98 lines
2.2 KiB
Markdown
98 lines
2.2 KiB
Markdown
---
|
|
name: config-audit:drift
|
|
description: Compare current configuration against a saved baseline — shows new, resolved, and changed findings
|
|
argument-hint: "[path] [--baseline name] [--save]"
|
|
allowed-tools: Read, Write, Glob, Grep, Bash
|
|
model: sonnet
|
|
---
|
|
|
|
# Config-Audit: Drift Detection
|
|
|
|
Compare current configuration against a saved baseline to see what changed.
|
|
|
|
## Arguments
|
|
|
|
- `$ARGUMENTS` may contain:
|
|
- A target path (default: current working directory)
|
|
- `--save`: Save current state as baseline
|
|
- `--baseline <name>`: Compare against a specific named baseline (default: "default")
|
|
|
|
## Implementation
|
|
|
|
### Save a baseline
|
|
|
|
If `--save` is present:
|
|
|
|
Tell the user: **"Saving current configuration as baseline..."**
|
|
|
|
```bash
|
|
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs <path> --save --name <baseline-name> 2>/dev/null
|
|
```
|
|
|
|
Read stdout for confirmation. Tell the user:
|
|
|
|
```markdown
|
|
### Baseline Saved
|
|
|
|
Captured current state as baseline "{name}".
|
|
Run `/config-audit drift` anytime to see what changed since this point.
|
|
```
|
|
|
|
### Compare against baseline
|
|
|
|
Without `--save`:
|
|
|
|
Tell the user: **"Comparing current configuration against baseline..."**
|
|
|
|
```bash
|
|
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs <path> --baseline <name> 2>/dev/null
|
|
```
|
|
|
|
Read stdout. If baseline not found, tell the user:
|
|
|
|
```
|
|
No baseline found. Save one first with:
|
|
/config-audit drift --save
|
|
```
|
|
|
|
Otherwise, parse and present the drift report:
|
|
|
|
```markdown
|
|
### Configuration Drift
|
|
|
|
**Trend:** {Improving|Degrading|Stable}
|
|
**Score:** {before} → {after} ({+/-delta} points)
|
|
|
|
{If new findings:}
|
|
#### New Issues ({count})
|
|
| ID | Severity | Description |
|
|
|----|----------|-------------|
|
|
| ... | ... | ... |
|
|
|
|
{If resolved findings:}
|
|
#### Resolved ({count})
|
|
| ID | Description |
|
|
|----|-------------|
|
|
| ... | ... |
|
|
|
|
{If area changes:}
|
|
#### Area Changes
|
|
| Area | Before | After | Change |
|
|
|------|--------|-------|--------|
|
|
| ... | ... | ... | ... |
|
|
```
|
|
|
|
### List baselines
|
|
|
|
If `$ARGUMENTS` contains `--list`:
|
|
|
|
```bash
|
|
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs --list 2>/dev/null
|
|
```
|
|
|
|
### What's next
|
|
|
|
After viewing drift:
|
|
- `/config-audit fix` — Auto-fix new findings
|
|
- `/config-audit posture` — Full posture assessment
|
|
- `/config-audit drift --save` — Update the baseline to current state
|