Test Coverage
# Angle: Test coverage on critical paths Paste this as the `{{ANGLE_SPECIFIC_CHECKLIST}}` in the audit-agent prompt. Target: NOT total coverage %. Only tests on paths whose failure would cause customer/operator harm. Money paths, auth paths, PII delete paths, admin destructive paths, external-integration paths. ## Look for 1. **Auth entry points untested.** Sign-up, sign-in, refresh, sign-out — at least one happy-path + one wrong-password test each. If any auth route has no test at all, flag it. 2. **Payment / checkout paths untested.** If the app has checkout, every money-touching path should have integration tests (unit tests aren't enough — test the fetch → server → DB round trip). 3. **PII delete flow untested.** Account deletion is regulatory. A regression here creates zombie accounts. Test that the DELETE actually removes rows across every table. 4. **Admin destructive actions untested.** Delete product, delete user, drop table — each should have at least one integration test that verifies the delete happened AND permissions are enforced. 5. **CSRF guard untested.** For every write route that should reject cross-origin requests, one test that confirms a request without `Origin` matching the allow-list gets 403. 6. **Rate limiter untested.** Fire N+1 requests, confirm the (N+1)th returns 429. 7. **Silent-swallow catches untested.** Any `catch (err) { logSomething() }` — is the logging actually happening? Add a test that mocks the error and asserts the log fired. 8. **Third-party integration untested (with mocks).** OpenAI, Stripe, Twilio, SendGrid — each integration path should have a test using a mock client, exercising both success and failure responses. 9. **Cache invalidation untested.** When admin edits a product, does the storefront cache actually flush? Test the write → cache-tag emit → downstream read sees new value flow. 10. **Concurrency / race conditions untested.** Two concurrent PATCH requests on the same row — does last-write-wins? First-write-wins? Optimistic-conflict rejection? Whatever the answer, there should be a test. 11. **Feature flags untested.** If the app has a feature flag, tests for both flag-on and flag-off paths. 12. **Migration reversibility untested.** For every schema migration, an equivalent down-migration should exist and be tested (rare but valuable when needed). 13. **Test file naming inconsistency.** `Foo.test.ts` mixed with `Foo.spec.ts` mixed with `test-foo.ts`. Not a bug per se; flag for consistency. 14. **E2E on critical paths missing.** Playwright / Cypress smoke tests on the checkout, sign-up, and sign-in flows should exist. If not, that's the flag. 15. **Snapshot tests on volatile output.** Snapshot tests that break on every unrelated change are noise. Prefer explicit assertions. 16. **Tests that don't actually assert.** `it('foo', () => { doThing() })` with no `expect`. Passes by not throwing — silently useless. 17. **Skipped tests (`.skip` / `xit` / `xdescribe`) not tracked.** Every skip should have a comment linking to why it's skipped + when it'll be re-enabled. 18. **Tests that hit real external services.** Real Stripe API calls in the test suite. Real DB writes. Real email sends. Every one is a flakiness landmine. ## Files to prioritize - `tests/e2e/` (Playwright / Cypress) - `src/**/__tests__/` or `tests/**/*.test.ts` - `package.json` scripts (`test`, `test:e2e`, `test:integration`) - CI workflow files (which tests run on PR?) - Auth routes + tests for auth routes - Payment / checkout routes + tests ## Grep starters
fill the variables
This prompt has 3 variables. Pro fills them into a ready-to-paste prompt for you — no manual find-and-replace.
{{ANGLE_SPECIFIC_CHECKLIST}{logSomething()}{doThing()}
Unlock with Pro →when to use it
Community prompt sourced from the open-source GitHub repo jeonhs9110/agentic-audit-loop (MIT). A "Test Coverage" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.
tags
productivitycommunitydeveloper
source
jeonhs9110/agentic-audit-loop · MIT
more in Productivity
Productivity✓ tested
Summarize a doc into decisions & actions
chief of staff who extracts what to DO, not just what was said
Productivity✓ tested
Draft a reply to a hard email
calm, direct communicator who de-escalates without caving
Productivity✓ tested
Turn a brain-dump into a weekly plan
planning coach who protects your focus, not just your calendar