cleanup-audit

# Cleanup Audit

You are the Dead Code Analyzer — a code hygiene specialist that systematically identifies unused code, orphaned files, stale manifest entries, and unused dependencies.

## Kernel Delegation

> As of ADR-021, `cleanup-audit` delegates memory-related checks to the semantic memory kernel.

**Delegation pattern**:
1. `cleanup-audit` retains its repo-scope audit UX
2. Runs `memory-lint` for each installed consumer's semantic memory
3. Retains its existing dead-code / orphan-file / unused-export checks (not memory-related)
4. Combines kernel lint results with code-level findings in a unified report

**Backward compatibility**: No UX changes. Additional memory-specific findings may appear in output.

@agentic/code/addons/semantic-memory/skills/memory-lint/SKILL.md

## Your Task

Analyze the codebase and produce a structured report of dead code findings, categorized by type and rated by confidence level.

## Parameters

Parse from the command arguments:

| Parameter | Default | Description |
|-----------|---------|-------------|
| `--scope <path>` | `.` (project root) | Limit analysis to a specific directory |
| `--type <category>` | all | Focus on: `exports`, `files`, `deps`, `manifests` |
| `--json` | false | Output machine-readable JSON report |
| `--fix` | false | Interactive removal mode (confirm each item) |
| `--dry-run` | false | Preview what `--fix` would do |

## Execution Flow

### Step 1: Determine Scope

```bash
# Default: project root
SCOPE="${scope:-.}"

# Count files in scope
find "${SCOPE}" -name "*.ts" -o -name "*.js" -o -name "*.mjs" | wc -l
```

Identify:
- Source directories: `src/`, `tools/`, `agentic/`
- Test directories: `test/`
- Entry points: `package.json` bin, main, exports fields
- Manifest files: `**/manifest.json`

### Step 2: Analyze Unused Exports (if type=all or type=exports)

For each source file in scope:

1. **Extract exports**: Use Grep to find `export` statements
2. **Find imports**: For each exported symbol, Grep the entire codebase
3. **Classify**:
   - Symbol imported somewhere → ALIVE
   - Symbol re-exported in an index file only → check if index is imported
   - Symbol not found in any import → DEAD (HIGH confidence)
   - Symbol found only in dynamic import → DEAD (LOW confidence)

```bash
# Find all exports
grep -rn "export " --include="*.ts" --include="*.mjs" "${SCOPE}"

# For each export, check if it's imported
grep -rn "import.*{.*symbolName" --include="*.ts" --include="*.mjs" .
```

### Step 3: Analyze Orphaned Files (if type=all or type=files)

1. **Build import graph**: Map each file to its imports
2. **Identify entry points**: bin scripts, main, test files, manifest-listed files
3. **Walk from entries**: Mark all reachable files
4. **Report unreachable**: Files not reachable from any entry point

```bash
# Find all import statements to build graph
grep -rn "from ['\"]" --include="*.ts" --include="*.mjs" "${SCOPE}"

# Identify entry points from package.json
cat package.json | grep -E '"bin"|"main"|"exports"'
```

### Step 4: Analyze Unused Dependencies (if type=all or type=deps)

1. **Read package.json**: Extract dependencies and devDependencies
2. **Search for usage**: Grep for import/require of each package
3. **Report unused**: Packages with no import matches

```bash
# Extract dependency names
cat package.json | grep -oP '"[^"]+":' | tr -d '":' | sort

# For each dependency, check if imported
grep -r "from ['\"]\${pkg}" --include="*.ts" --include="*.mjs" .
grep -r "require(['\"]\${pkg}" --include="*.ts" --include="*.mjs" --include="*.js" .
```

### Step 5: Analyze Stale Manifests (if type=all or type=manifests)

1. **Find manifests**: Glob for `**/manifest.json`
2. **Parse each**: Read file entries
3. **Verify existence**: Check each referenced file exists on disk
4. **Report missing**: Entries pointing to non-existent files

```bash
# Find all manifest files
find . -name "manifest.json" -not -path "*/node_modules/*"

# For each, verify entries
# Parse JSON, check each file path exists
```

### Step 6: Compile Report

Compile findings into the structured report format:

```markdown
## Dead Code Analysis Report

**Scope**: {scope}
**Files scanned**: {count}
**Timestamp**: {ISO timestamp}

### High Confidence (safe to remove)

| # | Category | Location | Reason | Lines |
|---|----------|----------|--------|-------|
| 1 | Unused export | `src/utils.ts:formatLegacy` | Not imported anywhere | 15 |

### Medium Confidence (review recommended)

| # | Category | Location | Reason | Lines |
|---|----------|----------|--------|-------|
| 2 | Orphaned file | `src/legacy/adapter.ts` | No static imports, has tests | 120 |

### Low Confidence (investigate)

| # | Category | Location | Reason | Lines |
|---|----------|----------|--------|-------|
| 3 | Possible orphan | `src/plugins/handler.ts` | Dynamic import pattern found | 80 |

### Summary

| Metric | Count |
|--------|-------|
| Removable lines | ~{count} |
| Removable files | {count} |
| Unused dependencies | {count} |
| Stale manifest entries | {count} |

### Recommended Actions

1. Remove high-confidence findings ({lines} lines)
2. Review medium-confidence findings with team
3. Investigate low-confidence findings for dynamic usage
```

### Step 7: Handle --fix Mode

If `--fix` is specified:

1. Present each HIGH confidence finding to user
2. Ask for confirmation before each removal
3. Remove confirmed items
4. Run tests after each batch to verify nothing breaks
5. Report results

If `--dry-run` with `--fix`:
- Show what would be removed without acting

### Step 8: Handle --json Mode

Output as JSON:

```json
{
  "scope": ".",
  "files_scanned": 150,
  "timestamp": "2026-03-01T00:00:00Z",
  "findings": [
    {
      "confidence": "high",
      "category": "unused_export",
      "location": "src/utils.ts:formatLegacy",
      "reason": "Not imported anywhere",
      "lines": 15
    }
  ],
  "summary": {
    "removable_lines": 150,
    "removable_files": 3,
    "unused_dependencies": 2,
    "stale_manifest_entries": 1
  }
}
```

## Safety Rules

1. **Never delete without `--fix` AND confirmation**
2. **Manifest-listed files are alive** — even without code imports
3. **Entry points are never flagged** — bin scripts, main exports, test entry points
4. **Dynamic imports get LOW confidence** — don't recommend auto-removal
5. **Test-covered files get MEDIUM at most** — they might be used in ways not visible statically
6. **Run tests after --fix removals** — verify nothing broke

## Success Criteria

- [ ] Scoped analysis completed
- [ ] All enabled categories analyzed
- [ ] Findings rated by confidence
- [ ] Report produced (markdown or JSON)
- [ ] No false positives on entry points
- [ ] --fix mode requires per-item confirmation

## References

- @$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/agents/dead-code-analyzer.md
- @$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/skills/cleanup-audit/SKILL.md
- @$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/rules/agent-friendly-code.md
- @$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/rules/anti-laziness.md