or Minor (stylistic). It reads rules from openspec/steering/conventions.md and openspec/steering/project-rules.md — the same files that /sdd-apply consults during implementation. Running the audit before opening a PR catches architectural and semantic violations that no linter detects.
Running an audit
openspec/steering/conventions.md must exist. If it doesn’t, run /sdd-init (new project) or /sdd-steer (existing project) first.
Before analyzing, the skill prints its scope so you know exactly what it’s checking:
Understanding the audit report
The report uses a compact, terse format — one line per violation with an ID, file, approximate line, description, the rule that was violated, and a concrete fix suggestion.Violation severity levels
| Severity | Rule level | Impact | Action |
|---|---|---|---|
| Critical | MUST / MUST NOT | Blocks PR review | Fix before creating PR |
| Important | SHOULD | Accumulating technical debt | Can be deferred; document in tasks.md |
| Minor | MAY | Stylistic or preference | Fix opportunistically |
conventions.md; the audit catches architectural and domain-level violations that static analysis cannot detect.
Writing effective conventions
conventions.md uses RFC 2119 keyword levels for precision. Every rule is one of MUST, MUST NOT, SHOULD, SHOULD NOT, or MAY. The keyword determines the violation severity and directly controls whether the audit flags something as Critical, Important, or Minor.
conventions.md from the api-demo example. A few principles to follow when writing your own:
- One rule per bullet. Each bullet should express a single, testable condition.
- Be concrete about the violation. “MUST NOT inject Repository directly into handlers — use via use case interfaces” gives the audit model enough context to recognize the pattern.
- Reserve MUST for things you’d actually reject a PR over. If you’d let it through with a comment, use SHOULD.
- Group by area. Section headers (Architecture, Testing, HTTP responses, etc.) help the audit organize its report and help the AI determine which rules apply to which files.
Updating conventions
Conventions are not static — they evolve as your codebase grows, your team adopts new patterns, and the AI learns from your corrections.Detect drift with /sdd-steer sync
After a major refactor or when you suspect conventions no longer reflect how the code is actually written:conventions.md against actual code patterns, active skills, and MEMORY.md, then presents a diff of proposed additions, updates, and removals for your confirmation. It never auto-applies changes — you review and approve each proposal.
Automatic growth via project-rules.md
During/sdd-apply, when you correct the AI’s behavior, the correction gets recorded in project-rules.md:
- Explicit correction (
"always use X","remember this") — saved immediately as a rule - Implicit correction (you override the AI’s choice) — the AI asks “save as rule?” before recording
- Second correction of the same pattern — saved automatically without asking
project-rules.md use the same RFC 2119 format as conventions.md and are checked by /sdd-audit with equal weight:
Manual edits
Bothconventions.md and project-rules.md are plain Markdown. Edit them directly at any time. There is no schema to follow beyond the RFC 2119 keyword format — the files are read by the AI, not parsed by a tool.