open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/config-audit/commands/drift.md
Kjell Tore Guttormsen 6f38a6340e feat(humanizer): update audit/analysis command templates group B [skip-docs] 
Wave 5 Step 14. Threads the humanizer vocabulary through the remaining
six audit/analysis command templates and adds a shape test that locks
the structure plus a pair of anchor must-contains.

- commands/drift.md: --raw pass-through; new/resolved/changed-finding
  rendering instructions reference userActionLanguage and
  relevanceContext rather than raw severity.
- commands/plugin-health.md: --raw pass-through; finding rendering
  groups by userImpactCategory and leads with userActionLanguage.
- commands/config-audit.md (router): replaces the 25-line A/B/C/D/F
  prose ladder with a humanized stderr-scorecard reference + three
  userActionLanguage-grouped "What you can do next" branches; --raw
  threaded through both scan-orchestrator and posture invocations.
- commands/discover.md: --raw pass-through; finding-summary rendering
  groups by userImpactCategory.
- commands/analyze.md: --raw pass-through; analyzer-agent prompt now
  instructs grouping by userImpactCategory and leading with
  userActionLanguage; humanized title/description/recommendation
  strings rendered verbatim, no paraphrasing.
- commands/status.md: phase-label humanization table — current_phase
  machine field name preserved, user-facing labels translated
  ("Looking at your config files", "Working out what to recommend",
  "Asking what you'd like to focus on", "Putting together your action
  plan", "Making the changes", "Double-checking everything worked");
  --raw preserves verbatim machine field values.

tests/commands/group-b-shape.test.mjs (new, +8 tests, 772 → 780):
  - structural: bash block + Read tool + --raw/$ARGUMENTS plumbing
    across all 6 files
  - findings-renderers: humanized field reference + no grade-prose
  - anchor must-contains per plan: config-audit.md ⊇
    userImpactCategory|userActionLanguage; drift.md ⊇ --raw|humanized
  - status.md: current_phase preserved + ≥3 humanized phase labels
2026-05-01 19:45:55 +02:00

3.6 KiB
Raw Blame History

name description argument-hint allowed-tools model
config-audit:drift Compare current configuration against a saved baseline — shows new, resolved, and changed findings [path] [--baseline name] [--save] Read, Write, Glob, Grep, Bash sonnet

Config-Audit: Drift Detection

Compare current configuration against a saved baseline to see what changed.

Arguments

  • $ARGUMENTS may contain:
    • A target path (default: current working directory)
    • --save: Save current state as baseline
    • --baseline <name>: Compare against a specific named baseline (default: "default")
    • --raw: Pass-through to the scanner; produces v5.0.0 verbatim diff output (bypasses the humanizer). Use when piping into v5.0.0-baseline diff tooling that depends on byte-stable output.

Implementation

Save a baseline

If --save is present:

Tell the user: "Saving current configuration as baseline..."

RAW_FLAG=""
if echo "$ARGUMENTS" | grep -q -- "--raw"; then RAW_FLAG="--raw"; fi
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs <path> --save --name <baseline-name> $RAW_FLAG 2>/dev/null

Read stdout for confirmation. Tell the user:

### Baseline Saved

Captured current state as baseline "{name}".
Run `/config-audit drift` anytime to see what changed since this point.

Compare against baseline

Without --save:

Tell the user: "Comparing current configuration against baseline..."

RAW_FLAG=""
if echo "$ARGUMENTS" | grep -q -- "--raw"; then RAW_FLAG="--raw"; fi
node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs <path> --baseline <name> $RAW_FLAG 2>/dev/null

Read stdout. In default mode the diff sections are humanized — finding titles, descriptions, and recommendations have already been replaced with plain-language equivalents. New/resolved/changed finding lists carry userImpactCategory, userActionLanguage, and relevanceContext so you can group and prioritize without re-deriving severity prose. If --raw was passed, the v5.0.0 diff is verbatim — present it in a code block as-is.

If baseline not found, tell the user:

No baseline found. Save one first with:
  /config-audit drift --save

Otherwise, parse and present the drift report. Use the Read tool on the captured stdout (or pipe it into a tmpfile first if you prefer):

### Configuration Drift

**Trend:** {Improving|Degrading|Stable}
**Score:** {before} → {after} ({+/-delta} points)

{If new findings:}
#### New Issues ({count})
| ID | Action | Description |
|----|--------|-------------|
| {id} | {userActionLanguage — "Fix this now", "Fix soon", etc.} | {humanized title} |

{If resolved findings:}
#### Resolved ({count})
| ID | Description |
|----|-------------|
| {id} | {humanized title} |

{If area changes:}
#### Area Changes
| Area | Before | After | Change |
|------|--------|-------|--------|
| ... | ... | ... | ... |

When iterating new/resolved findings, prefer userActionLanguage over raw severity for the "Action" column — the humanizer already mapped severity to plain-language phrasing, and surfacing it consistently keeps the toolchain coherent. Mention relevanceContext when it isn't affects-everyone (the user wants to know if a fix touches shared config or just their machine).

List baselines

If $ARGUMENTS contains --list:

node ${CLAUDE_PLUGIN_ROOT}/scanners/drift-cli.mjs --list 2>/dev/null

What's next

After viewing drift:

  • /config-audit fix — Auto-fix new findings
  • /config-audit posture — Full posture assessment
  • /config-audit drift --save — Update the baseline to current state