// Perform a broad Node/TypeScript repository health sweep — formatting, linting, type errors, dead code, dependency hygiene, and open Renovate PRs.
Generate AI-assisted navigation aids to help humans start reviewing a pull request more efficiently.
Persist guidelines, conventions, and architectural decisions into the repository's knowledge base. Use when told to remember something for future sessions.
Perform migrations for Renovate dependency upgrades based on breaking changes identified in a review. Use after running /renovate-review.
Review Renovate dependency upgrade PRs to assess safety and effort. Use when reviewing PRs from Renovate bot that update NPM dependencies.
Verify a Node.js/TypeScript repo's development environment is correctly set up. Checks Node.js version, pnpm version, dependency installation, and build success. Use when onboarding, troubleshooting CI failures, or verifying a fresh clone.
Perform comprehensive security audit of a repository with detailed findings and step-by-step PoCs. Reports all web and API security vulnerabilities.
| name | repo-maintenance-node |
| description | Perform a broad Node/TypeScript repository health sweep — formatting, linting, type errors, dead code, dependency hygiene, and open Renovate PRs. |
| disable-model-invocation | false |
| argument-hint | [--dry-run] [--section formatting|dead-code|deps|renovate] |
| allowed-tools | Bash, Grep, Glob, Read, Agent |
Perform a comprehensive health sweep for Node.js and TypeScript repositories.
Checks formatting, linting, type errors, dead code, dependency hygiene,
cross-package consistency, and open Renovate PRs. Reads AGENTS.md (or
CLAUDE.md) for repo-specific commands before running any checks.
--dry-run (optional): Report issues without making changes.--section <name> (optional): Run only a specific section. Valid values:
formatting, dead-code, deps, renovate. If omitted, run all sections.Target: $ARGUMENTS (defaults to all sections, applying fixes)
This skill is designed for parallel execution to minimize wall clock time. After Step 0 (configuration discovery), launch Agents A and B in parallel for the investigative workstreams. Once both complete, run Agent C (Code Quality) last so formatting/linting/type-check fixes apply on top of any changes from earlier steps. Only the dependency section has an additional internal ordering constraint (Renovate PRs must complete before filtering outdated deps).
flowchart TD
S0["Step 0: Read config"] --> A["Agent A: Dead Code Detection"]
S0 --> B["Agent B: Dependencies & Renovate"]
B --> B1["B1: Renovate PRs (gh API)"]
B --> B2["B2: Cross-package validation"]
B --> B3["B3: Dedupe check"]
B --> B5["B5: Peer dependency warnings"]
B1 --> B4["B4: Outdated deps (filtered by B1)"]
A --> C["Agent C: Code Quality (format + lint + typecheck)"]
B2 --> C
B3 --> C
B4 --> C
B5 --> C
C --> F["Step Final: Merge results → Generate report"]
When launching parallel agents, pass them the discovered configuration from Step 0 (package manager, available scripts, monorepo status) so they don't need to re-read config files.
Before running any checks, read the repository's configuration files to discover project-specific commands and conventions:
AGENTS.md (if it exists) for:
CLAUDE.md if AGENTS.md does not exist.package.json (or the workspace root manifest) to identify:
lint, format, typecheck, etc.)pnpm, npm, yarn)workspaces field or
pnpm-workspace.yaml)Store discovered commands for use in subsequent steps. If a command is not found, skip the corresponding check and note it in the report.
Goal: Identify unused exports, imports, and files.
Launch this as a parallel Agent subagent.
Note: This section is complementary to deterministic tools like knip. If
knipis configured in the repo, prefer running it. Otherwise, use heuristic detection.
Check for knip:
# Look for knip in package.json scripts or devDependencies
grep -q '"knip"' package.json && echo "knip available"
If knip is available:
pnpm knip # or: npx knip
If knip is not available, perform heuristic checks:
Heuristic dead code scan (when knip is unavailable):
grep -rn "export \(const\|function\|class\|type\|interface\|enum\)" src/
Report findings as a list of potentially unused items. Do NOT auto-delete — dead code removal requires human review.
Goal: Surface Renovate PRs, check dependency health, and report outdated packages not already covered by Renovate.
Launch this as a parallel Agent subagent. Within this agent, run B1, B2, B3, and B5 in parallel, then run B4 after B1 completes (B4 needs the Renovate package list to filter outdated deps).
List open PRs from Renovate:
gh pr list --author "renovate[bot]" --state open --json number,title,url \
--jq '.[] | "- #\(.number) \(.title) \(.url)"'
If the above returns no results, also try:
gh pr list --author "renovate" --state open --json number,title,url \
--jq '.[] | "- #\(.number) \(.title) \(.url)"'
For each open Renovate PR, suggest running /renovate-review:
Run `/renovate-review <PR-NUMBER>` to assess safety and effort.
Collect the package names covered by open Renovate PRs (parse the PR
titles — Renovate titles typically follow Update <package> to <version>
or Update dependency <package> to <version>). Store this set for use in
B4.
If no open Renovate PRs are found, report that the repo is up to date with Renovate.
If this is a monorepo:
Check for version inconsistencies across packages:
# For pnpm workspaces with catalogs
cat pnpm-workspace.yaml
# For npm/yarn workspaces, compare package.json files
find . -name "package.json" -not -path "*/node_modules/*" \
-exec grep -l '"dependencies"' {} \;
Flag any package that pins a different version of the same dependency than other packages in the workspace (unless the workspace uses a catalog or resolutions to centralize versions).
Check for duplicates:
# pnpm
pnpm dedupe --check # or: pnpm dedupe (to fix)
# npm
npm dedupe --dry-run
# yarn
yarn dedupe --check
If --dry-run is not set and duplicates are found, run the dedup command
and commit the result:
pnpm dedupe
git add pnpm-lock.yaml
git commit -m "chore(deps): deduplicate lockfile"
Depends on B1 — wait for Renovate PR list before running.
Run the package manager's outdated check:
pnpm outdated # or: npm outdated / yarn outdated
Filter out any packages that already have an open Renovate PR (from the set collected in B1). Only report dependencies that are outdated AND not already being handled by Renovate.
Categorize the remaining results:
Report a summary table of outdated dependencies by category.
Check for peer dependency mismatches:
pnpm install --dry-run 2>&1 | grep -i "peer"
# or: pnpm ls --depth 0 2>&1 | grep -i "WARN"
Alternatively, parse warnings from the most recent pnpm install output or
lockfile metadata.
Report mismatches grouped by severity:
cypress@4-13 but 15.x is installed)^10.2.14 but
10.2.10 is installed)These are advisory — do not auto-fix peer dependency issues.
Goal: Ensure code style is consistent and free of lint/type errors.
Launch this Agent subagent after Agents A and B complete so that fixes apply on top of any code changes from earlier steps. Within this agent, run formatting, linting, and type checking as parallel Bash commands (they don't depend on each other).
Run the formatter using the repo's configured command:
# Use the command from AGENTS.md / package.json, e.g.:
pnpm format # or: pnpm prettier --write .
If --dry-run is set, run the check variant instead:
pnpm format --check # or: pnpm prettier --check .
Separate real issues from expected noise. Formatter errors in CI config
files (e.g., .circleci-orbs/, codegen.*.yml) that use template variable
syntax (${...}) are often false positives — note them separately from
actual source code formatting issues.
Report the number of files changed (or issues found in dry-run mode).
Run the linter with auto-fix:
pnpm lint --fix # or: pnpm eslint --fix .
If --dry-run is set, run without --fix:
pnpm lint # report only
Report the number of issues fixed and any remaining issues that require manual intervention.
Run the TypeScript compiler in check mode:
pnpm typecheck # or: pnpm tsc --noEmit
If errors are found:
Report the number of type errors found, fixed, and remaining.
If any changes were made (and --dry-run is not set), stage and commit:
git add -A
git commit -m "chore: fix formatting, lint, and type errors"
After all agents complete, merge their results into a summary report:
## Repository Maintenance Report
### Code Quality
- Formatting: X files fixed (or: "No issues found")
- Lint: X issues fixed, Y remaining
- TypeScript: X errors fixed, Y remaining (flagged for review)
### Dead Code
- Potentially unused exports: X
- Potentially dead files: X
- (See details above)
### Renovate PRs
- Open PRs: X
- #123 Update foo to v2.0.0
- #124 Update bar to v1.5.0
- Suggested action: Run `/renovate-review` on each
### Dependencies (not covered by Renovate)
- Outdated (patch): X
- Outdated (minor): X
- Outdated (major): X
- Peer dependency mismatches: X
- Duplicates in lockfile: X (resolved / not resolved)
- Cross-package inconsistencies: X
### Actions Taken
- [ ] Code quality fixes committed
- [ ] Lockfile deduplication committed
- [ ] (other actions)
--dry-run. When set, make zero changes — only report.