Run any Skill in Manus with one click

$pwd:

agh-cleanup-failure-paths

Name: Agh Cleanup Failure Paths
Author: compozy

// Audits Go functions with multi-step setup or teardown for cleanup discipline on every error return: cancel any context created or extended, close every opened resource, release every claim or lease, stop every spawned subprocess, drain every HTTP body. Forbids http.DefaultClient in production code paths. Use when editing functions in internal/acp, internal/session, internal/scheduler, internal/coordinator, internal/extension, internal/automation, internal/store, internal/memory, internal/api, or any subprocess or registry handler. Do not use for read-only helpers, pure data structures, or tests.

Run Skill in Manus

$ git log --oneline --stat

stars:127

forks:6

updated:May 12, 2026 at 18:12

File Explorer

3 files

SKILL.md

readonly

name	agh-cleanup-failure-paths
description	Audits Go functions with multi-step setup or teardown for cleanup discipline on every error return: cancel any context created or extended, close every opened resource, release every claim or lease, stop every spawned subprocess, drain every HTTP body. Forbids http.DefaultClient in production code paths. Use when editing functions in internal/acp, internal/session, internal/scheduler, internal/coordinator, internal/extension, internal/automation, internal/store, internal/memory, internal/api, or any subprocess or registry handler. Do not use for read-only helpers, pure data structures, or tests.
trigger	implicit

Cleanup Failure Paths

Hermes review issue #001 cost a real PR round because a procCtx leaked when registry registration failed. The happy path was clean; the partial-failure path leaked. This pattern recurs in every AGH PR that adds multi-step setup. Activate this skill before editing any function that creates/extends a context, registers a resource, opens a connection, or spawns a subprocess.

Procedures

Step 1: Identify Setup-Step Boundaries

Read the target function and enumerate every "step" that allocates a resource: context creation, file open, listener bind, registry register, lease claim, goroutine spawn, subprocess start, HTTP request, mutex lock, transaction begin.
For each step, identify the cleanup action that pairs with it: cancel(), Close(), Unregister(), Release(), Stop(), defer cancel(), tx.Rollback().
Read references/cleanup-table.md for the canonical pairing table.

Step 2: Walk Every Error Return

List every return ... err statement in the function.
For each one, walk backward through the function body and confirm every resource allocated above the return point is cleaned up — either by an immediate defer adjacent to its allocation OR by an explicit cleanup call before the return.
If a resource is allocated and the only cleanup is on the success path, that's a leak. Add cleanup on the error path.
Treat panic recovery and runtime.Goexit as additional exit paths — defer covers both.

Step 3: Apply the Defer-Adjacent Rule

Pair each WithCancel/WithTimeout/WithDeadline with a defer cancel() on the next line.
Pair each os.Open/net.Listen/db.Begin/tx.Begin with a defer Close()/defer tx.Rollback() on the next line.
Goroutine spawns paired with WaitGroup increment and a defer wg.Done() inside the goroutine.
Subprocess starts paired with a deferred Stop() whose context respects select { case <-proc.Done(): case <-ctx.Done(): }.

Step 4: Detached-Lifetime Discipline

Any work that outlives the request (prompt execution, channel send, automation job) MUST detach via context.WithoutCancel(ctx).
The writer loop stays bound to the request context — detach the execution, not the response.
context.WithoutCancel does NOT preserve deadlines — re-attach with WithDeadline if needed.
Expose explicit cancel endpoints for detached work.

Step 5: Outbound-Call Hygiene

http.DefaultClient is forbidden in production paths. Every outbound HTTP call uses an explicit timeout.
Drain response bodies via io.Copy(io.Discard, resp.Body) then resp.Body.Close() — do not skip the drain.
For TLS-sensitive endpoints, require HTTPS and OAuth/PKCE per docs/_memory/lessons/L-008-schema-migrations-mandatory.md (no, that's a sibling lesson — see Hermes review issues 015/016/017 for OAuth discovery, RFC 8414 well-known URLs, and HTTPS enforcement).

Step 6: Test the Failure Paths

For each error return identified in Step 2, write or extend a test that triggers that exact failure and asserts the cleanup happened (resource released, context cancelled, lease unblocked, subprocess reaped).
Read references/test-failure-paths.md for canonical patterns.
Mocking via interfaces is preferred over runtime fault injection.

Error Handling

Function is too large to audit in one pass: break the audit at the function boundary; audit only the function being edited. Cross-function cleanup is the caller's responsibility.
Cleanup requires a resource not in scope: the function is structured wrong — push the cleanup responsibility up to the caller via an opener-closer pair, or restructure into a helper that returns a cleanup func() callback.
Existing function lacks any error-path cleanup: flag it as pre-existing technical debt; add cleanup for the path you're editing and note the rest in the task body for follow-up.
defer count exceeds reasonable bounds (e.g., >6 in one function): the function is doing too much. Recommend splitting before adding more defers.

related-skills.json

same repository

agh.md

from "compozy/agh"

AGH runtime and contribution guide. Use for sessions, agents, native tools, skills, memory, network, tasks, capabilities, bundles, QA, docs, and repo work. Do not use for unrelated projects.

2026-05-31127

autoreview.md

from "compozy/agh"

Auto Review closeout. Codex review is the default when no engine is set and is the recommended reviewer.

2026-05-27127

cy-codex-loop.md

from "compozy/agh"

Drives end-to-end execution of a Compozy techspec across many agent restarts by detecting the current phase from state.yaml plus .compozy/tasks/<slug>/, then activating the correct cy-* skill chain or the Compozy -> Claude Opus delegation lane for one iteration before stopping. Each Phase B iteration ends with an atomic checkpoint commit so every completed task or slice becomes a restorable git snapshot. Use when running a Compozy techspec under the codex-loop-plugin in goal mode, or when manually iterating through tasks, qa-report, and qa-execution with persistent memory and state. Do not use for one-off tasks without a .compozy/tasks/<slug>/ directory, for techspec authoring (use cy-create-techspec), or for any work that does not require iteration tracking across agent restarts.

2026-05-22127

cy-impl-peer-review.md

from "compozy/agh"

Runs an optional cross-LLM peer review of an implemented change via compozy exec --ide claude --model opus --reasoning-effort xhigh and requires the reviewer to write a scoped Markdown findings artifact for user-directed remediation. Use after any implementation pass (feature, bug fix, refactor) when the user explicitly asks for an external Opus review of the diff before commit or PR. Do not use for TechSpec review (use cy-spec-peer-review), automatic remediation, batched provider review fetching (use cy-fix-reviews), manual self-review without an external LLM (use cy-review-round), or auto-looped review cycles.

2026-05-22127

cy-spec-peer-review.md

from "compozy/agh"

Runs an optional cross-LLM peer review of a TechSpec via compozy exec --ide claude --model opus --reasoning-effort xhigh and requires the reviewer to write a scoped Markdown findings artifact for user-directed incorporation. Use when a TechSpec draft has already been approved by the user and they want an external review round, especially for autonomy/network/memory-impacting designs. Do not use for PRDs, automatic approval gates, code review batches, or auto-looped review cycles.

2026-05-22127

qa-execution.md

from "compozy/agh"

Executes real-user QA sessions through public interfaces using personas, journeys, exploratory charters, test tours, edge-case probes, CFR checks, and browser evidence. Reads qa-report artifacts from <qa-output-path>/qa/ when present, captures issues/screenshots/reports under the same output tree, and classifies bugs by user impact. Use when validating a release candidate, migration, refactor, or user-facing change against production-like behavior. Do not use for AI implementation audits, task-status reconciliation, CI gate runs, integration/security/performance templates, or flaky-test triage; use agent-output-audit for those.

2026-05-14127

package.json

"author": "compozy"

"repository": "compozy/agh"

View GitHub Repository View Creator Repositories

$ install --global

$ download --local

Run Skill in Manus

$ useful --forSOC

Software DevelopersComputer and Mathematical Occupations15-1252L4

name	agh-cleanup-failure-paths
description	Audits Go functions with multi-step setup or teardown for cleanup discipline on every error return: cancel any context created or extended, close every opened resource, release every claim or lease, stop every spawned subprocess, drain every HTTP body. Forbids http.DefaultClient in production code paths. Use when editing functions in internal/acp, internal/session, internal/scheduler, internal/coordinator, internal/extension, internal/automation, internal/store, internal/memory, internal/api, or any subprocess or registry handler. Do not use for read-only helpers, pure data structures, or tests.
trigger	implicit

Cleanup Failure Paths

Procedures

Step 1: Identify Setup-Step Boundaries

Read the target function and enumerate every "step" that allocates a resource: context creation, file open, listener bind, registry register, lease claim, goroutine spawn, subprocess start, HTTP request, mutex lock, transaction begin.
For each step, identify the cleanup action that pairs with it: cancel(), Close(), Unregister(), Release(), Stop(), defer cancel(), tx.Rollback().
Read references/cleanup-table.md for the canonical pairing table.

Step 2: Walk Every Error Return

List every return ... err statement in the function.
For each one, walk backward through the function body and confirm every resource allocated above the return point is cleaned up — either by an immediate defer adjacent to its allocation OR by an explicit cleanup call before the return.
If a resource is allocated and the only cleanup is on the success path, that's a leak. Add cleanup on the error path.
Treat panic recovery and runtime.Goexit as additional exit paths — defer covers both.

Step 3: Apply the Defer-Adjacent Rule

Pair each WithCancel/WithTimeout/WithDeadline with a defer cancel() on the next line.
Pair each os.Open/net.Listen/db.Begin/tx.Begin with a defer Close()/defer tx.Rollback() on the next line.
Goroutine spawns paired with WaitGroup increment and a defer wg.Done() inside the goroutine.
Subprocess starts paired with a deferred Stop() whose context respects select { case <-proc.Done(): case <-ctx.Done(): }.

Step 4: Detached-Lifetime Discipline

Any work that outlives the request (prompt execution, channel send, automation job) MUST detach via context.WithoutCancel(ctx).
The writer loop stays bound to the request context — detach the execution, not the response.
context.WithoutCancel does NOT preserve deadlines — re-attach with WithDeadline if needed.
Expose explicit cancel endpoints for detached work.

Step 5: Outbound-Call Hygiene

http.DefaultClient is forbidden in production paths. Every outbound HTTP call uses an explicit timeout.
Drain response bodies via io.Copy(io.Discard, resp.Body) then resp.Body.Close() — do not skip the drain.
For TLS-sensitive endpoints, require HTTPS and OAuth/PKCE per docs/_memory/lessons/L-008-schema-migrations-mandatory.md (no, that's a sibling lesson — see Hermes review issues 015/016/017 for OAuth discovery, RFC 8414 well-known URLs, and HTTPS enforcement).

Step 6: Test the Failure Paths

For each error return identified in Step 2, write or extend a test that triggers that exact failure and asserts the cleanup happened (resource released, context cancelled, lease unblocked, subprocess reaped).
Read references/test-failure-paths.md for canonical patterns.
Mocking via interfaces is preferred over runtime fault injection.

Error Handling

Function is too large to audit in one pass: break the audit at the function boundary; audit only the function being edited. Cross-function cleanup is the caller's responsibility.
Cleanup requires a resource not in scope: the function is structured wrong — push the cleanup responsibility up to the caller via an opener-closer pair, or restructure into a helper that returns a cleanup func() callback.
Existing function lacks any error-path cleanup: flag it as pre-existing technical debt; add cleanup for the path you're editing and note the rest in the task body for follow-up.
defer count exceeds reasonable bounds (e.g., >6 in one function): the function is doing too much. Recommend splitting before adding more defers.

agh-cleanup-failure-paths

Cleanup Failure Paths

Procedures

Error Handling

More from this repository

More from this repository

Cleanup Failure Paths

Procedures

Error Handling