home / skills / phrazzld / claude-config / log-lightning-issues

log-lightning-issues skill

safe

This skill runs a lightning audit and creates prioritized GitHub issues for findings, helping you track and fix problems efficiently.

npx playbooks add skill phrazzld/claude-config --skill log-lightning-issues

Review the files below or copy the command above to add this skill to your agents.

Files (1)

SKILL.md

2.8 KB

---
name: log-lightning-issues
description: |
  Run /check-lightning, then create GitHub issues for all findings.
  Issues are created with priority labels and structured format.
  Use /fix-lightning instead if you want to fix issues immediately.
effort: medium
---

# /log-lightning-issues

Run Lightning integration audit and create GitHub issues for all findings.

## What This Does

1. Invoke `/check-lightning` to audit Lightning integration
2. Parse findings by priority (P0-P3)
3. Check existing issues to avoid duplicates
4. Create GitHub issues for each finding

**This is an issue-creator.** It creates work items, not fixes. Use `/fix-lightning` to fix issues.

## Process

### 1. Run Primitive

Invoke `/check-lightning` skill to get structured findings.

### 2. Check Existing Issues

```bash
gh issue list --state open --label "domain/lightning" --limit 50
```

### 3. Create Issues

For each finding:

```bash
gh issue create \
  --title "[P0] LND macaroon hardcoded" \
  --body "$(cat <<'EOF'
## Problem
LND macaroon is committed to repo. Full node control risk.

## Impact
- Attacker can control node
- Funds theft possible
- Channel state manipulation risk
- Compliance breach

## Location
`config/lightning.ts`

## Suggested Fix
Run `/fix-lightning` or manually move to env:
```typescript
const macaroonHex = process.env.LND_MACAROON_HEX!;
```

---
Created by `/log-lightning-issues`
EOF
)" \
  --label "priority/p0,domain/lightning,type/bug"
```

### 4. Issue Format

**Title:** `[P{0-3}] Lightning issue description`

**Labels:**
- `priority/p0` | `priority/p1` | `priority/p2` | `priority/p3`
- `domain/lightning`
- `type/bug` | `type/enhancement` | `type/chore`

**Body:**
```markdown
## Problem
What's wrong with Lightning integration

## Impact
Business/security/user impact

## Location
File:line if applicable

## Suggested Fix
Code snippet or skill to run

---
Created by `/log-lightning-issues`
```

## Priority Mapping

| Gap | Priority |
|-----|----------|
| Macaroon or seed in repo | P0 |
| RPC exposed without TLS | P0 |
| Missing macaroon auth | P0 |
| No invoice settlement verification | P1 |
| No payment timeout handling | P1 |
| No fee caps | P1 |
| No idempotency for payment requests | P2 |
| Missing retry/backoff | P2 |
| Monitoring/alerts missing | P2 |
| Advanced routing features | P3 |

## Output

After running:
```
Lightning Issues Created:
- P0: 2 (macaroon, TLS)
- P1: 2 (settlement checks, timeouts)
- P2: 3 (idempotency, retries, alerts)
- P3: 1 (routing features)

Total: 8 issues created
View: gh issue list --label domain/lightning
```

## Related

- `/check-lightning` - The primitive (audit only)
- `/fix-lightning` - Fix Lightning issues
- `/lightning` - Full Lightning lifecycle
- `/lightning-health` - Node diagnostics
- `/groom` - Full backlog grooming

Overview

This skill runs a Lightning integration audit and creates GitHub issues for every finding. It groups findings by priority (P0–P3), avoids duplicate issues by checking open issues, and formats each report with a clear problem, impact, location, and suggested fix. Use this to convert audit results into actionable work items quickly.

How this skill works

The skill invokes the /check-lightning primitive to obtain structured findings, parses each finding into a priority bucket, and queries open GitHub issues with the domain/lightning label to avoid duplicates. For each new finding it creates a GitHub issue with a standardized title, labels (priority, domain, type), and a body that includes Problem, Impact, Location, and Suggested Fix sections. It returns a summary of issues created by priority.

When to use it

After running a Lightning integration audit to convert findings into tracked work.
When you need a consistent, labeled backlog for Lightning security and reliability gaps.
Before a security sweep or sprint planning to populate tasks for remediation.
When you want traceable, reviewable work items instead of automated fixes.
If you prefer human review for each audit finding rather than immediate remediation.

Best practices

Run /check-lightning first to get structured findings rather than raw logs.
Review existing open issues with domain/lightning to prevent duplicates before running.
Assign appropriate priority labels and use type labels (bug/enhancement/chore) for triage.
Include file and line references in the Location field to speed investigation.
Use /fix-lightning for automated remediation when you want changes applied immediately.

Example use cases

Generate backlog items after a CI audit flags a macaroon committed to the repo (P0).
Create issues for missing TLS or missing macaroon authentication to track security fixes.
Populate tasks for reliability improvements like retry/backoff and idempotency (P2).
Log enhancement requests for advanced routing or feature flags (P3) for product review.
Summarize audit output into a clear list for sprint planning or security review meetings.

FAQ

Will this skill automatically fix issues it finds?

No. This skill only creates GitHub issues. Use /fix-lightning if you want automated remediation.

How does it avoid creating duplicate issues?

It queries open issues labeled domain/lightning and skips findings that match existing open work items.