behavioral-mutation-analyzer
Analyzes surviving mutants from mutation testing to identify why tests failed to detect them. Takes repository code, test suite, and mutation testing results as input. Identifies root causes including insufficient coverage, equivalent mutants, weak assertions, and missed edge cases. Automatically generates actionable test improvements and new test cases. Use when analyzing mutation testing results, improving test suite effectiveness, investigating low mutation scores, generating tests to kill surviving mutants, or enhancing test quality based on mutation analysis.
git clone --depth 1 https://github.com/ArabelaTso/Skills-4-SE /tmp/behavioral-mutation-analyzer && cp -r /tmp/behavioral-mutation-analyzer/skills/behavioral-mutation-analyzer ~/.claude/skills/behavioral-mutation-analyzerSKILL.md
# Behavioral Mutation Analyzer
## Overview
This skill systematically analyzes surviving mutants from mutation testing to understand test suite weaknesses and automatically generate improvements. It identifies why mutants survived, categorizes root causes, and produces actionable test enhancements to increase mutation detection rates.
## Analysis Workflow
### Step 1: Input Collection and Validation
Gather required inputs and verify completeness:
**Required Inputs:**
- Repository source code (path or files)
- Test suite (test files and framework)
- Mutation testing results (report file or data)
**Mutation Result Formats:**
- PIT (Java): XML or HTML reports
- Stryker (JavaScript/TypeScript): JSON reports
- mutmut (Python): result files
- Pitest, Infection (PHP), Cosmic Ray, etc.
**Validation checklist:**
- [ ] Source code accessible
- [ ] Test suite runnable
- [ ] Mutation results parseable
- [ ] Mutation tool and version identified
### Step 2: Surviving Mutant Extraction
Parse mutation results to identify all surviving mutants:
**Extract for each mutant:**
- Mutant ID
- Source file and line number
- Mutation operator (e.g., boundary change, negation)
- Original code
- Mutated code
- Status (survived/killed/timeout/error)
**Focus on survived mutants:**
Filter out killed mutants and focus analysis on survivors that indicate test weaknesses.
### Step 3: Root Cause Classification
Analyze each surviving mutant to determine why it survived:
#### Category 1: Insufficient Coverage
**Indicators:**
- Mutated line not executed by any test
- Mutated method/function never called
- Conditional branch not taken
**Analysis:**
- Check code coverage data
- Identify uncovered code paths
- Trace execution from test entry points
**Example:**
```java
// Original
public int calculate(int x) {
if (x > 0) {
return x * 2; // Line 3: Covered
}
return 0; // Line 5: NOT covered
}
// Mutant: Line 5 changed to "return 1;"
// Survives because no test calls calculate() with x <= 0
```
#### Category 2: Equivalent Mutants
**Indicators:**
- Mutation produces semantically identical behavior
- Mathematical or logical equivalence
- Dead code or unreachable state
**Analysis:**
- Compare control flow graphs
- Check for mathematical identities
- Identify redundant operations
**Example:**
```python
# Original
result = x * 1
# Mutant: changed to "result = x"
# Equivalent: multiplying by 1 has no effect
```
#### Category 3: Weak Assertions
**Indicators:**
- Test executes mutated code but doesn't verify output
- Assertions too broad or generic
- Only checking for exceptions, not correctness
**Analysis:**
- Review test assertions
- Check what properties are verified
- Identify missing postconditions
**Example:**
```javascript
// Test
test('calculate returns a number', () => {
const result = calculate(5);
expect(typeof result).toBe('number'); // Weak: doesn't check value
});
// Mutant: "return x * 2" → "return x * 3"
// Survives because test only checks type, not value
```
#### Category 4: Missed Edge Cases
**Indicators:**
- Mutation affects boundary conditions
- Special values not tested (null, zero, empty, max/min)
- Error handling paths not verified
**Analysis:**
- Identify boundary values in mutated code
- Check test inputs for edge case coverage
- Review exception handling tests
**Example:**
```java
// Original
public int divide(int a, int b) {
return a / b;
}
// Mutant: added "if (b == 0) return 0;"
// Survives because no test checks division by zero
```
#### Category 5: Timing and Concurrency Issues
**Indicators:**
- Mutant affects timing, delays, or synchronization
- Race conditions or thread safety
- Asynchronous behavior changes
**Analysis:**
- Check for concurrent code
- Identify timing-dependent logic
- Review async/await patterns
#### Category 6: State-Dependent Behavior
**Indicators:**
- Mutant affects state transitions
- Order-dependent operations
- Side effects not verified
**Analysis:**
- Trace state changes
- Check for stateful objects
- Verify side effect assertions
### Step 4: Test Generation Strategy
For each surviving mutant, determine the appropriate test enhancement:
**Strategy 1: Add Missing Test Cases**
- When: Insufficient coverage
- Action: Generate new test that executes mutated code
- Focus: Cover the uncovered path
**Strategy 2: Strengthen Assertions**
- When: Weak assertions
- Action: Add specific value checks
- Focus: Verify exact expected behavior
**Strategy 3: Add Edge Case Tests**
- When: Missed edge cases
- Action: Generate boundary value tests
- Focus: Test special inputs (null, zero, empty, max, min)
**Strategy 4: Mark as Equivalent**
- When: Equivalent mutant
- Action: Document equivalence reasoning
- Focus: No test needed, update mutation config to ignore
**Strategy 5: Add Integration Tests**
- When: State or timing issues
- Action: Create tests verifying end-to-end behavior
- Focus: Observable effects and state transitions
### Step 5: Automated Test Generation
Generate concrete test code to kill surviving mutants:
**Test Generation Process:**
1. Identify test framework (JUnit, pytest, Jest, etc.)
2. Analyze existing test patterns and style
3. Generate test following project conventions
4. Include descriptive test names
5. Add comments explaining what mutant is targeted
**Example Generated Test:**
```python
def test_calculate_with_negative_input():
"""
Test to kill mutant #42: calculate() with x <= 0
Mutant changed 'return 0' to 'return 1' on line 5
"""
result = calculate(-5)
assert result == 0, "calculate() should return 0 for negative input"
result = calculate(0)
assert result == 0, "calculate() should return 0 for zero input"
```
### Step 6: Report Generation
Create comprehensive analysis report using template in `assets/mutation_analysis_report.md`:
**Report Sections:**
1. Executive summary (mutation score, survival rate)
2. Surviving mutants by category
3. Root cause anaApplies abstract interpretation using different abstract domains (intervals, octagons, polyhedra, sign, congruence) to statically analyze program variables and infer invariants, value ranges, and relationships. Use when analyzing program properties, inferring loop invariants, detecting potential errors, or understanding variable relationships through static analysis.
Uses abstract interpretation to automatically infer loop invariants, function preconditions, and postconditions for formal verification. Generates invariants that capture program behavior and support correctness proofs in Dafny, Isabelle, Coq, and other verification systems. Use when adding formal specifications to code, generating verification conditions, inferring contracts for functions, or discovering loop invariants for proofs.
Performs abstract interpretation over source code to infer possible program states, variable ranges, and data properties without executing the program. Reports potential runtime errors including out-of-bounds accesses, null dereferences, type inconsistencies, division by zero, and integer overflows. Use when analyzing code for potential runtime errors, performing static analysis, checking safety properties, or verifying program behavior without execution.
Performs abstract interpretation to produce summarized execution traces and high-level program behavior representations. Highlights key control flow paths, variable relationships, loop invariants, function summaries, and potential runtime states using abstract domains (intervals, signs, nullness, etc.). Use when analyzing program behavior, understanding execution paths, computing loop invariants, tracking variable ranges, detecting potential runtime errors, or generating program summaries without concrete execution.
Create ACSL (ANSI/ISO C Specification Language) formal annotations for C/C++ programs. Use this skill when working with formal verification, adding function contracts (requires/ensures), loop invariants, assertions, memory safety annotations, or any ACSL specifications. Supports Frama-C verification and generates comprehensive formal specifications for C/C++ code.
CLI-based browser automation with persistent page state using ref-based element interaction. Use when users ask to navigate websites, interact with web pages, fill forms, take screenshots, test web applications, or extract information from web pages.
Detects and analyzes ambiguous language in software requirements and user stories. Use when reviewing requirements documents, user stories, specifications, or any software requirement text to identify vague quantifiers, unclear scope, undefined terms, missing edge cases, subjective language, and incomplete specifications. Provides detailed analysis with clarifying questions and suggested improvements.
Design and review APIs with suggestions for endpoints, parameters, return types, and best practices. Use when designing new APIs from requirements, reviewing existing API designs, generating API documentation, or getting implementation guidance. Supports REST APIs with focus on endpoint structure, request/response schemas, authentication, pagination, filtering, versioning, and OpenAPI specifications. Triggers when users ask to design, review, document, or improve APIs.