By name: bug-triage description: 'Systematically investigate Jira tickets to determine root cause and team ownership. Provides a 5-phase workflow for read-only investigation using MCP tools, code search, and data inspection. Outputs standardized markdown reports.' source: internal adopted: 2026-01-30 customizations: OVRC-specific patterns based on 70+ triage investigations license: Internal
Bug Triage Skill
Overview
Investigate bug reports to determine root cause and appropriate team ownership—all through read-only operations. This skill provides a systematic workflow for efficient, evidence-based triage.
When to Use
- User asks to "triage OVRC-12345" or similar
- Investigating a bug report or support escalation
- Determining which team should own a ticket
- Creating a permanent record of bug investigation
⚠️ CRITICAL CONSTRAINT
All operations MUST be read-only. Never:
- Modify databases (MongoDB, Redis)
- Change code in repositories
- Update Jira tickets (no comments, status changes, field updates)
- Execute deployments or configuration changes
If you need to test a hypothesis that requires changes, document the steps for a human to execute.
Phase 1: Gather Context (2-5 min)
Goal
Extract concrete identifiers from the ticket that can be used as search terms.
Workflow
Fetch Jira ticket with full details:
Fetch OVRC-12345 with comment_limit: 50 and fields: *allExtract key identifiers:
- API endpoints (e.g.,
/v2/customers) - Field names (e.g.,
unverifiedLocationCount) - Error messages (exact text)
- User/location/device IDs
- Stack traces (file names, line numbers)
- API endpoints (e.g.,
Check for prior triage in ticket comments
Load team ownership files for later reference:
inputs/components.yamlinputs/repos.yamlinputs/scopes.yaml
Phase 1 Checklist
- Ticket fetched with comments
- At least one concrete identifier extracted
- Prior triage attempts noted (if any)
- Affected environment identified
Phase 2: Search for Related Issues (2-3 min)
Goal
Determine if this is a known issue, duplicate, or part of a pattern.
Workflow
JQL search for similar bugs:
project = OVRC AND type = Bug AND text ~ "error message pattern"Check for existing fixes:
project = OVRC AND resolution = Fixed AND text ~ "identifier"Look for patterns:
- Same reporter?
- Same component?
- Same time period?
Common JQL Patterns
| Use Case | JQL |
|---|---|
| Find by error message | text ~ "exact error text" |
| Find by component | component = "OvrC Platform" |
| Recent bugs in area | created >= -30d AND text ~ "feature" |
| Closed duplicates | resolution = Duplicate AND text ~ "keyword" |
Phase 2 Checklist
- Searched for duplicates
- Checked for prior fixes
- Noted related tickets (if any)
Phase 3: Investigate Root Cause (5-15 min)
Goal
Trace data flow to find where actual behavior diverges from expected behavior.
Strategy
- Start at the symptom — Where does the user see the problem?
- Trace backward — Where does that data come from?
- Find the divergence — Where does logic differ from expectation?
Workflow
Search codebase for extracted identifiers:
grep -r "endpoint_name" mirror/ grep -r "fieldName" mirror/app-go-api-server/Trace data flow:
- Find API endpoint handler
- Identify where the problematic field is set
- Check database queries/transformations
- Compare with expected behavior
Query data if needed (read-only):
Query devices collection for locationId "abc123" with limit 10Check feature flags if behavior seems conditional
Investigation Techniques
| Technique | When to Use |
|---|---|
grep -r "term" mirror/ |
Fast, exhaustive code search |
| DeepWiki Q&A | Understanding repo without local access |
| MongoDB queries | Data inspection (always use limit) |
| CloudWatch logs | Runtime error investigation |
| Split.io/LaunchDarkly | Feature flag state verification |
Phase 3 Checklist
- Identified affected code path
- Traced data flow
- Found divergence point (or documented where investigation ended)
- Collected code evidence with file paths and line numbers
Phase 4: Determine Team Assignment (1-2 min)
Goal
Route the ticket to the team that owns the affected code.
Workflow
- Identify affected repository from code investigation
- Check
inputs/repos.yamlfor primary ownership - Check
inputs/components.yamlfor Jira component alignment - Use
inputs/scopes.yamlkeywords to confirm domain match - Document reasoning
Ownership Decision Tree
Is there a clear affected repository?
├── Yes → Check repos.yaml for team
│ └── Confirm with scopes.yaml keywords
└── No → Check Jira component
└── Match to components.yaml team
Phase 4 Checklist
- Affected repository identified
- Team assignment matched to ownership files
- Reasoning documented
Phase 5: Generate Triage Report (2-3 min)
Goal
Create a permanent record of the investigation.
Output Location
tickets/{TICKET-KEY}.md (e.g., tickets/OVRC-37942.md)
Required Sections
Every triage report MUST include:
- TL;DR — One-paragraph summary (root cause + recommendation)
- Ticket Information — Key fields table
- Problem Statement — What the user reported
- Root Cause Analysis — Technical findings with evidence
- Impact Assessment — Severity, scope, risk
- Recommendations — Prioritized actions with owners
- Triage Summary — Team assignment with reasoning
Phase 5 Checklist
- Output file created at
tickets/{TICKET-KEY}.md - All required sections present
- Code evidence includes file paths and line numbers
- Confidence level stated
- Team assignment justified
Triage Report Template
# TICKET-KEY: Brief Summary Title
> **TL;DR**: One-paragraph summary of the problem, root cause, and recommended fix.
---
## Ticket Information
| Field | Value |
|-------|-------|
| **Key** | TICKET-KEY |
| **Summary** | Original ticket summary |
| **Status** | Current status |
| **Priority** | Priority level |
| **Reporter** | Reporter name |
| **Environment** | Affected environment(s) |
---
## Problem Statement
Describe what the user reported:
- Steps to reproduce
- Expected vs actual behavior
- Error messages or screenshots
---
## Root Cause Analysis
### Key Findings
| Finding | Evidence | Impact |
|---------|----------|--------|
| Description | Source (file, line) | User impact |
### Technical Details
- Code paths involved
- Files/repos affected
---
## Impact Assessment
| Dimension | Assessment |
|-----------|------------|
| **Severity** | Low / Medium / High / Critical |
| **Scope** | Who is affected |
| **User Impact** | What users experience |
---
## Recommendations
| Priority | Action | Owner | Notes |
|----------|--------|-------|-------|
| 1 | Primary fix | Team name | Implementation notes |
---
## Triage Summary
| Field | Value |
|-------|-------|
| **Category** | Backend / Frontend / Infrastructure / Data / Not a Defect |
| **Root Cause** | Brief description |
| **Confidence** | Low / Medium / High |
| **Recommended Team** | Team name |
| **Reasoning** | Why this team owns it |
Common Root Cause Categories
| Category | Signs | Typical Fix |
|---|---|---|
| Missing validation | Null pointer, empty array errors | Add guards |
| Pointer vs value | Wrong data read from struct | Fix pointer usage |
| Feature flag paths | Works for some users, not others | Apply fix to both paths |
| API field mismatch | Wrong field in response | Fix field mapping |
| Cache staleness | Stale data, eventually consistent | Fix cache invalidation |
| Schema migration | Old data format not handled | Data cleanup + defensive code |
| Infrastructure | GLIBC mismatch, undersized instances | DevOps configuration |
| Not our defect | Issue in firmware, third-party, ISP | Document and close/reassign |
| Expected behavior | Feature working as designed | Close as "Not a Defect" |
Confidence Levels
| Level | Criteria |
|---|---|
| High | Root cause confirmed with code evidence or reproduction |
| Medium | Strong hypothesis with supporting evidence, not verified |
| Low | Best guess based on symptoms; needs further investigation |
Jira Comment Template (Wiki Markup)
When providing a comment for the user to paste into Jira:
{quote}
*Root Cause:* Brief description of the root cause.
*Evidence:*
- Code location: [file.go#L123|https://github.com/org/repo/blob/dev/path/file.go#L123]
- Data query results (if applicable)
*Impact:* Who is affected and how.
*Recommended Fix:* What needs to be done.
*Effort Estimate:* X points
*Recommended Team:* Team name
{quote}
Time-Boxing Guidelines
| Total Time | Action |
|---|---|
| < 15 min | Straightforward issue, proceed to report |
| 15-30 min | Standard investigation, gather evidence |
| > 30 min | Flag for escalation, document what was found, note blockers |
If investigation exceeds 30 minutes:
- Document findings so far
- Note specific blockers (e.g., "Need access to production logs")
- Recommend escalation path
- Create report with confidence: Low
Example Triage Patterns
Pattern: "Not a Defect"
When behavior is working as designed:
> **TL;DR**: This is **expected behavior**, not a bug. [Explanation of why]...
**Category**: Not a Defect
**Confidence**: High
**Resolution**: Close as "Not a Defect" with explanation
Pattern: "Data Issue"
When the problem is data, not code:
> **TL;DR**: This is a **data issue, not a code bug**. [Missing/incorrect data]...
**Category**: Data / Support
**Recommended Team**: Support / Cloud Services
**Resolution**: Data fix required, not code change
Pattern: "Already Fixed"
When a fix exists but isn't deployed:
> **TL;DR**: This bug was **fixed in PR #1234** but the fix hasn't reached [environment].
**Category**: Deployment
**Recommended Team**: DevOps / Release Management
**Resolution**: Deploy existing fix
Pattern: "Duplicate"
When this is a duplicate of another ticket:
> **TL;DR**: This is a **duplicate of OVRC-12345** which is [status].
**Resolution**: Link as duplicate, close this ticket