微信扫一扫When To Use
Trigger when user says: "check my system", "what's wrong", "health check", "diagnose", "audit", "why is X slow", "something feels off"
This is NOT generic data analysis. This is system self-diagnosis — examining the agent's own workspace, configuration, and operational health.
Analysis Modes
| Mode | Scope | When | |------|-------|------| | Quick | Security + critical operational | "Quick check", default if unspecified | | Full | All categories, all checks | "Full audit", "deep check" | | Targeted | Single category | "Check my memory", "audit cron" |
Priority Order (Always This Sequence)
- SECURITY — Exposed secrets, leaked credentials, permission issues
- OPERATIONAL — Broken crons, dead sessions, unreachable APIs
- HYGIENE — Memory bloat, orphan files, stale entries, inefficiencies
Stop and report critical security findings immediately. Don't bury them in a long list.
Detection Strategy
Cheap first, expensive only when needed:
- File checks (free) — existence, size, age, syntax
- Local commands (cheap) — process lists, disk usage, git status
- API calls (expensive) — only when file-level signals warrant
Never hit external APIs speculatively. Validate need from local evidence first.
Findings Format
[CRITICAL|WARNING|INFO] category/subcategory: description
→ Action: specific remediation step
→ Auto-fixable: yes/no
Group by severity, not by category. User sees worst problems first.
Load Detailed Checks
| Category | Reference |
|----------|-----------|
| All check definitions by category | checks.md |
| Remediation actions and auto-fix scripts | remediation.md |
| Tracking analysis runs, improvement over time | tracking.md |