Use when performing comprehensive bug hunting, code auditing, or finding all issues in a codebase before release or after major changes
From bughuntnpx claudepluginhub wilrf/wilrf-marketplace --plugin bughuntThis skill uses the workspace's default tool permissions.
Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.
Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.
Details PluginEval's skill quality evaluation: 3 layers (static, LLM judge), 10 dimensions, rubrics, formulas, anti-patterns, badges. Use to interpret scores, improve triggering, calibrate thresholds.
Comprehensive bug hunting that dispatches parallel agents to find bugs across all layers, then deduplicates findings and produces a prioritized BUGHUNT.md report.
WHEN YOU THINK YOU'RE DONE, YOU'RE NOT.
Every hunter follows three passes. The second pass catches the bugs that hide after you feel "done."
All hunters use the same two-axis classification:
Severity
| Level | Definition |
|---|---|
| CRITICAL | Data loss, auth bypass, RCE, or crash in production |
| HIGH | Functional breakage, security risk, or data corruption |
| MEDIUM | Degraded behavior, edge case failure, or bad UX |
| LOW | Code quality, minor inconsistency, non-critical smell |
Confidence
| Level | Definition |
|---|---|
| HIGH | Direct evidence — code traced, pattern confirmed |
| MEDIUM | Strong pattern — likely real but not fully verified |
| LOW | Theoretical — possible concern without direct proof |
Only CRITICAL/HIGH findings at LOW confidence require a note explaining why they couldn't be verified.
| Hunter | Focus | Severity Range | Color |
|---|---|---|---|
| frontend-hunter | React, CSS, a11y | CRITICAL–LOW | yellow |
| backend-hunter | API, logic, data | CRITICAL–LOW | cyan |
| type-safety-hunter | TypeScript, any | HIGH–LOW | blue |
| error-handling-hunter | try/catch, boundaries | HIGH–LOW | red |
| edge-case-hunter | null, empty, boundaries | HIGH–LOW | magenta |
| security-hunter | XSS, injection, secrets | CRITICAL–HIGH | red |
| database-hunter | queries, RLS, N+1 | CRITICAL–HIGH | green |
| auth-hunter | sessions, tokens, perms | CRITICAL–HIGH | red |
| api-hunter | endpoints, validation | HIGH–MEDIUM | cyan |
| env-hunter | config, env vars | HIGH–MEDIUM | yellow |
| performance-hunter | N+1, memory, bundle | HIGH–MEDIUM | magenta |
| test-hunter | flaky, coverage, assertions | MEDIUM–LOW | green |
| dependency-hunter | outdated, vulnerabilities | CRITICAL–MEDIUM | blue |
file:line across hunters — use highest severity, credit all contributing hunters/bugfixOnly dispatch hunters relevant to the detected stack:
# Bug Hunt Report
**Date:** YYYY-MM-DD
**Stack:** [detected tech stack]
**Hunters dispatched:** N
**Deduplication:** N findings merged
## Summary
| Severity | Count | High Confidence | Low Confidence |
|----------|-------|-----------------|----------------|
| Critical | N | N | N |
| High | N | N | N |
| Medium | N | N | N |
| Low | N | N | N |
## Critical Issues
### [Bug Title]
- **File:** `path/to/file.ts:line`
- **Severity:** CRITICAL
- **Confidence:** HIGH | MEDIUM | LOW
- **Hunter(s):** security-hunter [, other-hunter if deduplicated]
- **Finding:** [What the bug is]
- **Evidence:** [Code snippet or trace]
- **Fix Suggestion:** [What to do]
## High Priority
[same format...]
## Medium Priority
[same format...]
## Low Priority
[same format...]