Claude Code Plugins

Community-maintained marketplace

Feedback

system-diagnostics

@melodic-software/claude-code-plugins
1
0

Comprehensive Windows 11 system diagnostics via PowerShell. Diagnoses crashes, freezes, reboots, BSOD, disk health, memory issues, hardware errors, and performance problems. Use when troubleshooting Windows stability issues, analyzing Event Viewer logs, checking disk/memory health, investigating hardware errors, or diagnosing system performance problems.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name system-diagnostics
description Comprehensive Windows 11 system diagnostics via PowerShell. Diagnoses crashes, freezes, reboots, BSOD, disk health, memory issues, hardware errors, and performance problems. Use when troubleshooting Windows stability issues, analyzing Event Viewer logs, checking disk/memory health, investigating hardware errors, or diagnosing system performance problems.
allowed-tools Bash, Read, Glob, Grep

Windows System Diagnostics

Comprehensive Windows 11 system diagnostics using PowerShell. This skill helps diagnose crashes, freezes, unexpected reboots, disk problems, memory issues, hardware errors, and performance bottlenecks.

Table of Contents

Overview

This skill provides read-only diagnostic capabilities to gather system health information. It does NOT execute repair commands - those are provided as suggestions for the user to run manually.

Capabilities:

  • Event log analysis (crashes, errors, warnings)
  • Disk health monitoring (SMART data, filesystem errors)
  • Memory diagnostics (usage, leaks, hardware issues)
  • Hardware error detection (device failures, drivers, WHEA)
  • Performance analysis (CPU, memory, disk bottlenecks)
  • System stability metrics (uptime, restart reasons)

When to Use This Skill

Use this skill when:

  • Computer is crashing, freezing, or rebooting unexpectedly
  • Blue Screen of Death (BSOD) errors occur
  • Disk health concerns (slow performance, errors)
  • Memory issues suspected (high usage, crashes under load)
  • Hardware errors or driver problems
  • Need to analyze Windows Event Viewer logs
  • System performance degradation
  • Investigating application crashes

Platform Requirements

Required:

  • Windows 11 (this skill is optimized for Windows 11 Pro)
  • PowerShell 7+ (pwsh) for best compatibility

Verify PowerShell version:

$PSVersionTable.PSVersion

Note: Most commands also work with Windows PowerShell 5.1, but PowerShell 7+ is recommended for consistent behavior.

Quick Start

Immediate System Health Check

Run these commands to get a quick overview of system health:

# System info and uptime
Get-Uptime
Get-ComputerInfo | Select-Object OsName, OsVersion, OsBuildNumber, CsProcessors, CsTotalPhysicalMemory

# Recent critical/error events (last 7 days)
Get-WinEvent -FilterHashtable @{LogName='System';Level=1,2;StartTime=(Get-Date).AddDays(-7)} -MaxEvents 20 |
    Select-Object TimeCreated, Id, ProviderName, Message | Format-Table -Wrap

# Disk health
Get-PhysicalDisk | Select-Object FriendlyName, MediaType, Size, HealthStatus, OperationalStatus

# Top memory consumers
Get-Process | Sort-Object WorkingSet64 -Descending |
    Select-Object -First 10 ProcessName, Id, @{N='MB';E={[math]::Round($_.WorkingSet64/1MB,0)}}

# Device errors
Get-PnpDevice -PresentOnly | Where-Object { $_.Status -in 'Error','Degraded','Unknown' } |
    Select-Object Class, FriendlyName, Status

Diagnostic Categories

Category Description Reference
Event Logs Windows Event Viewer analysis event-logs.md
Disk Health SMART data, filesystem, storage disk-health.md
Memory RAM usage, leaks, hardware memory-diagnostics.md
Stability Uptime, restarts, BSOD system-stability.md
Hardware Device errors, WHEA, drivers hardware-errors.md
Performance CPU, memory, disk bottlenecks performance-analysis.md
Crashes Minidumps, WER, BSOD analysis crash-analysis.md
Elevation Admin requirements, graceful degradation admin-elevation.md

Quick Health Check

System Information

# Basic system info
Get-ComputerInfo | Select-Object `
    OsName, OsVersion, OsBuildNumber, `
    CsName, CsDomain, `
    CsProcessors, CsNumberOfLogicalProcessors, `
    @{N='RAM_GB';E={[math]::Round($_.CsTotalPhysicalMemory/1GB,1)}}

# System uptime
Get-Uptime
Get-Uptime -Since  # Last boot time

Recent System Errors

# Critical and Error events from System log (last 7 days)
Get-WinEvent -FilterHashtable @{
    LogName = 'System'
    Level = 1,2  # 1=Critical, 2=Error
    StartTime = (Get-Date).AddDays(-7)
} -MaxEvents 50 | Select-Object TimeCreated, Id, ProviderName, LevelDisplayName, Message

Disk Quick Check

# Physical disk health
Get-PhysicalDisk | Select-Object FriendlyName, MediaType, Size, HealthStatus, OperationalStatus

# SMART-like reliability data
Get-PhysicalDisk | ForEach-Object {
    $disk = $_
    $counters = $_ | Get-StorageReliabilityCounter
    [PSCustomObject]@{
        Disk = $disk.FriendlyName
        Health = $disk.HealthStatus
        Temperature = $counters.Temperature
        ReadErrors = $counters.ReadErrorsTotal
        WriteErrors = $counters.WriteErrorsTotal
        PowerOnHours = $counters.PowerOnHours
    }
}

Memory Quick Check

# System memory overview
Get-CimInstance Win32_OperatingSystem | Select-Object `
    @{N='Total_GB';E={[math]::Round($_.TotalVisibleMemorySize/1MB,2)}},
    @{N='Free_GB';E={[math]::Round($_.FreePhysicalMemory/1MB,2)}},
    @{N='Used_Pct';E={[math]::Round((1 - $_.FreePhysicalMemory/$_.TotalVisibleMemorySize)*100,1)}}

# Top 10 memory-consuming processes
Get-Process | Sort-Object WorkingSet64 -Descending |
    Select-Object -First 10 ProcessName, Id,
        @{N='WS_MB';E={[math]::Round($_.WorkingSet64/1MB,0)}},
        @{N='PM_MB';E={[math]::Round($_.PrivateMemorySize64/1MB,0)}}

Hardware Quick Check

# Devices with errors
Get-PnpDevice -PresentOnly | Where-Object { $_.Status -in 'Error','Degraded','Unknown' } |
    Select-Object Class, FriendlyName, InstanceId, Status

# WHEA hardware errors (last 30 days)
Get-WinEvent -FilterHashtable @{
    LogName = 'System'
    ProviderName = 'Microsoft-Windows-WHEA-Logger'
    StartTime = (Get-Date).AddDays(-30)
} -MaxEvents 20 -ErrorAction SilentlyContinue | Select-Object TimeCreated, Id, Message

Reference Loading Guide

References are loaded on-demand based on the diagnostic category being investigated. This progressive disclosure keeps token usage efficient.

Always Load (Core)

The main SKILL.md provides quick commands for initial triage (~4k tokens).

Conditional Load

Load specific references based on what you're investigating:

Trigger Reference to Load
Event logs, errors, warnings event-logs.md
Disk, storage, SMART, chkdsk disk-health.md
Memory, RAM, paging, leaks memory-diagnostics.md
Uptime, restarts, reliability system-stability.md
Hardware, drivers, WHEA, devices hardware-errors.md
CPU, performance, bottlenecks performance-analysis.md
BSOD, minidump, crashes, WER crash-analysis.md
Admin, elevation, permissions admin-elevation.md

Token Estimates

  • Quick health check: ~4k tokens (SKILL.md only)
  • Single category deep dive: ~7k tokens (SKILL.md + 1 reference)
  • Full diagnostic: ~25k tokens (SKILL.md + all references)

Safety Model

This skill follows a read-only diagnostics model. All commands executed by the skill only gather information - they do not modify the system.

Read-Only (Skill Can Execute)

These commands are safe to run:

Category Commands
Event Logs Get-WinEvent
Disk Health Get-PhysicalDisk, Get-StorageReliabilityCounter, Get-Volume
Memory Get-Process, Get-CimInstance Win32_OperatingSystem
Devices Get-PnpDevice
Performance Get-Counter
System Info Get-Uptime, Get-ComputerInfo

Suggested Only (User Runs Manually)

These repair/diagnostic commands modify the system or require reboot. The skill will provide instructions but NOT execute them:

Command Purpose Notes
chkdsk /f /r Disk repair Requires reboot for system drive
sfc /scannow System file repair Requires admin
DISM /Online /Cleanup-Image /RestoreHealth System image repair Requires admin, internet
mdsched.exe Memory diagnostic Requires reboot
Repair-Volume -SpotFix Quick disk repair Requires admin
Driver reinstall Fix driver issues Manual process

Elevation Notes

Some read-only operations require administrator privileges:

  • Get-WinEvent -LogName Security (Security log)
  • Repair-Volume -Scan (even read-only scan)
  • Some WMI queries

The skill will note when elevation is needed and provide graceful degradation for non-admin scenarios.

Common Diagnostic Scenarios

Scenario: Computer Keeps Crashing/Rebooting

  1. Check uptime and recent restart events
  2. Look for Kernel-Power Event ID 41 (unexpected shutdown)
  3. Check for BSOD minidumps
  4. Review hardware errors (WHEA)
  5. Check disk and memory health

Key commands:

# Recent restart events
Get-WinEvent -FilterHashtable @{LogName='System';Id=41,1074,6008} -MaxEvents 20

# BSOD events
Get-WinEvent -FilterHashtable @{LogName='System';ProviderName='Microsoft-Windows-WER-SystemErrorReporting'} -MaxEvents 10

# Check for minidumps
Get-ChildItem C:\Windows\Minidump -ErrorAction SilentlyContinue

Scenario: Slow Performance

  1. Check CPU/memory/disk utilization
  2. Identify resource-hungry processes
  3. Check for disk health issues
  4. Look for hardware throttling

Key commands:

# Current resource usage
Get-Counter -Counter '\Processor(_Total)\% Processor Time','\Memory\% Committed Bytes In Use','\PhysicalDisk(_Total)\% Disk Time'

# Top CPU consumers
Get-Process | Sort-Object CPU -Descending | Select-Object -First 10 ProcessName, CPU, @{N='MB';E={[math]::Round($_.WorkingSet64/1MB)}}

Scenario: Disk Errors Suspected

  1. Check physical disk health status
  2. Review SMART reliability counters
  3. Look for disk-related events
  4. Check filesystem dirty bit

Key commands:

# Disk health
Get-PhysicalDisk | Select-Object FriendlyName, HealthStatus, OperationalStatus

# Reliability counters
Get-PhysicalDisk | Get-StorageReliabilityCounter | Select-Object DeviceId, Temperature, ReadErrorsTotal, WriteErrorsTotal

# Recent disk events
Get-WinEvent -FilterHashtable @{LogName='System';ProviderName='disk','ntfs'} -MaxEvents 20

Scenario: Memory Issues

  1. Check current memory usage
  2. Identify memory-hungry processes
  3. Look for memory-related events
  4. Check for previous memory diagnostic results

Key commands:

# Memory usage
Get-CimInstance Win32_OperatingSystem | Select-Object @{N='Used%';E={[math]::Round((1-$_.FreePhysicalMemory/$_.TotalVisibleMemorySize)*100,1)}}

# Top memory processes
Get-Process | Sort-Object WorkingSet64 -Descending | Select-Object -First 10 ProcessName, @{N='MB';E={[math]::Round($_.WorkingSet64/1MB)}}

# Memory diagnostic results
Get-WinEvent -FilterHashtable @{LogName='System';ProviderName='Microsoft-Windows-MemoryDiagnostics-Results'} -ErrorAction SilentlyContinue

Anti-Patterns

Do NOT:

  • Execute repair commands (chkdsk /f, sfc /scannow, etc.) - only suggest them
  • Run commands that require reboot (mdsched.exe) without explicit user consent
  • Assume admin privileges are available
  • Ignore elevation errors - report them and suggest running as admin
  • Make hardware recommendations without diagnostic evidence

Do:

  • Start with quick health checks before deep dives
  • Load references progressively based on investigation needs
  • Report findings with severity (Critical, Warning, Info)
  • Provide actionable next steps for the user
  • Explain what each suggested repair command does

Version History

  • v1.0.0 (2025-12-03): Initial release with Windows 11 diagnostics

Last Updated

Date: 2025-12-03 Model: claude-opus-4-5-20251101