| name | investigate |
| description | Root cause analysis for bugs, incidents, and regressions. Produces a structured RCA with reproduction steps, impact assessment, and recommended minimum fix. Used in bug-triage and hotfix patterns. |
| license | MIT |
| allowed-tools | ["file-search","mcp__github__authenticate"] |
investigate
Root cause analysis skill for bugs, incidents, and regressions.
RCA Protocol
Step 1: Reproduce
Read the bug report. Identify minimum reproduction case. Capture: exact steps, environment, expected vs. actual behavior. Check if reproducible in current main branch.
Step 2: Isolate
git bisect if regression. Add targeted logging. Narrow scope to specific file:line range.
Step 3: Root Cause Classification
| Category | Description |
|---|
logic_error | Wrong conditional, off-by-one, incorrect algorithm |
race_condition | Async timing issue, shared state |
missing_validation | Input not validated at boundary |
api_contract_drift | BE/FE contract mismatch |
dependency_change | Library update broke behavior |
config_error | Wrong env var, misconfigured flag |
data_issue | Unexpected data in prod not handled |
Step 4: Impact Assessment
Which users are affected? Is data corrupted or just display wrong? Is there a workaround? Is this a security issue? (→ escalate to kopi-guard immediately)
Step 5: RCA Output
{
"task_id": "...",
"root_cause": "logic_error",
"affected_file": "src/auth/token.ts",
"affected_line_range": "L42-L67",
"reproduction_steps": ["..."],
"impact": { "scope": "all users", "data_corrupted": false },
"recommended_fix": "...",
"escalate_to_guard": false
}
Hotfix Guidance
- Minimum change: fix only the root cause, nothing else (constitution Article VII, strict)
- Reviewer and Guard still run — expedited, not skipped
- Document the break in CHANGELOG before merging