Ghost is a detector that surfaces hidden dependencies and assumptions across the codebase so you can address fragility.

How does Ghost surface issues?

It analyzes project markdown and code to map implicit dependencies and contracts into an action list organized by when they break.

What if no issues are found?

You get a clean audit and practical recommendations to maintain explicit contracts and documented assumptions.

ghost

Scanned

npx machina-cli add skill rana/yogananda-skills/ghost --openclaw

Files (1)

SKILL.md

2.5 KB

Read all project markdown documents and examine the codebase to ground in the project's actual state.

Ghost Dependency Audit

Systematically surface the invisible substrate:

Environment assumptions — Variables read but not documented, config files expected but not templated, paths assumed to exist, permissions required but unspecified.
Service dependencies — External services called without explicit documentation. DNS entries assumed. Ports expected to be open. Health checks missing.
Timing assumptions — Operations that assume ordering but don't enforce it. Race conditions waiting to happen. Startup sequences that depend on undocumented timing.
Implicit contracts — Module boundaries where the interface is convention rather than code. Data formats assumed but not validated. Error handling that assumes specific upstream behavior.
Build & deploy assumptions — Tools expected to be installed. Versions assumed. Build order dependencies. Network access during build.
Data assumptions — Seed data expected. Migration order dependencies. Schema assumptions not enforced by constraints. Encoding assumptions.
Human assumptions — Knowledge required but not documented. Procedures that exist only in someone's head. Tribal knowledge.

Focus area: $ARGUMENTS

For every ghost dependency found:

What the assumption is (specific)
Where it lives in the code or process
What happens when the assumption is violated
How to make it explicit (document, validate, or enforce)

Present as an action list. No changes to files — document only.

Output Management

Hard constraints:

Segment output into groups of up to 8 ghost dependencies, ordered by "what breaks at 2am" severity.
Write each segment incrementally. Do not accumulate a single large response.
After completing each segment, continue immediately to the next. Do not wait for user input.
Continue until ALL ghost dependencies are reported. State the total count when complete.
If the analysis surface is too large to complete in one session, state what was covered and what remains.

What questions would I benefit from asking?

What am I not asking?

Source

git clone https://github.com/rana/yogananda-skills/blob/main/skills/ghost/SKILL.mdView on GitHub

Overview

Ghost Audit surfaces invisible dependencies and assumptions that aren’t explicit in code or docs—environment variables, implicit service dependencies, timing assumptions, and undocumented contracts. It helps teams prevent fragile behavior and 2am breakages by making these hidden aspects visible and actionable.

How This Skill Works

The Ghost audit reads project markdown and the codebase to ground in the current state across seven categories: environment assumptions, service dependencies, timing assumptions, implicit contracts, build and deploy assumptions, data assumptions, and human assumptions. For every ghost dependency found, it records what the assumption is, where it lives in the code or process, what happens if it's violated, and how to make it explicit, presenting results as an action list without changing files.

When to Use It

When environment variables or config expectations are undocumented or templating is missing
When external service dependencies, DNS entries, and port openness are assumed but not documented
When startup order or operations rely on unenforced timing or race conditions
When module boundaries rely on conventions rather than explicit interfaces or validation
When build or deploy steps assume specific tools, versions, or network access

Quick Start

Step 1: Read project markdown and examine the codebase to ground in the actual state
Step 2: Run Ghost Audit to surface environment, service, timing, contract, build, data, and human assumptions
Step 3: Document each finding as explicit entries and add validations or runbooks to enforce them

Best Practices

Document every detected assumption in a living runbook or wiki
Validate assumptions with tests, CI checks, and explicit contracts
Enforce explicit interfaces and data formats with validation and error handling
Maintain an up-to-date inventory of environment, service, and build dependencies
Create owner-based accountability and runbooks for 2am incident scenarios

Example Use Cases

Environment assumptions: app reads environment variables that are undocumented or not templated
Service dependencies: external calls without explicit documentation; DNS entries and ports assumed
Timing assumptions: startup order or race conditions not enforced
Implicit contracts: data formats and error handling rely on upstream behavior without validation
Build & deploy: tools and versions assumed; network access during build

Frequently Asked Questions

Add this skill to your agents