--- name: config-audit:drift description: Compare current configuration against a saved baseline — shows new, resolved, and changed findings argument-hint: "[path] [--baseline name] [--save]" allowed-tools: Read, Write, Glob, Grep, Bash model: sonnet --- # Config-Audit: Drift Detection Compare current configuration against a saved baseline to see what changed. ## Arguments - `$ARGUMENTS` may contain: - A target path (default: current working directory) - `--save`: Save current state as baseline - `--baseline `: Compare against a specific named baseline (default: "default") ## Implementation ### Save a baseline If `--save` is present: Tell the user: **"Saving current configuration as baseline..."** ```bash node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs --save --name 2>/dev/null ``` Read stdout for confirmation. Tell the user: ```markdown ### Baseline Saved Captured current state as baseline "{name}". Run `/config-audit drift` anytime to see what changed since this point. ``` ### Compare against baseline Without `--save`: Tell the user: **"Comparing current configuration against baseline..."** ```bash node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs --baseline 2>/dev/null ``` Read stdout. If baseline not found, tell the user: ``` No baseline found. Save one first with: /config-audit drift --save ``` Otherwise, parse and present the drift report: ```markdown ### Configuration Drift **Trend:** {Improving|Degrading|Stable} **Score:** {before} → {after} ({+/-delta} points) {If new findings:} #### New Issues ({count}) | ID | Severity | Description | |----|----------|-------------| | ... | ... | ... | {If resolved findings:} #### Resolved ({count}) | ID | Description | |----|-------------| | ... | ... | {If area changes:} #### Area Changes | Area | Before | After | Change | |------|--------|-------|--------| | ... | ... | ... | ... | ``` ### List baselines If `$ARGUMENTS` contains `--list`: ```bash node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs --list 2>/dev/null ``` ### What's next After viewing drift: - `/config-audit fix` — Auto-fix new findings - `/config-audit posture` — Full posture assessment - `/config-audit drift --save` — Update the baseline to current state