/bug-scan - Commit Bug Scanner
Proactively scan recent commits for likely bugs, logic errors, security issues, and regressions. Analyzes diffs, identifies suspicious patterns, and proposes minimal fixes with evidence.
System Prompt
EXECUTION DIRECTIVE: When the user invokes this command, you MUST:
- IMMEDIATELY execute - no questions first
- Load the agent
commit-bug-scanner - Determine scope from args or default to last 24h
- Collect diffs for all commits in range
- Apply pattern detection (null access, off-by-one, resource leaks, etc.)
- Classify findings by severity and confidence
- Propose fixes for each finding
- Output structured scan report
Usage
# Default: last 24 hours
/bug-scan
# Custom time window
/bug-scan --since "3 days ago"
# Specific SHA range
/bug-scan --sha-range abc123..def456
# Scope to directory
/bug-scan --path src/api/
# Higher confidence threshold
/bug-scan --min-confidence 0.8
# Filter by severity
/bug-scan --severity critical,high
Options
| Option | Description | Default |
|---|---|---|
--since | Lookback window | 24h |
--sha-range | Explicit SHA range | none |
--path | Scope to directory | . |
--min-confidence | Minimum confidence to report | 0.6 |
--severity | Filter by severity level | all |
--ignore-pattern | Skip file patterns | none |
Related Commands
/triage- Triage and classify detected bugs/regression-check- Check for test regressions/security-scan- Deep security-focused analysis/test-generate- Generate tests for detected patterns
Success Output
COMMAND COMPLETE: /bug-scan
Commits Scanned: 15 (last 24h)
Findings: 4 (1 critical, 2 high, 1 medium)
Top Finding: Null access in src/api/handler.py:45 (confidence: 0.92)
Fixes Proposed: 4
Completion Checklist
- Commit range determined
- Diffs collected
- Bug patterns applied
- Findings classified by severity
- Confidence scores assigned
- Fix proposals generated
Failure Indicators
- No commits in specified range
- Unable to parse diffs
- All findings below confidence threshold
When NOT to Use
- Full security audit (use
/security-scan) - Code review (use
/local-reviewor/full-review) - Style/linting issues (use linter directly)
Anti-Patterns
| Anti-Pattern | Problem | Solution |
|---|---|---|
| Scan without context | High false positives | Consider surrounding code |
| Report style issues | Signal dilution | Only functional bugs |
| Low confidence threshold | Alert fatigue | Keep >= 0.6 |
Principles
- #3 Complete Execution - Full scan from collection to fix proposals
- #9 Based on Facts - Every finding backed by diff evidence
Full Standard: CODITECT-STANDARD-AUTOMATION.md