audit-flush
Manual counterpart to the Stop hook. Same logic, invoked on demand.
When to use
- The user asks to inspect staged trail entries before they auto-flush.
- The user wants to retry entries that moved to
$CCAUDIT_PENDING_DIRafter an earlier failure (secret hit or push error). - Auto-flush is disabled (
CCAUDIT_MANUAL=1) and entries must be flushed explicitly. - The user needs a written record that " inspected and approved this flush at time X" — running
/audit-flushleaves a trace (the commit author and timestamp) that an unattended Stop hook cannot.
Flags
| Flag | Behavior |
|---|---|
| (none) | Same flow as hooks/auto-flush.sh: scan, secret-check, push, clear staging. |
--dry-run | List what would be flushed, exit without touching anything. |
--force | Include $CCAUDIT_PENDING_DIR contents in addition to staging; retry everything. |
Procedure
Follow skills/audit-flush/procedure.md step by step. Do not invent additional safety checks — the hook and this skill must stay behavior-identical, so divergence creates undefined state.
What this skill does NOT do
- It does not modify trail entries. Entries are append-only once written to staging.
- It does not delete from the remote trail repository. If a bad entry was pushed, the correction is a new entry referring to the bad one by hash — never a rewrite.
- It does not reconfigure the remote.
CCAUDIT_TRAIL_REPOis read-only from this skill's perspective.