debug-mode-production-anti-pattern
Installation
SKILL.md
Debug Mode in Production Anti-Pattern
Severity: High
Summary
Debug mode in production exposes sensitive system information and creates backdoors. Occurs when development settings remain enabled in deployment. Common in AI-generated code that hardcodes debug flags or fails to differentiate environments.
The Anti-Pattern
This anti-pattern manifests in two primary ways:
- Hardcoded Debug Flags: Global flag
DEBUG = Truenever changes, so the application runs in debug mode in all environments. - Unprotected Debug Endpoints: Debug routes (
/debug/env,/_debug/sql) included in production builds provide attack vectors.