config-audit/commands/implement.md
Kjell Tore Guttormsen b4d819b72d fix(acr): pin Bash >> append discipline on shared implementation log (M-BUG-20)
implement.md spawns implementer agents in parallel batches, all appending to
the same implementation-log.md. Dogfooding showed agents satisfying 'Append
result to:' with a full-file Write — the last writer clobbered 4 of 6 entries.
Pin the mechanism in both contracts: append with Bash >> heredoc, never the
Write/Edit tool on the shared log. Shape tests pin the instruction in both
files (empirically verified: agents given the >> instruction appended safely).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-07-17 03:53:06 +02:00

4.3 KiB

name description allowed-tools model
config-audit:implement Phase 5 - Execute action plan with backups and verification Read, Write, Edit, Bash, Agent, AskUserQuestion opus

Config-Audit: Implementation (Phase 5)

Execute the action plan with full backup, verification, and rollback support.

Prerequisites

  • Must have completed Phase 4 (plan)
  • Action plan at ~/.claude/config-audit/sessions/{session-id}/action-plan.md

Arguments

  • $ARGUMENTS may contain --raw to forward to the implementer-agent's instructions; in --raw mode the agent renders v5.0.0 verbatim severity prefiks instead of humanized userActionLanguage urgency phrasing.

Implementation

Step 1: Parse flags, load and verify

RAW_FLAG=""
if echo "$ARGUMENTS" | grep -q -- "--raw"; then RAW_FLAG="--raw"; fi

Find the most recent session with a plan. If none: "No action plan found. Run /config-audit plan first."

Use the Read tool on the action plan and count actions. Tell the user:

## Implementing Action Plan

Found {N} actions to execute across {M} files.
A backup will be created before any changes are made.

Step 2: Get user approval

AskUserQuestion:
  question: "Ready to implement {N} actions? Backup created automatically — you can roll back with one command."
  options:
    - "Yes, proceed"
    - "Review plan first" (then show the plan file path)
    - "Cancel"

Step 3: Create backup

Create backup silently:

mkdir -p ~/.claude/config-audit/backups/$(date +%Y%m%d_%H%M%S)/files/ 2>/dev/null

Copy each file to be modified. Generate manifest.yaml with checksums.

Tell the user: "Backup created. Implementing actions..."

Step 4: Execute actions

Group actions by dependencies. For each group, spawn implementer agents (batch of 3):

Agent(subagent_type: "config-audit:implementer-agent")
  model: sonnet
  prompt: |
    Execute action: {action-id}
    File: {file-path}, Type: {create|modify|delete}
    Mode: $RAW_FLAG (empty = humanized progress prose; "--raw" = v5.0.0 verbatim)
    Details: {changes}
    Verify backup exists, make change, validate syntax.
    When logging progress, use the humanized title/userActionLanguage
    fields from the action plan (the planner already rendered them) —
    do not re-derive severity prose. Append result to:
    ~/.claude/config-audit/sessions/{session-id}/implementation-log.md
    Append with Bash `>>` (heredoc) — NEVER the Write tool on this log;
    parallel agents share it and a full-file Write clobbers their entries.

Show progress between groups using the humanized titles already present in the action plan:

Action 1/N: {humanized title} — done
Action 2/N: {humanized title} — done
...

Step 5: Verify results

Spawn verifier agent:

Agent(subagent_type: "config-audit:verifier-agent")
  model: sonnet (note: using sonnet, not haiku)
  prompt: |
    Verify all changes from implementation:
    1. Modified files exist and are syntactically valid
    2. New files created correctly
    3. No new conflicts introduced
    Report to: ~/.claude/config-audit/sessions/{session-id}/implementation-log.md

If verifier finds issues: one retry with implementer agent. If still failing: report and suggest rollback.

Step 6: Present results

### Implementation Complete

**{succeeded} succeeded** | {failed} failed | {skipped} skipped

{If score improved, run quick posture and show:}
Score impact: {old_grade} → {new_grade} (+{delta} points)

{If failed > 0:}
{failed} action(s) couldn't be completed — see log for details.

**Backup location:** `~/.claude/config-audit/backups/{timestamp}/`
**Rollback:** `/config-audit rollback {timestamp}`
**Full log:** `~/.claude/config-audit/sessions/{session-id}/implementation-log.md`

Step 7: Update state

Update state.yaml with current_phase: "implement", next_phase: null.

Rollback

If the user requests rollback at any point:

  1. Read manifest.yaml from backup
  2. Restore each file and verify checksums
  3. Delete newly created files
  4. Update state to rolled_back

Error Handling

Error What happens
Permission denied Skip action, log it, continue with others
File not found Skip action, log it, continue
Invalid syntax after edit Rollback that single file, log, continue
Critical failure Offer full rollback