Files

42 lines
3.1 KiB
Markdown
Raw Permalink Normal View History

---
name: agent-self-audit
description: Pre-execution self-audit for any tool backed by a loaded skill. Prevents the #1 agent failure mode: loading a skill, understanding it intellectually, then proceeding with default behaviors without self-auditing for the skill's exception rules.
version: 1.0.0
author: Hermes Agent
platforms: [linux]
---
# agent-self-audit — Pre-Execution Audit for Skill-Loaded Tools
## Failure Mode
Skill rules are exceptions to my defaults. I load skills, understand them intellectually, then proceed with default behaviors without self-auditing for the exceptions. The skill's rules are active constraints I must enforce on myself at the moment of action — not reference material I read once and forget. This skill is the fix: re-read the relevant skill section as a literal checklist before composing any action that uses a skill-loaded tool.
## The 5-Step Habit
1. **Load the relevant skill.** Use `skill_view(name)` to get the full SKILL.md content.
2. **Re-read the rules that conflict with my defaults.** Identify the specific constraints that are exceptions to my normal behavior. Do NOT skip this step — intellectual understanding from step 1 is not the same as active constraint enforcement.
3. **Compose the action.** Write the prompt, command, or tool call.
4. **Audit the action against those rules.** Run the Pre-Execution Audit Checklist below. Verify every rule is satisfied.
5. **Only then execute.** If any rule is violated, fix the action and re-audit.
## Pre-Execution Audit Checklist
Before executing any action backed by a loaded skill, answer these three questions:
1. **Am I following the skill's procedural rules?** E.g., using `--resume` for follow-up asks, pointing at file paths instead of pasting content, including required mandate lines. If the skill says "HARD RULE" or "MUST," I must verify compliance explicitly.
2. **Am I pasting content the target could read from a path?** If the target has filesystem access (peer agent, subagent, delegate), point at the absolute path instead of pasting. Only paste inline when content is under ~5 lines or the target genuinely can't access the path.
3. **Am I including all required verification handles?** E.g., web search mandate lines, "return absolute path / exit code for any side-effect," source URL citations. If the skill requires a specific output format or verification step, include it.
## When to Apply
Any time I use a tool backed by a loaded skill: `ask-hermes`, `delegate_task`, `write_file`, `patch`, `cronjob`, `browser`, `execute_code`, or any other tool where a skill defines rules that are exceptions to my default behavior.
## Pitfalls
- **I will be tempted to skip step 2** because I just loaded the skill and think I remember. The whole point is that intellectual understanding != active constraint. Always re-read.
- **I will be tempted to audit from memory** instead of re-reading the skill text. Memory is lossy — the skill text is canonical. Re-read it.
- **I will be tempted to skip the audit entirely** for "simple" actions. The simplest actions are where defaults are strongest and exceptions are most likely to be missed.