find-bugs — for Claude Code find-bugs, jfespanolito.dev, community, for Claude Code, ide skills, Review, changes, branch, vulnerabilities, quality

v1.0.0
GitHub

Sobre este Skill

Cenario recomendado: Ideal for AI agents that need review changes on this branch for bugs, security vulnerabilities, and code quality issues. Resumo localizado: Find bugs, security vulnerabilities, and code quality issues in local branch changes. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

Recursos

Review changes on this branch for bugs, security vulnerabilities, and code quality issues.
Phase 1: Complete Input Gathering
Get the FULL diff: git diff master...HEAD
If output is truncated, read each changed file individually until you have seen every changed line
List all files modified in this branch before proceeding

# Core Topics

for Claude Code Review changes branch vulnerabilities quality
JFEspanolito JFEspanolito
[0]
[0]
Updated: 3/13/2026

Killer-Skills Review

Decision support comes first. Repository text comes second.

Reference-Only Page Review Score: 8/11

This page remains useful for teams, but Killer-Skills treats it as reference material instead of a primary organic landing page.

Original recommendation layer Concrete use-case guidance Explicit limitations and caution
Review Score
8/11
Quality Score
44
Canonical Locale
en
Detected Body Locale
en

Cenario recomendado: Ideal for AI agents that need review changes on this branch for bugs, security vulnerabilities, and code quality issues. Resumo localizado: Find bugs, security vulnerabilities, and code quality issues in local branch changes. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

Por que usar essa habilidade

Recomendacao: find-bugs helps agents review changes on this branch for bugs, security vulnerabilities, and code quality issues. Find bugs, security vulnerabilities, and code quality issues in local branch changes. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

Melhor para

Cenario recomendado: Ideal for AI agents that need review changes on this branch for bugs, security vulnerabilities, and code quality issues.

Casos de Uso Práticos for find-bugs

Caso de uso: Applying Review changes on this branch for bugs, security vulnerabilities, and code quality issues
Caso de uso: Applying Phase 1: Complete Input Gathering
Caso de uso: Applying Get the FULL diff: git diff master...HEAD

! Segurança e Limitações

  • Limitacao: Requires repository-specific context from the skill documentation
  • Limitacao: Works best when the underlying tools and dependencies are already configured

Why this page is reference-only

  • - Current locale does not satisfy the locale-governance contract.
  • - The underlying skill quality score is below the review floor.

Source Boundary

The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.

After The Review

Decide The Next Action Before You Keep Reading Repository Material

Killer-Skills should not stop at opening repository instructions. It should help you decide whether to install this skill, when to cross-check against trusted collections, and when to move into workflow rollout.

Install Path

Start With Installation And Validation

If this skill is worth continuing with, the next step is to confirm the install command, CLI write path, and environment validation.
Trusted Recheck

Cross-Check Against Trusted Picks

If you are still comparing multiple skills or vendors, go back to the trusted collection before amplifying repository noise.
Workflow

Move To Workflow Collections For Team Rollout

When the goal shifts from a single skill to team workflows, approvals, and repeatable execution, move into workflow collections.
Labs Demo

Browser Sandbox Environment

⚡️ Ready to unleash?

Experience this Agent in a zero-setup browser environment powered by WebContainers. No installation required.

Boot Container Sandbox

FAQ & Installation Steps

These questions and steps mirror the structured data on this page for better search understanding.

? Frequently Asked Questions

What is find-bugs?

Cenario recomendado: Ideal for AI agents that need review changes on this branch for bugs, security vulnerabilities, and code quality issues. Resumo localizado: Find bugs, security vulnerabilities, and code quality issues in local branch changes. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

How do I install find-bugs?

Run the command: npx killer-skills add JFEspanolito/jfespanolito.dev. It works with Cursor, Windsurf, VS Code, Claude Code, and 19+ other IDEs.

What are the use cases for find-bugs?

Key use cases include: Caso de uso: Applying Review changes on this branch for bugs, security vulnerabilities, and code quality issues, Caso de uso: Applying Phase 1: Complete Input Gathering, Caso de uso: Applying Get the FULL diff: git diff master...HEAD.

Which IDEs are compatible with find-bugs?

This skill is compatible with Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Use the Killer-Skills CLI for universal one-command installation.

Are there any limitations for find-bugs?

Limitacao: Requires repository-specific context from the skill documentation. Limitacao: Works best when the underlying tools and dependencies are already configured.

How To Install

  1. 1. Open your terminal

    Open the terminal or command line in your project directory.

  2. 2. Run the install command

    Run: npx killer-skills add JFEspanolito/jfespanolito.dev. The CLI will automatically detect your IDE or AI agent and configure the skill.

  3. 3. Start using the skill

    The skill is now active. Your AI agent can use find-bugs immediately in the current project.

! Reference-Only Mode

This page remains useful for installation and reference, but Killer-Skills no longer treats it as a primary indexable landing page. Read the review above before relying on the upstream repository instructions.

Upstream Repository Material

The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.

Upstream Source

find-bugs

Resumo localizado: Find bugs, security vulnerabilities, and code quality issues in local branch changes. This AI agent skill supports Claude Code, Cursor, and

SKILL.md
Readonly
Upstream Repository Material
The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.
Supporting Evidence

Find Bugs

Review changes on this branch for bugs, security vulnerabilities, and code quality issues.

Phase 1: Complete Input Gathering

  1. Get the FULL diff: git diff master...HEAD
  2. If output is truncated, read each changed file individually until you have seen every changed line
  3. List all files modified in this branch before proceeding

Phase 2: Attack Surface Mapping

For each changed file, identify and list:

  • All user inputs (request params, headers, body, URL components)
  • All database queries
  • All authentication/authorization checks
  • All session/state operations
  • All external calls
  • All cryptographic operations

Phase 3: Security Checklist (check EVERY item for EVERY file)

  • Injection: SQL, command, template, header injection
  • XSS: All outputs in templates properly escaped?
  • Authentication: Auth checks on all protected operations?
  • Authorization/IDOR: Access control verified, not just auth?
  • CSRF: State-changing operations protected?
  • Race conditions: TOCTOU in any read-then-write patterns?
  • Session: Fixation, expiration, secure flags?
  • Cryptography: Secure random, proper algorithms, no secrets in logs?
  • Information disclosure: Error messages, logs, timing attacks?
  • DoS: Unbounded operations, missing rate limits, resource exhaustion?
  • Business logic: Edge cases, state machine violations, numeric overflow?

Phase 4: Verification

For each potential issue:

  • Check if it's already handled elsewhere in the changed code
  • Search for existing tests covering the scenario
  • Read surrounding context to verify the issue is real

Phase 5: Pre-Conclusion Audit

Before finalizing, you MUST:

  1. List every file you reviewed and confirm you read it completely
  2. List every checklist item and note whether you found issues or confirmed it's clean
  3. List any areas you could NOT fully verify and why
  4. Only then provide your final findings

Output Format

Prioritize: security vulnerabilities > bugs > code quality

Skip: stylistic/formatting issues

For each issue:

  • File:Line - Brief description
  • Severity: Critical/High/Medium/Low
  • Problem: What's wrong
  • Evidence: Why this is real (not already fixed, no existing test, etc.)
  • Fix: Concrete suggestion
  • References: OWASP, RFCs, or other standards if applicable

If you find nothing significant, say so - don't invent issues.

Do not make changes - just report findings. I'll decide what to address.

Habilidades Relacionadas

Looking for an alternative to find-bugs or another community skill for your workflow? Explore these related open-source skills.

Ver tudo

openclaw-release-maintainer

Logo of openclaw
openclaw

Resumo localizado: 🦞 # OpenClaw Release Maintainer Use this skill for release and publish-time workflow. It covers ai, assistant, crustacean workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

333.8k
0
Inteligência Artificial

widget-generator

Logo of f
f

Resumo localizado: Generate customizable widget plugins for the prompts.chat feed system # Widget Generator Skill This skill guides creation of widget plugins for prompts.chat . It covers ai, artificial-intelligence, awesome-list workflows. This AI agent skill supports Claude Code, Cursor, and

149.6k
0
Inteligência Artificial

flags

Logo of vercel
vercel

Resumo localizado: The React Framework # Feature Flags Use this skill when adding or changing framework feature flags in Next.js internals. It covers blog, browser, compiler workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

138.4k
0
Navegador

pr-review

Logo of pytorch
pytorch

Resumo localizado: Usage Modes No Argument If the user invokes /pr-review with no arguments, do not perform a review . It covers autograd, deep-learning, gpu workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

98.6k
0
Desenvolvedor