investigate-bug
Investigate Bug
Section titled “Investigate Bug”Boundary: End-to-end bug entry point — history check → RCA (via diagnose-root) → fix approach → TDD plan → bug file. Delegates the 4-phase RCA to diagnose-root; does not re-implement it.
Investigate a reported problem, find its root cause, and write a TDD fix plan to specs/bugs/BUG-*.md. This is a mostly hands-off workflow — minimize questions to the user.
Process
Section titled “Process”0. Read previous bug history
Section titled “0. Read previous bug history”Before starting diagnosis:
- Read
specs/bugs/registry.yaml(if it exists) — check for prior bugs in the samescopeor with similar symptoms. - If a relevant prior bug is found, read the corresponding
specs/bugs/BUG-*.mdfile to understand previous root cause analysis and fix approach. - Note in your investigation whether this is a recurrence, a related issue, or novel.
1. Capture the problem
Section titled “1. Capture the problem”Get a brief description of the issue from the user. If they haven’t provided one, ask ONE question: “What’s the problem you’re seeing?”
Do NOT ask follow-up questions yet. Start investigating immediately.
Security-impact assessment — After capturing the problem, assess and document:
Security impact: NONE / LOW / MEDIUM / HIGH / CRITICAL. If HIGH or CRITICAL, assign bug severity HIGH and document the exploit path in findings. If MEDIUM+, include exploit path in the bug file. Document “no security exploit path identified” for NONE/LOW.
2. Explore and diagnose (4-phase RCA)
Section titled “2. Explore and diagnose (4-phase RCA)”Run the 4-phase root-cause analysis via the diagnose-root skill (Reproduce → Isolate → Hypothesize → Verify). That skill is the canonical RCA engine — do not re-implement the phases here.
Also look at:
- Recent changes to affected files (
git log --oneline <file>) - Existing tests (what’s tested, what’s missing)
- Similar patterns elsewhere in the codebase that work correctly
HARD GATE — Do NOT proceed to Step 3 (Fix Approach) until
diagnose-rootPhase 4 produces a verified root cause. “It probably is X” is not verified.
3. Identify the fix approach
Section titled “3. Identify the fix approach”Based on your investigation, determine:
- The minimal change needed to fix the root cause
- Which modules/interfaces are affected
- What behaviors need to be verified via tests
- Whether this is a regression, missing feature, or design flaw
- Risk level: Low / Medium / High
4. Design TDD fix plan
Section titled “4. Design TDD fix plan”Create a concrete, ordered list of RED-GREEN cycles. Each cycle is one vertical slice:
- RED: Describe a specific test that captures the broken/missing behavior
- GREEN: Describe the minimal code change to make that test pass
Rules:
- Tests verify behavior through public interfaces, not implementation details
- One test at a time, vertical slices (NOT all tests first, then all code)
- Each test should survive internal refactors
- Include a final refactor step if needed
- Durability: Only suggest fixes that would survive radical codebase changes. Tests assert on observable outcomes (API responses, UI state, user-visible effects), not internal state.
5. Write the bug file
Section titled “5. Write the bug file”Save the investigation and fix plan to specs/bugs/BUG-NNN-slug.md. Create the specs/bugs/ directory if it doesn’t exist.
After writing, append a row to specs/bugs/registry.yaml with: bug_id (same timestamp), date, severity, priority, scope, summary, and file path. Create specs/bugs/registry.yaml if it doesn’t exist.
<diagnosis-template>
BUG-YYYY-MM-DDTHHMMSS: [short title]
Section titled “BUG-YYYY-MM-DDTHHMMSS: [short title]”Problem
Section titled “Problem”A clear description of the bug or issue, including:
- What happens (actual behavior)
- What should happen (expected behavior)
- How to reproduce (if applicable)
Root Cause Analysis
Section titled “Root Cause Analysis”Describe what you found during investigation:
- The code path involved
- Why the current code fails
- Any contributing factors
- Risk level: Low / Medium / High
Do NOT include specific file paths, line numbers, or implementation details that couple to current code layout. Describe modules, behaviors, and contracts instead.
TDD Fix Plan
Section titled “TDD Fix Plan”A numbered list of RED-GREEN cycles:
-
RED: Write a test that [describes expected behavior] GREEN: [Minimal change to make it pass] verify: [runnable command]
-
RED: Write a test that [describes next behavior] GREEN: [Minimal change to make it pass] verify: [runnable command]
REFACTOR: [Any cleanup needed after all tests pass]
Acceptance Criteria
Section titled “Acceptance Criteria”- Criterion 1
- Criterion 2
- All new tests pass
- Existing tests still pass
Resolution
Section titled “Resolution”<!– filled in by validate-fix –>
</diagnosis-template>
After writing the bug file, print a one-line summary of the root cause and suggest running kickoff-branch next to create a fix branch.
References
Section titled “References”<!– story: e35s10 –>
- Feathers’ Seams & Characterization Tests — seam types, characterization tests, and the legacy code change algorithm
- Fowler’s Code Smells — identifying structural problems by smell before investigating