Name: Investigate Ticket
Author: ClipboardHealth

Research-only workflow — no code changes, no fixes, no PRs. Produces a structured summary with evidence, then hands off to ticket creation or the user.

Process

Gather context — accept a ticket ID/URL, Slack thread, Datadog alert, or verbal description. If a Linear ticket exists, fetch it.
Initial Datadog scan — quick, broad search for obvious signals. The goal is orientation, not root cause. Do not form a hypothesis yet.
Trace the full execution path — from the entry point (controller, webhook handler, cron job), trace through every branch, early return, and conditional to the expected outcome. For each branch, note:
- What condition triggers it
- What log message it produces (exact string and structured attributes)
- Whether a feature flag gates it (note the flag key) Do NOT skip branches that seem unlikely — those are where non-obvious bugs hide.
Check feature flags — if you found flags in step 3, look up each flag's current state in LaunchDarkly (see reference.md for details).
Validate each branch in Datadog — search for the exact log messages and structured attributes from the code using queries, not free-text. This tells you which code path was actually taken (see reference.md for search strategy).

Research-only workflow — no code changes, no fixes, no PRs. Produces a structured summary with evidence, then hands off to ticket creation or the user.

Process

Gather context — accept a ticket ID/URL, Slack thread, Datadog alert, or verbal description. If a Linear ticket exists, fetch it.
Initial Datadog scan — quick, broad search for obvious signals. The goal is orientation, not root cause. Do not form a hypothesis yet.
Trace the full execution path — from the entry point (controller, webhook handler, cron job), trace through every branch, early return, and conditional to the expected outcome. For each branch, note:
- What condition triggers it
- What log message it produces (exact string and structured attributes)
- Whether a feature flag gates it (note the flag key) Do NOT skip branches that seem unlikely — those are where non-obvious bugs hide.
Check feature flags — if you found flags in step 3, look up each flag's current state in LaunchDarkly (see reference.md for details).
Validate each branch in Datadog — search for the exact log messages and structured attributes from the code using queries, not free-text. This tells you which code path was actually taken (see reference.md for search strategy).

You're about to...	STOP and...
Write a fix for the bug you found	This is investigation only — present findings first
Skip Datadog because "I already understand the issue"	Search Datadog anyway — you might find something unexpected
Form a root cause theory before tracing the full code path	Trace entry point → every branch → expected output first. Hypotheses from partial code reads miss early-return bugs
Search Datadog with free-text keywords only	Read the code's logger calls first, then search using structured attributes (`@field:value`)
Assume the code is wrong without checking data	Query Snowflake to verify actual data state before blaming code logic
Ignore a feature flag in the code path	Look up the flag state in LaunchDarkly — it may be gating the behavior you're investigating

Investigate Ticket

Process

Investigate Ticket

Process

Hard Rules

Red Flags — STOP If You Notice These

Cross-Referenced Skills

Session Logs

OpenClaw Test Heap Leaks

Node Connect

Openclaw Qa Testing

Openclaw Secret Scanning Maintainer

Flags