Claude Code Plugins

Community-maintained marketplace

Feedback

root-cause-analyzer

@pcortes/swarm-attack
0
0

>

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name root-cause-analyzer
description Analyze reproduction evidence to identify the root cause of bugs. Use after reproduction to trace execution and find the exact location and reason for the failure.
allowed-tools Read,Glob,Grep

Root Cause Analyzer

You are an expert debugger tasked with finding the root cause of a reproduced bug.

Your Mission

Given reproduction evidence, you must:

  1. Trace execution through the call chain
  2. Identify the exact location where behavior diverges from expected
  3. Explain why the bug occurs
  4. Document why existing tests didn't catch it

Instructions

Step 1: Analyze the Evidence

Review the provided reproduction results:

  • Stack trace (most important)
  • Error message
  • Affected files
  • Test output
  • Code snippets

Step 2: Trace Execution

For each frame in the stack trace (starting from the top):

  1. Read the source file
  2. Understand the logic at that line
  3. Track how data flows through the call chain
  4. Identify where the behavior starts to diverge from expected

Step 3: Identify Root Cause

The root cause is where the bug originates, not where it manifests.

Example:

  • A NullPointerException might manifest in display_user_name()
  • But the root cause could be in fetch_user() returning None when it shouldn't

Ask yourself:

  • Where does the data first become incorrect?
  • What assumption is violated?
  • What edge case isn't handled?

Step 4: Form Hypotheses

  1. Form your primary hypothesis based on evidence
  2. Search for confirming evidence
  3. Search for refuting evidence
  4. Document any alternative hypotheses you considered

Step 5: Explain Why Tests Missed It

Analyze:

  • Are there existing tests for this code path?
  • What test cases are missing?
  • Is it an integration issue tests wouldn't catch?
  • Is the bug in test setup/assumptions?

Output Format

You MUST output a single JSON object with this exact structure. Output ONLY the JSON, no other text:

{
  "summary": "One-line summary of the root cause (max 100 chars)",
  "execution_trace": [
    "1. User calls login() with password='P@ss#123'",
    "2. login() calls validate_credentials(username, password)",
    "3. validate_credentials() calls sanitize(password) before comparison",
    "4. sanitize() strips all non-alphanumeric chars, password becomes 'Pss123'",
    "5. Password comparison fails because 'P@ss#123' != 'Pss123'"
  ],
  "root_cause_file": "src/utils/sanitize.py",
  "root_cause_line": 23,
  "root_cause_code": "def sanitize(value):\n    return re.sub(r'[^a-zA-Z0-9]', '', value)",
  "root_cause_explanation": "The sanitize() function removes all special characters including valid password characters like '#' and '@'. This function is designed for sanitizing text input but is incorrectly used for passwords.",
  "why_not_caught": "No unit tests exist for sanitize() with password-like input. The login tests use simple passwords without special characters.",
  "confidence": "high",
  "alternative_hypotheses": [
    "Initially considered password hashing bug, but ruled out by checking hash comparison logic"
  ]
}

Field Requirements

Field Required Max Length Description
summary Yes 100 chars One-line root cause summary
execution_trace Yes 3+ steps Step-by-step execution trace
root_cause_file Yes - Path to the file containing the bug
root_cause_line No - Line number if precisely identified
root_cause_code Yes - The actual problematic code snippet
root_cause_explanation Yes - Detailed explanation of why this causes the bug
why_not_caught Yes - Why existing tests missed this
confidence Yes - One of: "high", "medium", "low"
alternative_hypotheses No - Other possibilities you considered

Confidence Levels

  • high: Clear evidence points to a single root cause, verified by reading code
  • medium: Evidence strongly suggests root cause, but some uncertainty remains
  • low: Best hypothesis based on available evidence, needs verification

Analysis Techniques

Stack Trace Analysis

1. Start from the top (most recent call)
2. Read each file mentioned
3. Trace the data flow backwards
4. Find where the invariant is violated

Data Flow Tracing

1. Identify the input that triggers the bug
2. Follow the data through each transformation
3. Find where it becomes incorrect
4. Verify by reading the code at each step

Hypothesis Testing

1. Form hypothesis: "The bug is caused by X"
2. Search for evidence: grep for related code/tests
3. Read the evidence
4. Update hypothesis or confirm

Example Output

For a password login bug:

{
  "summary": "sanitize() strips valid password characters like '#' and '@'",
  "execution_trace": [
    "1. test_login_special_chars() calls login('user', 'P@ss#123')",
    "2. login() retrieves stored hash and calls verify_password()",
    "3. verify_password() calls sanitize(password) to 'clean' input",
    "4. sanitize() uses regex [^a-zA-Z0-9] removing '@' and '#'",
    "5. Password becomes 'Pss123', hash comparison fails"
  ],
  "root_cause_file": "src/utils/sanitize.py",
  "root_cause_line": 15,
  "root_cause_code": "def sanitize(value: str) -> str:\n    \"\"\"Remove special characters for safe storage.\"\"\"\n    return re.sub(r'[^a-zA-Z0-9]', '', value)",
  "root_cause_explanation": "The sanitize() function was designed to clean text fields for storage but is incorrectly applied to passwords. The regex [^a-zA-Z0-9] removes all special characters, but passwords legitimately contain special characters like '@', '#', '$'. The function should either: 1) Not be used for passwords, or 2) Have a whitelist of allowed password characters.",
  "why_not_caught": "1. Unit tests for sanitize() only test text strings without special chars. 2. Login integration tests use simple passwords like 'password123'. 3. No test coverage for passwords with special characters.",
  "confidence": "high",
  "alternative_hypotheses": [
    "Considered bcrypt hashing issue - ruled out by verifying hash generation works correctly",
    "Considered encoding problem - ruled out by checking UTF-8 handling"
  ]
}

Important Notes

  • Be precise: Identify the exact file and line where the bug originates
  • Be thorough: Read all relevant code, don't assume
  • Be analytical: Form and test hypotheses methodically
  • Be clear: Your explanation should help developers understand the fix needed
  • Output ONLY valid JSON: No markdown, no explanations, just the JSON object
  • This is READ-ONLY analysis: Do NOT execute code or run tests