Codebase Cleanup Deps Audit

What it does

This skill helps AI agents identify and remove unused or outdated dependencies within a codebase. It performs an audit to ensure the project's package management files reflect only necessary libraries, reducing bloat and potential security risks.

When to use it

• Before deploying a production build to minimize attack surface and bundle size.
• During refactoring phases to eliminate legacy packages no longer in use.
• When troubleshooting dependency conflicts or "dependency hell" scenarios.
• To maintain compliance with license requirements for open-source components.

Key capabilities

• Scans codebase files to detect referenced libraries.
• Compares actual usage against package.json, requirements.txt, or equivalent manifest files.
• Identifies orphaned dependencies that are declared but never imported.
• Flags outdated versions of critical security packages.

Example prompts

• "Audit my Python project for unused dependencies and list them."
• "Check if the latest version of React is installed and flag any outdated packages in my Node.js app."
• "Generate a report of all third-party libraries currently in use versus those declared but unused."

Tips & gotchas

Ensure your codebase is up to date before running an audit, as stale imports might be flagged incorrectly if the project hasn't been committed recently. Always review the generated list manually before deleting packages to avoid breaking features that rely on implicit or dynamic imports not caught by static analysis.