release-auditlisted

# Release Audit ## Purpose Heavyweight pre-release gate. Runs advisory audits across up to eight domains, produces versioned markdown reports broken down by criticality (P0–P3 + Info), and stages remediation work for human approval. Not for CI/CD (use `pre-commit`, `deploy-check` for that) — this is the human-driven release-readiness review. The skill **adapts to the project's stack**. Phase 0 detects which profiles are active (e.g. `go-backend + web-frontend-react + flutter-mobile`); Phase 1 only loads tools for those profiles; Phase 2 dispatches only relevant domain auditors (Domain 7 Mobile only runs if a mobile target exists). ## Scope - All 8 audit domains with playbooks at `lib/playbooks/01..08.md` - Stack-aware tool readiness via `references/tooling-matrix.md` + `scripts/check-tools.sh` - Auditor agent dispatch via `agents/*.md` (8 specialists + 1 lead) - Output structured under `/docs/audits/<YYYY-MM-DD>-<version>/` - Human-driven disposition collection (no auto-decisions, no auto-merge) NOT in scope: continuous checks, deploy mechanics, release tagging (see `release-manager`, `deploy-check`, `version-bump`). ## Automated pass ### Phase 0 — Scoping Spawn the lead-auditor (or run inline) to: 1. Confirm version/tag, branch, mode (`audit` vs `audit+remediate`). 2. **Detect stack profiles.** Inspect repo for the heuristics in `references/tooling-matrix.md` § Stack profiles. Common cases: - `go.mod` → `go-backend` - `package.json` with `react`+`next`