// Convert bug reports into prd.json user stories for autonomous fixing. Use after running test-and-break skill. Triggers on: convert bugs to stories, fix these bugs, add bugs to prd, create fix stories.
| name | bugs-to-stories |
| description | Convert bug reports into prd.json user stories for autonomous fixing. Use after running test-and-break skill. Triggers on: convert bugs to stories, fix these bugs, add bugs to prd, create fix stories. |
Takes bug reports from the test-and-break skill and converts them into properly formatted user stories that can be added to prd.json for Ralph to fix autonomously.
tasks/bug-report-*.md| Bug Field | Story Field |
|---|---|
| BUG-XXX | id: "FIX-XXX" |
| Title | title: "Fix: [title]" |
| Steps to Reproduce | Goes into notes |
| Expected Behavior | Part of description |
| Actual Behavior | Part of description |
| Severity | Determines priority |
| Bug Severity | Story Priority Range |
|---|---|
| Critical | 1-3 (fix immediately) |
| High | 4-7 |
| Medium | 8-12 |
| Low | 13+ |
{
"id": "FIX-001",
"title": "Fix: [Descriptive bug title]",
"description": "As a user, I expect [expected behavior] but currently [actual behavior occurs].",
"acceptanceCriteria": [
"[Specific technical fix needed]",
"[Another fix criterion if needed]",
"Regression test: Following original bug steps no longer reproduces the issue",
"Typecheck passes"
],
"priority": 1,
"passes": false,
"notes": "Bug reproduction: [steps from bug report]"
}
# Find the latest bug report
ls -t tasks/bug-report-*.md | head -1
Read the bug report and parse each bug entry.
# Check if prd.json exists and get current state
if [ -f prd.json ]; then
cat prd.json | jq '{
project: .project,
totalStories: (.userStories | length),
maxPriority: ([.userStories[].priority] | max),
incompleteStories: ([.userStories[] | select(.passes == false)] | length)
}'
fi
Option A: Add to existing prd.json (recommended if original build incomplete)
Option B: Create bug-fix-only prd.json (if original build complete)
ralph/bugfix-[date]Ask user which approach if unclear.
For each bug in the report:
// Example conversion
const bugToStory = (bug, priorityOffset) => ({
id: bug.id.replace('BUG', 'FIX'),
title: `Fix: ${bug.title}`,
description: `As a user, I expect ${bug.expected} but currently ${bug.actual}.`,
acceptanceCriteria: [
...generateFixCriteria(bug),
`Regression test: ${bug.steps.join(' → ')} no longer reproduces the issue`,
"Typecheck passes"
],
priority: severityToPriority(bug.severity) + priorityOffset,
passes: false,
notes: `Original bug steps: ${bug.steps.join('; ')}`
});
If adding to existing:
# Backup first
cp prd.json prd.json.backup
# Add new stories (Claude does this programmatically)
If creating new:
{
"project": "[Original Project] - Bug Fixes",
"branchName": "ralph/bugfix-2024-01-15",
"description": "Bug fixes from automated testing",
"userStories": [
// converted bug stories here
]
}
# Verify the updated prd.json
cat prd.json | jq '{
project: .project,
totalStories: (.userStories | length),
bugFixStories: ([.userStories[] | select(.id | startswith("FIX"))] | length),
allPassesFalse: ([.userStories[] | select(.passes == false)] | length)
}'
Input Bug:
## BUG-003: Form submits with empty required fields
**Severity:** High
**Type:** Functional
**Steps to Reproduce:**
1. Go to /signup
2. Leave all fields empty
3. Click "Create Account"
**Expected Behavior:**
Form should show validation errors and prevent submission
**Actual Behavior:**
Form submits and shows server error
Output Story:
{
"id": "FIX-003",
"title": "Fix: Form submits with empty required fields",
"description": "As a user, I expect the signup form to show validation errors when I leave required fields empty, but currently it submits and shows a server error.",
"acceptanceCriteria": [
"Add client-side validation for all required fields",
"Show inline error messages for empty required fields",
"Disable submit button until required fields are filled",
"Regression test: Going to /signup → leaving fields empty → clicking Create Account shows validation errors instead of submitting",
"Typecheck passes"
],
"priority": 4,
"passes": false,
"notes": "Original bug steps: Go to /signup; Leave all fields empty; Click Create Account"
}
Once bugs are converted to stories:
"I've added X bug fix stories to prd.json:
- Critical fixes: X (priority 1-3)
- High priority: X (priority 4-7)
- Medium priority: X (priority 8-12)
- Low priority: X (priority 13+)
Ready to run Ralph to fix these bugs automatically?"
If yes, they can run ./ralph.sh to start fixing.
Python-based threat modeling using pytm library for programmatic STRIDE analysis, data flow diagram generation, and automated security threat identification. Use when: (1) Creating threat models programmatically using Python code, (2) Generating data flow diagrams (DFDs) with automatic STRIDE threat identification, (3) Integrating threat modeling into CI/CD pipelines and shift-left security practices, (4) Analyzing system architecture for security threats across trust boundaries, (5) Producing threat reports with STRIDE categories and mitigation recommendations, (6) Maintaining threat models as code for version control and automation.
Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.
Autonomous testing skill that opens a deployed app, goes through user flows, tries to break things, and writes detailed bug reports. Use after deploying to staging. Triggers on: test the app, find bugs, QA the deployment, break the app, test staging.
Convert PRDs to prd.json format for the Ralph autonomous agent system. Use when you have an existing PRD and need to convert it to Ralph's JSON format. Triggers on: convert this prd, turn this into ralph format, create prd.json from this, ralph json.
Analyze a PRD for edge cases, failure modes, and scenarios that might be missed. Use after creating a PRD to strengthen it. Triggers on: analyze edge cases, find edge cases, what could go wrong, edge case analysis.
Review user stories for quality, proper sizing, sequencing, and acceptance criteria. Use before converting to prd.json. Triggers on: review stories, check user stories, story quality, validate stories.