feat(cmdb-assistant): add data quality validation v1.1.0

Add validation hooks, best practices skill, and new commands to enforce
NetBox data quality standards:

Hooks:
- SessionStart: Test NetBox connectivity, report data quality issues
- PreToolUse: Validate VM/device parameters before create/update

New Commands:
- /cmdb-audit: Data quality analysis (vms, devices, naming, roles)
- /cmdb-register: Register current machine with running applications
- /cmdb-sync: Sync machine state with NetBox, detect drift

Best Practices Skill:
- Dependency order (regions -> sites -> devices -> VMs)
- Site/tenant/platform assignment requirements
- Naming conventions enforcement
- Role consolidation guidance

Updated agent with validation requirements, dependency order checks,
naming convention warnings, and duplicate prevention.

Marketplace: 5.0.0 -> 5.1.0
Plugin: 1.0.0 -> 1.1.0

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

plugins/cmdb-assistant/hooks/hooks.json

@@ -0,0 +1,21 @@
+{
+  "hooks": {
+    "SessionStart": [
+      {
+        "type": "command",
+        "command": "${CLAUDE_PLUGIN_ROOT}/hooks/startup-check.sh"
+      }
+    ],
+    "PreToolUse": [
+      {
+        "matcher": "mcp__plugin_cmdb-assistant_netbox__virt_create|mcp__plugin_cmdb-assistant_netbox__virt_update|mcp__plugin_cmdb-assistant_netbox__dcim_create|mcp__plugin_cmdb-assistant_netbox__dcim_update",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks/validate-input.sh"
+          }
+        ]
+      }
+    ]
+  }
+}

plugins/cmdb-assistant/hooks/startup-check.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+# cmdb-assistant SessionStart hook
+# Tests NetBox API connectivity and checks for data quality issues
+# All output MUST have [cmdb-assistant] prefix
+# Non-blocking: always exits 0
+
+set -euo pipefail
+
+PREFIX="[cmdb-assistant]"
+
+# Load NetBox configuration
+NETBOX_CONFIG="$HOME/.config/claude/netbox.env"
+
+if [[ ! -f "$NETBOX_CONFIG" ]]; then
+    echo "$PREFIX NetBox not configured - run /cmdb-assistant:initial-setup"
+    exit 0
+fi
+
+# Source config
+source "$NETBOX_CONFIG"
+
+# Validate required variables
+if [[ -z "${NETBOX_API_URL:-}" ]] || [[ -z "${NETBOX_API_TOKEN:-}" ]]; then
+    echo "$PREFIX Missing NETBOX_API_URL or NETBOX_API_TOKEN in config"
+    exit 0
+fi
+
+# Quick API connectivity test (5s timeout)
+HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -m 5 \
+    -H "Authorization: Token $NETBOX_API_TOKEN" \
+    -H "Accept: application/json" \
+    "${NETBOX_API_URL}/" 2>/dev/null || echo "000")
+
+if [[ "$HTTP_CODE" == "000" ]]; then
+    echo "$PREFIX NetBox API unreachable (timeout/connection error)"
+    exit 0
+elif [[ "$HTTP_CODE" != "200" ]]; then
+    echo "$PREFIX NetBox API returned HTTP $HTTP_CODE - check credentials"
+    exit 0
+fi
+
+# Check for VMs without site assignment (data quality)
+VMS_RESPONSE=$(curl -s -m 5 \
+    -H "Authorization: Token $NETBOX_API_TOKEN" \
+    -H "Accept: application/json" \
+    "${NETBOX_API_URL}/virtualization/virtual-machines/?site__isnull=true&limit=1" 2>/dev/null || echo '{"count":0}')
+
+VMS_NO_SITE=$(echo "$VMS_RESPONSE" | grep -o '"count":[0-9]*' | cut -d: -f2 || echo "0")
+
+if [[ "$VMS_NO_SITE" -gt 0 ]]; then
+    echo "$PREFIX $VMS_NO_SITE VMs without site assignment - run /cmdb-audit for details"
+fi
+
+# Check for devices without platform
+DEVICES_RESPONSE=$(curl -s -m 5 \
+    -H "Authorization: Token $NETBOX_API_TOKEN" \
+    -H "Accept: application/json" \
+    "${NETBOX_API_URL}/dcim/devices/?platform__isnull=true&limit=1" 2>/dev/null || echo '{"count":0}')
+
+DEVICES_NO_PLATFORM=$(echo "$DEVICES_RESPONSE" | grep -o '"count":[0-9]*' | cut -d: -f2 || echo "0")
+
+if [[ "$DEVICES_NO_PLATFORM" -gt 0 ]]; then
+    echo "$PREFIX $DEVICES_NO_PLATFORM devices without platform - consider updating"
+fi
+
+exit 0

plugins/cmdb-assistant/hooks/validate-input.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+# cmdb-assistant PreToolUse validation hook
+# Validates input parameters for create/update operations
+# NON-BLOCKING: Warns but allows operation to proceed (always exits 0)
+
+set -euo pipefail
+
+PREFIX="[cmdb-assistant]"
+
+# Read tool input from stdin
+INPUT=$(cat)
+
+# Extract tool name from the input
+# Format varies, try to find tool_name or name field
+TOOL_NAME=""
+if echo "$INPUT" | grep -q '"tool_name"'; then
+    TOOL_NAME=$(echo "$INPUT" | grep -o '"tool_name"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/.*"\([^"]*\)"$/\1/' || true)
+elif echo "$INPUT" | grep -q '"name"'; then
+    TOOL_NAME=$(echo "$INPUT" | grep -o '"name"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/.*"\([^"]*\)"$/\1/' || true)
+fi
+
+# If we can't determine the tool, exit silently
+if [[ -z "$TOOL_NAME" ]]; then
+    exit 0
+fi
+
+# VM creation/update validation
+if echo "$TOOL_NAME" | grep -qE "virt_create_vm|virt_create_virtual_machine|virt_update_vm|virt_update_virtual_machine"; then
+    WARNINGS=()
+
+    # Check for missing site
+    if ! echo "$INPUT" | grep -qE '"site"[[:space:]]*:[[:space:]]*[0-9]'; then
+        WARNINGS+=("no site assigned")
+    fi
+
+    # Check for missing tenant
+    if ! echo "$INPUT" | grep -qE '"tenant"[[:space:]]*:[[:space:]]*[0-9]'; then
+        WARNINGS+=("no tenant assigned")
+    fi
+
+    # Check for missing platform
+    if ! echo "$INPUT" | grep -qE '"platform"[[:space:]]*:[[:space:]]*[0-9]'; then
+        WARNINGS+=("no platform assigned")
+    fi
+
+    if [[ ${#WARNINGS[@]} -gt 0 ]]; then
+        echo "$PREFIX VM best practice: $(IFS=', '; echo "${WARNINGS[*]}") - consider assigning for data quality"
+    fi
+fi
+
+# Device creation/update validation
+if echo "$TOOL_NAME" | grep -qE "dcim_create_device|dcim_update_device"; then
+    WARNINGS=()
+
+    # Check for missing platform
+    if ! echo "$INPUT" | grep -qE '"platform"[[:space:]]*:[[:space:]]*[0-9]'; then
+        WARNINGS+=("no platform assigned")
+    fi
+
+    # Check for missing tenant
+    if ! echo "$INPUT" | grep -qE '"tenant"[[:space:]]*:[[:space:]]*[0-9]'; then
+        WARNINGS+=("no tenant assigned")
+    fi
+
+    if [[ ${#WARNINGS[@]} -gt 0 ]]; then
+        echo "$PREFIX Device best practice: $(IFS=', '; echo "${WARNINGS[*]}") - consider assigning"
+    fi
+fi
+
+# Cluster creation validation
+if echo "$TOOL_NAME" | grep -qE "virt_create_cluster"; then
+    # Check for missing site scope
+    if ! echo "$INPUT" | grep -qE '"site"[[:space:]]*:[[:space:]]*[0-9]'; then
+        echo "$PREFIX Cluster best practice: no site scope - clusters should be scoped to a site"
+    fi
+fi
+
+# Always allow operation (non-blocking)
+exit 0