Stats
Actions
Tags
From bughunt
Use when performing comprehensive bug hunting, code auditing, or finding all issues in a codebase before release or after major changes
How this skill is triggered — by the user, by Claude, or both
Slash command
/bughunt:bughuntThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Comprehensive bug hunting that dispatches parallel agents to find bugs across all layers,
Comprehensive bug hunting that dispatches parallel agents to find bugs across all layers, then deduplicates findings and produces a prioritized BUGHUNT.md report.
WHEN YOU THINK YOU'RE DONE, YOU'RE NOT.
Every hunter follows three passes. The second pass catches the bugs that hide after you feel "done."
All hunters use the same two-axis classification:
Severity
| Level | Definition |
|---|---|
| CRITICAL | Data loss, auth bypass, RCE, or crash in production |
| HIGH | Functional breakage, security risk, or data corruption |
| MEDIUM | Degraded behavior, edge case failure, or bad UX |
| LOW | Code quality, minor inconsistency, non-critical smell |
Confidence
| Level | Definition |
|---|---|
| HIGH | Direct evidence — code traced, pattern confirmed |
| MEDIUM | Strong pattern — likely real but not fully verified |
| LOW | Theoretical — possible concern without direct proof |
Only CRITICAL/HIGH findings at LOW confidence require a note explaining why they couldn't be verified.
| Hunter | Focus | Severity Range | Color |
|---|---|---|---|
| frontend-hunter | React, CSS, a11y | CRITICAL–LOW | yellow |
| backend-hunter | API, logic, data | CRITICAL–LOW | cyan |
| type-safety-hunter | TypeScript, any | HIGH–LOW | blue |
| error-handling-hunter | try/catch, boundaries | HIGH–LOW | red |
| edge-case-hunter | null, empty, boundaries | HIGH–LOW | magenta |
| security-hunter | XSS, injection, secrets | CRITICAL–HIGH | red |
| database-hunter | queries, RLS, N+1 | CRITICAL–HIGH | green |
| auth-hunter | sessions, tokens, perms | CRITICAL–HIGH | red |
| api-hunter | endpoints, validation | HIGH–MEDIUM | cyan |
| env-hunter | config, env vars | HIGH–MEDIUM | yellow |
| performance-hunter | N+1, memory, bundle | HIGH–MEDIUM | magenta |
| test-hunter | flaky, coverage, assertions | MEDIUM–LOW | green |
| dependency-hunter | outdated, vulnerabilities | CRITICAL–MEDIUM | blue |
file:line across hunters — use highest severity, credit all contributing hunters/bugfixOnly dispatch hunters relevant to the detected stack:
# Bug Hunt Report
**Date:** YYYY-MM-DD
**Stack:** [detected tech stack]
**Hunters dispatched:** N
**Deduplication:** N findings merged
## Summary
| Severity | Count | High Confidence | Low Confidence |
|----------|-------|-----------------|----------------|
| Critical | N | N | N |
| High | N | N | N |
| Medium | N | N | N |
| Low | N | N | N |
## Critical Issues
### [Bug Title]
- **File:** `path/to/file.ts:line`
- **Severity:** CRITICAL
- **Confidence:** HIGH | MEDIUM | LOW
- **Hunter(s):** security-hunter [, other-hunter if deduplicated]
- **Finding:** [What the bug is]
- **Evidence:** [Code snippet or trace]
- **Fix Suggestion:** [What to do]
## High Priority
[same format...]
## Medium Priority
[same format...]
## Low Priority
[same format...]
npx claudepluginhub wilrf/wilrf-marketplace --plugin bughuntRuns a structured 14-dimension bug hunt using Draft context (architecture, tech-stack, product) to eliminate false positives. Generates severity-ranked reports with code evidence, data flow traces, and optional regression tests.
Proactively hunts for bugs by analyzing codebase risk (complexity, coverage, structure), then spawns investigators that write reproducing tests to validate suspected bugs. Advisory only — produces findings and tickets, no fixes.
Systematic code review across security, performance, maintainability, error handling, testing, and accessibility with severity-ranked findings and specific fixes.