feat(ops-mac): /ops:ops-mac — macOS diagnose-and-fix command

[Aurora Capital (auroracapital)]

What

Adds /ops:ops-mac — a unified macOS diagnose-and-fix command center that bundles the macos-toolkit CLI suite behind one entrypoint.

New files:

• skills/ops-mac/SKILL.md — drives UX, confirmations, mode routing
• bin/ops-mac — dispatcher: install + all probes + aggregate audit

Why

Diagnosing/fixing Mac issues meant remembering 9 separate CLIs (machealth, netwhiz, pstop, macdog, lanchr, macbroom, macctl, macfig, updater) and how to install them. This collapses them into /ops:ops-mac.

Subcommands

Command	Does
/ops:ops-mac / audit	Read-only baseline: security, launch agents, processes, network, disk, system health
health net disk procs security launchd power update	Single-domain probes
fix	Guarded remediation (firewall, stale daemons, cache cleanup) — per-action confirm
ensure	Self-install the suite (plugin marketplace + Homebrew tap + tools), idempotent

Hardening (two real quirks found in testing)

1. machealth hangs — its parallel composite probe can block forever on a stuck Time Machine / iCloud check with no per-probe skip flag. Every machealth call is timeout-guarded (default 25s, OPS_MAC_MACHEALTH_TIMEOUT override) and degrades to a labelled stub instead of wedging.
2. TTY-empty tables — the toolkit's pretty tables render nothing when stdout isn't a TTY. The dispatcher forces --json for headless/agent consumers.

Compliance

• Rule 5: every mutating fix action gets its own AskUserQuestion confirmation; never batches. Explicitly warns before touching daemons the user relies on (CRS, gbrain, cloudflared, watchdogs).
• Rule 7: mobile/SSH compact output path.
• Rule 0: tests/test-no-secrets.sh passes (25/25); no personal data in new files.
• macOS-only (exits cleanly elsewhere); complements cross-platform /ops:speedup.

Version

plugin 2.36.5 → 2.38.0, skills 59 → 60, marketplace description + CHANGELOG updated.

Test evidence

• bash -n bin/ops-mac ✓ ; claude plugin validate ✓ for ops-mac (2 unrelated pre-existing skill errors on main)
• Smoke-tested live on macOS 26.5 (arm64): inventory, security, launchd, disk, net, aggregate audit, idempotent ensure (installed macctl/macfig/updater), machealth timeout guard fires correctly.

🤖 Generated with Claude Code

---

Note

Medium Risk
Can install third-party CLIs and guide sudo-level system changes (firewall, launchd, cache), though the script stays read-only by default and mutating steps require explicit user confirmation in the skill.

Overview
Adds /ops:ops-mac as a macOS-only diagnose-and-fix surface that wraps the external macos-toolkit CLI suite behind bin/ops-mac and skills/ops-mac/SKILL.md.

The dispatcher self-installs on first use (Claude plugin marketplace + Homebrew lu-zhengda/tap), runs a read-only aggregate audit (security, launchd, processes, network, disk, health), and exposes per-domain subcommands. It timeouts machealth probes and forces --json when non-TTY so agents do not hang or get empty tables. The skill routes fix through per-action confirmations (firewall, stale launch agents, safe cache clean) and complements cross-platform /ops:speedup.

Plugin metadata bumps to 2.38.0 (60 skills); marketplace description and CHANGELOG are updated.

^{Reviewed by Cursor Bugbot for commit bd66e79. Bugbot is set up for automated code reviews on this repo. Configure here.}

[claude]

⚠️ Code review skipped — your organization's overage spend limit has been reached.

Code review is billed via overage credits. To resume reviews, an organization admin can raise the monthly limit at claude.ai/admin-settings/claude-code.

Once credits are available, push a new commit or reopen this pull request to trigger a review.

[coderabbitai]

Warning

Review limit reached

@auroracapital, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 11 minutes and 31 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ab10f940-fd61-476d-a79c-694b1505939d

📥 Commits

Reviewing files that changed from the base of the PR and between 4dfe0b6 and bd66e79.

📒 Files selected for processing (5)

• .claude-plugin/marketplace.json
• claude-ops/.claude-plugin/plugin.json
• claude-ops/CHANGELOG.md
• claude-ops/bin/ops-mac
• claude-ops/skills/ops-mac/SKILL.md

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/ops-mac-toolkit

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[sentry]

Bug: The p_defaults function incorrectly uses shift, dropping the first argument (e.g., write or read) before calling macfig, causing the command to fail.
_{Severity: HIGH}

Suggested Fix

Remove the shift || true from the p_defaults function definition at line 202. The main dispatcher already handles shifting the command name, so this second shift is redundant and causes arguments to be dropped.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.

Location: claude-ops/bin/ops-mac#L202

Potential issue: The `p_defaults` function at line 202 contains a `shift || true`
command. However, the main command dispatcher already shifts the primary command (e.g.,
`defaults`) before calling this function. As a result, when a user runs a command like
`ops-mac defaults write ...`, the `write` argument is incorrectly removed by the second
shift within `p_defaults`. This leads to an incorrect invocation of the underlying
`macfig` tool, which will fail because it is missing its required subcommand (e.g.,
`write`, `read`).

_{Did we get this right? 👍 / 👎 to inform future reviews.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bd66e790cc

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".

[chatgpt-codex-connector]

Handle machealth status exits separately

On degraded or critical Macs, machealth intentionally exits non-zero while still printing the health report (upstream README documents exit codes 1=degraded, 2=critical, and only timeout should be treated as a timeout). This || therefore appends the timeout/error stub to valid yellow/red output; in audit --json that produces invalid JSON, and in human mode it tells users a real health finding timed out. Check specifically for the timeout exit status (for example 124) and preserve machealth's status exits.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Propagate Homebrew install failures

If brew install fails for any missing toolkit formula, this pipeline's non-zero status is ignored because the script does not use set -e or check the command result, so ensure immediately prints ✔ ensure complete and returns success with tools still absent. That leaves first-run users believing the self-install succeeded while every subsequent probe fails with not installed; return the install failure instead of unconditionally completing.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Preserve macfig arguments in defaults passthrough

The dispatcher has already shifted off defaults before calling p_defaults, so this extra shift drops the user's first macfig argument. For example, ops-mac defaults list dock runs macfig dock instead of macfig list dock, breaking the documented raw passthrough for any macfig subcommand.

Useful? React with 👍 / 👎.