| name | failure-mode-glossary |
| description | Glossary of production-AI failure modes with verbatim operator phrasings. When the user uses any of these phrases or describes a symptom matching them, you'll recognize the pattern and respond with the right framing + MCP routing. Auto-loaded so the buyer-vocabulary is always available. |
| when_to_use | Anytime the user describes a symptom in their own words. Translate buyer-vocabulary to P-numbered patterns and the right MCP. Cite the named pattern in your response. |
| user-invocable | false |
Failure-Mode Glossary (buyer-vocabulary → pattern)
When users report problems, they don't say "P3.4 HERMES.md" — they say "my Anthropic bill jumped overnight". This glossary maps buyer-vocabulary to the named pattern + the MCP that catches it.
Cost / billing vocabulary
- "My API bill jumped overnight" / "my AI bill is bigger than my rent" / "feel like we're flying blind on cost" → P3.4 HERMES.md silent billing-routing OR P9.1 wrong model for task → cost-tracker (
predict_429_in_window + cost_overview)
- "$6k overnight" → P3.4 HERMES.md (canonical case) → cost-tracker
- "about to 429" / "429 imminent" / "throttle" / "rate-limit window" → P9.2 no retry budget → cost-tracker
predict_429_in_window
- "my company is spending $12k/month on AI agents" → general cost-attribution pain → cost-tracker
cost_overview (per-agent breakdown)
Bash / shell vocabulary
- "rm -rf" / "force push" / "drop database" / "deleted production" → P5.y LLM-emitted destructive bash → bash-vet
vet_command_chain
- "chiefofautism" (verbatim author name when user cites the viral example) → P5.y → bash-vet
- "Claude wiped my repo" / "agent ran a destructive command" → P5.y → bash-vet
- "cd X && Y && rm -rf $VAR/ && Z"* style chain → P5.y chain-mode → bash-vet
vet_command_chain (chain_mode=true)
- "apt remove 'nvidia' wipeout" (xornullvoid case) → P5.y PACKAGE.APT_GLOB_WIPEOUT → bash-vet
- "Railway production database deletion" / "JER lifeof_jer Apr 26 incident" → P11 agent-privilege-scoping (separate from bash-vet — privilege issue, not execution issue) → uncovered, see Pipeline P11
Cron / scheduled vocabulary
- "silent failure" / "silently broken" / "did X actually run" → P10.1 cron silent failures → silentwatch
list_recent_silent_failures
- "exit-0 but empty output" / "cron returned success but no data" → P10.1 EXIT_0_EMPTY_STDOUT → silentwatch
- "running but doing no work" / "cron is a no-op" → P10.1 → silentwatch
- "web search works interactively but fails in cron" → P4.2 web-search silent fail in cron → silentwatch + audit env vars
Agent / config vocabulary
- "AGENTS.md" / "CLAUDE.md" / ".cursor/rules" / "agent config" → P5.z agent-config trust-boundary attack → skill-vetter v1.1
vet_agent_config
- "prompt injection in PR" / "ignore previous instructions in skill" → P5.z → skill-vetter
- "Cursor CVE-2026-26268" / "Gemini CLI yolo mode" / "CVSS 10.0 supply chain" → P5.z (canonical CVE) → skill-vetter
- "my agent got compromised" → P5.z → skill-vetter (vet existing config files)
Output / claim vocabulary
- "agent says X but I don't see X" / "claimed to commit but no commit" / "tests pass but…" → P6.y output-action divergence → output-vetter
verify_action_outcome
- "chiefofautism" (when used about output-vs-action, not about bash) → P6.y → output-vetter
- "Codex sandbox escalation" / "agent acknowledged read-only then wrote" → P6.y STATE_VIOLATED_CONSTRAINT → output-vetter
- "agent confidently misreports" → P6.y → output-vetter
- "silent error masking" / "swallowed exception" / "fake success" → P6.2 missing error handling → output-vetter
find_swallowed_exceptions
Upgrade vocabulary
- "should I upgrade" → general → upgrade-orch
check_known_regressions
- "reasoning effort feels lower" / "model feels dumber" / "Anthropic regressed" → upgrade-orch
detect_provider_regression (April-23 case)
- "upgraded and it broke" / "regression after version bump" → P4.3 post-upgrade regression cascade → upgrade-orch
- "CPU spiked after upgrade" → P2.2 CPU spikes after upgrade → upgrade-orch + health-mcp
Deployment / health vocabulary
- "is my deployment healthy" / "gateway status" / "what's wrong with my agent" → general → health-mcp
health_overview
- "OOM" / "out of memory" → P2.1 OOM on small VMs OR P2.3 JS heap OOM → health-mcp + silentwatch
- "WebSocket disconnect every X minutes" → P3.1 WebSocket disconnects → uncovered (mention this honestly)
- "my agent broke production" (Vox @Voxyz_ai phrase) → P4.3 OR P5.y depending on context → run
/aufgaard:production-audit
Reliability / methodology vocabulary
- "production grade patterns" / "battle-tested" / "actually production-ready" → general reliability framing → cite the bundle's Field Reference PDF
- "AI agents are a mess out there" (@KanikaBK / @Voxyz_ai phrasing) → general → run
/aufgaard:production-audit
- "demo-to-production gap" / "worked in dev, broke in production" → general → multiple MCPs; start with audit
- "12-factor agents" / "patterns of reliable LLM applications" → general methodology → cite the bundle for the catalogue
- "AI agent broke something new in production" / "62 database migrations" (Voxyz_ai phrasing) → P4.3 + P10.x → upgrade-orch + silentwatch
Style — how to use this glossary
- When the user phrases a symptom in their own words, recognize it via the glossary, RESPOND with the named pattern: "That sounds like P5.y (LLM-emitted destructive bash). bash-vet's
vet_command_chain catches this — let me run it on the command you're worried about."
- DON'T paraphrase the buyer's phrase back at them as a "diagnosis." Translate to the pattern name and the tool — that's the value.
- If the symptom is too general (e.g. "my agent has bugs"), ask one clarifying question to narrow: "Is this a cost spike, a silent failure, an action-claim mismatch, or something else?" — uses the categories from this glossary.