paulnsorensen/tool-efficiency
skills/tool-efficiency/SKILL.md
Audit how a tool, command, or MCP server is actually used across coding-agent sessions and produce calibrated recommendations — tool-vs-task fit, error forensics, fix recommendations, permission friction, MCP health, and token economics. Use when the user says "tool efficiency", "am I using X efficiently", "audit tool usage", "why does X keep failing", "how do I fix this error", "what should I change", "permission friction", "is this MCP worth it", "tool error rate", "fix recommendations", or invokes /tool-efficiency. Do NOT use for auditing a skill or agent definition (that is /skill-improver) or for one-off interactive log queries (that is /session-analytics).
$ install --global
skillsauthnpx skillsauth add paulnsorensen/dotfiles tool-efficiencyInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 3, 2026, 3:03 AM121.9s7 files scanned
SKILL.md
- name:
- tool-efficiency
- model:
- opus
- effort:
- high
- description:
- >
- allowed-tools:
- Read, Agent, Bash
tool-efficiency
Audit how a tool / command / MCP server behaves in practice across sessions, then produce calibrated recommendations. Judgment skill — it scores findings with the shared confidence × severity model, it does not just report numbers.
Input
A target: a tool name (Bash, Read, Edit), a command prefix (git,
cargo), or an MCP server (serena, tilth). If none given, ask. Optionally a
harness filter (all default, or claude/codex/opencode).
Owned domains
This skill owns six analytics packs under references/:
| Domain | Pack | What it surfaces |
|--------|------|------------------|
| tool-usage | tool-usage.md | Frequency, project spread, tool-vs-task fit |
| error-forensics | error-forensics.md | Error rate vs baseline, recurring failures |
| fix-recommendations | fix-recommendations.md | Turns errors/friction into concrete fixes (allowlist adds, tool swaps, MCP repair/retire) — advisory only |
| permission-friction | permission-friction.md | Denials, allowlist gaps, compound-command friction |
| mcp-health | mcp-health.md | Per-MCP call volume, error rate, idle servers |
| token-economics | token-economics.md | Token/cost where logged — degrades to "insufficient signal" |
Protocol
-
Ingest —
python3 ~/Dev/dotfiles/skills/session-analytics/scripts/ingest.py(1-hour TTL, fast if cached). Best-effort; skip the analytics if it fails. -
Fan out — spawn one parallel
duckdb-expertper relevant domain (one-domain-per-spawn; never a single all-domains spawn):spawn duckdb-expert "Run analytics pack tool-efficiency/references/<domain>.md for target {TARGET}. harness={HARNESS}"Pick the domains that fit the target: MCP targets →
mcp-health+error-forensics+fix-recommendations; a Bash command →tool-usage+permission-friction+error-forensics; "how do I fix X" / high error rate →error-forensics+fix-recommendations; broad audit → all six. -
Collect the ~2 KB digests.
-
Calibrate each finding with the shared model in
../session-analytics/references/calibration.md— confidence (<certain>/<speculative>/<don't know>) × severity (blocker/high/medium/low).<don't know>never surfaces. -
Report (below).
Report
## Tool Efficiency Report: {TARGET}
### Summary
- Target: <tool/command/MCP> · Harness: <filter>
- Domains run: <list>
- Findings: N surfaced, N below the bar
### Recommendations (surfaced)
| # | Severity | Confidence | Domain | Issue | Recommendation |
|---|----------|------------|--------|-------|----------------|
### Detail
For each surfaced finding: What / Why (with the metric that evidences it) / How.
### Below the Bar
N findings were `<don't know>` or insufficient-signal (not shown).
What this skill never does
- Score with a 0-100 number — it uses the shared qualitative model.
- Surface
<don't know>findings or fabricate when a domain returns empty. - Run more than one domain per
duckdb-expertspawn. - Modify tools, settings, or allowlists — it recommends; the human decides. The
fix-recommendationsdomain names the fix (allowlist entry, tool swap, MCP retirement); it never applies it. Hand the surfaced fixes to/cureor/settings-cleanif the user wants them applied.
Gotchas
token-economicsis<don't know>on most logs (no token fields) — say "insufficient signal", do not invent a cost.- Permission denials and stop-hooks are claude-dominant; on codex/opencode treat their absence as missing signal, not as zero friction.
Related Skills
paulnsorensen/work-recovery
tools
VerifiedTrustedCommunity
Reconstruct what a past coding-agent session was doing so you can resume it — goal, files touched, last verified state, and the next step — by querying the session logs. Use when the user says "what was I working on", "recover that session", "reconstruct where I left off", "resume my last session", "what did that session change", "rebuild context from logs", or invokes /work-recovery. Report-only — it never scores or judges. Do NOT use for usage scoring (that is /skill-improver, /tool-efficiency, /prompt-analytics) or one-off interactive log queries (that is /session-analytics).
2SKILL.mdUpdated Jun 3, 2026
paulnsorensen/wiki-curator
development
VerifiedTrustedCommunity
Curate this repo's hallouminate wiki (.hallouminate/wiki/, the repo:dotfiles:wiki corpus) — add or update architecture pages, per-harness docs, and gotchas. Use when the user says "update the wiki", "document this in the wiki", "refresh the harness docs", "add a wiki page", "curate the wiki", "the wiki is stale", or invokes /wiki-curator. Also use at session end to write back a non-obvious decision or gotcha worth preserving. Grounds the existing wiki first, follows one-topic-per-file conventions, verifies every external doc URL before writing, and reindexes. Do NOT use for general code search (that is cheez-search) or for editing AGENTS.md command reference.
2SKILL.mdUpdated Jun 3, 2026
paulnsorensen/prompt-analytics
tools
VerifiedTrustedCommunity
Analyze how prompts and skill routing behave across coding-agent sessions and produce calibrated recommendations — prompt-pattern analysis, routing accuracy, and knowledge gaps. Use when the user says "analyze my prompts", "prompt patterns", "is routing working", "which skill should have fired", "knowledge gaps", "what do I keep asking", or invokes /prompt-analytics. Do NOT use for auditing a single skill/agent definition (that is /skill-improver), tool/MCP efficiency (that is /tool-efficiency), or one-off interactive log queries (that is /session-analytics).
2SKILL.mdUpdated Jun 3, 2026
paulnsorensen/harness-doctor
development
VerifiedTrustedCommunity
Diagnose and self-heal harness-config drift between what's live on this machine (~/.claude, ~/.codex, ~/.config/opencode, ~/.cursor, ~/.copilot) and what `ap` renders from the registries — the post-migration target state. Use when the user says "harness doctor", "check my harness config", "is my settings drifted", "audit the dotfiles config", "why is this hook firing twice", "diagnose my agent config", or invokes /harness-doctor; also after an `ap`/registry change to verify the live config converged. Grounds the wiki + git history for intended state, diffs live vs `ap` render, classifies each drift (stale remnant / dotfiles bug / expected local), self-heals safe remnants via ap's renderers (ClaudeRenderer._clean_legacy_settings_hooks / CodexRenderer._clean_legacy_config_toml_hooks) during ap install / dots sync, opens deduped gh issues for confirmed dotfiles bugs, and writes new drift patterns back to the wiki. Do NOT use for general code review (/age), single-file permission cleanup (/settings-clean), or app-level debugging.
2SKILL.mdUpdated Jun 3, 2026