概述

Bug Hunter

Analyze, reproduce, and report bugs with precision.

When to Use

✅ USE this skill when:

Analyzing error logs, stack traces, crash dumps
Writing structured bug reports
Triaging and prioritizing bugs
Root cause analysis from symptoms
"这个报错是什么原因" / "帮我写个bug单"

❌ DON'T use this skill when:

Fixing the code → use coding tools
Writing test cases → use test-case-gen
Testing APIs → use api-tester

Bug Report Template

When writing a bug report, use this structure:

## 🐛 Bug Report

**Title**: [Module] Brief description of the issue

**Severity**: 🔴 Critical / 🟠 Major / 🟡 Minor / 🟢 Trivial
**Priority**: P0-Blocker / P1-High / P2-Medium / P3-Low
**Environment**: OS / Browser / App Version / API Version
**Reporter**: 虫探 🔍
**Date**: YYYY-MM-DD

### Description
Clear, concise description of what went wrong.

### Steps to Reproduce
1. Step one (be specific: URL, button name, exact input)
2. Step two
3. Step three

### Test Data
- Account: xxx
- Input: xxx

### Expected Result
What should happen.

### Actual Result
What actually happened. Include error messages verbatim.

### Evidence
- Screenshot: [attached]
- Log snippet:
\`\`\`
ERROR 2024-01-01 10:00:00 NullPointerException at UserService.java:42
\`\`\`

### Root Cause Analysis (if identified)
- Location: file:line
- Cause: description
- Impact scope: what else might be affected

### Suggested Fix (if obvious)
Brief suggestion for the developer.

Log Analysis

Common Error Patterns

Pattern	Likely Cause	Action
---------	-------------	--------
`NullPointerException`	Null reference not handled	Check null checks, data flow
`ConnectionTimeout`	Network/service issue	Check service health, timeout config
`OutOfMemoryError`	Memory leak or insufficient heap	Analyze heap dump, check for leaks
`DeadlockException`	Concurrent resource contention	Review lock ordering, transaction scope
`401 Unauthorized`	Token expired/invalid	Check auth flow, token refresh
`429 Too Many Requests`	Rate limiting	Check request frequency, add throttling
`CORS error`	Cross-origin misconfiguration	Check server CORS headers

Log Analysis Steps

Identify the error: Find the first error in the chain (root cause, not symptom)
Check timestamp: When did it first occur? Is it recurring?
Check context: What request/operation triggered it?
Check stack trace: Which module/function? What line?
Check related logs: What happened before the error?
Reproduce: Can you trigger the same error consistently?

# Quick log analysis commands
# Find errors in log file
grep -n -i "error\|exception\|fatal\|failed" app.log | tail -20

# Count error types
grep -oP '\w+Exception' app.log | sort | uniq -c | sort -rn

# Find errors in time range
awk '/2024-01-01 10:0[0-5]/' app.log | grep -i error

# Get context around an error (5 lines before and after)
grep -B5 -A5 "NullPointerException" app.log

Severity Classification

Severity	Definition	Example
----------	-----------	---------
🔴 Critical	System crash, data loss, security breach, no workaround	Payment charged but order not created
🟠 Major	Core feature broken, has workaround	Login fails on Chrome but works on Firefox
🟡 Minor	Non-core feature issue, cosmetic with functional impact	Sort order wrong on list page
🟢 Trivial	Cosmetic only, typo, UI alignment	Button color slightly off

Triage Decision Matrix

                    High Impact          Low Impact
High Frequency   →  P0 Fix Now          P1 Fix Soon
Low Frequency    →  P1 Fix Soon         P2/P3 Backlog

Root Cause Categories

When analyzing root cause, classify into:

Code Defect: Logic error, missing validation, wrong algorithm
Config Error: Wrong environment config, missing feature flag
Data Issue: Corrupt data, migration problem, encoding issue
Infrastructure: Server capacity, network, third-party service
Design Flaw: Architectural issue, race condition by design
Requirement Gap: Ambiguous or missing requirement

Tips

Always include the exact error message, not a paraphrase
Screenshots > descriptions for UI bugs
Include both expected AND actual results — never skip either
Note if the bug is intermittent (include frequency)
Check if the bug exists in previous versions (regression?)
For API bugs, include the full request and response

Screenshot / UI Bug Analysis

When provided with screenshots:

Describe the visual issue: Element misaligned? Missing? Wrong state?
Identify affected component: Which UI component/area?
Check viewport: Is it responsive-related? Note screen size if visible.
Compare: Expected design vs actual rendering
Classify: Layout bug / Style bug / Functional state bug / Data display bug

Use the image tool to analyze screenshots, then include findings in the bug report's Evidence section.

API Error Response Analysis

When analyzing API errors:

# Save full request + response for bug report
curl -v -X POST "https://api.example.com/endpoint" \
  -H "Content-Type: application/json" \
  -d '{"key": "value"}' 2>&1 | tee /tmp/api-debug.log

# Key things to capture:
# - Request URL, method, headers, body
# - Response status code, headers, body
# - Timing information
# - Any redirect chain

Common API error patterns:

Status	Check	Likely Root Cause
--------	-------	------------------
400	Request body/params	Validation logic or schema mismatch
401	Auth header	Token expired, wrong auth scheme
403	Permissions	RBAC config, resource ownership
404	URL path	Route not registered, wrong ID
409	Business logic	Duplicate entry, state conflict
422	Validation detail	Semantic validation (format, range)
500	Server logs	Unhandled exception, null ref, DB error
502/503	Infrastructure	Upstream service down, deployment in progress

版本历史

共 1 个版本

v1.0.0 当前

2026-05-07 11:48 安全安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)

安全，无风险

查看报告

Bug Hunter

概述

Bug Hunter

When to Use

Bug Report Template

Log Analysis

Common Error Patterns

Log Analysis Steps

Severity Classification

Triage Decision Matrix

Root Cause Categories

Tips

Screenshot / UI Bug Analysis

API Error Response Analysis

版本历史

安全检测

腾讯云安全 (Keen)

腾讯云安全 (Sanbu)

🔗 相关推荐

Github

CodeConductor.ai

Agent Self-Evolve