The Audit
A skill is full of claims. "This prop does that." "This line forwards that value." Each claim points to a source with a file:line citation. The audit asks one question of every claim: is it true?
This page is written to be forwarded. If you weren't in the room, you can read it on its own and walk away knowing why a skill must be audited, not just trusted.
Two layers
Checking a citation happens in two layers. They sound similar. They are not.
Layer 1: does the citation resolve? Every file:line points to a real file, and the line number is in range. A script can do this: verify-citations.sh walks every citation in the skill and opens each one. In our run, Layer 1 was already green. Layer 1 proves nothing was made up as a path. It cannot tell you whether the line says what the prose claims.
Layer 2: does the cited line actually contain the claimed behavior? This is not automatable. A human opens the source file, reads the line, and checks it against the claim. A citation can resolve perfectly and still be false.
The most dangerous defect in an extracted skill isn't a broken link: it's a confident, false claim that resolves perfectly.
One claim that lied
Here is a real one. The skill described the datetime prop on a relative-time component. The citation resolved: Layer 1 was green. The claim was false.
- `datetime?: string`: the time value as an ISO 8601 string. (forwarded to the element's `datetime` property: `relative-time-element.d.ts:55-56`)
+ `datetime?: string`: the time value as an ISO 8601 string. The wrapper parses it (`new Date(datetime)`) and forwards the result as the element's **`date`** property. It does not set the element's own `datetime`. (conversion `RelativeTime.js:40-50`; forwarded as `date` at `:64-69`)Reading RelativeTime.js told the real story. The wrapper takes the datetime string, parses it with new Date(datetime), assigns the result to a variable called date, and forwards date to the element. The element's own datetime property is never set.
The original claim was plausible. It was authoritative-sounding. It cited a real file at a real line. And it was wrong. Only opening the source and tracing the code caught it.
The compound lesson
This is the part that matters most.
The first audit pass looked at this file and declared it clean. That verdict was itself wrong. The false datetime claim was sitting right there, perfectly cited, and the first pass signed off on it.
What caught it was a second pass that refused to trust the first. It re-read the file as if no one had checked it, looking for what a confident reviewer would miss. That second pass (reading the file as if no one had checked it) is what found the lie.
A confident all-clean is itself a plausible, authoritative, false claim. Verification that is not re-verified is not verification.
Why this matters for generation
A skill steers the model. When the model builds your UI, it reads the skill's claims and acts on them. A false API claim steers it wrong: it will set the prop the skill named, trusting the citation, and produce code that does not work the way the skill promised.
The audit is how you earn the right to trust that steering. A claim you have read at the source is a claim the model can act on safely. A claim you have only seen resolve is a claim you are guessing about.
Part of the loop
Finding this defect and fixing it is one turn of the cultivation loop: spot it, correct it, and the skill is better than it was. The next run is steered by a truer claim. Every audit-and-fix is the skill growing.
See Three Frames for where this loop sits in the bigger picture.
Next: Evidence