Auditing a SEED

Reference implementation of a two-checklist conformance + security audit. The two checklists in this folder are the natural-language contracts; this skill orchestrates the run and emits a single JSON report.

Inputs

The two checklists, in this folder, are the source of assertions. Do not invent new ones, do not skip any.

1. audit-base.md — 60 structural SEED-conformance assertions.
2. audit-malicious.md — malicious-intent audit assertions, one per numbered subsection (e.g. 1.1, 1.2, ... 8.3).

For audit-malicious.md, scope is defined in its ## Scope section: shell scripts, *.py, markdown fenced shell blocks, build/project config. Exclude .git/, .venv/, node_modules/, and lockfiles.

Output

A single JSON file at <repo-root>/audit-report.json. Shape: