Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From bughunt
Use when performing comprehensive bug hunting, code auditing, or finding all issues in a codebase before release or after major changes
npx claudepluginhub wilrf/wilrf-marketplace --plugin bughuntHow this skill is triggered — by the user, by Claude, or both
Slash command
/bughunt:bughuntThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Comprehensive bug hunting that dispatches parallel agents to find bugs across all layers,
Performs exhaustive 14-dimension bug hunt on Git repos using Draft context (architecture, tech-stack, product) to eliminate false positives. Delivers severity-ranked report with code evidence, data flow traces, fixes; optional regression tests. For bug finding, audits, vulnerability scans.
Proactively hunts for bugs by analyzing codebase risk (complexity, coverage, structure), then spawns investigators that write reproducing tests to validate suspected bugs. Advisory only — produces findings and tickets, no fixes.
Systematic bug investigation using a 4-phase workflow (Root Cause → Pattern → Hypothesis → Fix) and proactive audit sweeps. Outputs diagnosis reports and optional fix commits.
Share bugs, ideas, or general feedback.
Comprehensive bug hunting that dispatches parallel agents to find bugs across all layers, then deduplicates findings and produces a prioritized BUGHUNT.md report.
WHEN YOU THINK YOU'RE DONE, YOU'RE NOT.
Every hunter follows three passes. The second pass catches the bugs that hide after you feel "done."
All hunters use the same two-axis classification:
Severity
| Level | Definition |
|---|---|
| CRITICAL | Data loss, auth bypass, RCE, or crash in production |
| HIGH | Functional breakage, security risk, or data corruption |
| MEDIUM | Degraded behavior, edge case failure, or bad UX |
| LOW | Code quality, minor inconsistency, non-critical smell |
Confidence
| Level | Definition |
|---|---|
| HIGH | Direct evidence — code traced, pattern confirmed |
| MEDIUM | Strong pattern — likely real but not fully verified |
| LOW | Theoretical — possible concern without direct proof |
Only CRITICAL/HIGH findings at LOW confidence require a note explaining why they couldn't be verified.
| Hunter | Focus | Severity Range | Color |
|---|---|---|---|
| frontend-hunter | React, CSS, a11y | CRITICAL–LOW | yellow |
| backend-hunter | API, logic, data | CRITICAL–LOW | cyan |
| type-safety-hunter | TypeScript, any | HIGH–LOW | blue |
| error-handling-hunter | try/catch, boundaries | HIGH–LOW | red |
| edge-case-hunter | null, empty, boundaries | HIGH–LOW | magenta |
| security-hunter | XSS, injection, secrets | CRITICAL–HIGH | red |
| database-hunter | queries, RLS, N+1 | CRITICAL–HIGH | green |
| auth-hunter | sessions, tokens, perms | CRITICAL–HIGH | red |
| api-hunter | endpoints, validation | HIGH–MEDIUM | cyan |
| env-hunter | config, env vars | HIGH–MEDIUM | yellow |
| performance-hunter | N+1, memory, bundle | HIGH–MEDIUM | magenta |
| test-hunter | flaky, coverage, assertions | MEDIUM–LOW | green |
| dependency-hunter | outdated, vulnerabilities | CRITICAL–MEDIUM | blue |
file:line across hunters — use highest severity, credit all contributing hunters/bugfixOnly dispatch hunters relevant to the detected stack:
# Bug Hunt Report
**Date:** YYYY-MM-DD
**Stack:** [detected tech stack]
**Hunters dispatched:** N
**Deduplication:** N findings merged
## Summary
| Severity | Count | High Confidence | Low Confidence |
|----------|-------|-----------------|----------------|
| Critical | N | N | N |
| High | N | N | N |
| Medium | N | N | N |
| Low | N | N | N |
## Critical Issues
### [Bug Title]
- **File:** `path/to/file.ts:line`
- **Severity:** CRITICAL
- **Confidence:** HIGH | MEDIUM | LOW
- **Hunter(s):** security-hunter [, other-hunter if deduplicated]
- **Finding:** [What the bug is]
- **Evidence:** [Code snippet or trace]
- **Fix Suggestion:** [What to do]
## High Priority
[same format...]
## Medium Priority
[same format...]
## Low Priority
[same format...]