Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From cortexloop
Identifies dead code and unused dependencies, then proposes safe removal. Use after refactors, before releases, or when auditing vulnerabilities.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cortexloop:dead-code-and-depsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Identify code and dependencies that no longer serve the project, then propose safe removal. Cleanup reduces maintenance burden, shrinks attack surface, and speeds builds — but deletion is irreversible without git, so **always ask before deleting**.
Identify code and dependencies that no longer serve the project, then propose safe removal. Cleanup reduces maintenance burden, shrinks attack surface, and speeds builds — but deletion is irreversible without git, so always ask before deleting.
/cortexloop cleanup passnpm audit / pip audit / cargo audit reports issuesWhen NOT to use:
| Signal | How to verify |
|---|---|
| Unused exports | grep for import references across codebase |
| Unreachable functions | No callers in repo; check dynamic imports |
| Commented-out blocks | Safe to remove if git history preserves them |
| Orphaned files | No imports reference the file |
| Unused variables/imports | Linter (eslint, ruff, clippy) |
| Legacy shims | Comments like "backwards compat", "TODO remove" |
| Duplicate utilities | Same logic in multiple files — consolidate, don't delete both |
| Empty/stub files | Placeholder never implemented |
1. Run project linter — collect unused import/variable warnings
2. For each candidate:
a. grep -r for symbol name and file path
b. Check dynamic imports, reflection, config references, test files
c. Check git blame — understand why it exists
3. Classify: CONFIRMED_DEAD | LIKELY_DEAD | UNCERTAIN
4. NEVER delete UNCERTAIN without asking user
DEAD CODE IDENTIFIED:
- formatLegacyDate() in src/utils/date.ts — replaced by formatDate(), 0 references
- OldTaskCard in src/components/ — replaced by TaskCard, 0 references
- LEGACY_API_URL in src/config.ts — no remaining references
Should I remove these? (yes / no / explain which)
| Check | Command (examples) |
|---|---|
| Vulnerabilities | npm audit, pip audit, cargo audit, govulncheck |
| Outdated packages | npm outdated, pip list --outdated |
| Unused deps | depcheck (JS), pip-autoremove (Python) |
| License compatibility | license-checker, manual review |
| Duplicate packages | Same lib under different names (lodash vs lodash-es) |
Critical/High vulnerability reported
├── Is vulnerable code reachable in production?
│ ├── YES → Fix immediately (update, patch, or replace)
│ └── NO (dev-only, unused path) → Fix soon, not a release blocker
└── Fix available?
├── YES → Update to patched version
└── NO → Workaround, replace dep, or allowlist with review date
ASK BEFORE REMOVING:
- package-name@version — reason: unused / duplicate / vulnerable with no fix
- Impact: [what breaks if we're wrong]
- Alternative: [replacement if any]
| Severity | Criteria |
|---|---|
| Critical | Known exploitable CVE in production dependency |
| High | Confirmed dead code on security-sensitive path; high-severity audit finding |
| Medium | Unused dependency adding bundle size; likely dead code with 0 refs |
| Low | Unused imports; outdated but patched dep; cosmetic cleanup |
| Info | Deprecated API usage (not yet removed) |
## Cleanup Findings
### Dead Code
#### [SEVERITY] [symbol or file]
- **Location:** path:line
- **Confidence:** CONFIRMED_DEAD | LIKELY_DEAD | UNCERTAIN
- **Evidence:** [grep results, linter output]
- **Recommendation:** Remove / Keep / Investigate
- **Risk if wrong:** [what breaks]
### Dependencies
#### [SEVERITY] [package@version]
- **Issue:** CVE-XXXX / unused / outdated / duplicate
- **Reachable in production:** yes / no / unknown
- **Recommendation:** Update to X / Remove / Replace with Y
- [ ] Full test suite passes
- [ ] Build succeeds
- [ ] Linter clean (no new warnings)
- [ ] npm audit / equivalent — no new critical/high issues
- [ ] Bundle size unchanged or smaller (if frontend)
- [ ] No broken imports (grep for removed symbols)
npx claudepluginhub whitequeen306/code-cortex-loop --plugin cortexloopIdentifies unused imports, variables, functions, unreachable code, dependencies, and CSS for safe removal. Generates reports categorizing safe-to-remove, potentially unused, and review-required items.
Finds and safely removes unused exports, dead files, orphaned dependencies, and stale constraints. Use after refactoring or as periodic hygiene.
Analyzes and removes dead code in Repowise-indexed codebases using graph analysis. Suggests safe deletion order and flags false positives.