fix(audit): correct oddkit_audit tool description default scope (RV-gate F-1)

[klappy]

Fixes validator finding F-1 surfaced by the RV-gate Sonnet 4.6 dispatch on PR #146 (promote v0.26.0).

What's wrong

workers/src/index.ts oddkit_audit tool definition had two stale strings:

1. Description said "Walk every klappy:// URI in canon markdown…" — implies canon/ scope.
2. Input describe said "Default scope: writings/, canon/, odd/, docs/ (excluding docs/archive/)" — but actual DEFAULT_AUDIT_PATHS is ["writings/"] only.
3. Spec reference said DRAFT v2 — KISS but klappy.dev#146 amended the spec to v2.1.

The result: every MCP consumer (Claude in Claude.ai, Cursor agents, third-party tools, CI runners) reading the tool schema sees a wrong default. Callers expecting a full-repo audit silently get writings/ only.

What this PR does

Description-only fix to workers/src/index.ts. No code-behavior change. The runAudit implementation, the DEFAULT_AUDIT_PATHS constant, the dispatch wiring, and the response shape are all unchanged.

Why this is not load-bearing per klappy://canon/constraints/release-validation-gate

The constraint's "What Counts As Load-Bearing Surface" section lists registration changes, behavior changes, and envelope changes as load-bearing — and explicitly lists "Documentation-only PRs" as NOT load-bearing. This change edits two describe() strings inside an existing tool definition. The tool registration itself is unchanged; the action enum is unchanged; the response shape is unchanged. The closest load-bearing category would be "New or modified mcp_server.tool(...) registrations," but neither the registration block nor the action: "audit" field is touched — only the human-readable description text inside.

Per Rule 2, this PR therefore does not require an additional independent validator dispatch.

Sequencing

1. Bugbot completes review on this PR
2. Merge this PR to main
3. PR promote: 0.26.0 to prod (oddkit_audit action — link-rot Phase 2) #146 (the promote main → prod) automatically picks up the new main HEAD
4. CI re-runs on the new promote PR head
5. Merge promote PR

Refs

• RV-gate validator findings (full report in PR promote: 0.26.0 to prod (oddkit_audit action — link-rot Phase 2) #146 closeout when appended): F-1 (this fix), F-3 (spec amendment follow-up), F-7 (env disposition)
• Constraint: klappy://canon/constraints/release-validation-gate
• Spec (already at v2.1): klappy://docs/oddkit/specs/oddkit-audit
• Promote PR being unblocked: promote: 0.26.0 to prod (oddkit_audit action — link-rot Phase 2) #146

---

Note

Low Risk
Low risk: changes only documentation strings in the MCP tool schema; no audit behavior, routing, or response shape is modified.

Overview
Clarifies oddkit_audit tool metadata so MCP consumers see the correct default behavior.

Updates the tool description/input describe() text to reflect that the default audit scope is writings/ only (with wider scope as explicit opt-in via paths) and bumps the referenced spec to DRAFT v2.1.

^{Reviewed by Cursor Bugbot for commit 2693445. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	oddkit	2693445	Commit Preview URL Branch Preview URL	Apr 27 2026, 02:32 AM