laurigates/configure-dead-code
configure-plugin/skills/configure-dead-code/SKILL.md
Dead-code detection: Knip, Vulture, cargo-machete, deadcode. Use when setting up unused-code scanning, migrating tools, or adding dead-code CI checks.
$ install --global
skillsauthnpx skillsauth add laurigates/claude-plugins configure-dead-codeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 21, 2026, 2:57 AM159.8s1 file scanned
SKILL.md
- created:
- 2025-12-16
- modified:
- 2026-04-19
- reviewed:
- 2025-12-16
- description:
- Dead-code detection: Knip, Vulture, cargo-machete, deadcode. Use when setting up unused-code scanning, migrating tools, or adding dead-code CI checks.
- allowed-tools:
- Glob, Grep, Read, Write, Edit, Bash, AskUserQuestion, TodoWrite, WebSearch, WebFetch
- args:
- [--check-only] [--fix] [--tool <knip|vulture|deadcode|machete>]
- argument-hint:
- [--check-only] [--fix] [--tool <knip|vulture|deadcode|machete>]
- name:
- configure-dead-code
/configure:dead-code
Check and configure dead code detection tools.
When to Use This Skill
| Use this skill when... | Use another approach when... |
|------------------------|------------------------------|
| Setting up dead code detection for a new project | Running an existing dead code scan (knip, vulture) |
| Auditing whether Knip, Vulture, or cargo-machete is configured correctly | Manually removing specific unused exports or imports |
| Migrating between dead code detection tools | Debugging why a specific file is flagged as unused |
| Adding dead code checks to CI/CD pipelines | Reviewing dead code findings one by one |
| Standardizing dead code detection across a monorepo | Configuring linting rules (/configure:linting instead) |
Context
- Project root: !
pwd - Package files: !
find . -maxdepth 1 \( -name 'package.json' -o -name 'pyproject.toml' -o -name 'Cargo.toml' \) - Knip config: !
find . -maxdepth 1 \( -name 'knip.json' -o -name 'knip.config.*' \) - Vulture config: !
find . -maxdepth 1 \( -name '.vulture' -o -name 'vulture.ini' \) - Pre-commit: !
find . -maxdepth 1 -name '.pre-commit-config.yaml' - Project standards: !
find . -maxdepth 1 -name '.project-standards.yaml'
Parameters
Parse from command arguments:
--check-only: Report compliance status without modifications (CI/CD mode)--fix: Apply fixes automatically without prompting--tool <knip|vulture|deadcode|machete>: Override tool detection
Dead code detection tools:
- JavaScript/TypeScript: Knip (finds unused files, exports, dependencies)
- Python: Vulture or deadcode (finds unused code)
- Rust: cargo-machete (finds unused dependencies)
Execution
Execute this dead code detection compliance check:
Step 1: Detect project language and existing tools
Check for language and tool indicators:
| Indicator | Language | Tool |
|-----------|----------|------|
| knip.json or knip.config.* | JavaScript/TypeScript | Knip |
| package.json with knip | JavaScript/TypeScript | Knip |
| pyproject.toml [tool.vulture] | Python | Vulture |
| .vulture or vulture.ini | Python | Vulture |
| Cargo.toml | Rust | cargo-machete |
Use WebSearch or WebFetch to verify latest versions before configuring.
Step 2: Analyze current configuration
For the detected tool, check configuration completeness:
Knip:
- [ ] Config file exists (
knip.jsonorknip.config.*) - [ ] Entry points configured
- [ ] Ignore patterns set
- [ ] Plugin configurations
- [ ] Workspace support (monorepo)
- [ ] CI integration
Vulture:
- [ ] Configuration file exists
- [ ] Minimum confidence set
- [ ] Paths configured
- [ ] Ignore patterns
- [ ] Allowlist file (if needed)
cargo-machete:
- [ ] Installed as cargo subcommand
- [ ] Workspace configuration
- [ ] CI integration
Step 3: Generate compliance report
Print a formatted compliance report:
Dead Code Detection Compliance Report
======================================
Project: [name]
Language: [TypeScript | Python | Rust]
Tool: [Knip 5.x | Vulture 2.x | cargo-machete 0.6.x]
Configuration:
Config file knip.json [EXISTS | MISSING]
Entry points configured [CONFIGURED | AUTO-DETECTED]
Ignore patterns node_modules, dist [CONFIGURED | INCOMPLETE]
Plugin support enabled [ENABLED | N/A]
Detection Scope:
Unused files enabled [ENABLED | DISABLED]
Unused exports enabled [ENABLED | DISABLED]
Unused dependencies enabled [ENABLED | DISABLED]
Unused types enabled [ENABLED | DISABLED]
Scripts:
dead-code command package.json scripts [CONFIGURED | MISSING]
Integration:
Pre-commit hook .pre-commit-config.yaml [OPTIONAL | MISSING]
CI/CD check .github/workflows/ [CONFIGURED | MISSING]
Overall: [X issues found]
If --check-only, stop here.
Step 4: Configure dead code detection (if --fix or user confirms)
Apply configuration based on detected language. Use templates from REFERENCE.md:
- Install tool (e.g.,
bun add --dev knip,uv add --group dev vulture) - Create config file with entry points, exclusions, and plugins
- Add scripts to package.json or create run commands
- Add CI workflow step (warning mode, not blocking)
Step 5: Update standards tracking
Update .project-standards.yaml:
standards_version: "2025.1"
last_configured: "[timestamp]"
components:
dead_code: "2025.1"
dead_code_tool: "[knip|vulture|deadcode|machete]"
dead_code_ci: true
Step 6: Print final report
Print a summary of changes applied, run an initial scan if possible, and provide next steps for reviewing findings.
For detailed configuration templates and usage examples, see REFERENCE.md.
Agentic Optimizations
| Context | Command |
|---------|---------|
| Quick compliance check | /configure:dead-code --check-only |
| Auto-fix all issues | /configure:dead-code --fix |
| Run Knip scan (JS/TS) | npx knip --reporter compact |
| Run Vulture scan (Python) | vulture . --min-confidence 80 |
| Run cargo-machete (Rust) | cargo machete |
| CI mode (JSON output) | npx knip --reporter json |
Flags
| Flag | Description |
|------|-------------|
| --check-only | Report status without offering fixes |
| --fix | Apply all fixes automatically without prompting |
| --tool <tool> | Override tool detection (knip, vulture, deadcode, machete) |
Examples
# Check compliance and offer fixes
/configure:dead-code
# Check only, no modifications
/configure:dead-code --check-only
# Auto-fix with Knip
/configure:dead-code --fix --tool knip
Error Handling
- No language detected: Cannot determine appropriate tool, error
- Tool installation fails: Report error, suggest manual installation
- Configuration conflicts: Warn about multiple tools, suggest consolidation
- High number of findings: Suggest starting with allowlist
See Also
/configure:linting- Configure linting tools/configure:all- Run all compliance checks- Knip documentation: https://knip.dev
- Vulture documentation: https://github.com/jendrikseipp/vulture
- cargo-machete documentation: https://github.com/bnjbvr/cargo-machete
Related Skills
laurigates/workflow-verify-before-filing
testing
VerifiedTrustedCommunity
Verify accumulated bug claims at upstream HEAD and dedup against trackers before filing issues. Use when filing upstream reports from backlogs, audit docs, or git-history findings.
38SKILL.mdUpdated Jun 12, 2026
laurigates/cold-read-gate
documentation
VerifiedTrustedCommunity
Gate outward-bound text (upstream issues, docs, PR bodies) through isolated haiku fresh-reader critique before publishing. Use when an artifact must survive a reader with zero project context.
38SKILL.mdUpdated Jun 12, 2026
laurigates/evaluate-improve
tools
VerifiedTrustedCommunity
Suggest improvements to SKILL.md content, descriptions, or tool config from eval results. Use when raising pass rates, fixing triggering, or iterating on a skill after evaluation.
38SKILL.mdUpdated Apr 16, 2026
laurigates/deadbranch
tools
VerifiedTrustedCommunity
deadbranch CLI for stale-branch cleanup — dry-run preview, TUI or non-interactive delete, protects main/develop/WIP. Use when asked to clean up branches, prune branches, or remove stale branches.
37SKILL.mdUpdated Jun 11, 2026