Skills Guide

Détection de bugs dans la codebase

VérifiéPrudence

Analyse l'ensemble du codebase pour détecter des bogues en lisant les fichiers source et de test, en exécutant la suite de tests et en vérifiant les erreurs logiques, les problèmes de validation d'entrée, les fuites de ressources, etc. Génère un rapport détaillé bugs-summary.md avec des références de fichiers spécifiques et une description de l'impact.

Spar Skills Guide Bot
DeveloppementAvancé
15002/06/2026
Claude Code
#bug-detection#code-review#static-analysis#testing

Recommandé pour

Développeur backendClaude CodeRevue de codeDéveloppeur frontendGénération de testsDéveloppeur fullstack

Notre avis

Analyse l'ensemble du codebase pour identifier des bugs et rédige un rapport détaillé dans bugs-summary.md.

Points forts

  • Examen exhaustif de tous les fichiers source et de test
  • Détection des erreurs logiques, de validation, de concurrence et de sérialisation
  • Exécution de la suite de tests pour vérifier l'état actuel
  • Rapport structuré séparant bugs réels et observations de conception

Limites

  • Ne peut pas corriger les bugs détectés
  • Peut manquer certains bugs nécessitant une connaissance métier spécifique
  • Dépend de la détection automatique du stack et des patterns de fichiers
Quand l'utiliser

Utilisez cette compétence pour un audit de qualité complet avant une release ou après des changements majeurs.

Quand l'éviter

Ne l'utilisez pas pour des revues rapides ou si vous attendez des corrections automatiques.

Analyse de sécurité

Prudence
Score qualité92/100

The skill instructs running test suites via Bash, which could execute arbitrary code from the repository. While this is necessary for its function, it poses a risk if the repository is untrusted, warranting caution.

Points d'attention
  • The skill uses the Bash tool to run test commands (e.g., npm test, gradle test, cargo test) found in the project's build configuration. If the project contains malicious test scripts, running them could execute arbitrary code. No sandboxing or isolation is specified.

Exemples

Full codebase bug audit
Run the find-bugs skill on this project. Read all source and test files, run the test suite, and write a detailed bugs-summary.md in the root.
Check for regressions after refactoring
I just refactored the data layer. Use the find-bugs skill to review the entire codebase and write a bug report, paying special attention to serialization and null handling.

name: find-bugs description: Review the codebase for bugs and write findings to bugs-summary.md allowed-tools:

  • Read
  • Write
  • Glob
  • Grep
  • Bash

Review the entire codebase for bugs and write a summary to bugs-summary.md in the project root.

Steps

  1. Detect the project stack: Read build/manifest files (e.g., package.json, build.gradle.kts, Cargo.toml, go.mod, pyproject.toml, pom.xml) to identify the language, framework, and build tool.

  2. Discover source files: Glob for production source files using patterns appropriate to the detected stack (e.g., src/**/*.ts, **/src/main/**/*.kt, **/*.go, src/**/*.py).

  3. Discover test files: Glob for test files using the project's test directory conventions.

  4. Read build configuration to understand dependencies, plugins, and build setup.

  5. Read every source file to understand the full codebase before looking for issues.

  6. Read every test file to understand what is already tested and whether tests are correct.

  7. Run the test suite using the project's test command (e.g., npm test, ./gradlew test, cargo test, go test ./..., pytest) to check for failing tests.

  8. Identify bugs by looking for:

    • Logic errors (incorrect conditionals, off-by-one, wrong operator)
    • Missing input validation or error handling
    • Mismatched test names vs assertions
    • Visibility issues (public API surface leaking internals)
    • Resource leaks (unclosed clients, streams, connections)
    • Thread safety issues
    • Serialization/deserialization mismatches
    • Silent failures (operations that fail without warning)
    • Incorrect or missing null/error handling
    • Duplicated code that has diverged (copy-paste bugs)

  9. Check for design issues worth noting:

    • Hardcoded values that should be configurable
    • Equality/comparison semantics that may surprise callers
    • Missing API contracts or invariants

  10. Write bugs-summary.md: Create or overwrite bugs-summary.md in the project root with the following structure:

    # Bug Summary

## Open

### 1. Short title

**File:** `path/to/file.ext`

Description of the bug, why it's a problem, and what the expected behavior should be.

### 2. ...

## Design Observations (not bugs, but worth noting)

### Short title

Description.
    • Number each bug sequentially starting at 1
    • Include the file path and relevant line numbers
    • Explain both the problem and its impact
    • Separate true bugs from design observations
    • If a previous bugs-summary.md exists, read it first and preserve any items marked as "FIXED" in a Fixed section at the top

  11. Report: Summarize how many bugs were found and give a brief overview of the findings.

Important

  • Read all source files before reporting bugs — do not guess based on file names alone.
  • Every reported bug must reference a specific file and describe a concrete problem.
  • Do not report stylistic preferences or nitpicks as bugs.
  • Do not make any code changes — only analyze and write the summary file.
  • Run the tests to verify the current state; note any failures as bugs.
Skills similaires

Expert Next.js App Router

Developpement

Un skill qui transforme Claude en expert Next.js App Router.

Claude CodeCursoradvanced
890
234
2,846
Admin

Générateur de README

Developpement

Crée des README.md professionnels et complets pour vos projets.

claudeCursorWindsurfbeginner
259
72
821
Admin

Rédacteur de Documentation API

Developpement

Génère de la documentation API complète au format OpenAPI/Swagger.

claudeCursorWindsurfintermediate
156
44
682
Admin