Two Claude Code prompt skills tackle agent ambiguity and review theater
Author dualform released two open-source, single-file Claude Code skills — `/spec` and `/review-audit` — to address agents guessing on vague tasks and producing unverifiable code reviews.
Score breakdown
Both skills replace two common silent failure modes in agentic coding — unchecked assumptions before code is written and unverifiable review passes — with explicit, evidence-gated checkpoints enforced at the prompt level.
- 01Both skills are single SKILL.md prompt files, Apache-2.0 licensed, with no dependencies or build steps.
- 02`/spec` generates a fixed 13-section spec file before any code is written, asking only questions the agent couldn't infer from the repo and conversation.
- 03A sub-agent self-check receives only the spec file and must confirm it is buildable; if sub-agents are unavailable, a self-audit requiring a quoted grounding line per section is used as fallback.
Dualform describes two recurring failure modes when working with coding agents: the agent guessing on ambiguous tasks (causing expensive rework after code is written), and code reviews that return a confident PASS without actually checking anything. To address these, the post introduces two open-source Claude Code skills, each a single prompt file under the Apache-2.0 license with no build steps or dependencies.
It reads the repo and conversation context, then asks only the questions it couldn't infer — presented as multiple-choice with recommended defaults.
The `/spec` skill intercepts ambiguity before coding begins. It reads the repo and conversation context, then asks only the questions it couldn't infer — presented as multiple-choice with recommended defaults. Answers populate a fixed 13-section spec file. Two mechanisms enforce quality: a self-check sub-agent receives only the spec file and must confirm it could build from it (falling back to a self-audit that requires quoting a grounding line per section if sub-agents are unavailable), and an anti-Potemkin rule requiring every acceptance criterion to be an executable command or numbered visual check rather than a passive assertion like "file exists."
The `/review-audit` skill runs a single-pass, read-only audit across six axes: correctness, wiring (built-but-never-called or dead code), security, test efficacy, spec compliance, and regression. An axis is only marked audited when the report includes concrete `file:line` plus grep or run evidence; "I didn't check this" is an explicit, first-class output rather than a silent omission. A before/after checksum confirms the working tree was not modified. The skill runs in the calling agent's own context to keep it cheap enough for every change, and its output explicitly tells the user when a single pass is insufficient and escalation is warranted. A heavier `review-audit-pro` tier is described as coming soon for per-run detection verification.
Key facts
- 01Both skills are single SKILL.md prompt files, Apache-2.0 licensed, with no dependencies or build steps.
- 02`/spec` generates a fixed 13-section spec file before any code is written, asking only questions the agent couldn't infer from the repo and conversation.
- 03A sub-agent self-check receives only the spec file and must confirm it is buildable; if sub-agents are unavailable, a self-audit requiring a quoted grounding line per section is used as fallback.
- 04Every acceptance criterion in `/spec` must be an executable command or a numbered visual check — passive assertions like 'file exists' are not permitted.
- 05`/review-audit` audits across six axes: correctness, wiring, security, test efficacy, spec compliance, and regression.
- 06An axis in `/review-audit` can only be marked audited when the report cites concrete `file:line` and grep/run evidence; 'I didn't check this' is a valid, explicit output.
- 07A `review-audit-pro` tier for adversarial, fresh-context verification is described as coming soon.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Jun 14, 2026 · 09:08 UTC. How this works →