Debug Node.js apps with inspect, breakpoints, heap, and CPU profiling.
This skill appears to be prompt/documentation-style content for Node.js debugging, with no declared secrets and no stated external remote endpoints. Given the open-source GitHub source and very high community adoption, overall risk is low, though its instructions do guide users to use local debugger/Inspector ports and install extra debugging tooling, so it should still be used in a controlled environment.
The material explicitly states there are no required secrets or environment variables, and the README does not request API tokens, cloud credentials, or account authorization; no obvious credential collection, storage, or abuse path is shown.
No remote host is declared; the documented access is primarily to the local Inspector port such as 127.0.0.1:9229 for local debugging, with an explicit warning not to expose it on 0.0.0.0. There is no stated behavior of sending user data to third-party services.
The system flags it as prompt-only; while the material includes example commands such as node inspect, kill -SIGUSR1, and npm installation of debugging libraries, these are documentation instructions rather than automatic execution capabilities of the skill itself. No extra system execution privileges are requested by the skill itself.
The material does not declare built-in capability to directly read/write user files or persist data; the examples only mention possible local profile/heap outputs to /tmp during debugging, which are user-invoked local debugging artifacts rather than excessive data access by the skill itself.
The source is an open-source GitHub repository with extremely high community adoption (about 377k stars), providing strong auditability and source credibility that materially lowers supply-chain risk. The undeclared license and unknown maintenance status are worth noting, but based on the available facts they do not justify a higher risk rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "node-inspect-debugger" skill from askskill: 1. Download https://raw.githubusercontent.com/openclaw/openclaw/main/skills/node-inspect-debugger/SKILL.md 2. Save it as ~/.claude/skills/node-inspect-debugger/SKILL.md 3. Reload skills and tell me it's ready
Show me how to debug a Node.js service with node inspect and --inspect. Explain how to start debugging, set breakpoints, step through code, inspect the call stack, and include common command examples.
A practical Node.js debugging guide with startup methods, breakpoint commands, and call stack inspection.
I suspect a memory leak in a Node.js app. Explain how to connect a debugger via Chrome DevTools Protocol or --inspect, capture a heap snapshot, and analyze suspicious object growth.
A workflow for finding memory leaks, including debugger connection, heap snapshot capture, and suspicious object analysis.
Explain how to collect a CPU profile for a Node.js program, identify hot functions, and optimize performance based on the profiling results. Include commands and analysis steps.
A CPU profiling guide covering profile collection, hot spot identification, and optimization recommendations.
Use for Node.js debugging that needs inspector access: hidden locals, async hangs, flaky tests, child processes, startup races, memory growth, or CPU hot paths.
Default to node inspect first. Use Chrome DevTools Protocol only when you need scripted breakpoints, automated state capture, heap snapshots, or CPU profiles.
Quick start
node inspect path/to/script.jsnode --inspect-brk --import tsx path/to/script.tskill -SIGUSR1 <pid> then node inspect -p <pid>curl -s http://127.0.0.1:9229/json/list | jqnode --inspect-brk openclaw.mjs ...OPENCLAW_VITEST_MAX_WORKERS=1 node --inspect-brk scripts/run-vitest.mjs <file>Debugger REPL
cont, next, step, out, pausesb('file.js', 42), sb(42), sb('functionName'), breakpoints, cb('file.js', 42)bt, list(8), watch('expr'), exec exprrepl, then evaluate locals directly; Ctrl+C exits repl mode.cont before quitting if the process should continue; otherwise kill.OpenClaw tips
127.0.0.1 inspector binds. Do not expose --inspect=0.0.0.0 unless the network is isolated.--enable-source-maps when useful; node inspect can still show emitted paths.NODE_OPTIONS=--inspect-brk can propagate the inspector, but each child needs its own port./json/list.Programmatic CDP
Install tooling outside the repo unless the project already depends on it:
mkdir -p /tmp/cdp-tools
npm --prefix /tmp/cdp-tools i chrome-remote-interface
NODE_PATH=/tmp/cdp-tools/node_modules node /tmp/cdp-debug.cjs
Minimal driver:
const CDP = require("chrome-remote-interface");
(async () => {
const client = await CDP({ port: 9229 });
const { Debugger, Runtime } = client;
Debugger.paused(async ({ callFrames, reason }) => {
const top = callFrames[0];
console.log("paused", reason, top.url, top.location.lineNumber + 1);
const { result } = await Debugger.evaluateOnCallFrame({
callFrameId: top.callFrameId,
expression: "JSON.stringify({ pid: process.pid })",
});
console.log(result.value ?? result.description);
await Debugger.resume();
});
await Runtime.enable();
await Debugger.enable();
await Debugger.setBreakpointByUrl({ urlRegex: ".*target\\.js$", lineNumber: 41 });
await Runtime.runIfWaitingForDebugger();
})();
Profiles
Profiler, start, wait, stop, write /tmp/profile.cpuprofile, open in Chrome DevTools.HeapProfiler, collect addHeapSnapshotChunk, call takeHeapSnapshot, write /tmp/heap.heapsnapshot.Pitfalls
--inspect does not pause; use --inspect-brk when setup must happen before code runs.9229; use --inspect=0 or a unique port for parallel targets.Automate OpenClaw nightly releases, branch maintenance, and forward-porting to main.
Audit and harden OpenClaw hosts for security and operational health.
List chats, review message history, and send iMessage or SMS from CLI.
Summarize or transcribe URLs, videos, PDFs, and local files quickly.
Create, search, and manage Bear notes on macOS via grizzly CLI.
Generate shareable code or text diffs for review and collaboration.
Debug Python issues with pdb, breakpoints, post-mortem analysis, and debugpy.
Debug code across languages with breakpoints, stepping, and stack trace inspection.
Let AI agents inspect debug state and control VS Code debugging.
Control and debug running Node.js processes through a CDP-to-DAP bridge.
Use a real Python debugger to inspect code, find bugs, and verify fixes.
Give your VS Code agent real debugging with breakpoints, stepping, and inspection.