open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

chore(humanizer): pre-flight snapshots + test audit for v5.1.0

Browse source 
Wave 0 / Step 0 of the v5.1.0 plain-language UX humanizer plan.

Captures v5.0.0 baseline output for all 8 CLIs at
tests/snapshots/v5.0.0/ — these snapshots are immutable references
for SC-6 (--json byte-equal) and SC-7 (--raw byte-equal) tests in
later waves.

- 5 CLIs captured via --output-file: scan-orchestrator, posture,
  token-hotspots-cli, manifest, whats-active
- 3 CLIs captured via stdout redirect (no --output-file support):
  drift-cli (after baseline seed), fix-cli, plugin-health-scanner
- Posture stderr scorecard captured separately for SC-7 stderr-mode
  comparison

docs/v5.1.0-test-audit.md classifies all 42 .title references in
7 known test files: 34 will break under humanization (literal
string equality / substring), 8 are safe (test fixtures or error
formatting). This document is the change list for Step 4.

Project: .claude/projects/2026-05-01-config-audit-ux-redesign/
This commit is contained in:
Kjell Tore Guttormsen 2026-05-01 16:47:13 +02:00
commit 2397ffb5e4
10 changed files with 5134 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

30
plugins/config-audit/tests/snapshots/v5.0.0-stderr/posture.txt Normal file
View file

@ -0,0 +1,30 @@
[CML] CLAUDE.md Linter: 0 finding(s) (9ms)
[SET] Settings Validator: 0 finding(s) (0ms)
[HKV] Hook Validator: 0 finding(s) (2ms)
[RUL] Rules Validator: 0 finding(s) (0ms)
[MCP] MCP Config Validator: 0 finding(s) (1ms)
[IMP] Import Resolver: 0 finding(s) (1ms)
[CNF] Conflict Detector: 0 finding(s) (1ms)
[GAP] Feature Gap Scanner: 17 finding(s) (3ms)
[TOK] Token Hotspots: 1 finding(s) (116ms)
[CPS] Cache-Prefix Stability: 0 finding(s) (1ms)
[DIS] Disabled-In-Schema: 1 finding(s) (1ms)
[COL] Plugin Skill Collision: 1 finding(s) (77ms)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Config-Audit Health Score
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Health: A (97/100) 9 areas scanned
Area Scores
───────────
CLAUDE.md ........... A (100) Settings ............ A (90)
Hooks ............... A (100) Rules ............... A (100)
MCP ................. A (100) Imports ............. A (100)
Conflicts ........... A (100) Token Efficiency .... A (90)
Plugin Hygiene ...... A (90)
17 opportunities available — run /config-audit feature-gap for recommendations
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

421
plugins/config-audit/tests/snapshots/v5.0.0/drift.json Normal file
View file

@ -0,0 +1,421 @@
{
"newFindings": [],
"resolvedFindings": [],
"unchangedFindings": [
{
"id": "CA-GAP-001",
"scanner": "GAP",
"severity": "medium",
"title": "No custom skills or commands",
"description": "Feature gap: No custom skills or commands. Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"file": null,
"line": null,
"evidence": null,
"category": "t1",
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"autoFixable": false
},
{
"id": "CA-GAP-002",
"scanner": "GAP",
"severity": "low",
"title": "Settings only at one scope",
"description": "Feature gap: Settings only at one scope. Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"autoFixable": false
},
{
"id": "CA-GAP-003",
"scanner": "GAP",
"severity": "low",
"title": "No path-scoped rules",
"description": "Feature gap: No path-scoped rules. Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"autoFixable": false
},
{
"id": "CA-GAP-004",
"scanner": "GAP",
"severity": "low",
"title": "Low hook diversity",
"description": "Feature gap: Low hook diversity. Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"autoFixable": false
},
{
"id": "CA-GAP-005",
"scanner": "GAP",
"severity": "low",
"title": "No custom subagents",
"description": "Feature gap: No custom subagents. Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"autoFixable": false
},
{
"id": "CA-GAP-006",
"scanner": "GAP",
"severity": "low",
"title": "No model configuration",
"description": "Feature gap: No model configuration. Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"autoFixable": false
},
{
"id": "CA-GAP-007",
"scanner": "GAP",
"severity": "info",
"title": "No status line configured",
"description": "Feature gap: No status line configured. Configure statusLine in settings.json to show context window usage, cost, and model info.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info.",
"autoFixable": false
},
{
"id": "CA-GAP-008",
"scanner": "GAP",
"severity": "info",
"title": "No custom keybindings",
"description": "Feature gap: No custom keybindings. Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"autoFixable": false
},
{
"id": "CA-GAP-009",
"scanner": "GAP",
"severity": "info",
"title": "Using default output style",
"description": "Feature gap: Using default output style. Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"autoFixable": false
},
{
"id": "CA-GAP-010",
"scanner": "GAP",
"severity": "info",
"title": "No worktree workflow",
"description": "Feature gap: No worktree workflow. Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"autoFixable": false
},
{
"id": "CA-GAP-011",
"scanner": "GAP",
"severity": "info",
"title": "No advanced skill frontmatter",
"description": "Feature gap: No advanced skill frontmatter. Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"autoFixable": false
},
{
"id": "CA-GAP-012",
"scanner": "GAP",
"severity": "info",
"title": "No subagent isolation",
"description": "Feature gap: No subagent isolation. Use isolation: worktree in agent frontmatter for safe parallel development.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development.",
"autoFixable": false
},
{
"id": "CA-GAP-013",
"scanner": "GAP",
"severity": "info",
"title": "No dynamic skill context",
"description": "Feature gap: No dynamic skill context. Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"autoFixable": false
},
{
"id": "CA-GAP-014",
"scanner": "GAP",
"severity": "info",
"title": "No autoMode classifier",
"description": "Feature gap: No autoMode classifier. Configure autoMode in user/local settings with environment context and allow/deny rules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules.",
"autoFixable": false
},
{
"id": "CA-GAP-015",
"scanner": "GAP",
"severity": "info",
"title": "No custom plugin",
"description": "Feature gap: No custom plugin. Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"autoFixable": false
},
{
"id": "CA-GAP-016",
"scanner": "GAP",
"severity": "info",
"title": "No managed settings",
"description": "Feature gap: No managed settings. Use managed-settings.json for organization-wide policy enforcement.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Use managed-settings.json for organization-wide policy enforcement.",
"autoFixable": false
},
{
"id": "CA-GAP-017",
"scanner": "GAP",
"severity": "info",
"title": "No LSP plugins",
"description": "Feature gap: No LSP plugins. Add .lsp.json for real-time code intelligence from language servers.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Add .lsp.json for real-time code intelligence from language servers.",
"autoFixable": false
},
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
},
{
"id": "CA-DIS-001",
"scanner": "DIS",
"severity": "low",
"title": "Tool listed in both permissions.deny and permissions.allow",
"description": ".claude/settings.json contains 1 tool present in both deny and allow lists. The deny list wins — the allow entries are dead config but still load on every turn and may confuse future readers about intent.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"line": null,
"evidence": "Read: allow=\"Read(src/**)\" + deny=\"Read(./.env)\"",
"category": "permissions-hygiene",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly.",
"autoFixable": false
},
{
"id": "CA-COL-001",
"scanner": "COL",
"severity": "low",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"description": "2 plugins (okr, okr) expose a skill named \"okr-offentlig-sektor\". Even when invocation is namespaced via /plugin:skill, shared names create ambiguity in error messages, search results, and the plugin-skills enumeration.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"line": null,
"evidence": "name=\"okr-offentlig-sektor\"; plugins=okr,okr",
"category": "plugin-hygiene",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source.",
"autoFixable": false,
"details": {
"namespaces": [
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
},
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
}
]
}
}
],
"movedFindings": [],
"scoreChange": {
"before": {
"score": 91,
"grade": "A"
},
"after": {
"score": 91,
"grade": "A"
},
"delta": 0
},
"areaChanges": [
{
"name": "CLAUDE.md",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Settings",
"before": {
"score": 90,
"grade": "A"
},
"after": {
"score": 90,
"grade": "A"
},
"delta": 0
},
{
"name": "Hooks",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Rules",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "MCP",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Imports",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Conflicts",
"before": {
"score": 100,
"grade": "A"
},
"after": {
"score": 100,
"grade": "A"
},
"delta": 0
},
{
"name": "Feature Coverage",
"before": {
"score": 43,
"grade": "D"
},
"after": {
"score": 43,
"grade": "D"
},
"delta": 0
},
{
"name": "Token Efficiency",
"before": {
"score": 90,
"grade": "A"
},
"after": {
"score": 90,
"grade": "A"
},
"delta": 0
},
{
"name": "Plugin Hygiene",
"before": {
"score": 90,
"grade": "A"
},
"after": {
"score": 90,
"grade": "A"
},
"delta": 0
}
],
"summary": {
"totalBefore": 20,
"totalAfter": 20,
"newCount": 0,
"resolvedCount": 0,
"trend": "stable"
}
}

130
plugins/config-audit/tests/snapshots/v5.0.0/fix-cli.json Normal file
View file

@ -0,0 +1,130 @@
{
"planned": [],
"applied": [],
"failed": [],
"verified": [],
"regressions": [],
"manual": [
{
"findingId": "CA-GAP-001",
"title": "No custom skills or commands",
"file": null,
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows."
},
{
"findingId": "CA-GAP-002",
"title": "Settings only at one scope",
"file": null,
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal)."
},
{
"findingId": "CA-GAP-003",
"title": "No path-scoped rules",
"file": null,
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files."
},
{
"findingId": "CA-GAP-004",
"title": "Low hook diversity",
"file": null,
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation."
},
{
"findingId": "CA-GAP-005",
"title": "No custom subagents",
"file": null,
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection."
},
{
"findingId": "CA-GAP-006",
"title": "No model configuration",
"file": null,
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization."
},
{
"findingId": "CA-GAP-007",
"title": "No status line configured",
"file": null,
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info."
},
{
"findingId": "CA-GAP-008",
"title": "No custom keybindings",
"file": null,
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter)."
},
{
"findingId": "CA-GAP-009",
"title": "Using default output style",
"file": null,
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/."
},
{
"findingId": "CA-GAP-010",
"title": "No worktree workflow",
"file": null,
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules."
},
{
"findingId": "CA-GAP-011",
"title": "No advanced skill frontmatter",
"file": null,
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control."
},
{
"findingId": "CA-GAP-012",
"title": "No subagent isolation",
"file": null,
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development."
},
{
"findingId": "CA-GAP-013",
"title": "No dynamic skill context",
"file": null,
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`)."
},
{
"findingId": "CA-GAP-014",
"title": "No autoMode classifier",
"file": null,
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules."
},
{
"findingId": "CA-GAP-015",
"title": "No custom plugin",
"file": null,
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json."
},
{
"findingId": "CA-GAP-016",
"title": "No managed settings",
"file": null,
"recommendation": "Use managed-settings.json for organization-wide policy enforcement."
},
{
"findingId": "CA-GAP-017",
"title": "No LSP plugins",
"file": null,
"recommendation": "Add .lsp.json for real-time code intelligence from language servers."
},
{
"findingId": "CA-TOK-001",
"title": "High MCP tool-schema budget on server \"memory\"",
"file": ".mcp.json",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md."
},
{
"findingId": "CA-DIS-001",
"title": "Tool listed in both permissions.deny and permissions.allow",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly."
},
{
"findingId": "CA-COL-001",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source."
}
],
"backupId": null
}

1253
plugins/config-audit/tests/snapshots/v5.0.0/manifest.json Normal file
View file

File diff suppressed because it is too large Load diff

14
plugins/config-audit/tests/snapshots/v5.0.0/plugin-health.json Normal file
View file

@ -0,0 +1,14 @@
{
"scanner": "PLH",
"status": "ok",
"files_scanned": 1,
"duration_ms": 17,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}

639
plugins/config-audit/tests/snapshots/v5.0.0/posture.json Normal file
View file

@ -0,0 +1,639 @@
{
"utilization": {
"score": 43,
"overhang": 57
},
"maturity": {
"level": 2,
"name": "Structured",
"description": "Rules, skills, hooks"
},
"segment": {
"segment": "Developing",
"description": "Basic setup — significant features untapped"
},
"areas": [
{
"id": "claude_md",
"name": "CLAUDE.md",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "settings",
"name": "Settings",
"grade": "A",
"score": 90,
"findingCount": 1
},
{
"id": "hooks",
"name": "Hooks",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "rules",
"name": "Rules",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "mcp",
"name": "MCP",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "imports",
"name": "Imports",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "conflicts",
"name": "Conflicts",
"grade": "A",
"score": 100,
"findingCount": 0
},
{
"id": "feature_coverage",
"name": "Feature Coverage",
"grade": "D",
"score": 43,
"findingCount": 17
},
{
"id": "token_efficiency",
"name": "Token Efficiency",
"grade": "A",
"score": 90,
"findingCount": 1
},
{
"id": "plugin_hygiene",
"name": "Plugin Hygiene",
"grade": "A",
"score": 90,
"findingCount": 1
}
],
"overallGrade": "A",
"topActions": [
"Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files."
],
"opportunityCount": 17,
"scannerEnvelope": {
"meta": {
"target": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium",
"timestamp": "2026-05-01T14:44:22.725Z",
"version": "2.2.0",
"tool": "config-audit"
},
"scanners": [
{
"scanner": "CML",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "SET",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "HKV",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "RUL",
"status": "skipped",
"files_scanned": 0,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "MCP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "IMP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "CNF",
"status": "ok",
"files_scanned": 2,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "GAP",
"status": "ok",
"files_scanned": 4,
"duration_ms": 3,
"findings": [
{
"id": "CA-GAP-001",
"scanner": "GAP",
"severity": "medium",
"title": "No custom skills or commands",
"description": "Feature gap: No custom skills or commands. Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"file": null,
"line": null,
"evidence": null,
"category": "t1",
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"autoFixable": false
},
{
"id": "CA-GAP-002",
"scanner": "GAP",
"severity": "low",
"title": "Settings only at one scope",
"description": "Feature gap: Settings only at one scope. Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"autoFixable": false
},
{
"id": "CA-GAP-003",
"scanner": "GAP",
"severity": "low",
"title": "No path-scoped rules",
"description": "Feature gap: No path-scoped rules. Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"autoFixable": false
},
{
"id": "CA-GAP-004",
"scanner": "GAP",
"severity": "low",
"title": "Low hook diversity",
"description": "Feature gap: Low hook diversity. Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"autoFixable": false
},
{
"id": "CA-GAP-005",
"scanner": "GAP",
"severity": "low",
"title": "No custom subagents",
"description": "Feature gap: No custom subagents. Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"autoFixable": false
},
{
"id": "CA-GAP-006",
"scanner": "GAP",
"severity": "low",
"title": "No model configuration",
"description": "Feature gap: No model configuration. Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"autoFixable": false
},
{
"id": "CA-GAP-007",
"scanner": "GAP",
"severity": "info",
"title": "No status line configured",
"description": "Feature gap: No status line configured. Configure statusLine in settings.json to show context window usage, cost, and model info.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info.",
"autoFixable": false
},
{
"id": "CA-GAP-008",
"scanner": "GAP",
"severity": "info",
"title": "No custom keybindings",
"description": "Feature gap: No custom keybindings. Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"autoFixable": false
},
{
"id": "CA-GAP-009",
"scanner": "GAP",
"severity": "info",
"title": "Using default output style",
"description": "Feature gap: Using default output style. Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"autoFixable": false
},
{
"id": "CA-GAP-010",
"scanner": "GAP",
"severity": "info",
"title": "No worktree workflow",
"description": "Feature gap: No worktree workflow. Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"autoFixable": false
},
{
"id": "CA-GAP-011",
"scanner": "GAP",
"severity": "info",
"title": "No advanced skill frontmatter",
"description": "Feature gap: No advanced skill frontmatter. Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"autoFixable": false
},
{
"id": "CA-GAP-012",
"scanner": "GAP",
"severity": "info",
"title": "No subagent isolation",
"description": "Feature gap: No subagent isolation. Use isolation: worktree in agent frontmatter for safe parallel development.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development.",
"autoFixable": false
},
{
"id": "CA-GAP-013",
"scanner": "GAP",
"severity": "info",
"title": "No dynamic skill context",
"description": "Feature gap: No dynamic skill context. Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"autoFixable": false
},
{
"id": "CA-GAP-014",
"scanner": "GAP",
"severity": "info",
"title": "No autoMode classifier",
"description": "Feature gap: No autoMode classifier. Configure autoMode in user/local settings with environment context and allow/deny rules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules.",
"autoFixable": false
},
{
"id": "CA-GAP-015",
"scanner": "GAP",
"severity": "info",
"title": "No custom plugin",
"description": "Feature gap: No custom plugin. Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"autoFixable": false
},
{
"id": "CA-GAP-016",
"scanner": "GAP",
"severity": "info",
"title": "No managed settings",
"description": "Feature gap: No managed settings. Use managed-settings.json for organization-wide policy enforcement.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Use managed-settings.json for organization-wide policy enforcement.",
"autoFixable": false
},
{
"id": "CA-GAP-017",
"scanner": "GAP",
"severity": "info",
"title": "No LSP plugins",
"description": "Feature gap: No LSP plugins. Add .lsp.json for real-time code intelligence from language servers.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Add .lsp.json for real-time code intelligence from language servers.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 5,
"info": 11
}
},
{
"scanner": "TOK",
"status": "ok",
"files_scanned": 2,
"duration_ms": 167,
"findings": [
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
},
"hotspots": [
{
"source": "mcp:memory (.mcp.json)",
"estimated_tokens": 500,
"rank": 1,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:sadhguru-wisdom (plugin:sadhguru-wisdom)",
"estimated_tokens": 500,
"rank": 2,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:vegnorm-rag (plugin:vegnormalene)",
"estimated_tokens": 500,
"rank": 3,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "CLAUDE.md",
"estimated_tokens": 116,
"rank": 4,
"recommendations": [
"Move volatile top-of-file content to the bottom or extract to an @import-ed file.",
"Split overlong CLAUDE.md into focused @imports (≤200 lines each)."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/CLAUDE.md"
},
{
"source": "hooks/hooks.json",
"estimated_tokens": 81,
"rank": 5,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/hooks/hooks.json"
},
{
"source": ".claude/settings.json",
"estimated_tokens": 59,
"rank": 6,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json"
},
{
"source": ".mcp.json",
"estimated_tokens": 53,
"rank": 7,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.mcp.json"
}
],
"total_estimated_tokens": 1809,
"activeConfig": {
"claudeMdEstimatedTokens": 5716,
"mcpServerCount": 3,
"pluginCount": 41,
"skillCount": 65
}
},
{
"scanner": "CPS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "DIS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [
{
"id": "CA-DIS-001",
"scanner": "DIS",
"severity": "low",
"title": "Tool listed in both permissions.deny and permissions.allow",
"description": ".claude/settings.json contains 1 tool present in both deny and allow lists. The deny list wins — the allow entries are dead config but still load on every turn and may confuse future readers about intent.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"line": null,
"evidence": "Read: allow=\"Read(src/**)\" + deny=\"Read(./.env)\"",
"category": "permissions-hygiene",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
},
{
"scanner": "COL",
"status": "ok",
"files_scanned": 65,
"duration_ms": 107,
"findings": [
{
"id": "CA-COL-001",
"scanner": "COL",
"severity": "low",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"description": "2 plugins (okr, okr) expose a skill named \"okr-offentlig-sektor\". Even when invocation is namespaced via /plugin:skill, shared names create ambiguity in error messages, search results, and the plugin-skills enumeration.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"line": null,
"evidence": "name=\"okr-offentlig-sektor\"; plugins=okr,okr",
"category": "plugin-hygiene",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source.",
"autoFixable": false,
"details": {
"namespaces": [
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
},
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
}
]
}
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
}
],
"aggregate": {
"total_findings": 20,
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 8,
"info": 11
},
"risk_score": 12,
"risk_band": "Medium",
"verdict": "PASS",
"scanners_ok": 11,
"scanners_error": 0,
"scanners_skipped": 1
}
}
}

545
plugins/config-audit/tests/snapshots/v5.0.0/scan-orchestrator.json Normal file
View file

@ -0,0 +1,545 @@
{
"meta": {
"target": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium",
"timestamp": "2026-05-01T14:44:16.877Z",
"version": "2.2.0",
"tool": "config-audit"
},
"scanners": [
{
"scanner": "CML",
"status": "ok",
"files_scanned": 1,
"duration_ms": 2,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "SET",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "HKV",
"status": "ok",
"files_scanned": 1,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "RUL",
"status": "skipped",
"files_scanned": 0,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "MCP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "IMP",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "CNF",
"status": "ok",
"files_scanned": 2,
"duration_ms": 1,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "GAP",
"status": "ok",
"files_scanned": 4,
"duration_ms": 2,
"findings": [
{
"id": "CA-GAP-001",
"scanner": "GAP",
"severity": "medium",
"title": "No custom skills or commands",
"description": "Feature gap: No custom skills or commands. Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"file": null,
"line": null,
"evidence": null,
"category": "t1",
"recommendation": "Create project-specific skills in .claude/skills/ or commands in .claude/commands/ to automate repetitive workflows.",
"autoFixable": false
},
{
"id": "CA-GAP-002",
"scanner": "GAP",
"severity": "low",
"title": "Settings only at one scope",
"description": "Feature gap: Settings only at one scope. Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use all 3 settings scopes: ~/.claude/settings.json (user), .claude/settings.json (project), .claude/settings.local.json (local/personal).",
"autoFixable": false
},
{
"id": "CA-GAP-003",
"scanner": "GAP",
"severity": "low",
"title": "No path-scoped rules",
"description": "Feature gap: No path-scoped rules. Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create .claude/rules/*.md with paths: frontmatter to apply rules only to matching files.",
"autoFixable": false
},
{
"id": "CA-GAP-004",
"scanner": "GAP",
"severity": "low",
"title": "Low hook diversity",
"description": "Feature gap: Low hook diversity. Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Use hooks across 3+ events (e.g., SessionStart, PreToolUse, Stop) for comprehensive automation.",
"autoFixable": false
},
{
"id": "CA-GAP-005",
"scanner": "GAP",
"severity": "low",
"title": "No custom subagents",
"description": "Feature gap: No custom subagents. Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Create custom agents in .claude/agents/ or ~/.claude/agents/ with specialized tools and model selection.",
"autoFixable": false
},
{
"id": "CA-GAP-006",
"scanner": "GAP",
"severity": "low",
"title": "No model configuration",
"description": "Feature gap: No model configuration. Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"file": null,
"line": null,
"evidence": null,
"category": "t2",
"recommendation": "Set model preferences in settings.json (model, modelOverrides) for cost/quality optimization.",
"autoFixable": false
},
{
"id": "CA-GAP-007",
"scanner": "GAP",
"severity": "info",
"title": "No status line configured",
"description": "Feature gap: No status line configured. Configure statusLine in settings.json to show context window usage, cost, and model info.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure statusLine in settings.json to show context window usage, cost, and model info.",
"autoFixable": false
},
{
"id": "CA-GAP-008",
"scanner": "GAP",
"severity": "info",
"title": "No custom keybindings",
"description": "Feature gap: No custom keybindings. Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Create ~/.claude/keybindings.json to customize keyboard shortcuts (e.g., bind chat:newline to Shift+Enter).",
"autoFixable": false
},
{
"id": "CA-GAP-009",
"scanner": "GAP",
"severity": "info",
"title": "Using default output style",
"description": "Feature gap: Using default output style. Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Try \"Explanatory\" or \"Learning\" output styles, or create custom styles in .claude/output-styles/.",
"autoFixable": false
},
{
"id": "CA-GAP-010",
"scanner": "GAP",
"severity": "info",
"title": "No worktree workflow",
"description": "Feature gap: No worktree workflow. Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use --worktree for parallel feature development. Configure worktree.symlinkDirectories for node_modules.",
"autoFixable": false
},
{
"id": "CA-GAP-011",
"scanner": "GAP",
"severity": "info",
"title": "No advanced skill frontmatter",
"description": "Feature gap: No advanced skill frontmatter. Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use disable-model-invocation, context:fork, or argument-hint in skill frontmatter for better control.",
"autoFixable": false
},
{
"id": "CA-GAP-012",
"scanner": "GAP",
"severity": "info",
"title": "No subagent isolation",
"description": "Feature gap: No subagent isolation. Use isolation: worktree in agent frontmatter for safe parallel development.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use isolation: worktree in agent frontmatter for safe parallel development.",
"autoFixable": false
},
{
"id": "CA-GAP-013",
"scanner": "GAP",
"severity": "info",
"title": "No dynamic skill context",
"description": "Feature gap: No dynamic skill context. Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Use !`command` syntax in skills to inject dynamic context (e.g., !`git branch --show-current`).",
"autoFixable": false
},
{
"id": "CA-GAP-014",
"scanner": "GAP",
"severity": "info",
"title": "No autoMode classifier",
"description": "Feature gap: No autoMode classifier. Configure autoMode in user/local settings with environment context and allow/deny rules.",
"file": null,
"line": null,
"evidence": null,
"category": "t3",
"recommendation": "Configure autoMode in user/local settings with environment context and allow/deny rules.",
"autoFixable": false
},
{
"id": "CA-GAP-015",
"scanner": "GAP",
"severity": "info",
"title": "No custom plugin",
"description": "Feature gap: No custom plugin. Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Package reusable skills, agents, and hooks as a Claude Code plugin with .claude-plugin/plugin.json.",
"autoFixable": false
},
{
"id": "CA-GAP-016",
"scanner": "GAP",
"severity": "info",
"title": "No managed settings",
"description": "Feature gap: No managed settings. Use managed-settings.json for organization-wide policy enforcement.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Use managed-settings.json for organization-wide policy enforcement.",
"autoFixable": false
},
{
"id": "CA-GAP-017",
"scanner": "GAP",
"severity": "info",
"title": "No LSP plugins",
"description": "Feature gap: No LSP plugins. Add .lsp.json for real-time code intelligence from language servers.",
"file": null,
"line": null,
"evidence": null,
"category": "t4",
"recommendation": "Add .lsp.json for real-time code intelligence from language servers.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 5,
"info": 11
}
},
{
"scanner": "TOK",
"status": "ok",
"files_scanned": 2,
"duration_ms": 120,
"findings": [
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
},
"hotspots": [
{
"source": "mcp:memory (.mcp.json)",
"estimated_tokens": 500,
"rank": 1,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:sadhguru-wisdom (plugin:sadhguru-wisdom)",
"estimated_tokens": 500,
"rank": 2,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:vegnorm-rag (plugin:vegnormalene)",
"estimated_tokens": 500,
"rank": 3,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "CLAUDE.md",
"estimated_tokens": 116,
"rank": 4,
"recommendations": [
"Move volatile top-of-file content to the bottom or extract to an @import-ed file.",
"Split overlong CLAUDE.md into focused @imports (≤200 lines each)."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/CLAUDE.md"
},
{
"source": "hooks/hooks.json",
"estimated_tokens": 81,
"rank": 5,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/hooks/hooks.json"
},
{
"source": ".claude/settings.json",
"estimated_tokens": 59,
"rank": 6,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json"
},
{
"source": ".mcp.json",
"estimated_tokens": 53,
"rank": 7,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.mcp.json"
}
],
"total_estimated_tokens": 1809,
"activeConfig": {
"claudeMdEstimatedTokens": 5716,
"mcpServerCount": 3,
"pluginCount": 41,
"skillCount": 65
}
},
{
"scanner": "CPS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
},
{
"scanner": "DIS",
"status": "ok",
"files_scanned": 1,
"duration_ms": 0,
"findings": [
{
"id": "CA-DIS-001",
"scanner": "DIS",
"severity": "low",
"title": "Tool listed in both permissions.deny and permissions.allow",
"description": ".claude/settings.json contains 1 tool present in both deny and allow lists. The deny list wins — the allow entries are dead config but still load on every turn and may confuse future readers about intent.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json",
"line": null,
"evidence": "Read: allow=\"Read(src/**)\" + deny=\"Read(./.env)\"",
"category": "permissions-hygiene",
"recommendation": "Remove the redundant allow entries. If you actually want this tool enabled, remove it from the deny list instead. Settings should express intent clearly.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
},
{
"scanner": "COL",
"status": "ok",
"files_scanned": 65,
"duration_ms": 91,
"findings": [
{
"id": "CA-COL-001",
"scanner": "COL",
"severity": "low",
"title": "Skill name \"okr-offentlig-sektor\" used by multiple plugins",
"description": "2 plugins (okr, okr) expose a skill named \"okr-offentlig-sektor\". Even when invocation is namespaced via /plugin:skill, shared names create ambiguity in error messages, search results, and the plugin-skills enumeration.",
"file": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md",
"line": null,
"evidence": "name=\"okr-offentlig-sektor\"; plugins=okr,okr",
"category": "plugin-hygiene",
"recommendation": "Coordinate naming across plugins, or rename one to clarify intent. The shared name forces every reader to disambiguate by source.",
"autoFixable": false,
"details": {
"namespaces": [
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
},
{
"source": "plugin:okr",
"name": "okr-offentlig-sektor",
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/okr/skills/okr-offentlig-sektor/SKILL.md"
}
]
}
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
}
],
"aggregate": {
"total_findings": 20,
"counts": {
"critical": 0,
"high": 0,
"medium": 1,
"low": 8,
"info": 11
},
"risk_score": 12,
"risk_band": "Medium",
"verdict": "PASS",
"scanners_ok": 11,
"scanners_error": 0,
"scanners_skipped": 1
}
}

95
plugins/config-audit/tests/snapshots/v5.0.0/token-hotspots.json Normal file
View file

@ -0,0 +1,95 @@
{
"scanner": "TOK",
"status": "ok",
"files_scanned": 2,
"duration_ms": 119,
"total_estimated_tokens": 1809,
"hotspots": [
{
"source": "mcp:memory (.mcp.json)",
"estimated_tokens": 500,
"rank": 1,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:sadhguru-wisdom (plugin:sadhguru-wisdom)",
"estimated_tokens": 500,
"rank": 2,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "mcp:vegnorm-rag (plugin:vegnormalene)",
"estimated_tokens": 500,
"rank": 3,
"recommendations": [
"Review whether this source needs to load on every turn."
]
},
{
"source": "CLAUDE.md",
"estimated_tokens": 116,
"rank": 4,
"recommendations": [
"Move volatile top-of-file content to the bottom or extract to an @import-ed file.",
"Split overlong CLAUDE.md into focused @imports (≤200 lines each)."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/CLAUDE.md"
},
{
"source": "hooks/hooks.json",
"estimated_tokens": 81,
"rank": 5,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/hooks/hooks.json"
},
{
"source": ".claude/settings.json",
"estimated_tokens": 59,
"rank": 6,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.claude/settings.json"
},
{
"source": ".mcp.json",
"estimated_tokens": 53,
"rank": 7,
"recommendations": [
"Deduplicate overlapping entries — each duplicate inflates the per-turn schema payload.",
"Move rarely-used permissions to a project-local override."
],
"path": "/Users/ktg/.claude/plugins/marketplaces/ktg-plugin-marketplace/plugins/config-audit/tests/fixtures/marketplace-medium/.mcp.json"
}
],
"findings": [
{
"id": "CA-TOK-001",
"scanner": "TOK",
"severity": "low",
"title": "High MCP tool-schema budget on server \"memory\"",
"description": "MCP server \"memory (.mcp.json)\" has tool count unknown — could not parse manifest or cached tools/list. Tool schemas load on every turn; an unverified server may be inflating the per-turn payload silently.",
"file": ".mcp.json",
"line": null,
"evidence": "tool_count=unknown; server=\"memory\"; source=\".mcp.json\" — severity reflects estimated tokens/turn based on structural heuristic; not measured against runtime telemetry",
"category": "token-efficiency",
"recommendation": "Install the package locally (so detect-mcp-tool-count can read its manifest), or run the server once and cache its tools/list response under ~/.claude/config-audit/mcp-cache/<name>.json. See knowledge/cache-telemetry-recipe.md.",
"autoFixable": false
}
],
"counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 1,
"info": 0
}
}

1886
plugins/config-audit/tests/snapshots/v5.0.0/whats-active.json Normal file
View file

File diff suppressed because it is too large Load diff