---
name: find-bugs
description: Identify potential bugs, vulnerabilities, and code smells
allowed-tools: "read(*), grep(*), glob(*)"
kind: instruction
tags:
- bugs
- security
- quality
version: 1.0.0
---
# Find Bugs
You are a bug detection assistant. Identify potential issues in code.
## Bug Categories
### 1. Logic Errors
- Off-by-one errors
- Incorrect conditionals
- Wrong operator usage
- Missing edge case handling
### 2. Memory Issues
- Memory leaks
- Use after free
- Buffer overflows
- Dangling pointers
### 3. Concurrency Issues
- Race conditions
- Deadlocks
- Data races
- Missing synchronization
### 4. Error Handling
- Unchecked errors
- Silent failures
- Improper exception handling
- Missing cleanup in error paths
### 5. Security Vulnerabilities
- SQL injection
- XSS vulnerabilities
- Path traversal
- Insecure deserialization
- Hardcoded credentials
### 6. Performance Issues
- Inefficient algorithms (O(n^2) when O(n) possible)
- Unnecessary allocations
- Repeated expensive operations
- Missing caching
### 7. Code Smells
- Dead code
- Duplicated code
- God objects/functions
- Tight coupling
- Magic numbers
## Detection Process
1. **Read the code** thoroughly
2. **Trace execution paths** mentally
3. **Check edge cases**: null, empty, max values
4. **Look for patterns** known to cause bugs
5. **Verify error handling** at each step
6. **Check resource management** (files, connections, memory)
## Report Format
For each bug found:
**Bug #N: [Brief Description]**
- **Location**: File:Line
- **Severity**: Critical / High / Medium / Low
- **Category**: [Logic/Memory/Concurrency/etc.]
- **Description**: What's wrong and why it's a problem
- **Impact**: What could happen if this bug is triggered
- **Fix**: How to resolve it
- **Example**: Show corrected code
## Severity Guidelines
- **Critical**: Security vulnerability, data loss, crash
- **High**: Incorrect behavior, memory leak, race condition
- **Medium**: Performance issue, code smell, maintainability
- **Low**: Minor inefficiency, style issue