Validate Implementation Plan
Audit an implementation plan against trust boundaries and evidence paths without mutating the source plan, producing a sanitized snapshot and standalone audit report.
Overview
validate-implementation-plan is an agent skill most often used in Validate (also Build, Ship) that audits an implementation plan under trust boundaries and emits snapshot and audit artifacts without editing the source pl
Install
npx skills add https://github.com/b-mendoza/agent-skills --skill validate-implementation-planWhat is this skill?
- Orchestrator loads trust-boundary and audit-protocol contracts before intake
- Classifies context paths as baseline, technical evidence, mixed, or unreadable
- Dispatches isolated subagents and asks only decision-relevant questions
- Never overwrites the source plan; writes sanitized snapshot and audit report only
- Explicit BLOCKED path when plan read, origin, or artifact overwrite is not approved
Adoption & trust: 1.5k installs on skills.sh; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You have an agent-written implementation plan but no trustworthy audit trail, classified evidence, or safe artifacts before you let the agent execute.
Who is it for?
Solo builders using multi-step agent workflows who need plan audits with explicit trust boundaries and subagent isolation.
Skip if: Casual one-shot coding without a written plan, or teams that want the skill to silently rewrite the original plan file.
When should I use this skill?
You have PLAN_PATH (and ORIGIN_CONTEXT) and need an isolated audit that writes only snapshot and audit report artifacts.
What do I get? / Deliverables
You receive a sanitized plan snapshot and standalone audit report, with BLOCKED states when trust, origin, or overwrite rules are not satisfied—then proceed to execution only after approval.
- Sanitized plan snapshot artifact
- Standalone audit report with BLOCKED or approved status
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Plan validation is the canonical shelf in Validate when scope and feasibility are still being proven before full Build execution. Scope subphase covers structured review of what will be built; this skill treats the plan as the artifact under audit.
Where it fits
You finished a draft implementation plan and need classified evidence and an audit report before committing sprint scope.
Mid-build you refresh the plan against SOURCE_CONTEXT_PATHS and want a sanitized snapshot for the agent backlog.
Before a large merge you re-run the audit when ORIGIN_CONTEXT or artifact overwrite requires explicit approval.
How it compares
Use as a trust-bound plan auditor with separate artifacts instead of asking the same agent to both plan and self-approve in one chat.
Common Questions / FAQ
Who is validate-implementation-plan for?
Indie builders and agent-heavy workflows that produce PLAN_PATH artifacts and need audited evidence before implementation starts.
When should I use validate-implementation-plan?
In Validate when scoping a build; in Build when reconciling PM plans with repo evidence; in Ship when re-auditing a plan before a risky release—always with explicit ORIGIN_CONTEXT and approved artifact paths.
Is validate-implementation-plan safe to install?
Review the Security Audits panel on this page; the skill reads classified context paths and writes snapshot/report files only after overwrite approval.
SKILL.md
READMESKILL.md - Validate Implementation Plan
# validate-implementation-plan Audit an implementation plan without overwriting the source plan. The orchestrator loads trust and status contracts, classifies approved context paths, dispatches isolated subagents, asks only decision-relevant questions, and writes only the sanitized snapshot and standalone audit report artifacts. ```mermaid flowchart TD START([Start]) --> LOAD["Load trust-boundary and audit-protocol"] subgraph INTAKE["Trust, Paths, And Baseline"] LOAD --> INPUTS["Receive PLAN_PATH, ORIGIN_CONTEXT, optional OUTPUT_PATH, optional SOURCE_CONTEXT_PATHS"] INPUTS --> PLAN_OK{"PLAN_PATH exists and raw read limited to plan-snapshotter?"} PLAN_OK -->|no| BLOCKED([AUDIT: BLOCKED]) PLAN_OK -->|yes| DERIVE["Derive SNAPSHOT_PATH and OUTPUT_PATH when omitted"] DERIVE --> ARTIFACTS{"Snapshot/report paths clear or overwrite approved?"} ARTIFACTS -->|no| ASK_ARTIFACT["Ask for overwrite approval or alternate artifact path"] ASK_ARTIFACT --> ARTIFACT_ANSWER{"Approved?"} ARTIFACT_ANSWER -->|no| BLOCKED ARTIFACT_ANSWER -->|yes| ORIGIN ARTIFACTS -->|yes| ORIGIN{"ORIGIN_CONTEXT explicit?"} ORIGIN -->|no| ASK_ORIGIN["Ask one concise baseline question"] ASK_ORIGIN --> ORIGIN_ANSWER{"Answer approved as summarized evidence?"} ORIGIN_ANSWER -->|no| BLOCKED ORIGIN_ANSWER -->|yes| CLASSIFY_PATHS ORIGIN -->|yes| CLASSIFY_PATHS["Classify context paths as baseline, technical evidence, mixed, or unreadable"] CLASSIFY_PATHS --> EXT{"Project-specific external proof required?"} EXT -->|yes| BLOCKED EXT -->|no| SNAPSHOT end subgraph BASELINE["Sanitized Snapshot And Requirements"] SNAPSHOT["Dispatch plan-snapshotter with PLAN_PATH, SNAPSHOT_PATH, artifact action"] --> SNAP_STATUS{"SNAPSHOT: PASS?"} SNAP_STATUS -->|yes| EXTRACT["Dispatch requirements-extractor with snapshot and approved baseline context"] SNAP_STATUS -->|no| SNAP_RETRY["Retry snapshot branch up to 3 cycles"] SNAP_RETRY --> SNAP_RECOVER{"Recovered?"} SNAP_RECOVER -->|yes| SNAPSHOT SNAP_RECOVER -->|no input or artifact blocker| BLOCKED SNAP_RECOVER -->|no internal failure| ERROR([AUDIT: ERROR]) EXTRACT --> REQ_STATUS{"REQUIREMENTS: PASS?"} REQ_STATUS -->|yes| HAS_EVIDENCE{"Any local technical evidence or mixed paths?"} REQ_STATUS -->|no| REQ_RETRY["Retry requirements branch up to 3 cycles"] REQ_RETRY --> REQ_RECOVER{"Recovered?"} REQ_RECOVER -->|yes| EXTRACT REQ_RECOVER -->|no credible baseline| BLOCKED REQ_RECOVER -->|no internal failure| ERROR end subgraph EVIDENCE["Optional Local Technical Evidence"] HAS_EVIDENCE -->|yes| TECH["Dispatch technical-researcher with approved evidence paths only"] HAS_EVIDENCE -->|no| SKIP_TECH["Use empty evidence findings"] TECH --> TECH_STATUS{"EVIDENCE: PASS?"} TECH_STATUS -->|yes| AUDITORS TECH_STATUS -->|no| TECH_RETRY["Retry evidence branch up to 3 cycles"] TECH_RETRY --> TECH_RECOVER{"Recovered?"} TECH_RECOVER -->|yes| TECH TECH_RECOVER -->|no| RECORD_GAP["Record technical evidence gap"] SKIP_TECH --> AUDITORS RECORD_GAP --> AUDITORS end subgraph AUDIT["Core Independent Auditors"] AUDITORS["Dispatch auditors with sanitized inputs only"] --> TRACE["requirements-auditor"] AUDITORS --> YAGNI["yagni-auditor"] AUDITORS --> ASSUME["assumptions-auditor discovery"] TRACE --> AUDIT_STATUS{"TRACEABILITY, YAGNI, and ASSUMPTIONS all PASS with valid payloads?"} YAGNI --> AUDIT_STATUS ASSUME --> AUDIT_STATUS AUDIT_STATUS -->|yes| UNRESOLVED{"Decision-relevant assumptions unresolved?"} AUDIT_STATUS -->|no| AUDIT_RETRY["Retry named failed auditor branch up to 3 cycles"] AUDIT_RETRY --> AUDIT_RECOVER{"Recovered?"} AUDIT_RECOVER -->|yes| AUDIT_STATUS AUDIT_RECOVER -->|no blocker| BLOCKED AUDIT_RECOVER -->|no internal failure| ERROR end subgraph RESOLUTION["Assumption Resolution"] UNRESOLVED -->|yes| ASK_ASSUMPTIONS["Ask p