open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

chore(humanizer): pre-flight snapshots + test audit for v5.1.0

Browse source 
Wave 0 / Step 0 of the v5.1.0 plain-language UX humanizer plan.

Captures v5.0.0 baseline output for all 8 CLIs at
tests/snapshots/v5.0.0/ — these snapshots are immutable references
for SC-6 (--json byte-equal) and SC-7 (--raw byte-equal) tests in
later waves.

- 5 CLIs captured via --output-file: scan-orchestrator, posture,
  token-hotspots-cli, manifest, whats-active
- 3 CLIs captured via stdout redirect (no --output-file support):
  drift-cli (after baseline seed), fix-cli, plugin-health-scanner
- Posture stderr scorecard captured separately for SC-7 stderr-mode
  comparison

docs/v5.1.0-test-audit.md classifies all 42 .title references in
7 known test files: 34 will break under humanization (literal
string equality / substring), 8 are safe (test fixtures or error
formatting). This document is the change list for Step 4.

Project: .claude/projects/2026-05-01-config-audit-ux-redesign/
This commit is contained in:
Kjell Tore Guttormsen 2026-05-01 16:47:13 +02:00
commit 2397ffb5e4
10 changed files with 5134 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

121
plugins/config-audit/docs/v5.1.0-test-audit.md Normal file
View file

@ -0,0 +1,121 @@
# v5.1.0 Title-String Assertion Audit
Generated by Wave 0 / Step 0 pre-flight on 2026-05-01.
This document is the authoritative change list for **Step 4** (replace title-string assertions with ID-based or shape-based assertions). Step 5 cannot wire the humanizer until every "WILL BREAK" entry below is converted.
## Classification key
- **(a) shape-only** — checks existence, type, or test-fixture input; not affected by humanization.
- **(b) literal-string WILL BREAK** — exact equality or substring match against scanner-produced title prose. Humanization rewrites these strings; the assertion must be re-anchored to `finding.id`, `finding.scanner`, or `finding.evidence`.
- **(c) ID-based** — already anchored on `finding.id` or scanner prefix. No change needed.
## Audit summary
| Test file | Matches | Will break (b) | Safe (a/c) |
|-----------|---------|----------------|------------|
| `tests/lib/output.test.mjs` | 1 | 0 | 1 |
| `tests/scanners/feature-gap-scanner.test.mjs` | 6 | 6 | 0 |
| `tests/scanners/hook-validator.test.mjs` | 12 | 9 | 3 |
| `tests/lib/diff-engine.test.mjs` | 2 | 0 | 2 |
| `tests/scanners/fix-engine.test.mjs` | 1 | 0 | 1 |
| `tests/scanners/plugin-health-scanner.test.mjs` | 9 | 8 | 1 |
| `tests/scanners/settings-validator.test.mjs` | 11 | 11 | 0 |
| **Total** | **42** | **34** | **8** |
## Per-file findings
### `tests/lib/output.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 46 | `assert.strictEqual(f.title, 'Test')` | (a) shape-only | None — `'Test'` is the test's own input to `finding()` constructor, not a scanner-produced title. |
### `tests/scanners/feature-gap-scanner.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 45 | `f.title === 'No CLAUDE.md file'` | (b) WILL BREAK | Replace with `f.id === '<GAP-ID-for-no-CLAUDE.md>'`. Anchor on ID. |
| 49 | `f.title === 'No MCP servers configured'` | (b) WILL BREAK | Replace with ID anchor. |
| 53 | `f.title === 'No hooks configured'` | (b) WILL BREAK | Replace with ID anchor. |
| 96 | `f.title === 'No hooks configured'` | (b) WILL BREAK | Replace with ID anchor. |
| 100 | `f.title === 'No MCP servers configured'` | (b) WILL BREAK | Replace with ID anchor. |
| 150 | `f.title === 'No CLAUDE.md file'` | (b) WILL BREAK | Replace with ID anchor. |
> **Implementation note for Step 4:** look up the actual GAP finding IDs via `grep -n "title:" scanners/feature-gap-scanner.mjs` and substitute. For shape only: `assert.ok(f.id.startsWith('CA-GAP-'))` is acceptable when the test only cares that a GAP finding fired.
### `tests/scanners/hook-validator.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 30 | `serious.map(f => f.title).join(', ')` | (a) shape-only | None — title used only for error-message formatting in failed assert; not the assertion itself. |
| 49 | `f.title === 'Unknown hook event'` | (b) WILL BREAK | Replace with ID anchor. |
| 54 | `f.title.includes('Matcher must be a string')` | (b) WILL BREAK | Replace with ID anchor or `.evidence.includes(...)`. |
| 59 | `f.title === 'Invalid hook handler type'` | (b) WILL BREAK | Replace with ID anchor. |
| 64 | `f.title.includes('timeout')` | (b) WILL BREAK | Replace with ID anchor. |
| 69 | `f.title === 'Unknown hook event'` | (b) WILL BREAK | Replace with ID anchor. |
| 80 | `/verbose hook output/i.test(x.title \|\| '')` | (b) WILL BREAK | Replace with ID anchor. |
| 81 | `result.findings.map(x => x.title).join(' \| ')` | (a) shape-only | Used only in error-message formatting. None. |
| 91 | `/verbose hook output/i.test(x.title \|\| '')` | (b) WILL BREAK | Replace with ID anchor. |
| 92 | `f?.title` | (a) shape-only | Used only in error-message formatting. None. |
### `tests/lib/diff-engine.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 66 | `diff.newFindings[0].title === 'New issue'` | (a) shape-only | None — `'New issue'` is the test's synthetic finding input, not scanner-produced. |
| 78 | `diff.resolvedFindings[0].title === 'Old issue'` | (a) shape-only | None — synthetic test input. |
### `tests/scanners/fix-engine.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 62 | `assert.ok(m.title, 'Manual finding should have title')` | (a) shape-only | None — pure existence check. |
### `tests/scanners/plugin-health-scanner.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 52 | `f.title.includes('Missing required field')` | (b) WILL BREAK | Replace with ID anchor or `f.evidence.includes(...)`. |
| 59 | `f.title.includes('missing') && f.title.includes('section')` | (b) WILL BREAK | Replace with ID anchor on the missing-section finding. |
| 68 | `f.title.includes('Missing required field')` | (b) WILL BREAK | Replace with ID anchor. |
| 75 | `f.title === 'Missing CLAUDE.md'` | (b) WILL BREAK | Replace with ID anchor. |
| 82 | `f.title === 'Command missing frontmatter'` | (b) WILL BREAK | Replace with ID anchor. |
| 90 | `f.title.startsWith('Agent missing frontmatter field:')` | (b) WILL BREAK | Replace with ID anchor + `f.evidence.includes(...)` for the field name (humanizer preserves evidence). |
| 93 | `missingAgent.map(f => f.title).join(', ')` | (a) shape-only | Used only in error-message formatting. None. |
| 102 | `result.findings[0].title === 'No plugins found'` | (b) WILL BREAK | Replace with ID anchor. |
| 125 | `assert.ok(f.title)` | (a) shape-only | None — pure existence check. |
### `tests/scanners/settings-validator.test.mjs`
| Line | Code | Class | Action |
|------|------|-------|--------|
| 49 | `f.title === 'Unknown settings key'` | (b) WILL BREAK | Replace with ID anchor (likely `CA-SET-001` or similar — verify). |
| 54 | `f.title === 'Deprecated settings key'` | (b) WILL BREAK | Replace with ID anchor. |
| 59 | `f.title === 'Type mismatch in settings'` | (b) WILL BREAK | Replace with ID anchor. |
| 64 | `f.title === 'Invalid effortLevel value'` | (b) WILL BREAK | Replace with ID anchor. |
| 69 | `f.title.includes('array instead of object')` | (b) WILL BREAK | Replace with ID anchor. |
| 74 | `f.title.includes('array instead of object')` | (b) WILL BREAK | Replace with ID anchor. |
| 86 | `f.title === 'Unknown settings key' && /additionalDirectories/.test(f.evidence)` | (b) WILL BREAK | Keep evidence regex; replace title check with ID anchor. |
| 96 | `/additionalDirectories/i.test(x.title \|\| '')` | (b) WILL BREAK | Replace with ID anchor + evidence regex (additionalDirectories likely appears in evidence already). |
| 98 | `f?.title` | (a) shape-only — but inside breaking assertion | Will become moot after line 96 is fixed. |
| 106 | `/additionalDirectories/i.test(x.title \|\| '')` | (b) WILL BREAK | Replace with ID anchor + evidence regex. |
| 107 | `result.findings.map(x => x.title).join(' \| ')` | (a) shape-only | Error-message formatting only. None. |
## Step 4 implementation guidance
1. For each (b) WILL BREAK row, look up the actual finding ID from the corresponding scanner source:
- `grep -n "id: 'CA-GAP-" scanners/feature-gap-scanner.mjs`
- `grep -n "id: 'CA-HKV-" scanners/hook-validator.mjs`
- `grep -n "id: 'CA-PLH-" scanners/plugin-health-scanner.mjs`
- `grep -n "id: 'CA-SET-" scanners/settings-validator.mjs`
2. Replace the title check with `f.id === '<exact-id>'`. If the test cares about a sub-variant (e.g., a specific deprecated key), pair the ID anchor with an `f.evidence.includes(...)` substring check — humanizer preserves `evidence` exactly.
3. For broad categorical checks ("any GAP finding fired"), use `f.id.startsWith('CA-GAP-')`.
4. For tests that capture `f.title` only inside `assert` failure-message templates (class (a)): leave them. Humanization changes the displayed string but the assertion still anchors on `f.id`.
5. Re-run `node --test 'tests/**/*.test.mjs'` after changes; expect zero regressions before proceeding to Step 5.
## Total scope for Step 4
- **6 test files** require code changes (`output.test.mjs` and `diff-engine.test.mjs` are clean).
- **34 distinct assertions** to convert.
- Estimated effort: 12 hours including ID lookup and verification.

30
plugins/config-audit/tests/snapshots/v5.0.0-stderr/posture.txt Normal file
View file

@ -0,0 +1,30 @@
[CML] CLAUDE.md Linter: 0 finding(s) (9ms)
[SET] Settings Validator: 0 finding(s) (0ms)
[HKV] Hook Validator: 0 finding(s) (2ms)
[RUL] Rules Validator: 0 finding(s) (0ms)
[MCP] MCP Config Validator: 0 finding(s) (1ms)
[IMP] Import Resolver: 0 finding(s) (1ms)
[CNF] Conflict Detector: 0 finding(s) (1ms)
[GAP] Feature Gap Scanner: 17 finding(s) (3ms)
[TOK] Token Hotspots: 1 finding(s) (116ms)
[CPS] Cache-Prefix Stability: 0 finding(s) (1ms)
[DIS] Disabled-In-Schema: 1 finding(s) (1ms)
[COL] Plugin Skill Collision: 1 finding(s) (77ms)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Config-Audit Health Score
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Health: A (97/100) 9 areas scanned
Area Scores
───────────
CLAUDE.md ........... A (100) Settings ............ A (90)
Hooks ............... A (100) Rules ............... A (100)
MCP ................. A (100) Imports ............. A (100)
Conflicts ........... A (100) Token Efficiency .... A (90)
Plugin Hygiene ...... A (90)
17 opportunities available — run /config-audit feature-gap for recommendations
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

421
plugins/config-audit/tests/snapshots/v5.0.0/drift.json Normal file
View file

@ -0,0 +1,421 @@
{
"newFindings": [],
"resolvedFindings": [],
"unchangedFindings": [
{
"id": "CA-GAP-001",
"scanner": "GAP",
"severity": "medium",
"title": "No custom skills or commands",
"description": "Feature gap: No custom skills or commands. Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"file": null,
"line": null,
"evidence": null,
"category": "t1",
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"autoFixable": false
},
{
"id": "CA-GAP-002",
"scanner": "GAP",
"severity": "low",
"title": "Settings only at one scope",
"description": "Feature gap: Settings only at one scope. Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"autoFixable": false
},
{
"id": "CA-GAP-003",
"scanner": "GAP",
"severity": "low",
"title": "No path-scoped rules",
"description": "Feature gap: No path-scoped rules. Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"autoFixable": false
},
{
"id": "CA-GAP-004",
"scanner": "GAP",
"severity": "low",
"title": "Low hook diversity",
"description": "Feature gap: Low hook diversity. Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"autoFixable": false
},
{
"id": "CA-GAP-005",
"scanner": "GAP",
"severity": "low",
"title": "No custom subagents",
"description": "Feature gap: No custom subagents. Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"autoFixable": false
},
{
"id": "CA-GAP-006",
"scanner": "GAP",
"severity": "low",
"title": "No model configuration",
"description": "Feature gap: No model configuration. Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"autoFixable": false
},
{
"id": "CA-GAP-007",
"scanner": "GAP",
"severity": "info",
"title": "No status line configured",
"description": "Feature gap: No status line configured. Configure statusLine in settings.json to show context window usage, cost, and model info.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info.",
"autoFixable": false
},
{
"id": "CA-GAP-008",
"scanner": "GAP",
"severity": "info",
"title": "No custom keybindings",
"description": "Feature gap: No custom keybindings. Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"autoFixable": false
},
{
"id": "CA-GAP-009",
"scanner": "GAP",
"severity": "info",
"title": "Using default output style",
"description": "Feature gap: Using default output style. Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"autoFixable": false
},
{
"id": "CA-GAP-010",
"scanner": "GAP",
"severity": "info",
"title": "No worktree workflow",
"description": "Feature gap: No worktree workflow. Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"autoFixable": false
},
{
"id": "CA-GAP-011",
"scanner": "GAP",
"severity": "info",
"title": "No advanced skill frontmatter",
"description": "Feature gap: No advanced skill frontmatter. Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"autoFixable": false
},
{
"id": "CA-GAP-012",
"scanner": "GAP",
"severity": "info",
"title": "No subagent isolation",
"description": "Feature gap: No subagent isolation. Use isolation: worktree in agent frontmatter for safe parallel development.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development.",
"autoFixable": false
},
{
"id": "CA-GAP-013",
"scanner": "GAP",
"severity": "info",
"title": "No dynamic skill context",
"description": "Feature gap: No dynamic skill context. Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"autoFixable": false
},
{
"id": "CA-GAP-014",
"scanner": "GAP",
"severity": "info",
"title": "No autoMode classifier",
"description": "Feature gap: No autoMode classifier. Configure autoMode in user/local settings with environment context and allow/deny rules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules.",
"autoFixable": false
},
{
"id": "CA-GAP-015",
"scanner": "GAP",
"severity": "info",
"title": "No custom plugin",
"description": "Feature gap: No custom plugin. Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"autoFixable": false
},
{
"id": "CA-GAP-016",
"scanner": "GAP",
"severity": "info",
"title": "No managed settings",
"description": "Feature gap: No managed settings. Use managed-settings.json for organization-wide policy enforcement.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Use managed-settings.json for organization-wide policy enforcement.",
"autoFixable": false
},
{
"id": "CA-GAP-017",
"scanner": "GAP",
"severity": "info",
"title": "No LSP plugins",
"description": "Feature gap: No LSP plugins. Add .lsp.json for real-time code intelligence from language servers.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Add .lsp.json for real-time code intelligence from language servers.",
"autoFixable": false
},
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
},
{
"id": "CA-DIS-001",
"scanner": "DIS",
"severity": "low",
"title": "Tool listed in both permissions.deny and permissions.allow",
"description": ".claude/settings.json contains 1 tool present in both deny and allow lists. The deny list wins — the allow entries are dead config but still load on every turn and may confuse future readers about intent.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"line": null,
"evidence": "Read: allow=\"Read(src/**)\" + deny=\"Read(./.env)\"",
"category": "permissions-hygiene",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly.",
"autoFixable": false
},
{
"id": "CA-COL-001",
"scanner": "COL",
"severity": "low",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"description": "2 plugins (okr, okr) expose a skill named \"okr-offentlig-sektor\". Even when invocation is namespaced via /plugin:skill, shared names create ambiguity in error messages, search results, and the plugin-skills enumeration.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"line": null,
"evidence": "name=\"okr-offentlig-sektor\"; plugins=okr,okr",
"category": "plugin-hygiene",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source.",
"autoFixable": false,
"details": {
"namespaces": [
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
},
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
}
]
}
}
],
"movedFindings": [],
"scoreChange": {
"before": {
"score": 91,
"grade": "A"
},
"after": {
"score": 91,
"grade": "A"
},
"delta": 0
},
"areaChanges": [
{
"name": "CLAUDE.md",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Settings",
"before": {
"score": 90,
"grade": "A"
},
"after": {
"score": 90,
"grade": "A"
},
"delta": 0
},
{
"name": "Hooks",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Rules",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "MCP",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Imports",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Conflicts",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Feature Coverage",
"before": {
"score": 43,
"grade": "D"
},
"after": {
"score": 43,
"grade": "D"
},
"delta": 0
},
{
"name": "Token Efficiency",
"before": {
"score": 90,
"grade": "A"
},
"after": {
"score": 90,
"grade": "A"
},
"delta": 0
},
{
"name": "Plugin Hygiene",
"before": {
"score": 90,
"grade": "A"
},
"after": {
"score": 90,
"grade": "A"
},
"delta": 0
}
],
"summary": {
"totalBefore": 20,
"totalAfter": 20,
"newCount": 0,
"resolvedCount": 0,
"trend": "stable"
}
}

130
plugins/config-audit/tests/snapshots/v5.0.0/fix-cli.json Normal file
View file

@ -0,0 +1,130 @@
{
"planned": [],
"applied": [],
"failed": [],
"verified": [],
"regressions": [],
"manual": [
{
"findingId": "CA-GAP-001",
"title": "No custom skills or commands",
"file": null,
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows."
},
{
"findingId": "CA-GAP-002",
"title": "Settings only at one scope",
"file": null,
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal)."
},
{
"findingId": "CA-GAP-003",
"title": "No path-scoped rules",
"file": null,
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files."
},
{
"findingId": "CA-GAP-004",
"title": "Low hook diversity",
"file": null,
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation."
},
{
"findingId": "CA-GAP-005",
"title": "No custom subagents",
"file": null,
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection."
},
{
"findingId": "CA-GAP-006",
"title": "No model configuration",
"file": null,
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization."
},
{
"findingId": "CA-GAP-007",
"title": "No status line configured",
"file": null,
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info."
},
{
"findingId": "CA-GAP-008",
"title": "No custom keybindings",
"file": null,
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter)."
},
{
"findingId": "CA-GAP-009",
"title": "Using default output style",
"file": null,
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/."
},
{
"findingId": "CA-GAP-010",
"title": "No worktree workflow",
"file": null,
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules."
},
{
"findingId": "CA-GAP-011",
"title": "No advanced skill frontmatter",
"file": null,
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control."
},
{
"findingId": "CA-GAP-012",
"title": "No subagent isolation",
"file": null,
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development."
},
{
"findingId": "CA-GAP-013",
"title": "No dynamic skill context",
"file": null,
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`)."
},
{
"findingId": "CA-GAP-014",
"title": "No autoMode classifier",
"file": null,
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules."
},
{
"findingId": "CA-GAP-015",
"title": "No custom plugin",
"file": null,
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json."
},
{
"findingId": "CA-GAP-016",
"title": "No managed settings",
"file": null,
"recommendation": "Use managed-settings.json for organization-wide policy enforcement."
},
{
"findingId": "CA-GAP-017",
"title": "No LSP plugins",
"file": null,
"recommendation": "Add .lsp.json for real-time code intelligence from language servers."
},
{
"findingId": "CA-TOK-001",
"title": "High MCP tool-schema budget on server \"memory\"",
"file": ".mcp.json",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md."
},
{
"findingId": "CA-DIS-001",
"title": "Tool listed in both permissions.deny and permissions.allow",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly."
},
{
"findingId": "CA-COL-001",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source."
}
],
"backupId": null
}

1253
plugins/config-audit/tests/snapshots/v5.0.0/manifest.json Normal file
View file

File diff suppressed because it is too large Load diff

14
plugins/config-audit/tests/snapshots/v5.0.0/plugin-health.json Normal file
View file

@ -0,0 +1,14 @@
{
"scanner": "PLH",
"status": "ok",
"files_scanned": 1,
"duration_ms": 17,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}

639
plugins/config-audit/tests/snapshots/v5.0.0/posture.json Normal file
View file

@ -0,0 +1,639 @@
{
"utilization": {
"score": 43,
"overhang": 57
},
"maturity": {
"level": 2,
"name": "Structured",
"description": "Rules, skills, hooks"
},
"segment": {
"segment": "Developing",
"description": "Basic setup — significant features untapped"
},
"areas": [
{
"id": "claude_md",
"name": "CLAUDE.md",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "settings",
"name": "Settings",
"grade": "A",
"score": 90,
"findingCount": 1
},
{
"id": "hooks",
"name": "Hooks",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "rules",
"name": "Rules",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "mcp",
"name": "MCP",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "imports",
"name": "Imports",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "conflicts",
"name": "Conflicts",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "feature_coverage",
"name": "Feature Coverage",
"grade": "D",
"score": 43,
"findingCount": 17
},
{
"id": "token_efficiency",
"name": "Token Efficiency",
"grade": "A",
"score": 90,
"findingCount": 1
},
{
"id": "plugin_hygiene",
"name": "Plugin Hygiene",
"grade": "A",
"score": 90,
"findingCount": 1
}
],
"overallGrade": "A",
"topActions": [
"Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files."
],
"opportunityCount": 17,
"scannerEnvelope": {
"meta": {
"target": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium",
"timestamp": "2026-05-01T14:44:22.725Z",
"version": "2.2.0",
"tool": "config-audit"
},
"scanners": [
{
"scanner": "CML",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "SET",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "HKV",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "RUL",
"status": "skipped",
"files_scanned": 0,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "MCP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "IMP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "CNF",
"status": "ok",
"files_scanned": 2,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "GAP",
"status": "ok",
"files_scanned": 4,
"duration_ms": 3,
"findings": [
{
"id": "CA-GAP-001",
"scanner": "GAP",
"severity": "medium",
"title": "No custom skills or commands",
"description": "Feature gap: No custom skills or commands. Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"file": null,
"line": null,
"evidence": null,
"category": "t1",
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"autoFixable": false
},
{
"id": "CA-GAP-002",
"scanner": "GAP",
"severity": "low",
"title": "Settings only at one scope",
"description": "Feature gap: Settings only at one scope. Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"autoFixable": false
},
{
"id": "CA-GAP-003",
"scanner": "GAP",
"severity": "low",
"title": "No path-scoped rules",
"description": "Feature gap: No path-scoped rules. Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"autoFixable": false
},
{
"id": "CA-GAP-004",
"scanner": "GAP",
"severity": "low",
"title": "Low hook diversity",
"description": "Feature gap: Low hook diversity. Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"autoFixable": false
},
{
"id": "CA-GAP-005",
"scanner": "GAP",
"severity": "low",
"title": "No custom subagents",
"description": "Feature gap: No custom subagents. Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"autoFixable": false
},
{
"id": "CA-GAP-006",
"scanner": "GAP",
"severity": "low",
"title": "No model configuration",
"description": "Feature gap: No model configuration. Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"autoFixable": false
},
{
"id": "CA-GAP-007",
"scanner": "GAP",
"severity": "info",
"title": "No status line configured",
"description": "Feature gap: No status line configured. Configure statusLine in settings.json to show context window usage, cost, and model info.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info.",
"autoFixable": false
},
{
"id": "CA-GAP-008",
"scanner": "GAP",
"severity": "info",
"title": "No custom keybindings",
"description": "Feature gap: No custom keybindings. Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"autoFixable": false
},
{
"id": "CA-GAP-009",
"scanner": "GAP",
"severity": "info",
"title": "Using default output style",
"description": "Feature gap: Using default output style. Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"autoFixable": false
},
{
"id": "CA-GAP-010",
"scanner": "GAP",
"severity": "info",
"title": "No worktree workflow",
"description": "Feature gap: No worktree workflow. Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"autoFixable": false
},
{
"id": "CA-GAP-011",
"scanner": "GAP",
"severity": "info",
"title": "No advanced skill frontmatter",
"description": "Feature gap: No advanced skill frontmatter. Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"autoFixable": false
},
{
"id": "CA-GAP-012",
"scanner": "GAP",
"severity": "info",
"title": "No subagent isolation",
"description": "Feature gap: No subagent isolation. Use isolation: worktree in agent frontmatter for safe parallel development.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development.",
"autoFixable": false
},
{
"id": "CA-GAP-013",
"scanner": "GAP",
"severity": "info",
"title": "No dynamic skill context",
"description": "Feature gap: No dynamic skill context. Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"autoFixable": false
},
{
"id": "CA-GAP-014",
"scanner": "GAP",
"severity": "info",
"title": "No autoMode classifier",
"description": "Feature gap: No autoMode classifier. Configure autoMode in user/local settings with environment context and allow/deny rules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules.",
"autoFixable": false
},
{
"id": "CA-GAP-015",
"scanner": "GAP",
"severity": "info",
"title": "No custom plugin",
"description": "Feature gap: No custom plugin. Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"autoFixable": false
},
{
"id": "CA-GAP-016",
"scanner": "GAP",
"severity": "info",
"title": "No managed settings",
"description": "Feature gap: No managed settings. Use managed-settings.json for organization-wide policy enforcement.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Use managed-settings.json for organization-wide policy enforcement.",
"autoFixable": false
},
{
"id": "CA-GAP-017",
"scanner": "GAP",
"severity": "info",
"title": "No LSP plugins",
"description": "Feature gap: No LSP plugins. Add .lsp.json for real-time code intelligence from language servers.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Add .lsp.json for real-time code intelligence from language servers.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 5,
"info": 11
}
},
{
"scanner": "TOK",
"status": "ok",
"files_scanned": 2,
"duration_ms": 167,
"findings": [
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
},
"hotspots": [
{
"source": "mcp:memory (.mcp.json)",
"estimated_tokens": 500,
"rank": 1,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:sadhguru-wisdom (plugin:sadhguru-wisdom)",
"estimated_tokens": 500,
"rank": 2,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:vegnorm-rag (plugin:vegnormalene)",
"estimated_tokens": 500,
"rank": 3,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "CLAUDE.md",
"estimated_tokens": 116,
"rank": 4,
"recommendations": [
"Move volatile top-of-file content to the bottom or extract to an @import-ed file.",
"Split overlong CLAUDE.md into focused @imports (≤200 lines each)."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/CLAUDE.md"
},
{
"source": "hooks/hooks.json",
"estimated_tokens": 81,
"rank": 5,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/hooks/hooks.json"
},
{
"source": ".claude/settings.json",
"estimated_tokens": 59,
"rank": 6,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json"
},
{
"source": ".mcp.json",
"estimated_tokens": 53,
"rank": 7,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.mcp.json"
}
],
"total_estimated_tokens": 1809,
"activeConfig": {
"claudeMdEstimatedTokens": 5716,
"mcpServerCount": 3,
"pluginCount": 41,
"skillCount": 65
}
},
{
"scanner": "CPS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "DIS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [
{
"id": "CA-DIS-001",
"scanner": "DIS",
"severity": "low",
"title": "Tool listed in both permissions.deny and permissions.allow",
"description": ".claude/settings.json contains 1 tool present in both deny and allow lists. The deny list wins — the allow entries are dead config but still load on every turn and may confuse future readers about intent.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"line": null,
"evidence": "Read: allow=\"Read(src/**)\" + deny=\"Read(./.env)\"",
"category": "permissions-hygiene",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
},
{
"scanner": "COL",
"status": "ok",
"files_scanned": 65,
"duration_ms": 107,
"findings": [
{
"id": "CA-COL-001",
"scanner": "COL",
"severity": "low",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"description": "2 plugins (okr, okr) expose a skill named \"okr-offentlig-sektor\". Even when invocation is namespaced via /plugin:skill, shared names create ambiguity in error messages, search results, and the plugin-skills enumeration.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"line": null,
"evidence": "name=\"okr-offentlig-sektor\"; plugins=okr,okr",
"category": "plugin-hygiene",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source.",
"autoFixable": false,
"details": {
"namespaces": [
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
},
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
}
]
}
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
}
],
"aggregate": {
"total_findings": 20,
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 8,
"info": 11
},
"risk_score": 12,
"risk_band": "Medium",
"verdict": "PASS",
"scanners_ok": 11,
"scanners_error": 0,
"scanners_skipped": 1
}
}
}

545
plugins/config-audit/tests/snapshots/v5.0.0/scan-orchestrator.json Normal file
View file

@ -0,0 +1,545 @@
{
"meta": {
"target": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium",
"timestamp": "2026-05-01T14:44:16.877Z",
"version": "2.2.0",
"tool": "config-audit"
},
"scanners": [
{
"scanner": "CML",
"status": "ok",
"files_scanned": 1,
"duration_ms": 2,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "SET",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "HKV",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "RUL",
"status": "skipped",
"files_scanned": 0,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "MCP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "IMP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "CNF",
"status": "ok",
"files_scanned": 2,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "GAP",
"status": "ok",
"files_scanned": 4,
"duration_ms": 2,
"findings": [
{
"id": "CA-GAP-001",
"scanner": "GAP",
"severity": "medium",
"title": "No custom skills or commands",
"description": "Feature gap: No custom skills or commands. Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"file": null,
"line": null,
"evidence": null,
"category": "t1",
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"autoFixable": false
},
{
"id": "CA-GAP-002",
"scanner": "GAP",
"severity": "low",
"title": "Settings only at one scope",
"description": "Feature gap: Settings only at one scope. Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"autoFixable": false
},
{
"id": "CA-GAP-003",
"scanner": "GAP",
"severity": "low",
"title": "No path-scoped rules",
"description": "Feature gap: No path-scoped rules. Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"autoFixable": false
},
{
"id": "CA-GAP-004",
"scanner": "GAP",
"severity": "low",
"title": "Low hook diversity",
"description": "Feature gap: Low hook diversity. Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"autoFixable": false
},
{
"id": "CA-GAP-005",
"scanner": "GAP",
"severity": "low",
"title": "No custom subagents",
"description": "Feature gap: No custom subagents. Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"autoFixable": false
},
{
"id": "CA-GAP-006",
"scanner": "GAP",
"severity": "low",
"title": "No model configuration",
"description": "Feature gap: No model configuration. Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"autoFixable": false
},
{
"id": "CA-GAP-007",
"scanner": "GAP",
"severity": "info",
"title": "No status line configured",
"description": "Feature gap: No status line configured. Configure statusLine in settings.json to show context window usage, cost, and model info.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info.",
"autoFixable": false
},
{
"id": "CA-GAP-008",
"scanner": "GAP",
"severity": "info",
"title": "No custom keybindings",
"description": "Feature gap: No custom keybindings. Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"autoFixable": false
},
{
"id": "CA-GAP-009",
"scanner": "GAP",
"severity": "info",
"title": "Using default output style",
"description": "Feature gap: Using default output style. Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"autoFixable": false
},
{
"id": "CA-GAP-010",
"scanner": "GAP",
"severity": "info",
"title": "No worktree workflow",
"description": "Feature gap: No worktree workflow. Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"autoFixable": false
},
{
"id": "CA-GAP-011",
"scanner": "GAP",
"severity": "info",
"title": "No advanced skill frontmatter",
"description": "Feature gap: No advanced skill frontmatter. Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"autoFixable": false
},
{
"id": "CA-GAP-012",
"scanner": "GAP",
"severity": "info",
"title": "No subagent isolation",
"description": "Feature gap: No subagent isolation. Use isolation: worktree in agent frontmatter for safe parallel development.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development.",
"autoFixable": false
},
{
"id": "CA-GAP-013",
"scanner": "GAP",
"severity": "info",
"title": "No dynamic skill context",
"description": "Feature gap: No dynamic skill context. Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"autoFixable": false
},
{
"id": "CA-GAP-014",
"scanner": "GAP",
"severity": "info",
"title": "No autoMode classifier",
"description": "Feature gap: No autoMode classifier. Configure autoMode in user/local settings with environment context and allow/deny rules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules.",
"autoFixable": false
},
{
"id": "CA-GAP-015",
"scanner": "GAP",
"severity": "info",
"title": "No custom plugin",
"description": "Feature gap: No custom plugin. Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"autoFixable": false
},
{
"id": "CA-GAP-016",
"scanner": "GAP",
"severity": "info",
"title": "No managed settings",
"description": "Feature gap: No managed settings. Use managed-settings.json for organization-wide policy enforcement.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Use managed-settings.json for organization-wide policy enforcement.",
"autoFixable": false
},
{
"id": "CA-GAP-017",
"scanner": "GAP",
"severity": "info",
"title": "No LSP plugins",
"description": "Feature gap: No LSP plugins. Add .lsp.json for real-time code intelligence from language servers.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Add .lsp.json for real-time code intelligence from language servers.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 5,
"info": 11
}
},
{
"scanner": "TOK",
"status": "ok",
"files_scanned": 2,
"duration_ms": 120,
"findings": [
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
},
"hotspots": [
{
"source": "mcp:memory (.mcp.json)",
"estimated_tokens": 500,
"rank": 1,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:sadhguru-wisdom (plugin:sadhguru-wisdom)",
"estimated_tokens": 500,
"rank": 2,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:vegnorm-rag (plugin:vegnormalene)",
"estimated_tokens": 500,
"rank": 3,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "CLAUDE.md",
"estimated_tokens": 116,
"rank": 4,
"recommendations": [
"Move volatile top-of-file content to the bottom or extract to an @import-ed file.",
"Split overlong CLAUDE.md into focused @imports (≤200 lines each)."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/CLAUDE.md"
},
{
"source": "hooks/hooks.json",
"estimated_tokens": 81,
"rank": 5,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/hooks/hooks.json"
},
{
"source": ".claude/settings.json",
"estimated_tokens": 59,
"rank": 6,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json"
},
{
"source": ".mcp.json",
"estimated_tokens": 53,
"rank": 7,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.mcp.json"
}
],
"total_estimated_tokens": 1809,
"activeConfig": {
"claudeMdEstimatedTokens": 5716,
"mcpServerCount": 3,
"pluginCount": 41,
"skillCount": 65
}
},
{
"scanner": "CPS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "DIS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [
{
"id": "CA-DIS-001",
"scanner": "DIS",
"severity": "low",
"title": "Tool listed in both permissions.deny and permissions.allow",
"description": ".claude/settings.json contains 1 tool present in both deny and allow lists. The deny list wins — the allow entries are dead config but still load on every turn and may confuse future readers about intent.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"line": null,
"evidence": "Read: allow=\"Read(src/**)\" + deny=\"Read(./.env)\"",
"category": "permissions-hygiene",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
},
{
"scanner": "COL",
"status": "ok",
"files_scanned": 65,
"duration_ms": 91,
"findings": [
{
"id": "CA-COL-001",
"scanner": "COL",
"severity": "low",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"description": "2 plugins (okr, okr) expose a skill named \"okr-offentlig-sektor\". Even when invocation is namespaced via /plugin:skill, shared names create ambiguity in error messages, search results, and the plugin-skills enumeration.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"line": null,
"evidence": "name=\"okr-offentlig-sektor\"; plugins=okr,okr",
"category": "plugin-hygiene",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source.",
"autoFixable": false,
"details": {
"namespaces": [
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
},
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
}
]
}
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
}
],
"aggregate": {
"total_findings": 20,
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 8,
"info": 11
},
"risk_score": 12,
"risk_band": "Medium",
"verdict": "PASS",
"scanners_ok": 11,
"scanners_error": 0,
"scanners_skipped": 1
}
}

95
plugins/config-audit/tests/snapshots/v5.0.0/token-hotspots.json Normal file
View file

@ -0,0 +1,95 @@
{
"scanner": "TOK",
"status": "ok",
"files_scanned": 2,
"duration_ms": 119,
"total_estimated_tokens": 1809,
"hotspots": [
{
"source": "mcp:memory (.mcp.json)",
"estimated_tokens": 500,
"rank": 1,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:sadhguru-wisdom (plugin:sadhguru-wisdom)",
"estimated_tokens": 500,
"rank": 2,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:vegnorm-rag (plugin:vegnormalene)",
"estimated_tokens": 500,
"rank": 3,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "CLAUDE.md",
"estimated_tokens": 116,
"rank": 4,
"recommendations": [
"Move volatile top-of-file content to the bottom or extract to an @import-ed file.",
"Split overlong CLAUDE.md into focused @imports (≤200 lines each)."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/CLAUDE.md"
},
{
"source": "hooks/hooks.json",
"estimated_tokens": 81,
"rank": 5,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/hooks/hooks.json"
},
{
"source": ".claude/settings.json",
"estimated_tokens": 59,
"rank": 6,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json"
},
{
"source": ".mcp.json",
"estimated_tokens": 53,
"rank": 7,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.mcp.json"
}
],
"findings": [
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
}

1886
plugins/config-audit/tests/snapshots/v5.0.0/whats-active.json Normal file
View file

File diff suppressed because it is too large Load diff