Comprehensive Ring-standards-aligned 41-dimension production readiness audit...
A multi-agent audit system evaluating 43 base dimensions + 1 conditional (multi-tenant) = up to 44 dimensions across 5 categories, aligned with Ring development standards. Detects project stack, loads relevant standards via WebFetch, runs explorers in batches of 10, appending results incrementally to a single report file.
Announce at start: "Using ring:production-readiness-audit to audit {N} dimensions in 5 batches."
| Category | Count | Dimensions |
|---|---|---|
| A: Code Structure | 11 | Pagination, Errors, Routes, Bootstrap, Runtime, Core Deps, Naming, Domain Modeling, Nil Safety, API Versioning, Resource Leaks |
| B: Security | 9 (+1c) | Auth, IDOR, SQL, Input Validation, Secret Scanning, Data Encryption, Rate Limiting, CORS, Multi-Tenant* |
| C: Operations | 7 | Telemetry, Health, Config, Connections, Logging, Resilience, Graceful Degradation |
| D: Quality | 10 | Idempotency, API Docs, Tech Debt, Testing, Dependencies, Performance, Concurrency, Migrations, Linting, Caching |
| E: Infrastructure | 6 | Containers, HTTP Hardening, CI/CD, Async, Makefile, License |
*Conditional on MULTI_TENANT detection. Max score: 430 base + 10 conditional = 440.
Glob("**/go.mod") → GO=true
Glob("**/package.json") → parse for React/Next (FRONTEND) or Express/Fastify (TS_BACKEND)
Glob("**/Dockerfile*") → DOCKER=true
Glob("**/Makefile") → MAKEFILE=true
Glob("**/LICENSE*") → LICENSE=true
Grep("MULTI_TENANT") → if found in env/config files: MULTI_TENANT=true
WebFetch based on detected stack. On failure, note and proceed with generic patterns.
Go stack: core.md, bootstrap.md, security.md, domain.md, api-patterns.md, quality.md, architecture.md, messaging.md, domain-modeling.md, idempotency.md from https://raw.githubusercontent.com/LerianStudio/ring/main/dev-team/docs/standards/golang/
If MULTI_TENANT: Also fetch multi-tenant.md from same base URL.
Always: devops.md and sre.md from https://raw.githubusercontent.com/LerianStudio/ring/main/dev-team/docs/standards/
Store fetched content for injection between ---BEGIN STANDARDS--- / ---END STANDARDS--- markers in each explorer prompt.
Write header to docs/audits/production-readiness-{YYYY-MM-DDTHH:MM:SS}.md with detected stack, standards loaded, dimension count, and dynamic max score.
Read the dimension-specific prompts from dimensions/ subdirectory before dispatching each batch.
| Batch | Read File | Agents | Category Focus |
|---|---|---|---|
| 1 | dimensions/structure.md (agents 1-5) + dimensions/security.md (agents 6-9) + dimensions/operations.md (agent 10) |
10 | Structure + Security start + Telemetry |
| 2 | dimensions/operations.md (agents 12-15) + dimensions/quality.md (agents 16-20) |
9 | Operations + Quality start |
| 3 | dimensions/quality.md (agents 21-23) + dimensions/infrastructure.md (agents 24-27) + dimensions/structure.md (agents 28-30) |
10 | Quality + Infrastructure + Structure cont. |
| 4 | dimensions/quality.md (agents 31, 40) + dimensions/infrastructure.md (agents 32, 34) + dimensions/security.md (agents 33*, 37, 41) + dimensions/structure.md (agents 35, 38, 42) + dimensions/operations.md (agents 36, 39) |
varies | Mixed (remaining dimensions) |
| 5 | dimensions/security.md (agents 43-44) |
2 | Rate Limiting + CORS |
*Agent 33 (Multi-Tenant) only if MULTI_TENANT=true.
After each batch: Append all results to report file before launching next batch.
CRITICAL: Each batch dispatches in a SINGLE turn with N parallel Task calls.
Before emitting any Task call in a batch, count the explorers you intend to launch in this turn.
All explorers in a batch leave in the SAME TURN, before reading any explorer output.
Forbidden sequences:
If you find yourself about to dispatch an explorer in a turn AFTER any explorer in the SAME batch has already returned a result → STOP. You violated parallel dispatch. Report the violation and mark the batch INCOMPLETE rather than completing the trickle. (Sequential batch ordering is intentional; trickle within a batch is not.)
After each batch's dispatch turn, verify all batched Task calls were emitted in that single turn. If fewer went out than the batch size, the batch did NOT execute correctly. Mark INCOMPLETE and surface the dispatch failure — do NOT silently continue with a partial batch.
Emit all Task calls for THIS BATCH in a SINGLE TURN, as one atomic batch. (Batches themselves remain sequential — do not dispatch batch N+1 until batch N has fully returned.)
If your runtime exposes a multi_tool_use.parallel wrapper, use it to dispatch the complete batch in one wrapped invocation. This is the canonical fan-out mechanism on OpenAI-style tool envelopes and on certain Anthropic SDK consumers — naming it explicitly activates parallel emission on runtimes where trickle-dispatch is the default behavior.
If your runtime emits parallel tool_use blocks natively (Claude Code with Claude models), multi_tool_use.parallel may not be needed — but naming it is harmless and serves as an enforcement anchor.
The STOP-CHECK, anti-trickle, and self-verify guards above remain binding regardless of which mechanism your runtime uses.
dimensions/scoring.md for scoring rulesInvoke Skill("ring:visualize") to produce an HTML dashboard at docs/audits/production-readiness-{timestamp}-dashboard.html.
Dashboard sections:
Open in browser after generation.
Summarize: stack detected, standards loaded, overall score/classification, critical/high counts, HARD GATE violations, top 3 recommendations, links to report and dashboard.
| Flag | Effect |
|---|---|
--modules=matching,ingestion |
Only audit specified modules |
--dimensions=security |
Run only security-related auditors |
--format=json |
Structured JSON output |
--no-standards |
Skip Ring standards loading (generic mode) |
| Condition | Action |
|---|---|
| Stack undetectable | STOP — ask user to specify stack |
| Standards WebFetch fails for critical modules | STOP — audit requires standards |
| Entire batch fails | STOP — report infrastructure issue |
| docs/audits/ not writable | STOP — ensure directory exists |
