# How Error Handling Works in PM Skills and Commands: A Complete Technical Guide

> Learn how PM Skills and commands handle errors declaratively. This guide details error detection and reporting across markdown skills and commands in the phuryn/pm-skills repository.

- Repository: [Pawel Huryn/pm-skills](https://github.com/phuryn/pm-skills)
- Tags: how-to-guide
- Published: 2026-06-28

---

**The PM Skills marketplace implements a declarative two-step error handling pattern that detects error conditions in grammar, logic, and code branches, then reports them as structured, actionable items across its markdown-based skills and commands.**

The `phuryn/pm-skills` repository embeds error handling logic directly into skill definitions and command workflows rather than in executable code. This declarative approach, implemented across grammar validation, test generation, and security auditing components, ensures that error detection remains version-controlled, transparent, and easy to extend.

## Grammar-Check Skill: Three-Category Error Detection

In [`pm-toolkit/skills/grammar-check/SKILL.md`](https://github.com/phuryn/pm-skills/blob/main/pm-toolkit/skills/grammar-check/SKILL.md), the error handling system categorizes issues into **grammar**, **logical**, and **flow** errors. The skill prompts the underlying model to analyze input text for specific error patterns—such as misspellings like "buisness", missing apostrophes, or contradictory statements—without rewriting the entire document.

When errors are detected, the skill outputs a bullet-list containing each identified error paired with a corrective action. This structured output makes the error handling transparent and immediately actionable for users.

## Test-Scenarios Command: Explicit Error Scenario Generation

The [`pm-execution/commands/test-scenarios.md`](https://github.com/phuryn/pm-skills/blob/main/pm-execution/commands/test-scenarios.md) file implements error handling by generating an explicit **"Error Scenarios"** section for every input story or specification. Lines 33-34 of this file define the workflow step that explicitly calls out error handling requirements during scenario generation.

The command produces a coverage matrix that includes an **"Error Handling"** column, guaranteeing that every negative path—such as malformed requests, authentication failures, and timeouts—is captured and documented. This ensures comprehensive test coverage for failure modes before implementation begins.

## Security and Performance Audit Commands: Error Branch Analysis

### Security-Audit-Static Command

In [`pm-ai-shipping/commands/security-audit-static.md`](https://github.com/phuryn/pm-skills/blob/main/pm-ai-shipping/commands/security-audit-static.md), error handling focuses on detecting **error-oriented branches** that could expose secrets or create vulnerabilities. The command scans for "fail-open paths", exception catches, and branches containing "error, catch, timeout, cancellation" logic.

When the audit identifies error-related code paths that lack proper validation or surface sensitive data, it reports them as findings with specific remediation steps. For example, a catch block that logs an error but permits access would be flagged as a fail-open vulnerability requiring immediate correction.

### Performance-Audit-Static Command

Similarly, [`pm-ai-shipping/commands/performance-audit-static.md`](https://github.com/phuryn/pm-skills/blob/main/pm-ai-shipping/commands/performance-audit-static.md) treats error conditions as potential performance degradations. The command identifies **cache-misses**, **feature-flag fallbacks**, and **timeout branches** that could degrade user experience.

These error-related performance problems are surfaced as "error" findings in the audit report, allowing teams to address latency issues and resource exhaustion scenarios before shipping code to production.

## The Two-Step Error Handling Pattern

Across all skills and commands in the repository, error handling follows a consistent **two-step pattern**:

1. **Detection**: The system analyzes input text, user stories, or code snippets for domain-specific error conditions—ranging from spelling mistakes and logical contradictions to missing exception branches and performance bottlenecks.
2. **Reporting**: Identified problems are transformed into structured, actionable items rendered as bullet-lists, coverage matrices, or audit findings that users can immediately act upon or feed into subsequent commands.

Because the marketplace is declarative—skills are defined as markdown files rather than executable code—this error handling logic remains simple, version-controlled, and easily extensible without modifying application binaries.

## Practical Implementation Examples

The following examples demonstrate how error handling manifests in actual command usage:

```markdown

# Example 1 – Using the grammar-check skill via the /proofread command

/proofread
> The manager told the designer that she should revise the mockups.

# Expected output (excerpt)

- **Logical error**: Ambiguous pronoun "she" – unclear whether it refers to the manager or the designer.
- **Fix suggestion**: Clarify the subject, e.g. "The manager told the designer that the designer should revise the mockups."

```

```markdown

# Example 2 – Generating error scenarios with /test-scenarios

/test-scenarios
> User can reset their password via email link.

# Expected output (excerpt)

## Scenario 3: Error – Invalid token

**Preconditions**: User clicks the reset link after the token has expired.
**Steps** | **Action** | **Expected Result**
---|---|---
1 | Click expired link | System returns "reset link expired" error page.
2 | Request new reset email | Email is sent with a fresh token.

Coverage matrix shows "Error Handling" tick for this scenario.

```

```markdown

# Example 3 – Running a static security audit

/security-audit-static src/api

# Expected output (excerpt)

- **Error branch**: `catch (e) { log(e); return allow; }` – fail-open path that permits access on exception.
- **Remediation**: Return a generic error response and deny access, or re-throw the exception after logging.

```

## Summary

The `phuryn/pm-skills` repository implements error handling in skills and commands through a consistent, declarative approach:

- **Grammar-check skill** ([`pm-toolkit/skills/grammar-check/SKILL.md`](https://github.com/phuryn/pm-skills/blob/main/pm-toolkit/skills/grammar-check/SKILL.md)) detects grammar, logical, and flow errors, outputting structured fix suggestions.
- **Test-scenarios command** ([`pm-execution/commands/test-scenarios.md`](https://github.com/phuryn/pm-skills/blob/main/pm-execution/commands/test-scenarios.md)) generates explicit error scenarios and coverage matrices, ensuring negative paths are documented starting at lines 33-34.
- **Security-audit-static** ([`pm-ai-shipping/commands/security-audit-static.md`](https://github.com/phuryn/pm-skills/blob/main/pm-ai-shipping/commands/security-audit-static.md)) and **performance-audit-static** ([`pm-ai-shipping/commands/performance-audit-static.md`](https://github.com/phuryn/pm-skills/blob/main/pm-ai-shipping/commands/performance-audit-static.md)) commands identify error branches that create vulnerabilities or performance degradations.
- All components follow a **two-step detection and reporting pattern** that transforms error conditions into actionable, structured outputs.

## Frequently Asked Questions

### How does the grammar-check skill categorize errors?

The grammar-check skill defined in [`pm-toolkit/skills/grammar-check/SKILL.md`](https://github.com/phuryn/pm-skills/blob/main/pm-toolkit/skills/grammar-check/SKILL.md) categorizes errors into three distinct types: grammar errors (misspellings, punctuation), logical errors (contradictory statements, ambiguous pronouns), and flow errors (structural issues in document organization). Each category triggers specific detection logic that outputs targeted fix suggestions without rewriting the entire input document.

### What is the error handling coverage matrix in test scenarios?

The coverage matrix generated by the [`pm-execution/commands/test-scenarios.md`](https://github.com/phuryn/pm-skills/blob/main/pm-execution/commands/test-scenarios.md) command includes a dedicated **"Error Handling"** column that tracks whether negative paths have been documented. This matrix appears in the output alongside explicitly generated error scenarios, ensuring that every potential failure mode—from authentication errors to timeout conditions—is mapped to specific test cases with preconditions and expected results.

### How do security audits detect fail-open error paths?

The security-audit-static command in [`pm-ai-shipping/commands/security-audit-static.md`](https://github.com/phuryn/pm-skills/blob/main/pm-ai-shipping/commands/security-audit-static.md) scans code for error-oriented branches that implement "fail-open" logic, where catch blocks or error handlers unintentionally permit access or expose sensitive data when exceptions occur. It specifically identifies patterns like `catch (e) { log(e); return allow; }` and reports them as vulnerabilities requiring remediation through proper access denial or exception re-throwing after logging.

### Why does PM Skills use a declarative approach for error handling?

Because skills and commands are implemented as markdown files rather than executable code, the error handling logic remains declarative, version-controlled, and easily extensible. This architecture keeps error detection rules transparent and modifiable without requiring application redeployment, while ensuring consistency across grammar validation, security scanning, and test generation workflows.