system-health-check

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

System Health Check

系统健康检查

A comprehensive scanner that analyzes your system for security risks, performance issues, and optimization opportunities.

一款全面的扫描工具，可分析您的系统，识别安全风险、性能问题以及可优化点。

When to Use

适用场景

Setting up a new machine
Periodic security audits
Troubleshooting performance issues
Before deploying to production

新机器初始化设置
定期安全审计
性能问题排查
生产环境部署前

Usage

使用方法

bash

bash scripts/check.sh

bash

bash scripts/check.sh

Options

可选参数

```
--security
```
: Run security checks only
```
--performance
```
: Run performance checks only
```
--optimize
```
: Run optimization suggestions only
```
--output FILE
```
: Save report to file (default: stdout)
```
--json
```
: Output in JSON format

```
--security
```
: 仅运行安全检测
```
--performance
```
: 仅运行性能检测
```
--optimize
```
: 仅输出优化建议
```
--output FILE
```
: 将报告保存到指定文件（默认输出到标准输出stdout）
```
--json
```
: 以JSON格式输出

Examples

示例

bash

undefined

bash

undefined

Full system check

全系统检测

bash scripts/check.sh

Security audit only

仅执行安全审计

bash scripts/check.sh --security

Save report to file

将报告保存到文件

bash scripts/check.sh --output report.txt

JSON output for automation

输出JSON格式用于自动化流程

bash scripts/check.sh --json --output report.json

undefined

bash scripts/check.sh --json --output report.json

undefined

Checks Performed

执行的检测项

Security

安全

Check	Windows	macOS	Linux
Firewall status	✓	✓	✓
Open ports	✓	✓	✓
SSH configuration	✓	✓	✓
Password policies	✓	✓	✓
User privileges	✓	✓	✓
Sensitive file permissions	✓	✓	✓
Antivirus status	✓	✓	-
System updates	✓	✓	✓
AI Agent security	✓	✓	✓

检测项	Windows	macOS	Linux
防火墙状态	✓	✓	✓
开放端口	✓	✓	✓
SSH配置	✓	✓	✓
密码策略	✓	✓	✓
用户权限	✓	✓	✓
敏感文件权限	✓	✓	✓
杀毒软件状态	✓	✓	-
系统更新	✓	✓	✓
AI Agent安全	✓	✓	✓

AI Agent Security

AI Agent安全

Automatically discovers and scans AI agent configurations for potential security risks:

Supported Agents:

Claude Code (
```
~/.claude/
```
)
GitHub Copilot (
```
~/.copilot/
```
)
Continue.dev (
```
~/.continue/
```
)
Cursor (
```
~/.cursor/
```
)
Aider (
```
~/.aider/
```
)
Skills CLI (
```
~/.agents/
```
)
Codeium (
```
~/.codeium/
```
)
Windsurf/Codeflow (
```
~/.codeflow/
```
)

Project-level configs also scanned:

.claude/

.continue/

.cursor/

.copilot/

.github/copilot/

Security Risk Categories:

Category	Risk Level	Example Patterns
Network outbound	HIGH	`curl POST` , `wget --post` , `Invoke-WebRequest`
Credential access	HIGH	Reading `.ssh/` , `.aws/` , accessing `API_KEY` vars
Obfuscation	HIGH	`base64 -d` , hex decoding, string reversal
Dynamic execution	MEDIUM	`eval` , `exec` , `source <(...)`
Package installation	MEDIUM	`npx -y` , `pip install` , `npm install`
Permission bypass	MEDIUM	`bypassPermissions` , `skipVerify`
Network requests	LOW	General `curl` / `wget` usage
MCP servers	LOW	MCP server definitions with commands

自动发现并扫描AI Agent配置，排查潜在安全风险：

支持的Agent：

Claude Code (
```
~/.claude/
```
)
GitHub Copilot (
```
~/.copilot/
```
)
Continue.dev (
```
~/.continue/
```
)
Cursor (
```
~/.cursor/
```
)
Aider (
```
~/.aider/
```
)
Skills CLI (
```
~/.agents/
```
)
Codeium (
```
~/.codeium/
```
)
Windsurf/Codeflow (
```
~/.codeflow/
```
)

同时会扫描项目级配置：

.claude/

.continue/

.cursor/

.copilot/

.github/copilot/

安全风险分类：

分类	风险等级	示例模式
网络出站	高	`curl POST` , `wget --post` , `Invoke-WebRequest`
凭证访问	高	读取 `.ssh/` 、 `.aws/` 目录，访问 `API_KEY` 变量
代码混淆	高	`base64 -d` 、十六进制解码、字符串反转
动态执行	中	`eval` , `exec` , `source <(...)`
包安装	中	`npx -y` , `pip install` , `npm install`
权限绕过	中	`bypassPermissions` , `skipVerify`
网络请求	低	通用 `curl` / `wget` usage
MCP服务器	低	带命令的MCP服务器定义

Performance

性能

Check	Windows	macOS	Linux
CPU usage	✓	✓	✓
Memory usage	✓	✓	✓
Disk usage	✓	✓	✓
Network connections	✓	✓	✓
Process analysis	✓	✓	✓
Startup items	✓	✓	✓

检测项	Windows	macOS	Linux
CPU使用率	✓	✓	✓
内存使用率	✓	✓	✓
磁盘使用率	✓	✓	✓
网络连接	✓	✓	✓
进程分析	✓	✓	✓
启动项	✓	✓	✓

Optimization

优化

Suggestion	Windows	macOS	Linux
Disk cleanup opportunities	✓	✓	✓
Unused services	✓	✓	✓
Resource-heavy processes	✓	✓	✓
Temp file cleanup	✓	✓	✓

建议	Windows	macOS	Linux
磁盘清理空间	✓	✓	✓
未使用服务	✓	✓	✓
高资源消耗进程	✓	✓	✓
临时文件清理	✓	✓	✓

Sample Output

输出示例

================================================================================
                         SYSTEM HEALTH CHECK REPORT
================================================================================
Generated: 2024-03-15 10:30:00
System: Windows 11 Pro (10.0.22631)
Hostname: DESKTOP-ABC123

================================================================================
                              SECURITY ANALYSIS
================================================================================

[✓] Firewall: Enabled
[✓] Windows Defender: Active and up to date
[!] Open Ports: 22 (SSH), 80 (HTTP), 443 (HTTPS), 3389 (RDP)
    └─ Warning: RDP port 3389 is open. Consider using VPN instead.
[✗] SSH Config: Password authentication enabled
    └─ Recommendation: Disable password auth, use key-based authentication
[✓] User Privileges: No unnecessary admin accounts

... (continued)

================================================================================
                         SYSTEM HEALTH CHECK REPORT
================================================================================
Generated: 2024-03-15 10:30:00
System: Windows 11 Pro (10.0.22631)
Hostname: DESKTOP-ABC123

================================================================================
                              SECURITY ANALYSIS
================================================================================

[✓] Firewall: Enabled
[✓] Windows Defender: Active and up to date
[!] Open Ports: 22 (SSH), 80 (HTTP), 443 (HTTPS), 3389 (RDP)
    └─ Warning: RDP port 3389 is open. Consider using VPN instead.
[✗] SSH Config: Password authentication enabled
    └─ Recommendation: Disable password auth, use key-based authentication
[✓] User Privileges: No unnecessary admin accounts

... (continued)