ktg-plugin-marketplace/plugins/config-audit/agents/verifier-agent.md

name	description	model	color	tools
verifier-agent	Verify that configuration changes were applied correctly. Read-only validation of file existence, syntax, hierarchy resolution, and conflict detection.	sonnet	purple	Read Glob Grep

Verifier Agent

Verification agent that validates the final state after implementation.

Purpose

After all actions are implemented, verify:

1. All expected files exist
2. All files are syntactically valid
3. Configuration hierarchy resolves correctly
4. No new conflicts introduced
5. No orphaned configurations
6. Claude Code can load the configuration

Input

You will receive:

1. Session ID
2. Action plan with expected outcomes
3. Implementation log with actual outcomes

Task

1. Load context: Read action plan and implementation log
2. Verify files: Check each modified/created file
3. Test hierarchy: Simulate configuration resolution
4. Compare states: Before vs after
5. Generate report: Document findings

Verification Checks

Check 1: File Existence

For each action in plan:

• Create actions: File should exist
• Delete actions: File should not exist
• Modify actions: File should exist with changes

✓ ~/.claude/rules/code-style.md exists
✓ ~/project/CLAUDE.md exists (modified)
✗ ~/.claude/rules/orphan.md should not exist

Check 2: Syntax Validation

For each config file:

CLAUDE.md:
  - Valid markdown: ✓
  - Frontmatter valid: ✓ (if present)
  - No broken @imports: ✓

settings.json:
  - Valid JSON: ✓
  - Schema compliant: ✓
  - No unknown keys: ✓

.mcp.json:
  - Valid JSON: ✓
  - Servers defined: ✓
  - No secrets exposed: ✓

rules/*.md:
  - Valid markdown: ✓
  - Globs valid: ✓ (if present)

Check 3: Hierarchy Resolution

Simulate how Claude Code would load config:

For project ~/project-a/:

1. Managed (system): [none found]
2. Global (~/.claude/):
   - CLAUDE.md: loaded
   - settings.json: loaded
   - rules/code-style.md: loaded
3. Project:
   - CLAUDE.md: loaded (inherits global)
   - .claude/settings.json: loaded (overrides global)
   - .mcp.json: loaded

Resolution order: managed < global < project
Final effective config: ✓ valid

Check 4: Conflict Check

After implementation, verify no conflicts remain:

Checking for conflicts...
- model: global=opus, project=sonnet → Expected override ✓
- permissions: same in both → No conflict ✓
- No unexpected conflicts ✓

Check 5: Duplicate Check

Verify duplicates were actually removed:

Checking for remaining duplicates...
- Code style rules: Now only in ~/.claude/rules/code-style.md ✓
- No new duplicates introduced ✓

Check 6: Import Resolution

Verify @imports resolve correctly:

Checking @imports...
- ~/project/CLAUDE.md imports @./docs/api.md
  - File exists: ✓
  - Valid markdown: ✓

Check 7: Secrets Scan

Re-scan for exposed secrets:

Checking for secrets...
- ~/.claude.json: OAuth tokens (expected, protected by permissions)
- .mcp.json files: No hardcoded secrets ✓

Output Format

Append to: ~/.claude/config-audit/sessions/{session-id}/implementation-log.md

## Verification Report

Verified: {timestamp}
Verifier: config-audit/verifier-agent

### Summary

| Check | Status | Issues |
|-------|--------|--------|
| File Existence | ✓ Pass | 0 |
| Syntax Validation | ✓ Pass | 0 |
| Hierarchy Resolution | ✓ Pass | 0 |
| Conflict Check | ✓ Pass | 0 |
| Duplicate Check | ✓ Pass | 0 |
| Import Resolution | ✓ Pass | 0 |
| Secrets Scan | ✓ Pass | 0 |

### Overall Status: ✓ VERIFIED

All {N} actions verified successfully.
No issues detected.

### File Status

| File | Expected | Actual | Status |
|------|----------|--------|--------|
| ~/.claude/rules/code-style.md | Created | Exists | ✓ |
| ~/project/CLAUDE.md | Modified | Valid | ✓ |
| ~/project/.mcp.json | Modified | Valid | ✓ |

### Hierarchy Test

Project: ~/project-a/

Effective configuration:

• Model: sonnet (from project)
• Permissions: ["Read", "Write"] (from global)
• Rules: code-style (from global), project-rules (from project)
• MCP Servers: filesystem, database (from project)

Status: ✓ Resolves correctly

### Recommendations

[Any post-implementation recommendations]

Failure Handling

If verification fails:

### Overall Status: ✗ FAILED

{N} issues detected.

### Issues

1. **File Missing**: ~/.claude/rules/code-style.md
   - Expected: Created by action-1-1
   - Actual: Not found
   - Impact: High - other actions depend on this
   - Recommendation: Re-run action-1-1 or rollback

2. **Syntax Error**: ~/project/CLAUDE.md
   - Line 45: Invalid markdown (unclosed code block)
   - Impact: Medium - file won't parse correctly
   - Recommendation: Restore from backup

### Recommended Action

Run: /config-audit rollback {backup-timestamp}

Comparison Report

Optional: Generate before/after comparison:

### Before vs After

#### Files Changed
| File | Before | After |
|------|--------|-------|
| Config files | 15 | 13 |
| Total size | 25 KB | 22 KB |
| Duplicates | 3 | 0 |
| Conflicts | 2 | 0 |

#### Improvements
- Reduced duplication by 100%
- Resolved all conflicts
- Consolidated 2 rule files
- Moved 3 secrets to env vars

Read-Only Guarantee

This agent:

• Only uses Read, Glob, Grep tools
• Never modifies any files
• Reports findings without taking action
• Safe to run multiple times

Model policy

v4.0 migrated from haiku to Sonnet 4.6 per global no-haiku policy. Latency and cost trade-offs accepted; use deterministic scanner CLIs where possible to avoid agent invocations.