--- allowed-tools: Bash(bash *audit_*.sh*), Bash(bash *cleanup_execute.sh*), Bash(du *), Bash(df *), Bash(brew *), Bash(npm *), Bash(pip *), Bash(docker *), Bash(cp *) description: Full macOS system health check — runs all 5 audit modules and presents unified findings --- ## Your task Run a full macOS system health check using all 5 audit modules. Follow this workflow exactly: ### Step 1 — Run all audits Run these scripts sequentially, collecting all JSON output: ```bash bash $CLAUDE_PLUGIN_ROOT/skills/mac-optimizer/scripts/audit_packages.sh bash $CLAUDE_PLUGIN_ROOT/skills/mac-optimizer/scripts/audit_environment.sh bash $CLAUDE_PLUGIN_ROOT/skills/mac-optimizer/scripts/audit_security.sh bash $CLAUDE_PLUGIN_ROOT/skills/mac-optimizer/scripts/audit_cleanup.sh bash $CLAUDE_PLUGIN_ROOT/skills/mac-optimizer/scripts/audit_resources.sh ``` If a script exits non-zero, report the error and continue with other modules. ### Step 2 — Parse and report Parse all JSON lines. Each has: `{"module":"...","severity":"...","finding":"...","action":"...","details":"..."}` Present findings grouped by severity (critical first, then warning, then info) as markdown tables: ``` ### Critical | Module | Finding | Recommended Action | |---|---|---| ### Warning | Module | Finding | Recommended Action | |---|---|---| ### Info | Module | Finding | Recommended Action | |---|---|---| ``` ### Step 3 — Ask for consent STOP and ask: "Which actions would you like me to perform? You can approve by category (e.g., 'update packages and clean caches') or review each item." ### Step 4 — Execute approved actions only For cleanup actions, always run `--dry-run` first and show what will happen before running `--execute`. ### Safety rules - Never execute cleanup without explicit user approval - Always show sizes before deleting anything - Security module is read-only — present findings and remediation guidance only - Back up shell configs before modifying: `cp ~/.zshrc ~/.config/mac-optimizer-backups/.zshrc.$(date +%s)` - Process deny-list: never suggest killing kernel_task, launchd, WindowServer, loginwindow, mds, mds_stores, opendirectoryd, coreaudiod, SystemUIServer, Finder, Dock - No sudo by default — if an action needs sudo, state why and ask first - Docker cleanup uses `docker system prune`, never direct file deletion