The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute code analysis commands such as vulture, knip, and cargo clippy. These are standard tools utilized for their documented purpose of detecting dead code.
[EXTERNAL_DOWNLOADS]: The skill instructs the agent to install third-party developer tools (vulture, knip, cargo-udeps) via official package registries using uv, bun, and cargo. These utilities are well-established within the developer community.
[PROMPT_INJECTION]: The skill implements a workflow susceptible to indirect prompt injection due to its processing of untrusted source code and documentation.
Ingestion points: The skill reads project source files (e.g., in src/) and documentation to identify unused code and planned features.
Boundary markers: The prompts for the internal sub-agents (Intent, Integration, and History agents) do not include specific delimiters or instructions to treat the analyzed code as data rather than instructions.
Capability inventory: The skill has access to Bash, Write, and Edit tools, allowing it to modify the codebase based on the conclusions of its analysis.
Sanitization: There is no evidence of content sanitization or escaping for code fragments read from the project before they are processed by the validation agents.

dead-code-detector