Stats
Actions
Tags
Windows 11 disk cleanup and health playbook using native tooling (Storage Sense, DISM, cleanmgr) with a drift-protected HTML UI and Task Scheduler alerting. For full/slow PCs, BSODs, or commit-memory pressure.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ai-driven-development:maintaining-windows-healthThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Recovery and prevention playbook for Windows 11 disk and memory crises. A Windows port of the `maintaining-macos-health` skill: same three layers (triage → tiered recovery → automation/alerting) and the same safety invariant — **scan → JSON → user picks in a UI → apply deletes only what was picked** — but with Windows-native tooling and Windows-specific "never touch" rules. The same playbook wo...
README.mdassets/Audit-WinHealth.ps1assets/Install-WinHealthCheck.ps1assets/apply-cleanup-selection.pyassets/render-cleanup-plan.pyassets/test_validate_command.pyassets/win-health-check.config.ps1assets/win-health-check.ps1references/alerting.mdreferences/cleanup-tiers.mdreferences/native-tools.mdreferences/never-touch.mdreferences/triage.mdRecovery and prevention playbook for Windows 11 disk and memory crises. A Windows port of the maintaining-macos-health skill: same three layers (triage → tiered recovery → automation/alerting) and the same safety invariant — scan → JSON → user picks in a UI → apply deletes only what was picked — but with Windows-native tooling and Windows-specific "never touch" rules. The same playbook works for routine cleanup or first-time setup on a new machine.
Trigger on any of:
C:\Windows\Minidump% Committed Bytes In Use > 85), pagefile growing| File | Use for |
|---|---|
references/triage.md | First 5 minutes — which signal fired (disk / commit-memory / BSOD-crash / "feels slow"), read-only snapshot |
references/cleanup-tiers.md | Tiered cleanup playbook (10 tiers, low-risk → discuss-first), copy-paste-safe PowerShell blocks |
references/never-touch.md | Categories that must not be deleted even elevated (hard-protected prefixes synced with the validator + Windows-only dangers) |
references/native-tools.md | The safety floor: native Microsoft tooling, project-artifact purge marker→target map, the apply-script validator rules, third-party caveats |
references/alerting.md | Full alerter design: 3 CRITICAL-only triggers, hysteresis, calibration, Task Scheduler interactive session, BurntToast + ntfy, S0ix/battery |
assets/win-health-check.ps1 | Production PowerShell monitor (PS 5.1 compatible) |
assets/win-health-check.config.ps1 | Default thresholds |
assets/Install-WinHealthCheck.ps1 | Registers the scheduled task in the interactive user session; -Test / -Uninstall |
assets/Audit-WinHealth.ps1 | Read-only preflight inventory (drives, Component Store, shadow storage, profiles, drivers, CFA, KFM, BitLocker, reparse points, dumps) |
assets/render-cleanup-plan.py | Interactive HTML cleanup-plan UI. Renders categorised checkboxes from a JSON of scan findings, serves on 127.0.0.1:18347, opens the browser, waits for the user's selection, writes it to %TEMP%\cleanup-selection-<ts>.json. Used by Workflow A. Requires Python 3. |
assets/apply-cleanup-selection.py | The only sanctioned way to apply a cleanup selection. Reads selected_items from a selection JSON and executes each item's command via PowerShell. Windows-rewritten validator (NTFS canonicalization, deny/allow longest-prefix, provider/UNC/ADS/8.3/chaining refusal, two-tier wrappers) + operations log. Supports --dry-run. |
assets/test_validate_command.py | Adversarial unit tests for the validator — the safety-core gate. Runs on any OS. |
Read the relevant reference before acting. Do NOT operate from memory of these files — the details are calibrated to Windows-specific failure modes and small changes break safety.
cleanmgr / DISM do the heavy lifting, and the apply-script validator is the only line behind project-artifact purge. Use the supported command for anything the OS maintains itself.Available MBytes includes reclaimable standby/cache; commit-limit exhaustion is the real Windows OOM.apply-cleanup-selection.py deletes only selected_items. Never hand-roll Remove-Item in the apply phase.references/triage.md, identify which signal fired and how urgent. Run assets/Audit-WinHealth.ps1 (read-only) for the preflight inventory (drives, Component Store, shadow storage, drivers, CFA / OneDrive KFM / BitLocker / reparse points).references/cleanup-tiers.md in inventory mode (list candidates, sizes, ages). Capture everything; deletion comes only after the user picks via the UI.py -3 --version, or a python.exe that isn't the Microsoft Store alias). If Python is missing, ask the user for permission to install it (winget install Python.Python.3.12), then continue. Do not silently skip the UI.references/never-touch.md, then delegate a quick lookup to the web-searcher subagent ("what is <path> on Windows 11, safe to delete in 2026"). Write a concrete description (1–3 sentences in the user's language) into the item. Never show vague placeholders like "unknown".item (id, label, path, size_bytes, age_days, kind, PowerShell command, mandatory description, optional protected + warning). Use the schema in assets/render-cleanup-plan.py. Irreversible-tool commands (DISM /ResetBase, vssadmin delete, wevtutil cl, pnputil /delete-driver, powercfg /h off) should be marked protected: true.python3 <skill>\assets\render-cleanup-plan.py %TEMP%\cleanup-data-<ts>.json
127.0.0.1:18347, opens the browser, and blocks until Submit/Cancel. On submit it writes %TEMP%\cleanup-selection-<ts>.json. Tell the user out loud: "браузер открыт — поставь галочки, нажми Submit, потом пингани меня." Then stop and wait.Remove-Item:
python3 <skill>\assets\apply-cleanup-selection.py %TEMP%\cleanup-selection-<ts>.json
# add --scan-root D:\projects to allow bare deletes on an external dev drive
selected_items, validates each command (NTFS canonicalization, deny/allow longest-prefix, provider/UNC/ADS/8.3/chaining refusal), skips protected items not in protected_overrides, runs each via powershell.exe, and logs to %LOCALAPPDATA%\win-health\operations.log. --dry-run previews. The selection JSON is the single source of truth.Dism /Online /Cleanup-Image /CheckHealth + sfc /scannow to confirm nothing was broken. Stop at the goal.Hard-protected items (per references/never-touch.md) must always appear in the UI with "protected": true + a concrete warning — the UI dims them and requires a per-item confirm before they can be checked. Never omit a protected item user data depends on; visibility teaches the surrounding risk.
Run a non-elevated PowerShell as the user who should receive alerts (interactive session — required for toasts):
cd <skill>\assets
.\Install-WinHealthCheck.ps1 # installs BurntToast, copies script+config, registers the task, runs once
Then read references/alerting.md for tuning. The task is registered in the interactive user session (NOT SYSTEM — that silently swallows toasts), every 5 minutes, -StartWhenAvailable, battery-friendly. The first 7-day calibration window is silent (logs only). Verify with .\Install-WinHealthCheck.ps1 -Test.
Read references/alerting.md § Troubleshooting. Common causes:
Install-Module BurntToast -Scope CurrentUser.-StartWhenAvailable).%LOCALAPPDATA%\win-health\silent, raise thresholds, or increase hysteresis.Prefer winget uninstall --id <App.Id> (clean, supported). For apps with stubborn leftovers, BCUninstaller (review the leftover list) is the dev-friendly option. Never hand-delete Program Files install dirs or registry keys to "remove" an app — that orphans the MSI/uninstall state. Always confirm before removing user data folders.
references/never-touch.md — even if the user explicitly asks. Push back, explain the consequence.Remove-Item these.Remove-Item or hard-code paths from the earlier scan when applying — that's how you delete items the user unchecked. Use assets/apply-cleanup-selection.py, which iterates selected_items only.Remove-Item is permanent (no Recycle Bin) and recursive deletes can escape through junctions — always -LiteralPath, never recurse a reparse point. Prefer move-to-quarantine when the user is unsure.Remove-Item -Recurse follows junctions and can delete the target's contents — the classic data-loss bug. Dev trees are full of junctions (npm/pnpm store, Docker, WSL). Use -LiteralPath; never recurse a FILE_ATTRIBUTE_REPARSE_POINT.Remove-Item bypasses the Recycle Bin — deletion is immediate and permanent, unlike dragging to the bin.RECALL_ON_DATA_ACCESS/OFFLINE) are cloud originals; deleting the stub deletes the cloud file.Available MBytes includes standby/cache — high "available" doesn't mean healthy; commit-limit exhaustion is the real OOM signal.pagefile.sys and swapfile.sys are two different files; C:\Windows\Installer + Package Cache break MSI repair if deleted; Prefetch should not be cleaned (myth).-StartWhenAvailable.web-searcher lookup before writing the item's description.A representative recovery on a dev machine that hit ~8 % free under heavy AI/Docker/WSL load:
node_modules, bin/obj, target, .next) via Tier 7 purge.*.vhdx compaction (not deletion): often 10–40 GB reclaimed.Downloads review (old installers, ISOs): variable, often 10–20 GB.Active alerter installed with a 7-day calibration window; verified via the synthetic disk-trigger test before going live. Numbers scale with workload and disk size — light users see less; heavy AI/Docker/WSL/IDE users see more.
npx claudepluginhub codealive-ai/ai-driven-development --plugin ai-driven-developmentAutomates macOS disk cleanup and memory monitoring with Mole-based safety guards and LaunchAgent alerting. Responds to low disk space, kernel panics, and vm-compressor shortages on Apple Silicon.
Diagnoses and fixes Windows workstation issues: slow boot, failing drives, BSOD crashes, startup bloat, and event log forensics.
Diagnoses Windows 11 crashes, freezes, BSOD, reboots, disk/memory health, hardware errors, and performance via PowerShell Event Viewer analysis.