Among all the technical challenges to enforcing AI regulations, one crucial, yet under-explored problem is the risk of audit manipulation.These manipulations occur when a platform deliberately alters its answers to a regulator to pass an audit without modifying its answers to other users.In this paper, we introduce a novel approach to manipulation-proof auditing by taking into account the auditor's prior knowledge of the task solved by the platform.Through both practical and formal analysis of our framework, we argue that 1) Current audits are easily manipulated, 2) Regulators must not rely (only) on public priors (e.g., public datasets), 3) Looking at the accuracy of the platform's answers is a good baseline to detect manipulations.