Skip to content

chore(slack): add verbose debug logging across message handling flow#329

Merged
tlgimenes merged 6 commits intomainfrom
tlgimenes/slack-debug-logs
Mar 23, 2026
Merged

chore(slack): add verbose debug logging across message handling flow#329
tlgimenes merged 6 commits intomainfrom
tlgimenes/slack-debug-logs

Conversation

@tlgimenes
Copy link
Contributor

@tlgimenes tlgimenes commented Mar 23, 2026
edited by cubic-dev-ai bot
Loading

Summary

  • Add verbose console.log statements across all strategic points in the Slack MCP message handling pipeline for production debugging
  • Covers 9 files across the full request lifecycle: webhook → event routing → event handling → context building → LLM call → Decopilot API → Slack response
  • Logs include timing measurements, message previews, config details, routing decisions, and error context

How to Test

  1. Deploy to a staging environment with a configured Slack connection
  2. Send a message to the bot (DM, @mention, or thread reply)
  3. Check server logs — you should see a full trace like:
    • [Router][Webhook][EventHandler][ContextBuilder][LLMHandler][LLM][MeshChat][Slack]
  4. Verify timing info (e.g., "LLM call completed in 2345ms") appears correctly
  5. Verify sensitive data (tokens, signing secrets) is NOT logged — only config metadata

Screenshots

N/A

Migration Notes

N/A — no behavioral changes, only added logging.

🤖 Generated with Claude Code

Summary by cubic

Adds verbose, metadata-only debug logging across the Slack MCP message flow to trace issues end-to-end, with consistent timing/status logs for Decopilot/MeshChat/OpenRouter/Slack APIs. No behavior changes.

  • Refactors

    • Instrumented webhook routing, router, event/context/LLM handlers, shared/mesh-chat (client/generate), Slack client, and OpenRouter embedding tools with start/end markers, trace IDs, and streaming chunk counts.
    • Logs record only metadata (lengths, counts, IDs, timing) instead of raw content; prevents leaking user text, LLM responses, or tokens.
    • Captures timings/status for Slack API (post/update/history/replies), Decopilot/MeshChat requests, context fetch, and LLM calls; clearer ignore/routing logs and per-connection response config decisions; applied oxfmt formatting and minor cleanup in openrouter/server/utils.ts.

  • Bug Fixes

    • Made streaming callback async to match StreamCallback type.
    • Removed unused OpenRouterClient import in openrouter/server/tools/embeddings/list-models.ts.
    • Cast Slack event fields in debug logs (e.g., files, channel_type) to avoid TypeScript errors.
    • Cast OpenRouter embeddings result to any for metadata-only logging where types don’t expose needed fields.

Written for commit 241d583. Summary will update on new commits.

@tlgimenes @claude
chore(slack): add verbose debug logging across message handling flow
3f01057 
Add console.logs to all strategic points in the Slack message handling
pipeline to aid production debugging. Covers: webhook routing, event
filtering, event handling, context building, LLM calls, streaming,
Decopilot API, and Slack API responses. Includes timing, message
previews, config details, and error context at each step.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 23, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

9 issues found across 9 files

Prompt for AI agents (unresolved issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="slack-mcp/server/lib/slack-client.ts">

<violation number="1" location="slack-mcp/server/lib/slack-client.ts:235">
P1: Avoid logging message text previews. This leaks user conversation content into production logs; log only metadata (length/ids) or gate content logging behind a non-production debug flag.</violation>
</file>

<file name="slack-mcp/server/slack/handlers/context-builder.ts">

<violation number="1" location="slack-mcp/server/slack/handlers/context-builder.ts:153">
P1: Do not log raw message content from Slack history; this can leak user data into production logs. Log only metadata (index/role/length) or gate content logging behind a strict debug flag.</violation>
</file>

<file name="slack-mcp/server/lib/llm.ts">

<violation number="1" location="slack-mcp/server/lib/llm.ts:64">
P1: Avoid logging raw LLM response text; this can leak sensitive user or business data into production logs.</violation>
</file>

<file name="shared/mesh-chat/client.ts">

<violation number="1" location="shared/mesh-chat/client.ts:109">
P1: Avoid logging raw Decopilot error bodies; this can leak sensitive request/response content into production logs.</violation>
</file>

<file name="slack-mcp/server/router.ts">

<violation number="1" location="slack-mcp/server/router.ts:354">
P1: Avoid logging raw Slack message text; it can expose user content in production logs. Log metadata (length/type) instead.</violation>
</file>

<file name="slack-mcp/server/slack/handlers/llm-handler.ts">

<violation number="1" location="slack-mcp/server/slack/handlers/llm-handler.ts:158">
P1: Avoid logging raw LLM response text in production; this can leak sensitive user/content data into logs.</violation>
</file>

<file name="shared/mesh-chat/generate.ts">

<violation number="1" location="shared/mesh-chat/generate.ts:130">
P1: Avoid logging raw response content previews in production paths. This can leak user/LLM sensitive data into logs.</violation>
</file>

<file name="slack-mcp/server/slack/handlers/eventHandler.ts">

<violation number="1" location="slack-mcp/server/slack/handlers/eventHandler.ts:514">
P1: Avoid logging raw user message text; log metadata (length/flags) instead to prevent sensitive data leakage in production logs.</violation>

<violation number="2" location="slack-mcp/server/slack/handlers/eventHandler.ts:601">
P1: Do not log LLM prompt content previews; this can leak conversation and attachment data to logs.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

tlgimenes and others added 2 commits March 23, 2026 10:54
@tlgimenes @claude
merge: resolve conflict in shared/mesh-chat/generate.ts
bd71bee 
Keep both debug logs from main (config/apiMessages/response logging)
and timing instrumentation from this branch (startTime for duration).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@tlgimenes @claude
style: fix formatting with oxfmt
4424c72 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 23, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 issues found across 13 files (changes from recent commits).

Prompt for AI agents (unresolved issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="shared/mesh-chat/generate.ts">

<violation number="1" location="shared/mesh-chat/generate.ts:120">
P1: Do not log raw `config` and `apiMessages`; it can leak the Mesh auth token and full user message/media contents to logs.</violation>
</file>

<file name="openrouter/server/tools/embeddings/generate.ts">

<violation number="1" location="openrouter/server/tools/embeddings/generate.ts:53">
P1: Do not log raw embedding input payloads; this can expose user content in production logs.</violation>

<violation number="2" location="openrouter/server/tools/embeddings/generate.ts:61">
P2: Avoid logging the full embeddings result object; log only lightweight metadata.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

tlgimenes and others added 3 commits March 23, 2026 10:59
@tlgimenes @claude
fix: resolve TypeScript errors in openrouter and slack-mcp
0355def 
- Remove unused OpenRouterClient import in list-models.ts
- Make streaming callback async to match StreamCallback type
- Cast to any for files/channel_type on SlackEvent in debug logs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@tlgimenes @claude
fix: remove raw content from debug logs, log only metadata
a634f23 
Address PR review: replace all text previews, response previews,
and raw object dumps with metadata-only logging (lengths, counts,
IDs, timing). Prevents leaking user content, LLM responses, and
auth tokens into production logs.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@tlgimenes @claude
fix(openrouter): cast embeddings result to any for metadata logging
241d583 
CreateEmbeddingsResponse type doesn't expose .data/.model properties
directly. Cast to any since this is debug-only metadata logging.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@tlgimenes tlgimenes merged commit 5eeba0f into main Mar 23, 2026
2 checks passed
tlgimenes added a commit that referenced this pull request Mar 23, 2026
@tlgimenes @claude
revert(shared): remove debug logging from shared/mesh-chat
9beb886 
Rollback console.log additions from PR #329 in the shared module.
Debug logging should only be in slack-mcp and openrouter, not in
the shared library used by multiple MCPs.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@tlgimenes tlgimenes mentioned this pull request Mar 23, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tlgimenes