feat(config-audit): v3.1.0 — /config-audit whats-active inventory command

New read-only command that shows everything Claude Code actually loads for a given repo — plugins, skills, MCP servers, hooks, CLAUDE.md cascade — with source attribution (user/project/plugin) and rough token estimates. Helps identify candidates for disabling without guessing. Added: - scanners/lib/active-config-reader.mjs — pure async helper: readActiveConfig, detectGitRoot, walkClaudeMdCascade, readClaudeJsonProjectSlice (longest-prefix matching for .claude.json projects), enumeratePlugins, enumerateSkills, readActiveHooks, readActiveMcpServers, estimateTokens (markdown 4 c/tok, json 3.5 c/tok, frontmatter cap 150 tokens, item flat 15) - scanners/whats-active.mjs — thin CLI shim: --json, --output-file, --verbose, --suggest-disables - commands/whats-active.md — renders tables via Read tool; honors UX rules - tests/lib/active-config-reader.test.mjs — 36 tests, all green (integration fixture built in tmpdir with fake HOME, .claude.json prefix matching, plugin discovery, hook/MCP merge from all scopes) Verified: - Performance budget: <2s wall-clock (smoke test: 102ms on real repo) - Token estimates within ±20% of hand-computed values - Read-only: no writeFile/mkdir/unlink in production code - Self-audit: Plugin Health scanner reports 0 findings (Grade A) - Full test suite: 522 tests, 512 pass (10 pre-existing conflict-detector failures on main — unrelated to this change, reproducible on clean HEAD) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-14 21:50:20 +02:00 · 2026-04-14 21:50:20 +02:00 · 4f1cc7e0b7
commit 4f1cc7e0b7
parent d1befac35a
12 changed files with 1697 additions and 11 deletions
--- a/plugins/config-audit/CLAUDE.md
+++ b/plugins/config-audit/CLAUDE.md
@ -30,6 +30,7 @@ Analyzes and optimizes Claude Code configuration across three pillars:
 |---------|-------------|
 | `/config-audit drift` | Compare current config against saved baseline |
 | `/config-audit plugin-health` | Audit plugin structure, frontmatter, cross-plugin coherence |
+| `/config-audit whats-active` | Read-only inventory of plugins, skills, MCP, hooks, CLAUDE.md active for a repo (with token estimates) |
 | `/config-audit discover` | Run discovery phase only |
 | `/config-audit analyze` | Run analysis phase only |
 | `/config-audit interview` | Gather user preferences (opt-in) |
@ -79,6 +80,7 @@ Scanner CLI: `node scanners/scan-orchestrator.mjs <path> [--global] [--full-mach
 | `baseline.mjs` | Baseline save/load/list/delete for drift detection |
 | `report-generator.mjs` | Unified markdown reports: posture, drift, plugin health |
 | `suppression.mjs` | .config-audit-ignore parsing, finding suppression, audit trail |
+| `active-config-reader.mjs` | Read-only inventory: readActiveConfig(), detectGitRoot(), walkClaudeMdCascade(), readClaudeJsonProjectSlice() (longest-prefix match), enumeratePlugins(), enumerateSkills(), readActiveHooks(), readActiveMcpServers(), estimateTokens() |

 ### Action Engines (`scanners/`)

@ -88,6 +90,7 @@ Scanner CLI: `node scanners/scan-orchestrator.mjs <path> [--global] [--full-mach
 | `rollback-engine.mjs` | listBackups(), restoreBackup(), deleteBackup() |
 | `fix-cli.mjs` | CLI: `node fix-cli.mjs <path> [--apply] [--json] [--global]` |
 | `drift-cli.mjs` | CLI: `node drift-cli.mjs <path> [--save] [--baseline name] [--json]` |
+| `whats-active.mjs` | CLI: `node whats-active.mjs <path> [--json] [--verbose] [--suggest-disables]` — read-only active-config inventory |

 ### Standalone Scanner