Sharp Edges
Overview
Identify error-prone APIs and dangerous configurations that could lead to bugs, security vulnerabilities, or system failures.
When to Use This Skill
Use this skill when you need to identify error-prone APIs and dangerous configurations.
Use this skill when:
- Reviewing code for potentially dangerous API usage
- Identifying configurations that could cause issues
- Analyzing code for error-prone patterns
- Assessing risk in API design or configuration choices
- Performing security audits focused on API misuse
Instructions
This skill helps identify problematic APIs and configurations:
- API Analysis: Review API usage for error-prone patterns
- Configuration Review: Identify dangerous or risky configurations
- Pattern Recognition: Spot common mistakes and pitfalls
- Risk Assessment: Evaluate the potential impact of identified issues
Common Sharp Edges
Error-Prone APIs
- APIs with complex parameter requirements
- APIs with non-obvious failure modes
- APIs that require careful resource management
- APIs with timing or concurrency issues
- APIs with unclear error handling
Dangerous Configurations
- Default settings that are insecure
- Configurations that bypass security controls
- Settings that enable dangerous features
- Options that reduce system reliability
- Parameters that affect performance negatively
Detection Strategies
- Code Review: Look for known problematic patterns
- Static Analysis: Use tools to identify risky API usage
- Configuration Audits: Review configuration files for dangerous settings
- Documentation Review: Check for warnings about API usage
- Experience-Based: Leverage knowledge of common pitfalls
Best Practices
- Document identified sharp edges
- Provide clear guidance on safe usage
- Create examples of correct vs incorrect usage
- Recommend safer alternatives when available
- Update documentation with findings
Resources
For more information, see the source repository.