open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/config-audit/commands/drift.md
Kjell Tore Guttormsen 6f38a6340e feat(humanizer): update audit/analysis command templates group B [skip-docs] 
Wave 5 Step 14. Threads the humanizer vocabulary through the remaining
six audit/analysis command templates and adds a shape test that locks
the structure plus a pair of anchor must-contains.

- commands/drift.md: --raw pass-through; new/resolved/changed-finding
  rendering instructions reference userActionLanguage and
  relevanceContext rather than raw severity.
- commands/plugin-health.md: --raw pass-through; finding rendering
  groups by userImpactCategory and leads with userActionLanguage.
- commands/config-audit.md (router): replaces the 25-line A/B/C/D/F
  prose ladder with a humanized stderr-scorecard reference + three
  userActionLanguage-grouped "What you can do next" branches; --raw
  threaded through both scan-orchestrator and posture invocations.
- commands/discover.md: --raw pass-through; finding-summary rendering
  groups by userImpactCategory.
- commands/analyze.md: --raw pass-through; analyzer-agent prompt now
  instructs grouping by userImpactCategory and leading with
  userActionLanguage; humanized title/description/recommendation
  strings rendered verbatim, no paraphrasing.
- commands/status.md: phase-label humanization table — current_phase
  machine field name preserved, user-facing labels translated
  ("Looking at your config files", "Working out what to recommend",
  "Asking what you'd like to focus on", "Putting together your action
  plan", "Making the changes", "Double-checking everything worked");
  --raw preserves verbatim machine field values.

tests/commands/group-b-shape.test.mjs (new, +8 tests, 772 → 780):
  - structural: bash block + Read tool + --raw/$ARGUMENTS plumbing
    across all 6 files
  - findings-renderers: humanized field reference + no grade-prose
  - anchor must-contains per plan: config-audit.md ⊇
    userImpactCategory|userActionLanguage; drift.md ⊇ --raw|humanized
  - status.md: current_phase preserved + ≥3 humanized phase labels
2026-05-01 19:45:55 +02:00

107 lines
3.6 KiB
Markdown
Raw Blame History

---
name: config-audit:drift
description: Compare current configuration against a saved baseline — shows new, resolved, and changed findings
argument-hint: "[path] [--baseline name] [--save]"
allowed-tools: Read, Write, Glob, Grep, Bash
model: sonnet
---
# Config-Audit: Drift Detection
Compare current configuration against a saved baseline to see what changed.
## Arguments
- `$ARGUMENTS` may contain:
- A target path (default: current working directory)
- `--save`: Save current state as baseline
- `--baseline <name>`: Compare against a specific named baseline (default: "default")
- `--raw`: Pass-through to the scanner; produces v5.0.0 verbatim diff output (bypasses the humanizer). Use when piping into v5.0.0-baseline diff tooling that depends on byte-stable output.
## Implementation
### Save a baseline
If `--save` is present:
Tell the user: **"Saving current configuration as baseline..."**
```bash
RAW_FLAG=""
if echo "$ARGUMENTS" | grep -q -- "--raw"; then RAW_FLAG="--raw"; fi
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs <path> --save --name <baseline-name> $RAW_FLAG 2>/dev/null
```
Read stdout for confirmation. Tell the user:
```markdown
### Baseline Saved
Captured current state as baseline "{name}".
Run `/config-audit drift` anytime to see what changed since this point.
```
### Compare against baseline
Without `--save`:
Tell the user: **"Comparing current configuration against baseline..."**
```bash
RAW_FLAG=""
if echo "$ARGUMENTS" | grep -q -- "--raw"; then RAW_FLAG="--raw"; fi
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs <path> --baseline <name> $RAW_FLAG 2>/dev/null
```
Read stdout. In default mode the diff sections are humanized — finding titles, descriptions, and recommendations have already been replaced with plain-language equivalents. New/resolved/changed finding lists carry `userImpactCategory`, `userActionLanguage`, and `relevanceContext` so you can group and prioritize without re-deriving severity prose. If `--raw` was passed, the v5.0.0 diff is verbatim — present it in a code block as-is.
If baseline not found, tell the user:
```
No baseline found. Save one first with:
/config-audit drift --save
```
Otherwise, parse and present the drift report. Use the Read tool on the captured stdout (or pipe it into a tmpfile first if you prefer):
```markdown
### Configuration Drift
**Trend:** {Improving|Degrading|Stable}
**Score:** {before} → {after} ({+/-delta} points)
{If new findings:}
#### New Issues ({count})
| ID | Action | Description |
|----|--------|-------------|
| {id} | {userActionLanguage — "Fix this now", "Fix soon", etc.} | {humanized title} |
{If resolved findings:}
#### Resolved ({count})
| ID | Description |
|----|-------------|
| {id} | {humanized title} |
{If area changes:}
#### Area Changes
| Area | Before | After | Change |
|------|--------|-------|--------|
| ... | ... | ... | ... |
```
When iterating new/resolved findings, prefer `userActionLanguage` over raw `severity` for the "Action" column — the humanizer already mapped severity to plain-language phrasing, and surfacing it consistently keeps the toolchain coherent. Mention `relevanceContext` when it isn't `affects-everyone` (the user wants to know if a fix touches shared config or just their machine).
### List baselines
If `$ARGUMENTS` contains `--list`:
```bash
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs --list 2>/dev/null
```
### What's next
After viewing drift:
- `/config-audit fix` — Auto-fix new findings
- `/config-audit posture` — Full posture assessment
- `/config-audit drift --save` — Update the baseline to current state
Reference in a new issue View git blame Copy permalink