Make the skills more disciplined about prioritization and evidence

The pack-level structure was in better shape than the actual skill contracts.
These prompt and report updates make the skills more consistent about what to
prioritize, when to separate confirmed issues from suspicion, and how to report
impact, confidence, and next steps without drifting into generic advice.

Constraint: Improve the installed skill behavior without expanding the repo or adding new commands
Rejected: Rewrite the skills more heavily | the core coverage was already good; the gap was consistency and decision quality
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep report templates and default prompts aligned whenever a skill adds or tightens decision rules
Tested: Local `npx skills add . --list --full-depth`; readback of updated SKILL.md, report, and openai.yaml surfaces
Not-tested: Real execution quality on live machines after these prompt refinements

Author: jasperdevs

skills/computer-doctor/SKILL.md

@@ -45,6 +45,8 @@ This is the top-level command for checking the computer as a whole working envir
 - In YOLO mode, proceed without repeated approval, but still avoid reckless actions
 - Prefer direct evidence over guesses
 - Clearly separate confirmed issues from suspicion
+- Prioritize the few highest-impact issues before listing cleanup-grade findings
+- Avoid bloating the report with low-value observations when larger risks or bottlenecks dominate
 
 ## Workflow
 

skills/computer-doctor/agents/openai.yaml

@@ -1,4 +1,4 @@
 interface:
   display_name: "Computer Doctor"
   short_description: "Run a broad machine audit across security, startup, performance, storage, software, updates, and developer tools"
-  default_prompt: "Use $computer-doctor to ask for Audit mode or YOLO mode first, then audit this machine across security posture, startup behavior, performance, storage, software quality, updates, and developer tooling, and report the highest-impact findings."
+  default_prompt: "Use $computer-doctor to ask for Audit mode or YOLO mode first, then audit this machine across security posture, startup behavior, performance, storage, software quality, updates, and developer tooling, and report the highest-impact findings first with evidence, confidence, and prioritized next steps."

skills/computer-doctor/references/report-template.md

@@ -16,5 +16,6 @@ For each finding, include:
 - what was found
 - why it matters
 - evidence
+- severity or priority
 - confidence
 - recommended next step

skills/devtools-audit/SKILL.md

@@ -44,6 +44,8 @@ If the user already picked a mode earlier in the same task, do not ask again.
 - Recommend improvements that fit the tools already present on the machine
 - in Audit mode, ask before changing anything
 - in YOLO mode, proceed without repeated approval, but still avoid reckless actions
+- Distinguish broken setup from optional cleanup or standardization advice
+- Avoid recommending toolchain migrations unless there is a concrete conflict, dead setup, or maintenance problem
 
 ## Output
 

skills/devtools-audit/agents/openai.yaml

@@ -1,4 +1,4 @@
 interface:
   display_name: "Devtools Audit"
   short_description: "Review shells, PATH, runtimes, SDKs, package managers, Git tooling, and developer-tool conflicts"
-  default_prompt: "Use $devtools-audit to ask for Audit mode or YOLO mode first, then inspect shells, PATH, runtimes, SDKs, package managers, Git tooling, and developer-tool conflicts."
+  default_prompt: "Use $devtools-audit to ask for Audit mode or YOLO mode first, then inspect shells, PATH, runtimes, SDKs, package managers, Git tooling, and developer-tool conflicts, reporting broken or conflicting setup first with evidence, impact, confidence, and practical next steps."

skills/devtools-audit/references/report.md

@@ -14,4 +14,5 @@ For each concrete issue, include:
 - what was found
 - evidence
 - impact
+- confidence
 - recommended next step

skills/security-scan/SKILL.md

@@ -43,6 +43,8 @@ If the user already picked a mode earlier in the same task, do not ask again.
 - in Audit mode, ask before changing anything
 - in YOLO mode, proceed without repeated approval, but still avoid reckless actions
 - if confidence is limited, say so plainly
+- separate confirmed issues from suspicious patterns that still need deeper inspection
+- avoid recommending destructive remediation unless the evidence is strong enough to justify it
 
 ## Output
 

skills/security-scan/agents/openai.yaml

@@ -1,4 +1,4 @@
 interface:
   display_name: "Security Scan"
   short_description: "Check malware signals, suspicious persistence, protection coverage, and obvious security issues"
-  default_prompt: "Use $security-scan to ask for Audit mode or YOLO mode first, then inspect antivirus coverage, firewall status, suspicious processes, persistence, risky permissions, and obvious malware or unwanted-software signals."
+  default_prompt: "Use $security-scan to ask for Audit mode or YOLO mode first, then inspect antivirus coverage, firewall status, suspicious processes, persistence, risky permissions, and obvious malware or unwanted-software signals, clearly separating confirmed issues from suspicious patterns with evidence and confidence."

skills/security-scan/references/report.md

@@ -4,6 +4,7 @@ Use this shape:
 
 1. protection status
 2. highest-risk findings
+   - confirmed or suspicious
    - title
    - evidence
    - confidence

skills/update-audit/SKILL.md

@@ -44,6 +44,8 @@ If the user already picked a mode earlier in the same task, do not ask again.
 - distinguish “outdated” from “optional upgrade”
 - in Audit mode, ask before changing anything
 - in YOLO mode, proceed without repeated approval, but still avoid reckless actions
+- separate urgent security or stability updates from ordinary freshness improvements
+- only recommend replacements when there is a concrete maintenance, security, or usability reason
 
 ## Output