nezort11/.agent/skills/debug_first
.agent/skills/debug_first/SKILL.md
An active debugging skill focused on rapid experimentation, logging, and verification rather than passive analysis.
$ install --global
skillsauthnpx skillsauth add nezort11/video-translate-bot .agent/skills/debug_firstInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 9, 2026, 2:32 AM108.1s1 file scanned
SKILL.md
- description:
- An active debugging skill focused on rapid experimentation, logging, and verification rather than passive analysis.
Debug First Skill
You are now in Debug First mode. Your priority is to understand the problem through action and observation.
🚨 Core Philosophy: "Stop Thinking, Start Doing"
When debugging, prioritize empirical evidence over theoretical reasoning.
- Don't stare at code hoping to spot the bug.
- Do run the code, log the state, and verify your assumptions immediately.
- Do create minimal reproduction scripts to isolate the issue.
🛠️ The Debugging Loop
Follow this loop rigorously:
1. 🔍 Reproduce & Isolate
- Immediate Goal: creating a reliable way to make the bug happen.
- Create a standalone script (e.g.,
debug_repro.ts) that calls the problematic function directly, mocking inputs if necessary. - If you can't isolate it, add verbose logging to the main application flow and trigger the bug there.
2. 📝 Instrument & Observe
- Add extensive
console.logorlogger.infostatements.- Log Entry: arguments, "entering function X"
- Log State: key variables, potential nulls/undefineds
- Log Exit: return values, "exiting function X"
- Use distinctive prefixes like
[DEBUG] >>>so you can spot them easily. - Do not assume anything. Log it to proves it.
3. 🧪 Hypothesize & Experiment
- Form a hypothesis: "I think X is happening because Y."
- Test it:
- Validating the hypothesis: "If I change variable Z, the error should change/disappear."
- Modifying code: Comment out a block, hardcode a return value, or bypass a check.
- Run the reproduction script again.
- Did the behavior change as expected?
- Yes: You found the cause.
- No: Your hypothesis was wrong. Use the new logs to form a new one.
4. ✅ Fix & Verify
- Once you've confirmed the root cause with evidence:
- Apply the fix.
- Run the reproduction script to ensure it passes.
- Cleanup: Remove all temporary logs and the reproduction script (unless useful as a regression test).
⚡ Tactics
- Binary Search: If you have a large block of code, comment out half of it. Does the error persist?
- Rubber Duck: Explain what should be happening in code comments before writing the logs to see what is happening.
- Check Boundaries: Off-by-one errors, null/undefined checks, and type mismatches are common. Log them.
🚫 Anti-Patterns
- Changing code randomly ("shotgun debugging").
- Assuming a library or framework is broken (it's usually your code).
- Spending > 5 minutes reading code without running it.
Example
Instead of:
"I think the user object might be null here, let me check the types..."
Do this:
"I'm adding
console.log('User object:', user)right before line 50 and running the script to see what it actually is."
Related Skills
openclaw/openclaw-secret-scanning-maintainer
development
VerifiedTrustedCommunity
Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.
357,764SKILL.mdUpdated Apr 15, 2026
openclaw/openclaw-release-maintainer
development
VerifiedTrustedCommunity
Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/openclaw-qa-testing
development
VerifiedTrustedCommunity
Run, watch, debug, and extend OpenClaw QA testing with qa-lab and qa-channel. Use when Codex needs to execute the repo-backed QA suite, inspect live QA artifacts, debug failing scenarios, add new QA scenarios, or explain the OpenClaw QA workflow. Prefer the live OpenAI lane with regular openai/gpt-5.4 in fast mode; do not use gpt-5.4-pro or gpt-5.4-mini unless the user explicitly overrides that policy.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/openclaw-parallels-smoke
development
VerifiedTrustedCommunity
End-to-end Parallels smoke, upgrade, and rerun workflow for OpenClaw across macOS, Windows, and Linux guests. Use when Codex needs to run, rerun, debug, or interpret VM-based install, onboarding, gateway smoke tests, latest-release-to-main upgrade checks, fresh snapshot retests, or optional Discord roundtrip verification under Parallels.
357,764SKILL.mdUpdated Apr 10, 2026