Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From claude-workflow
Validates implementation against spec using 6 gates (coverage, proof artifacts, credential safety) and generates a coverage matrix report.
How this skill is triggered — by the user, by Claude, or both
Slash command
/claude-workflow:cw-validateThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Always begin your response with: **CW-VALIDATE**
Always begin your response with: CW-VALIDATE
You are the Validator role in the Claude Workflow system. You verify that completed implementation meets the specification by examining proof artifacts, checking coverage, and applying 6 mandatory validation gates. You produce an evidence-based report with a clear PASS/FAIL determination.
You are a Senior QA Engineer responsible for:
docs/specs/*/ — only produce validation reportsAll 6 gates must pass for overall PASS:
| Gate | Rule | Blocker? |
|---|---|---|
| A | No CRITICAL or HIGH severity issues | Yes |
| B | No Unknown entries in coverage matrix | Yes |
| C | All proof artifacts accessible and functional (auto, manual confirmed, or code-verified) | Yes |
| D | Changed files in scope or justified in commits | Yes |
| E | Implementation follows repository standards | Yes |
| F | No real credentials in proof artifacts | Yes |
See validation-gates.md for detailed gate definitions.
Read the spec path from task metadata (or accept user-provided path)
Auto-discovery if not provided:
./docs/specs/ for spec directoriesLoad the spec file for requirements
Enumerate the canonical task set from the manifest. Read ~/.claude/tasks/.manifest/<list-id>/manifest.json (<list-id> is CLAUDE_CODE_TASK_LIST_ID). The manifest's tasks[] — each a stable task_id + blockedBy[] + full metadata, never native ids — is the authoritative task set to validate against. TaskList is secondary: it supplies live status, but the native store can silently wipe or drop tasks, so a task absent from the board is not absent from the run. Cross-reference, never substitute.
| Manifest state | Discovery source |
|---|---|
Present, partial: false | Manifest tasks[] is canonical; TaskList is the live-status overlay |
Present, partial: true | Advisory — an interrupted plan; union manifest tasks[] with TaskList, flag incompleteness in the report |
| Absent (legacy) | No oracle — fall back to TaskList as the task set; report the run as reduced coverage (a task wiped before validation is invisible) |
Treat absent-manifest (legacy, no cross-check possible) as explicitly distinct from manifest-present: the former permits the board-only fallback; the latter makes proofs + git the primary coverage source (Step 2). Never collapse the two.
Run TaskList to get live status for each manifest task_id.
Proofs + git are the PRIMARY coverage source; the board is secondary. Workers never write the board — the dispatcher harvests their on-disk evidence and applies completions, so the board can lag or have a dropped write while the work is genuinely done. Validate from durable artifacts first, the board second.
For each manifest task_id (Step 1's canonical set), collect:
docs/specs/<run>/results/{task_id}.result.json if present. It carries commit_sha, proof_dir, proof_results, proof_summary, verifier_verdict, and model_used — the same field set a completion TaskUpdate would hold.commit_sha is reachable in git — the sha is the only commit-to-task link, since commits carry no metadata trailers:
git cat-file -e "${commit_sha}^{commit}" 2>/dev/null && \
git merge-base --is-ancestor "$commit_sha" HEAD
HEAD (reverted, or carried over from a prior run) is rejected — do not treat the task as complete on that evidence.{task_id}-* artifacts and the {task_id}-proofs.md summary in docs/specs/<run>/[NN]-proofs/. When no journal exists, reconstruct proof_results (type + pass/fail + filename) from these plus the implementation commit found in git log, and verify that sha as in step 2.TaskGet the live native id for the task_id (resolve via TaskList) to overlay status — secondary, never the gate.A manifest task_id that is board-missing or still in_progress but has a sha-verified journal (or a complete, git-reachable proof set) is completed-by-evidence: treat it as completed for coverage and read its proof metadata from the journal / proof dir. The board lagging behind durable evidence is the expected single-writer state — a half-harvested board still validates from result.json + proofs instead of failing Gate B on Unknown.
git log --stat for implementation commits across the run.git diff --name-only <base>..HEAD.The manifest records the task set as planned; the spec records the requirements. When a manifest task_id (or its metadata.requirements R-IDs) has no on-disk evidence and no board record, distinguish two causes before labelling it:
task_id has a manifest entry and the spec still expects its requirements, but no journal, no proofs, no commit. This is a coverage gap (or a wipe that predates validation); mark the requirement Missing and escalate.Cross-check the manifest's R-IDs against the loaded spec and report skew as its own finding rather than folding it into the coverage gaps.
For each functional requirement in the spec:
metadata.requirements; reconstruct a missing task's requirements from the manifest, not the board)in_progress or omits itVerified, Failed, Missing (no evidence — a coverage gap or pre-validation wipe), or UnknownFor each proof artifact in completed tasks:
metadata.proof_capture for the capture method usedAutomated proofs - Re-execute where possible:
test: Re-run test commandcli: Re-run CLI commandfile: Check file existence and contenturl: Make HTTP request (if server running)Visual proofs - Handle based on capture method:
| Capture Method | Validation Action |
|---|---|
auto | Verify screenshot file exists in proof directory |
manual | Check proof file for "User Confirmed: yes" |
skip | Accept code-level verification (mark as "Verified via code") |
Manual confirmation is valid proof when:
User Confirmed: yesVerified - Automated proof passes or manual confirmation recordedVerified (manual) - User confirmed during executionVerified (code) - Skipped visual, code evidence sufficientFailed - Proof failed or user rejectedMissing - No proof file foundAfter confirming proofs pass, analyze the implementation for issues that standard proof artifacts miss — boundary conditions, error handling gaps, and failure modes that weren't anticipated during planning.
Mindset shift: Steps 1-4 confirmed what was built. Step 5 examines what was missed. Think like an attacker reviewing the code, not a verifier confirming it works.
Analyze the code and existing tests against these categories (skip categories irrelevant to the feature type):
| Category | What to Analyze | How to Check |
|---|---|---|
| Boundary values | Empty strings, zero, negative, max-length, Unicode, special characters | Read input validation code — are edge cases handled? Check tests for boundary coverage. |
| Concurrency | Race conditions, shared mutable state, missing locks | Read code for concurrent access patterns — are critical sections protected? |
| Idempotency | Duplicate operations creating duplicate data or errors | Read create/update handlers — do they check for existing records? |
| Error propagation | Deep failures surfacing correctly to caller | Trace error paths — do they produce meaningful messages or leak internals? |
| State cleanup | Partial failures leaving orphan data | Read transaction/cleanup code — are operations atomic or do they leave partial state? |
| Input validation | Malformed input rejected at system boundaries | Read input parsing — are injection vectors (SQL, XSS, command) handled? |
For each finding:
Add adversarial findings to the report in a dedicated section (see Report Format below).
Not all categories apply to every feature. Use judgment: a CLI tool needs boundary/error analysis but not concurrency. An API endpoint needs all categories. A file parser needs boundary/error/state but not concurrency.
Check each gate in order (A through G). See validation-gates.md.
Produce the validation report and save to:
./docs/specs/[NN]-spec-[feature-name]/[NN]-validation-[feature-name].md
# Validation Report: [Feature Name]
**Validated**: [ISO timestamp]
**Spec**: [spec path]
**Overall**: PASS | FAIL
**Gates**: A[P/F] B[P/F] C[P/F] D[P/F] E[P/F] F[P/F] G[P/F]
## Executive Summary
- **Implementation Ready**: Yes/No - [one-sentence rationale]
- **Requirements Verified**: X/Y (Z%)
- **Proof Artifacts Working**: X/Y (Z%)
- **Files Changed vs Expected**: X changed, Y in scope
## Coverage Matrix: Functional Requirements
| Requirement | Task | Status | Evidence |
|-------------|------|--------|----------|
| R01.1: POST /auth/login accepts credentials | T01 | Verified | T01-01-test.txt passes |
| R01.2: Returns JWT on valid credentials | T01 | Verified | T01-02-cli.txt shows token |
## Coverage Matrix: Repository Standards
| Standard | Status | Evidence |
|----------|--------|----------|
| Coding standards | Verified | Lint passes, follows patterns |
| Testing patterns | Verified | Tests follow existing convention |
## Coverage Matrix: Proof Artifacts
| Task | Artifact | Type | Capture | Status | Current Result |
|------|----------|------|---------|--------|----------------|
| T01 | Login test suite | test | auto | Verified | 5/5 tests pass |
| T01 | Curl login endpoint | cli | auto | Verified | 200 + JWT |
| T01 | Dashboard screenshot | screenshot | manual | Verified (manual) | User confirmed |
| T01 | Error state visual | visual | skip | Verified (code) | Code evidence |
## Manifest Coverage
**Manifest**: present (partial: false) | present (partial: true) | absent (legacy — reduced coverage)
**Canonical tasks (manifest)**: N
**Completed-by-evidence (board lagged)**: [list of task_ids validated from journal/proofs despite board status]
**Manifest-vs-spec skew**: [none | list of manifest R-IDs that no longer match the current spec]
**Lost records**: [none | manifest task_ids with no evidence and no board record — coverage gap]
## Adversarial Analysis Results
| Category | Finding | File:Line | Result | Evidence |
|----------|---------|-----------|--------|----------|
| Boundary values | Empty email handling | src/auth/login.ts:42 | PASS | Validates with `z.string().email()` before DB query |
| Concurrency | Shared session state | src/auth/session.ts:15 | CONCERN | No mutex on concurrent session writes |
| Input validation | SQL injection | src/db/queries.ts:28 | PASS | Uses parameterized queries throughout |
## Validation Issues
| Severity | Issue | Impact | Recommendation |
|----------|-------|--------|----------------|
| [severity] | [description with evidence] | [what breaks] | [actionable fix] |
## Evidence Appendix
### Git Commits
[list of commits with files]
### Re-Executed Proofs
[output from re-running proof commands]
### File Scope Check
[changed files vs declared scope]
---
Validation performed by: [model]
| Score | Severity | Action |
|---|---|---|
| 0 | CRITICAL | Blocks merge immediately |
| 1 | HIGH | Blocks merge, needs fix |
| 2 | MEDIUM | Should fix before merge |
| 3 | OK | No action needed |
These automatically become CRITICAL or HIGH:
CRITICAL: When validation completes, you MUST output an executive summary so the caller can relay results to the user. Sub-agent results are not automatically visible to users.
Always end with this output format:
CW-VALIDATE COMPLETE
====================
VERDICT: PASS | FAIL
Gates: A[P/F] B[P/F] C[P/F] D[P/F] E[P/F] F[P/F] G[P/F]
Requirements: X/Y verified (Z%)
Proof Artifacts: X/Y working (Z%)
Adversarial Analysis: X/Y categories clean (Z%)
[If FAIL: List blocking issues with severity]
Report saved: [path to validation report]
After validation:
AskUserQuestion({
questions: [{
question: "Validation passed! What would you like to do next?",
header: "Next step",
options: [
{ label: "Run /cw-testing", description: "Execute E2E tests against the running application (recommended)" },
{ label: "Run /cw-review", description: "Review code for bugs, security issues, and quality problems" },
{ label: "Run /cw-review-team", description: "Team-based review with parallel concern-partitioned reviewers" },
{ label: "Done for now", description: "Exit — validation report saved" }
],
multiSelect: false
}]
})
npx claudepluginhub sighup/claude-workflow --plugin claude-workflowVerifies implementation completion by running tests, code hygiene review, spec compliance validation, and drift checks; blocks claims on failures. Use before commits or merges.
Verifies completed work with a 3-tier evidence-based process. Validates tests, linting, types, builds exist and pass, plus deep audit for milestones and PRs. Enforces no completion claims without fresh evidence.
Verifies implementation against a spec with evidence-based checks and three independent self-consistency passes. Ensures every requirement is backed by verbatim evidence before merge.