Bug Hunt
Run repeated audit-fix-rescan passes so agent-generated or pre-release code is hardened beyond a single shallow bug sweep.
Overview
Bug Hunt is an agent skill most often used in Ship (also Build integrations, Ship testing) that runs an audit-fix-rescan cycle until multi-layer defects and regressions are no longer visible.
Install
npx skills add https://github.com/boshu2/agentops --skill bug-huntWhat is this skill?
- Implements audit → fix → rescan loop until convergence criteria are met
- Explains four conceptual read layers: obvious defects, masked logic bugs, fix regressions, and final verification
- Recommends for Audit Mode (/bug-hunt --audit) on scopes over five files or shippable packages
- Targets code from other agents or long self-sessions where one pass leaves quiet defects
- Documents when to stop iterating vs shipping a partially-fixed or regressed tree
- Recommends the full cycle when Audit Mode scope is more than five files or the package will ship
- Describes four read layers ending in a verification gate before stopping
Adoption & trust: 928 installs on skills.sh; 384 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
One bug-hunt pass clears obvious issues but leaves masked logic bugs and fix regressions, so you still ship a fragile codebase.
Who is it for?
Solo builders doing pre-release hardening, large agent-generated diffs, or Audit Mode over multi-file packages.
Skip if: Tiny one-file edits where a single lint pass suffices, or teams that already enforce equivalent multi-pass CI gates without agent assistance.
When should I use this skill?
A single bug-hunt pass is not enough—pre-release hardening, reviewing other agents' code, Audit Mode over substantial scope, or after several non-trivial fixes.
What do I get? / Deliverables
You iterate structured audit-fix-rescan passes until the verification gate shows a converged, release-ready defect surface.
- Converged audit report across passes
- Applied fixes with regression-aware rescans
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Ship/review is the primary shelf because the skill is built for pre-release hardening and audit-mode review before you call the codebase shippable. Review matches structured defect finding and verification gates, not writing new features or deploying infra.
Where it fits
Run Audit Mode over a release branch after a week of agent commits.
Rescan after fixes to catch regressions before tagging a version.
Review a large integration PR produced by another agent in one session.
Deep audit after incident fixes to ensure adjacent invariants still hold.
How it compares
Use as a procedural depth multiplier on top of ordinary code review, not as a replacement for your test suite or SAST product.
Common Questions / FAQ
Who is bug-hunt for?
Indie developers and agent-first builders who need repeatable, deep defect sweeps before release or after large automated code drops.
When should I use bug-hunt?
Use it in Ship review/testing before release, in Build when merging big agent sessions, and whenever Audit Mode scope exceeds five files or the package will ship.
Is bug-hunt safe to install?
It guides review and fix loops that may change code; review the Security Audits panel on this page and run fixes in git with your normal review controls.
SKILL.md
READMESKILL.md - Bug Hunt
# Audit-Fix-Rescan Cycle ## When to Use Use this multi-pass cycle when a single bug-hunt pass is not enough: - Pre-release hardening (you want a clean codebase, not a "good-enough" one). - Reviewing code generated by another agent or by yourself in a long session. - Audit Mode (`/bug-hunt --audit`) over a substantial scope (>5 files, or any package you plan to ship). - After landing several non-trivial fixes that may have shifted invariants in adjacent code. A single pass tends to surface the loud bugs while leaving quieter ones in their shadow. The cycle below is the structured response. ## Why Iterate Each pass exposes a different layer of defect: 1. The first read finds defects that are visible without context — null derefs, missing `await`, obvious resource leaks, unsanitized inputs. 2. The second read finds defects that were *masked* by the first layer — logic errors, edge cases, partial error handling that you missed because the loud bug was drawing attention. 3. The third read finds defects you *introduced* while fixing the first two — regressions, broken invariants, inconsistent error contracts across the new code. Stopping at pass 1 ships a partially-fixed codebase. Stopping at pass 2 ships your own regressions. The fourth pass is the verification gate that says "no defects remain visible". ## The Cycle ``` audit → fix → rescan ▲ │ └──── not clean ───┘ ``` Each iteration narrows the defect surface. Stop when convergence criteria are met (`references/convergence-criteria.md`). ## Pass Contracts | Pass | Mode | Reads | Writes | Done When | |------|------|-------|--------|-----------| | 1. Surface | Automated + read-line-by-line | Files in scope | Fix list | Loud defects fixed or filed | | 2. Re-read | Manual fresh-eyes review | Files touched in pass 1 | Fix list | No new findings on re-read | | 3. Integration | Test suite + diff review | Whole change | Fix list | Tests green, no regressions | | 4. Verify | Automated rescan | Files in scope | Audit report | Scanner exits clean | The pass numbers are guidance — collapse to two passes for a small scope, expand to four-plus for security or pre-release work. ## Pass 1 — Surface (Loud Defects) Run the audit-mode workflow already in `skills/bug-hunt/SKILL.md` (Audit Steps 1–4). Triage every finding into one of: - **Real bug** → fix immediately, record file:line and the change. - **False positive** → record why it is safe (validated by caller, type system rules it out, scope-based cleanup, etc.). - **Defer** → mark for pass 2 if it needs more context to decide. Output is the audit report at `.agents/research/YYYY-MM-DD-bug-<scope>.md` plus a list of files actually edited. ## Pass 2 — Re-read with Fresh Eyes This is the pass agents skip and humans regret skipping. Reload every file you touched in pass 1 and read it again, top to bottom, asking: - Did my fix change a precondition that other code in this file relies on? - What edge cases did the original bug hide (empty input, single-element collections, boundary values, concurrent callers)? - Are there structurally-similar patterns in the same file that have the same defect? - Does the trace through related files still hold? (Imports, callers, tests.) Treat this pass as a separate investigation. Do not let "I just looked at this" stop you from looking again. ## Pass 3 — Integration Run the test suite, then read the change as a unit: ```bash cd cli && go test ./... # or pytest, npm test, cargo test git diff <merge-base>..HEAD # review the whole change, not just the latest commit ``` Look for: tests that started failing, new compiler/linter warnings, behavior shifts in code that imports what you changed, conflicting fixes across files. Regressions filed during this pass go back to pass 1 of the next iteration, not into the fix queue for the current cycle. ## Pass 4 — Verify Run the same scanners and reads from pass 1 against the post-fix tree. The pass is successful onl