@appfire-ux/audit-agent 0.20260708.1 → 0.20260708.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@appfire-ux/audit-agent",
|
|
3
|
-
"version": "0.20260708.
|
|
3
|
+
"version": "0.20260708.2",
|
|
4
4
|
"description": "Claude Code audit agents for Appfire apps — ux-auditor (/ux-audit), ui-auditor (/ui-audit), a11y-auditor (/a11y-audit: WCAG 2.2 + axe-core scan feeding the Appfire VPAT/ACR process), /full-audit parallel orchestration. Confluence-ready MD+HTML+PNG output, runtime capture & scan scripts.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"publishConfig": {
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
|
-
description: Run ux-auditor, ui-auditor and a11y-auditor in parallel —
|
|
3
|
-
argument-hint: [scope-path] [--agents ux,ui,a11y] [--critique hard|balanced] [--static-only] [--lang pl|en] [--out-dir <path>] [--prod]
|
|
2
|
+
description: Run ux-auditor, ui-auditor and a11y-auditor in parallel — optional VPAT post-sequence with repo-audit + ACR draft
|
|
3
|
+
argument-hint: [scope-path] [--agents ux,ui,a11y] [--critique hard|balanced] [--with-vpat] [--static-only] [--lang pl|en] [--out-dir <path>] [--prod]
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
Run **all three** audit agents on this repository **in parallel**: **ux-auditor** (guideline compliance), **ui-auditor** (UI & usability) and **a11y-auditor** (accessibility / VPAT readiness).
|
|
@@ -12,6 +12,7 @@ Arguments passed by the user: `$ARGUMENTS`
|
|
|
12
12
|
- **Scope path** — optional directory (default: whole repo).
|
|
13
13
|
- `--agents ux,ui,a11y` — subset of agents to run (default: all three).
|
|
14
14
|
- `--critique hard|balanced` — critique intensity for UX/UI (default: `hard`).
|
|
15
|
+
- `--with-vpat` — after full audit completes, run two VPAT agents in sequence: repository readiness auditor, then ACR drafting agent.
|
|
15
16
|
- `--static-only` — skip runtime/screenshots/scans for all agents; warn the user that the UI audit will be much weaker and most a11y criteria become NEEDS_MANUAL_REVIEW.
|
|
16
17
|
- `--lang pl|en` — report language for all agents (default: English; a11y JSON/criterion map stays English).
|
|
17
18
|
- `--out-dir <path>` — parent folder for outputs (default: `docs/audits`).
|
|
@@ -64,6 +65,9 @@ Hard fail gate:
|
|
|
64
65
|
├── RECOMMENDATIONS-TABLE-<date>[-prod].md
|
|
65
66
|
├── RECOMMENDATIONS-TABLE-<date>[-prod].html
|
|
66
67
|
├── RECOMMENDATIONS-TABLE-<date>[-prod].json
|
|
68
|
+
├── VPAT-REPO-AUDIT-<date>[-prod].md # only when --with-vpat
|
|
69
|
+
├── VPAT-REPO-AUDIT-<date>[-prod].json # only when --with-vpat
|
|
70
|
+
├── ACR-DRAFT-<date>[-prod].md # only when --with-vpat
|
|
67
71
|
├── prod-assets/ # only when orchestrator shares PNG captures across agents
|
|
68
72
|
├── ux-audit/
|
|
69
73
|
│ ├── UX-AUDIT-<date>[-prod].md
|
|
@@ -166,6 +170,8 @@ Required JSON format:
|
|
|
166
170
|
| **ux-auditor** | Guideline compliance: tokens, a11y, copy, messaging, personas | STOP & ASK, MD+HTML+PNG, Definition of done |
|
|
167
171
|
| **ui-auditor** | IA, consistency, layout, interaction, responsiveness | STOP & ASK, MD+HTML+PNG, Definition of done |
|
|
168
172
|
| **a11y-auditor** | Deep accessibility: WCAG 2.2 A/AA, axe-core scan, VPAT/ACR datapoints | STOP & ASK, MD+HTML+PNG+JSON, no over-claiming |
|
|
173
|
+
| **vpat-repo-auditor** (optional) | Evidence-gap pre-audit for VPAT/ACR readiness | read-only, strict non-overclaiming, MD+JSON |
|
|
174
|
+
| **vpat-acr-drafter** (optional) | Human-reviewable ACR draft body from evidence package | output only ACR body, conservative conformance language |
|
|
169
175
|
|
|
170
176
|
- Each agent writes to its own `ux-audit/`, `ui-audit/` or `a11y-audit/` subfolder with its own `assets/`.
|
|
171
177
|
- Use `prod-assets/` **only** when orchestrator captures once and agents reuse identical PNGs — each agent copies into local `assets/` for Confluence-relative paths.
|
|
@@ -216,7 +222,7 @@ Follow Shared deliverables: MD+HTML+PNG, Definition of done.
|
|
|
216
222
|
If STOP & ASK triggers mid-run, pause and ask user — do not fake verified-runtime.
|
|
217
223
|
```
|
|
218
224
|
|
|
219
|
-
## Step 3 — Combined summary + HTML (after
|
|
225
|
+
## Step 3 — Combined summary + HTML (after UX/UI/A11Y finish)
|
|
220
226
|
|
|
221
227
|
Before writing AUDIT-SUMMARY:
|
|
222
228
|
- validate coverage matrix
|
|
@@ -252,6 +258,34 @@ Before writing AUDIT-SUMMARY:
|
|
|
252
258
|
(or repo-local `docs/audits/build-html-reports.mjs` if present)
|
|
253
259
|
5. Optionally serve preview: `npx --yes serve <out-dir> -p 4173` and give user links to `*.html`.
|
|
254
260
|
|
|
261
|
+
## Step 4 — Optional VPAT post-sequence (`--with-vpat`)
|
|
262
|
+
|
|
263
|
+
Run this only when `--with-vpat` is set. This is strictly sequential:
|
|
264
|
+
1. `vpat-repo-auditor` runs first, consuming:
|
|
265
|
+
- `a11y-audit/A11Y-AUDIT-<date>[-prod].md`
|
|
266
|
+
- `a11y-audit/A11Y-AUDIT-<date>[-prod].json`
|
|
267
|
+
- `AUDIT-SUMMARY-<date>[-prod].md`
|
|
268
|
+
- coverage + recommendations artifacts
|
|
269
|
+
Output:
|
|
270
|
+
- `<out-dir>/VPAT-REPO-AUDIT-<date>[-prod].md`
|
|
271
|
+
- `<out-dir>/VPAT-REPO-AUDIT-<date>[-prod].json`
|
|
272
|
+
2. `vpat-acr-drafter` runs second, consuming the full evidence package including `VPAT-REPO-AUDIT`.
|
|
273
|
+
Output:
|
|
274
|
+
- `<out-dir>/ACR-DRAFT-<date>[-prod].md`
|
|
275
|
+
|
|
276
|
+
VPAT sequence rules:
|
|
277
|
+
- Assume a11y audit already exists; if missing, stop and instruct to run/repair a11y audit first.
|
|
278
|
+
- Both VPAT agents are read-only and must never over-claim conformance.
|
|
279
|
+
- `vpat-acr-drafter` output must be only the ACR document body and start with:
|
|
280
|
+
`Appfire Accessibility Conformance Report`
|
|
281
|
+
- Missing evidence must be represented conservatively inside report notes/remarks/disclaimer/follow-up sections, not fabricated.
|
|
282
|
+
|
|
283
|
+
## Step 5 — Final relay (base audit + optional VPAT)
|
|
284
|
+
|
|
285
|
+
When `--with-vpat` is enabled, include VPAT artifact paths and:
|
|
286
|
+
- one-line VPAT readiness status
|
|
287
|
+
- one-line ACR draft status (draft for human review, not final conformance claim)
|
|
288
|
+
|
|
255
289
|
## Definition of done extension
|
|
256
290
|
|
|
257
291
|
`/full-audit` is complete only if all are true:
|
|
@@ -259,6 +293,7 @@ Before writing AUDIT-SUMMARY:
|
|
|
259
293
|
2. Recommendations table artifacts exist (MD + HTML + JSON).
|
|
260
294
|
3. Table has required columns and minimum row coverage.
|
|
261
295
|
4. Priorities are assigned and justified from audit evidence.
|
|
296
|
+
5. If `--with-vpat`: VPAT repo-audit MD+JSON and ACR draft MD exist.
|
|
262
297
|
|
|
263
298
|
## Relay to the user
|
|
264
299
|
|
|
@@ -268,4 +303,4 @@ Always include:
|
|
|
268
303
|
- paths to recommendations table `.md`, `.html`, `.json`
|
|
269
304
|
- one-line summary of highest-priority (`P0`) recommendation themes
|
|
270
305
|
|
|
271
|
-
|
|
306
|
+
If `--with-vpat`, also return VPAT artifact paths and confirm the ACR draft is conservative and requires human compliance/legal review before publication.
|