Stats
Actions
Tags
From sentinel-stack
Governance decision validation skill. Reviews decisions for logical consistency, evidence quality, bias indicators, and completeness. Checks that decisions reference appropriate policies and have proper authorization. Outputs audit findings with severity ratings. Use for quality assurance of governance decisions or investigating concerns.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sentinel-stack:decision-auditThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
This skill audits governance decisions (guardrail outcomes, approvals, risk assessments) for completeness, consistency, and quality. It validates that decisions are well-reasoned, properly documented, and align with policies and authorizations.
This skill audits governance decisions (guardrail outcomes, approvals, risk assessments) for completeness, consistency, and quality. It validates that decisions are well-reasoned, properly documented, and align with policies and authorizations.
Does the decision make sense?
Checks:
Example audit:
DECISION: Hard-block for "Client A revenue in Q3 was $5M"
REASONING: "Policy 1 blocks client names"
CONSISTENCY CHECK:
- Policy 1 prohibits client identifiers
- Client name "Client A" is redacted (not "Acme Corp")
- Financial figure without entity name may be allowed
- Previous decision on similar data: FLAGGED (not blocked)
FINDING: Inconsistent application
Severity: Medium
Recommendation: Clarify whether anonymized client identifiers + figures are blocked
Is the decision supported by evidence?
Checks:
Example audit:
DECISION: Vendor approved as "low risk"
EVIDENCE REVIEWED:
- ✓ Security certifications (SOC 2 Type II)
- ✗ Data handling practices (not reviewed)
- ✗ Incident history (not checked)
- ✗ Customer references (not obtained)
FINDING: Insufficient evidence
Severity: High
Recommendation: Complete vendor assessment before final approval
Are there indicators of bias in the decision?
Checks:
Example audit:
DECISION SAMPLE: 10 hard-blocks in guardrail over 1 month
ANALYSIS:
- User demographics: 8 from Finance, 2 from Product
- Data types: 10/10 involved client financial data
- Outcome: All blocked, 0 proceeded
FAIRNESS CHECK:
- Finance team legitimate need for analysis?
→ Mitigation exists (anonymization)
- All blocks justified by policy?
→ Yes, clear violations
FINDING: No bias detected
Severity: None
Conclusion: Decisions consistently applied
Does the decision-maker have the authority to decide?
Checks:
Example audit:
DECISION: Contractor denied access to HR system
AUTHORITY CHECK:
- Decision made by: Finance Manager
- Policy requires: HR Lead approval
- Escalation documented: No
FINDING: Lack of authority
Severity: High
Recommendation: HR Lead must review and approve
Is all necessary information documented?
Checks:
Example audit:
DECISION: Risk escalated from "Yellow" to "Red"
DOCUMENTATION:
- ✓ Decision date: 2026-04-13
- ✓ Decision maker: Risk Officer
- ✗ Reason for escalation: Not documented
- ✗ New evidence: Not recorded
- ✗ Who approved escalation: Not clear
FINDING: Incomplete documentation
Severity: Medium
Recommendation: Document reason for escalation and approval
Does the decision follow applicable policies?
Checks:
Example audit:
DECISION: 4-eyes gate waived for contract review
POLICY CHECK:
- Policy: 4-eyes required for legal contracts
- Decision: Waived due to "time pressure"
- Authorization: Self-approved (not escalated)
FINDING: Policy violation
Severity: Critical
Recommendation: Reinstate 4-eyes gate; document waiver request
What decisions are being audited?
Audit scope: Guardrail hard-blocks in March 2026
Sample size: All hard-blocks (n=15)
Time period: March 1-31, 2026
Auditor: Compliance Officer
Collect decision records:
For each decision, gather:
- Decision summary (1-2 sentences)
- Date and decision-maker
- Reasoning/evidence
- Policy cited
- Approvals/escalations
- Outcome
Apply audit questions to each decision:
| Criterion | Finding | Evidence | Severity |
|---|---|---|---|
| Logical consistency | PASS | [note] | - |
| Evidence quality | FLAG | [missing info] | Medium |
| Bias | PASS | [analysis] | - |
| Authorization | PASS | [policy] | - |
| Completeness | FAIL | [what's missing] | High |
| Policy compliance | PASS | [reference] | - |
Summarize patterns:
AUDIT SUMMARY: March 2026 Guardrail Blocks
Sample size: 15 decisions
Pass rate: 80% (12/15 decisions fully compliant)
Finding breakdown:
- Logical consistency: 100% pass
- Evidence quality: 80% pass (3 missing context)
- Bias: 100% pass
- Authorization: 100% pass
- Completeness: 67% pass (5 missing docs)
- Policy compliance: 100% pass
Key findings:
1. Documentation gaps in 5 decisions (no notes on context)
2. Inconsistent evidence collection (some reviewed policy, others didn't)
3. One decision lacked authorization (user self-approved)
Recommendations:
1. Implement decision documentation template
2. Require evidence review checklist
3. Ensure 4-eyes gate for policy exceptions
For any governance decision, verify:
Logical Consistency
Evidence
Bias
Authorization
Completeness
Compliance
Decision Audit Report:
GOVERNANCE DECISION AUDIT REPORT
Period: March 1-31, 2026
Sample: Guardrail hard-block decisions
Auditor: Compliance Officer
Date: April 5, 2026
EXECUTIVE SUMMARY
[1-2 paragraph summary of findings]
FINDINGS BY DECISION
Decision 1: [Summary]
Logical Consistency: PASS
Evidence Quality: FLAG — Missing context on data classification
Bias: PASS
Authorization: PASS
Completeness: FAIL — No documented reasoning
Compliance: PASS
Severity: Medium
Recommendation: Add documentation; rerun decision with notes
Decision 2: [Summary]
[Full audit for each decision]
AGGREGATE FINDINGS
Total decisions audited: 15
Fully compliant: 12 (80%)
Flagged for review: 2 (13%)
Non-compliant: 1 (7%)
Key patterns:
- Documentation is weakest area
- Bias and authority are consistently strong
- Consistency needs improvement
RECOMMENDATIONS
1. [Priority 1] Implement decision documentation standard
2. [Priority 2] Create policy exception request process
3. [Priority 3] Quarterly audit cycle
4. [Priority 4] Training on decision reasoning
SIGN-OFF
Auditor: [Name]
Date: [Date]
Findings approved by: [Authority]
Finding Severity Levels:
| Severity | Definition | Example |
|---|---|---|
| Critical | Decision violates law or policy without authorization | Waived 4-eyes gate on major contract |
| High | Decision lacks sufficient authority or evidence | Approved tool without security review |
| Medium | Decision is unclear or inconsistently applied | Missing documentation, inconsistent with precedent |
| Low | Decision could be better documented | Evidence not fully recorded |
Track over time:
AUDIT TREND REPORT: Governance Decisions 2026
Jan 2026: 92% compliant, 2 high-severity findings
Feb 2026: 89% compliant, 1 high-severity finding
Mar 2026: 85% compliant, 3 medium-severity findings
Apr 2026: [Projected 88% based on Q1 trajectory]
Improving:
- Authorization clarity
- Policy alignment
Declining:
- Documentation completeness
- Evidence gathering thoroughness
Action items:
- Resume training on documentation standards (dropped in Feb)
- Increase monitoring during high-volume periods
- Implement template to improve consistency
npx claudepluginhub aadityaparab/sentinel-stack --plugin sentinel-stackGuides governance audits: detects semantic drift in constraints, inventories governance debt, scores falsifiability, checks three-frame alignment for governance-auditor agent.
Audits single recorded decisions (DR/ADR/design notes) against a checklist for context/alternatives/consequences structure, artefact traceability, and rationale quality. Emits JSON findings.
Surfaces unnoticed gaps—procedural, consideration, assumption, alternatives—as questions before decisions, enabling audited decisions at commitment points.