Stats
Actions
Tags
From hydra-audit-trail
Verifies the tamper-evidence hash chain on audit-trail's JSONL log. Use when the developer asks to verify audit integrity, check whether the audit log has been tampered with, validate the hash chain, or investigate suspected log manipulation. Auto-triggers on: "verify audit", "check audit integrity", "tamper check", "validate hash chain", "audit log tampered", "hash chain broken".
How this skill is triggered — by the user, by Claude, or both
Slash command
/hydra-audit-trail:audit-verifyThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
<purpose>
<decision_tree> IF user asks to verify the audit log: → Run: bash -c 'source "${CLAUDE_PLUGIN_ROOT}/scripts/chain-helpers.sh" && verify_chain "${CLAUDE_PLUGIN_ROOT}/state/audit.jsonl"' → Exit 0 → report "Chain intact across N lines." → Exit 1 → report the offending line number and hashes verbatim from stderr. → Exit 2 → report "audit.jsonl not found at expected path."
IF user asks to verify a specific file (not the default audit log): → Substitute the path into the same one-liner.
IF user asks "what's in the chain": → Read the last 5 lines of audit.jsonl, show event/ts/tool/prev_hash columns. </decision_tree>
<output_format>
<path>expected <hash> got <hash>If broken, recommend: capture a copy of the current audit.jsonl for forensic review before any further writes, then investigate which event was tampered. </output_format>
<failure_modes>
Provides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.
npx claudepluginhub enchanter-ai/hydra --plugin audit-trail