feat(uipath-audit): add audit skill

[yadvender-uipath]

Summary

Adds a self-contained agent skill that teaches Claude Code / Codex CLI / Gemini CLI / Cursor / Copilot how to drive uip admin audit org|tenant {sources|events|export} from natural-language audit and investigation prompts ("who deleted X", "show me failed logins", "give me an audit dump for January").

Mirrors the structure of the existing uipath-gov-aops-policy skill — single SKILL.md entry point, two reference docs for the command surface and the investigation playbook, eight test tasks (5 smoke + 3 e2e) covering single-action verification and full multi-step investigations.

Companion to the CLI side at https://github.com/UiPath/cli/pull/1372 (the new uip admin audit ... commands themselves). Skill PR is sequenced after the CLI PR ships and the published @uipath/cli includes the audit commands.

What's added

skills/uipath-audit/
├── SKILL.md                              # 223-char frontmatter description + `> **Preview**` body callout +
│                                         # 9 critical rules + Quick Start + scope disambiguation rule +
│                                         # anti-patterns + completion-output guidance
└── references/
    ├── audit-commands.md                 # CLI surface: every flag, every Code, every Data shape per verb
    └── audit-workflow-guide.md           # 4 canonical investigations: who-did-X / login history /
                                          # date-range dump / overview

tests/tasks/uipath-audit/                 # 5 smoke + 3 e2e
├── audit_sources_smoke.yaml              # both scopes invoke `sources --output json`; no legacy aliases
├── audit_events_basic_smoke.yaml         # `events` with `--limit ≤ 200` (single-call form, no pagination)
├── audit_events_pagination_smoke.yaml    # `--limit 500` triggers internal pagination, no manual cursor loop
├── audit_export_basic_smoke.yaml         # minimal `export` with three required flags
├── audit_status_filter_smoke.yaml        # server-side `--status Failure` (not jq post-filtering)
├── audit_export_e2e.yaml                 # full sources → events → export chain
├── audit_who_did_x_e2e.yaml              # Investigation 1: sources discovery → events filtered by source/target/type
└── audit_login_history_e2e.yaml          # Investigation 2: sources discovery → events with --user-id + --type + --status Failure

CODEOWNERS                                # +5 lines for /skills/uipath-audit/ and /tests/tasks/uipath-audit/

Skill behavior highlights

• Preview status — > **Preview** callout under the H1 (matches the convention used by uipath-coded-apps, uipath-data-fabric, uipath-governance, uipath-human-in-the-loop, uipath-interact, uipath-maestro-case, uipath-rpa-legacy). The frontmatter description starts with UiPath (no [PREVIEW] prefix) per .claude/rules/skill-structure.md.
• Disambiguation rule — when a prompt is vague about scope ("export the audit log") and no prior turn has established it, the skill asks one question (org vs tenant + which tenant) before running anything. Skips the question only when scope is explicit, established earlier in the conversation, or trivially implied by login context.
• Cursor pagination semantics — calls out the counter-intuitive naming (next = newer, previous = older) and explicitly tells agents to bump --limit rather than chase cursor flags manually (the CLI tool paginates internally for --limit > 200).
• Export details — chunked download (one HTTP call per UTC day), in-memory aggregate, atomic-on-failure, flat ZIP layout matching audit-dowload-from-longterm-store.sh. Skill warns that per-day files inside the ZIP are JSON-as-.txt with PascalCase keys (different from the camelCase live events shape).
• Anti-patterns — explicit list of common mistakes: silent scope defaults, inventing GUIDs, time-bound-less queries, retrying on 401, etc.

Reference doc fidelity

Both reference docs were tightened against the actual CLI implementation:

• audit-commands.md
  • --to-date documented as "Inclusive of the exact instant" with guidance to pass the start of the next day (or T23:59:59.999Z) to capture a full final day — matches dayChunks clamping behavior.
  • --status documents both label and numeric forms (<Success|Failure|0|1>).
  • --limit documents the omitted-value behavior (server default page).
  • AuditEventDto example includes all 16 real fields including organizationName, tenantName, and the nested clientInfo: { ipAddress, ipCountry } block that Investigation 2 (login history) relies on.
• audit-workflow-guide.md
  • Export ZIP layout described as "typical" with explicit edge-case callouts for nested ZIPs (<inner>_<outer>.txt rename) and same-name collisions (_<YYYY-MM-DD> suffix).
  • Investigation 2 jq selector now annotated that Identity / Authentication / User Login are illustrative names — agents should confirm against actual sources.json and fall back to listing candidates with jq -r '.Data[].name'.

Sample agent prompts the skill should handle

• "Show me failed logins for jane.doe@example.com last week" → tenant scope + events --user-id … --type … --status Failure --from-date … --to-date …
• "Who deleted the Sales-Reports folder last Tuesday?" → tenant sources discovery → events --source … --target …
• "Export everything for compliance for January" → asks scope clarification, then export --from-date 2026-01-01 --to-date 2026-02-01 --output-file …
• "What happened at the org level this week?" → org events --from-date … --to-date … --limit 100

Multi-tool support — automatic

The skill body is plain markdown, no agent-specific tool names. Each agent picks it up via repo-level wiring that already exists, no per-skill changes needed:

Agent	Discovery path
Claude Code	.claude-plugin/plugin.json declares "skills": "./skills/"
Codex CLI	.agents/skills/ symlink to ../skills/
Gemini CLI	.agents/skills/ discovery + .gemini/settings.json context loading
Cursor IDE	.cursor/rules/*.mdc repo-level rules cover skill discovery
GitHub Copilot coding agent	AGENTS.md symlink to CLAUDE.md

Drive-by improvement

hooks/ensure-uip.sh now respects SKIP_UIP_AUTO_INSTALL=1. Contributors developing CLI features against a bun link'd workspace binary kept losing their link every Claude session because the SessionStart hook would re-install the published @uipath/cli on top of it. With the env var set, the hook exits cleanly without touching the global binary. Other plugin hooks (suggest-permissions.sh) and the npm-install path for normal users are unaffected. Three lines, gated behind an explicit opt-in, no behavior change for anyone not setting the var.

If reviewers prefer this as a separate PR, happy to extract — flagging it explicitly so it's not buried.

Test plan

• Pre-commit description validator (bash hooks/validate-skill-descriptions.sh) → exit 0
• All YAML test tasks parse via python -c "import yaml; yaml.safe_load(...)"
• Reference links from SKILL.md resolve to existing files in references/
• CODEOWNERS additions match existing pattern (skill-folder + tests-tasks-folder pair, similar to Data Fabric / HITL blocks above)
• coder-eval make smoke -- --filter uipath-audit covering all 5 smoke tasks (will run in CI)
• coder-eval make e2e -- --filter uipath-audit covering all 3 e2e tasks (daily CI)
• Manual Claude Code test: load skill + ask "show me audit events for the last 7 days" → skill activates, asks for scope clarification before running
• Manual Claude Code test: ask "export the audit log for January" → asks scope, then runs audit <scope> export --from-date 2026-01-01 --to-date 2026-02-01 --output-file …

Sequencing note

Skill assumes the CLI commands exist (uip admin audit ...). It will fail at runtime against a published @uipath/cli that predates UiPath/cli#1372. Suggest holding this PR's plugin-version bump until that CLI PR is merged and a published version is out — though the skill itself can land sooner since it's a no-op for users without the audit commands.

🤖 Generated with Claude Code

[github-actions]

Claude finished @yadvender-uipath's task in 3m 29s —— View job

---

PR Review: feat(uipath-audit): add audit skill

• Read review criteria and project conventions
• Read full diff and all changed files
• Apply skill structure and frontmatter checks
• Verify test tasks (tags, task_id, success_criteria)
• Check CODEOWNERS, relative links, cross-skill refs, secrets
• Score skill dimensions and produce review

---

Summary

Adds a new uipath-audit skill that teaches agents to drive uip admin audit org|tenant {sources|events|export} from natural-language audit and investigation prompts. Clean structure: SKILL.md entry point, two reference docs, three test tasks. Also includes a minor drive-by change to hooks/ensure-uip.sh (opt-out env var for contributors with bun link'd workspaces).

Change-by-Change Review

1. skills/uipath-audit/SKILL.md — frontmatter description

Severity: High

The description starts with [PREVIEW] (line 3):

description: "[PREVIEW] UiPath audit events — list sources, ..."

This violates .claude/rules/skill-structure.md:

description MUST start with the brand or domain identity (e.g., UiPath, UiPath RPA). Do NOT prefix with metadata tags like [PREVIEW], [BETA], etc. — those displace high-value matching tokens and semantically de-prioritize the skill.

Preview / beta status MUST be indicated in the SKILL.md body (e.g., a > **Preview** callout under the H1), NOT in the frontmatter description.

The body (line 7) has no preview callout either.

Fix: Remove [PREVIEW] from the frontmatter description so it starts with UiPath audit events. Add a > **Preview** callout after the # UiPath Audit heading in the body.

Fix this →

2. skills/uipath-audit/SKILL.md — body structure and content

Severity: OK

Well-structured skill. Section order is logical: Title → When to Use → Scope Disambiguation → Critical Rules → Quick Start → Anti-patterns → Task Navigation → Key Concepts → Completion Output → References. The disambiguation rule placement before Critical Rules is good since Rule #2 references it. Nine Critical Rules are numbered and prescriptive. Anti-patterns section covers real agent mistakes. Completion output guidance is clear.

3. skills/uipath-audit/SKILL.md — "Key Concepts" duplication with audit-commands.md

Severity: Medium

The "Key Concepts" section (lines 179–214) restates material from references/audit-commands.md:

• Cursor pagination (SKILL.md lines 188–195) duplicates audit-commands.md lines 119–120
• Data shape table (SKILL.md lines 197–205) duplicates the per-command output sections in audit-commands.md
• Status codes (SKILL.md lines 207–214) duplicates audit-commands.md lines 86

Per the reference pointer discipline rule, when the SKILL.md references audit-commands.md (which it does on lines 229–230), inline sections should contain bridge content only, not restate what the linked file already covers. This duplication drifts over time.

Fix: Consider trimming "Key Concepts" to the one item that's genuinely unique context (scope → basePath mapping, lines 181–186) and replacing the rest with a brief bridge: "For cursor pagination semantics, response shapes, and status codes, see audit-commands.md."

4. skills/uipath-audit/references/audit-commands.md

Severity: OK

Comprehensive command reference. Every flag documented with required/optional. Output shapes include full JSON examples. Error envelope section is thorough with root-cause → fix table. The cross-cutting flags section is a good addition. One minor note: the export example on line 131–133 includes --output json while SKILL.md Quick Start Step 4 omits it (consistent with Critical Rule #7 that export doesn't need it). The reference doc including it isn't wrong — but could briefly note it's optional for export.

5. skills/uipath-audit/references/audit-workflow-guide.md

Severity: OK

Four well-scoped investigations with worked examples. The "Picking the right investigation" table at the end (lines 218–227) is excellent for LLM routing. Common gotchas section adds value. The jq examples are copy-paste ready. No issues found.

6. tests/tasks/uipath-audit/audit_sources_smoke.yaml

Severity: OK

• task_id: skill-audit-sources-smoke — matches skill-<domain>-<capability> pattern
• tags: [uipath-audit, smoke, sources] — skill name first, valid test type
• 5 success criteria covering command execution, file existence, file content, and JSON shape
• Properly notes auth errors are expected in sandbox

7. tests/tasks/uipath-audit/audit_events_pagination_smoke.yaml

Severity: OK

• task_id: skill-audit-events-pagination-smoke — follows pattern
• tags: [uipath-audit, smoke, events, pagination] — correct
• Smart negative check: excludes --before, --after, --before-id, --after-id to verify agent doesn't manually chase cursors
• json_check validates limit >= 201

8. tests/tasks/uipath-audit/audit_export_e2e.yaml

Severity: OK

• task_id: skill-audit-export-e2e — follows pattern
• tags: [uipath-audit, e2e, export] — correct
• Has explicit agent block with allowed_tools including Skill
• Validates full sources → events → export chain (7 success criteria)
• Checks exact output path (audit-last-7d.zip)

9. CODEOWNERS

Severity: OK

Lines 84–86 add entries for both /skills/uipath-audit/ and /tests/tasks/uipath-audit/ with three owners. Follows existing pattern (matches Data Fabric / HITL blocks).

10. hooks/ensure-uip.sh — drive-by change

Severity: Low

Lines 9–16 add an opt-out env var SKIP_UIP_AUTO_INSTALL that exits early when set. The change is:

• Minimal (7 lines including comment)
• Gated behind explicit opt-in (env var must be set)
• Cross-platform (pure bash, no platform-specific commands)
• Safe to run multiple times
• No behavior change for anyone not setting the var

The PR description documents this transparently and offers to extract. Per repo hygiene rules, drive-by changes are a scoping concern, but this is trivially safe and doesn't touch any skill files. Acceptable as-is; extracting to a separate PR is a judgment call for maintainers.

What's Missing

• > **Preview** callout in SKILL.md body — required when preview status is indicated (currently only in the frontmatter [PREVIEW] prefix, which should be removed).
• Nothing else identified. Test coverage, CODEOWNERS, reference links, and skill isolation are all in order.

Area Ratings

Area	Status	Notes
Frontmatter	Issue	[PREVIEW] prefix violates naming rules — High
E2E Tests	OK	2 smoke + 1 e2e, proper tags, strong success criteria
Skill Body	OK	Well-structured, prescriptive, good anti-patterns
References & Assets	OK	Thorough command ref + 4-investigation workflow guide. Minor duplication with Key Concepts in SKILL.md
Repo Hygiene	OK	CODEOWNERS updated, no secrets, no cross-skill refs, hook change is minimal

Issues for Manual Review

• CLI command accuracy: The reviewer cannot verify whether uip admin audit org|tenant {sources|events|export} flags, output shapes, and error codes match the actual CLI implementation in UiPath/cli#1372. Domain owners should confirm the command surface is accurate.
• Trigger scope overlap: Verify the description doesn't false-trigger on general "who did X" questions that aren't UiPath-related. The →uipath-gov-aops-policy redirect handles the governance sibling, but broad investigation-intent phrases ("who deleted X") could potentially match non-UiPath contexts.
• Sequencing: As noted in the PR, the skill assumes uip admin audit commands exist in the published @uipath/cli. Runtime will fail until UiPath/cli#1372 ships.

Conclusion

Strong first skill. Clean structure, thorough references, and good test coverage. One High issue blocks merge: the [PREVIEW] prefix in the frontmatter description must be removed per repo rules (preview status goes in the body). One Medium duplication finding is worth addressing to keep the SKILL.md lean. Everything else looks good — approve after fixing the frontmatter.

[github-actions]

Claude finished @yadvender-uipath's task in 3m 16s —— View job

---

Coder-eval task lint (advisory)

3 task YAMLs changed; verdicts: 0 Critical, 3 High, 0 Medium, 0 Low, 0 OK.

Rubric: .claude/commands/lint-task.md. This check is advisory and never blocks merge.

Evidence of passing run

❌ High — PR body does not claim the changed tasks have been run and passed. The test plan shows unchecked boxes for coder-eval make smoke and make e2e with notes "will run in CI" / "daily CI", but no assertion that any task has passed. Please edit the PR description to add a line like: Ran skill-audit-sources-smoke, skill-audit-events-pagination-smoke, skill-audit-export-e2e locally and they passed.

Themes

• Theme 1 (Critical): Self-report anti-pattern across all 3 tasks. Every task instructs the agent to write report.json with self-described commands (e.g. "org_sources_command": "<exact command you ran>"), then 3+ success_criteria per task (file_exists, file_contains, json_check) grade that self-written file. The command_executed criteria independently verify real CLI invocations — those are strong. But the report.json criteria are redundant at best and hallucination-prone at worst: the agent grades its own homework. Suggested fix: Remove "Save a summary to report.json" from each initial_prompt. Drop all report.json-based criteria (file_exists, file_contains, json_check on report.json). The command_executed criteria already validate correct invocations. For the excludes currently in file_contains (no legacy uip admin aops-policy, no uip audit), add negative command_executed checks instead — e.g. command_pattern: 'uip\s+admin\s+aops-policy' with min_count: 0 / max_count: 0, or fold the namespace check into the existing positive patterns (which already anchor on uip admin audit).

Per-task lint

tests/tasks/uipath-audit/audit_sources_smoke.yaml — verdict: High (Theme 1 + unique issue below)

Issues:

• [Medium] Prompt over-specification: line 37 prescribes --output json on every uip admin audit command — the skill should teach this flag convention, not the prompt. Suggested fix: Remove line 37. The goal ("fetch the source catalog") is sufficient; let the skill teach --output json.

tests/tasks/uipath-audit/audit_events_pagination_smoke.yaml — verdict: High (Theme 1 + unique issue below)

Issues:

• [High] Prompt over-specification: lines 36–37 hand the agent the exact pagination answer — "The skill teaches that the CLI handles >200 internally — pass --limit 500, do NOT loop manually on --from-date/--to-date or chase cursors." Any agent can follow this recipe without loading the skill. The entire point of this test is to check whether the skill teaches pagination semantics; the prompt bypasses that. Suggested fix: Replace lines 36–37 with a goal statement: "Retrieve all 500 events in a single pass." The skill's Critical Rule on pagination should guide the agent to use --limit 500 without manual cursor loops. If the agent fails without the hint, that's a real skill gap worth knowing about.

tests/tasks/uipath-audit/audit_export_e2e.yaml — verdict: High (Theme 1 + unique issue below)

Issues:

• [Low] Prompt over-specification: line 57 prescribes --output json on sources and events — minor, but the skill should teach this. Suggested fix: Remove the --output json hint from line 57; the skill's Critical Rule feature: Improve coded agent development from claude code experience #4 already covers this.

Within-PR duplicates

No duplicate clusters detected. The 3 tasks exercise materially distinct operations: sources discovery (both scopes), events query with pagination, and full sources → events → export chain. Scaffold overlap (report.json pattern) is structural, not operational.

Conclusion

⚠ 3 task(s) have issues, max severity High. Advisory only — not blocking merge. The dominant finding is a systemic self-report anti-pattern (Theme 1) — all 3 tasks ask the agent to write report.json and then grade it. The existing command_executed criteria are solid and independently verify correctness; dropping the report.json layer would make these tests more robust with less YAML. Task 2 also hands the agent the pagination answer in the prompt, undermining the skill-teaching purpose of the test.

---

[github-actions]

Claude finished @yadvender-uipath's task in 2m 26s —— View job

---

Coder-eval task lint (advisory)

3 task YAMLs changed; verdicts: 0 Critical, 3 High, 0 Medium, 0 Low, 0 OK.

Rubric: .claude/commands/lint-task.md. This check is advisory and never blocks merge.

Evidence of passing run

❌ High — PR body does not claim the changed tasks have been run and passed. The test plan shows unchecked boxes for coder-eval make smoke and make e2e with notes "will run in CI" / "daily CI", but no assertion that any task has passed. Please edit the PR description to add a line like: Ran skill-audit-sources-smoke, skill-audit-events-pagination-smoke, skill-audit-export-e2e locally and they passed.

Themes

• Theme 1 (Critical): Self-report anti-pattern across all 3 tasks. Every task instructs the agent to write report.json with self-described commands (e.g. "org_sources_command": "<exact command you ran>"), then 3+ success_criteria per task (file_exists, file_contains, json_check) grade that self-written file. The command_executed criteria independently verify real CLI invocations — those are strong. But the report.json criteria are redundant at best and hallucination-prone at worst: the agent grades its own homework. Suggested fix: Remove "Save a summary to report.json" from each initial_prompt. Drop all report.json-based criteria (file_exists, file_contains, json_check on report.json). The command_executed criteria already validate correct invocations. For the excludes currently in file_contains (no legacy uip admin aops-policy, no uip audit), add negative command_executed checks instead — e.g. command_pattern: 'uip\s+admin\s+aops-policy' with min_count: 0 / max_count: 0, or fold the namespace check into the existing positive patterns (which already anchor on uip admin audit).

Per-task lint

tests/tasks/uipath-audit/audit_sources_smoke.yaml — verdict: High (Theme 1 + unique issue below)

Issues:

• [Low] Prompt over-specification: line 37 prescribes --output json on every uip admin audit command — the skill should teach this flag convention, not the prompt. Suggested fix: Remove line 37. The goal ("fetch the source catalog") is sufficient; let the skill teach --output json.

tests/tasks/uipath-audit/audit_events_pagination_smoke.yaml — verdict: High (Theme 1 + unique issue below)

Issues:

• [High] Prompt over-specification: lines 36–37 hand the agent the exact pagination answer — "The skill teaches that the CLI handles >200 internally — pass --limit 500, do NOT loop manually on --from-date/--to-date or chase cursors." Any agent can follow this recipe without loading the skill. The entire point of this test is to check whether the skill teaches pagination semantics; the prompt bypasses that. Suggested fix: Replace lines 36–37 with a goal statement: "Retrieve all 500 events in a single pass." The skill's Critical Rule on pagination should guide the agent to use --limit 500 without manual cursor loops. If the agent fails without the hint, that's a real skill gap worth knowing about.

tests/tasks/uipath-audit/audit_export_e2e.yaml — verdict: High (Theme 1 + unique issue below)

Issues:

• [Low] Prompt over-specification: lines 56–57 prescribe --output json on sources and events and explain that export doesn't need it — the skill should teach this convention, not the prompt. Suggested fix: Remove the --output json hint from lines 56–57; the skill's Critical Rule feature: Improve coded agent development from claude code experience #4 already covers this.

Within-PR duplicates

No duplicate clusters detected. The 3 tasks exercise materially distinct operations: sources discovery (both scopes), events query with pagination, and full sources → events → export chain. Scaffold overlap (report.json pattern) is structural, not operational.

Conclusion

⚠ 3 task(s) have issues, max severity High. Advisory only — not blocking merge. The dominant finding is a systemic self-report anti-pattern (Theme 1) — all 3 tasks ask the agent to write report.json and then grade it. The existing command_executed criteria are solid and independently verify correctness; dropping the report.json layer would make these tests more robust with less YAML. Task 2 also hands the agent the pagination answer in the prompt, undermining the skill-teaching purpose of the test.

---

[rockymadden]

How does pagination work?

[rockymadden]

Might want AskUserQuestion

[rockymadden]

Might want to add Always invoke...

[uipreliga]

can you fix the test issues?

[uipreliga]

also add the mode:build (check the tags in tests/README.md)

[uipreliga]

let's not do self reporting - that's an anti-pattern. tell it to save info to the file and use python or llm-as-ajudge to check if it is correct.

[uipreliga]

as above - no self-reporting.