ReddRadar
Agent skill
error-handling-standardizer
Creates consistent error handling with custom error classes, HTTP status mapping, structured logging, safe client messages, and error taxonomy. Use when standardizing "error handling", "logging", "error responses", or "exception management".
Install this agent skill to your Project
npx add-skill https://github.com/patricio0312rev/skills/tree/main/backend/error-handling-standardizer
SKILL.md
Error Handling Standardizer
Build consistent, debuggable error handling across the application.
Error Taxonomy
export class AppError extends Error {
constructor(
public code: string,
public message: string,
public statusCode: number = 500,
public isOperational: boolean = true,
public details?: any
) {
super(message);
Error.captureStackTrace(this, this.constructor);
}
}
export class ValidationError extends AppError {
constructor(details: Record<string, string[]>) {
super("VALIDATION_ERROR", "Validation failed", 400, true, details);
}
}
export class NotFoundError extends AppError {
constructor(resource: string) {
super("NOT_FOUND", `${resource} not found`, 404);
}
}
export class UnauthorizedError extends AppError {
constructor(message = "Unauthorized") {
super("UNAUTHORIZED", message, 401);
}
}
export class ForbiddenError extends AppError {
constructor(message = "Forbidden") {
super("FORBIDDEN", message, 403);
}
}
Error Handler Middleware
export const errorHandler = (
err: Error,
req: Request,
res: Response,
next: NextFunction
) => {
// Log error
logger.error("Request error", {
error: err.message,
stack: err.stack,
path: req.path,
method: req.method,
requestId: req.id,
});
// Operational errors (known)
if (err instanceof AppError && err.isOperational) {
return res.status(err.statusCode).json({
success: false,
error: {
code: err.code,
message: err.message,
details: err.details,
trace_id: req.id,
},
});
}
// Programming errors (unknown)
return res.status(500).json({
success: false,
error: {
code: "INTERNAL_ERROR",
message: "An unexpected error occurred",
trace_id: req.id,
},
});
};
Structured Logging
import winston from "winston";
export const logger = winston.createLogger({
level: "info",
format: winston.format.combine(
winston.format.timestamp(),
winston.format.errors({ stack: true }),
winston.format.json()
),
transports: [
new winston.transports.File({ filename: "error.log", level: "error" }),
new winston.transports.File({ filename: "combined.log" }),
],
});
// Log with context
logger.error("Payment processing failed", {
userId: user.id,
amount: payment.amount,
error: err.message,
trace_id: req.id,
});
Safe Client Messages
// Never expose internal errors to clients
const getSafeErrorMessage = (err: Error): string => {
if (err instanceof AppError && err.isOperational) {
return err.message; // Safe, user-facing message
}
// Generic message for unexpected errors
return "An unexpected error occurred";
};
Async Error Handling
// Wrap async routes
export const asyncHandler = (fn: RequestHandler) => {
return (req: Request, res: Response, next: NextFunction) => {
Promise.resolve(fn(req, res, next)).catch(next);
};
};
// Usage
router.get(
"/users",
asyncHandler(async (req, res) => {
const users = await userService.findAll();
res.json(users);
})
);
Best Practices
- Use custom error classes
- Distinguish operational vs programming errors
- Log all errors with context
- Never expose stack traces to clients
- Include trace IDs for debugging
- Monitor error rates by type
- Set up alerting for critical errors
Output Checklist
- Custom error classes defined
- Error handler middleware
- HTTP status code mapping
- Structured logging setup
- Safe client error messages
- Async error wrapper
- Error monitoring/alerts
- Documentation of error codes
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
patricio0312rev/skills
rate-limiting-abuse-protection
Implements rate limiting and abuse prevention with per-route policies, IP/user-based limits, sliding windows, safe error responses, and observability. Use when adding "rate limiting", "API protection", "abuse prevention", or "DDoS protection".
patricio0312rev/skills
rbac-permissions-builder
Implements role-based access control with permission matrix, route guards, policy functions, and UI permission hints. Provides middleware/guards, helper utilities, test suggestions, and permission checking patterns. Use when building "RBAC", "permissions", "access control", or "authorization".
patricio0312rev/skills
websocket-realtime-builder
Implements real-time features using WebSockets with Socket.io, rooms, authentication, and reconnection handling. Use when users request "real-time updates", "WebSocket", "Socket.io", "live chat", or "push notifications".
patricio0312rev/skills
webhook-receiver-hardener
Secures webhook receivers with signature verification, retry handling, deduplication, idempotency keys, and error responses. Provides verification code, dedupe storage strategy, runbook for incidents. Use when implementing "webhooks", "webhook security", "event receivers", or "third-party integrations".
patricio0312rev/skills
auth-module-builder
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
patricio0312rev/skills
rest-to-graphql-migrator
Migrates REST APIs to GraphQL incrementally with schema stitching, REST datasources, and gradual endpoint migration. Use when users request "migrate to GraphQL", "REST to GraphQL", "GraphQL wrapper", or "API modernization".
Didn't find tool you were looking for?