Added by: blind-spot analysis (April 2, 2026) Technique: grep for TODO/FIXME/HACK/WORKAROUND/DEPRECATED/WARNING + dead code detection + orphan analysis
utils/secureStorage/index.ts:14— Linux libsecret support not implemented (macOS Keychain works, Linux falls back to plaintext)utils/thinking.ts:88— Model capability probing via API error detection not yet supportedentrypoints/mcp.ts:136— TODO: validate input types with zod (currently missing — MCP inputs NOT validated)services/mcp/xaa.ts:133,176,229— XAA validation and token endpoint auth methods deferred to GAservices/mcp/auth.ts:1743— Cross-process lockfile needed before GA
tools/AgentTool/forkSubagent.ts:154— Wire protocol issue:[tool_result, text]pattern creates undesired message structureutils/messages.ts:2674— Recursive field stringification can still leak through sanitizationtasks/RemoteAgentTask.tsx:459— ExitPlanModeScanner needs folding into poller; uses deprecated startDetachedPoll
utils/plugins/pluginLoader.ts:3242— Installed plugins cache never cleared; npm package support missingutils/plugins/marketplaceManager.ts:1619— npm package support unimplementedutils/plugins/pluginOptionsStorage.ts:156— Merged settings return from deprecated method needs redesign
| File | Issue | Workaround |
|---|---|---|
utils/proxy.ts:343 |
axios/axios#4531 | Custom proxy handling for axios bug |
utils/skills/skillChangeDetector.ts:59 |
Bun FSWatcher deadlock | stat() polling instead of native watcher |
utils/staticRender.tsx:8 |
Ink doesn't support multiple <Static> elements |
Custom render implementation |
services/analytics/growthbook.ts:51,79,330,378,694 |
SDK bug in remote eval | Response format transformation |
utils/bash/ShellSnapshot.ts:129 |
GNU find vs other implementations | Longer alternative command listed first |
utils/computerUse/executor.ts:109 |
handleScroll mouse_full behavior | Mouse event workaround |
utils/api.ts:626 |
Tokens Claude can't see | Special visibility handling |
tools/BashTool/bashPermissions.ts:1799—stripCommentLineshas known bugs affecting permission rule handlingtools/BashTool/bashPermissions.ts:2274— shell-quote library has documented single-quote backslash misparsing bugtools/PowerShellTool/powershellSecurity.ts:963— Set-Alias/New-Alias can hijack future command resolution (static analysis limitation)services/mcp/xaaIdpLogin.ts:197— URL construction edge case with leading slashes
Active deprecated functions still in use (migration ongoing, not complete):
ink/log-update.ts:52—renderPreviousOutput_DEPRECATED()utils/settings/settings.js—getSettings_DEPRECATED()utils/slowOperations.js—writeFileSync_DEPRECATED()utils/config.ts:176—'emacs'mode kept for backward compatibility- Multiple
_DEPRECATEDsuffixed functions across secure storage, settings, and config modules
The rendering pipeline is the most instrumented code in the codebase:
ink/ink.tsx:247-777— Extensiveperformance.now()tracking for render → diff → optimize → write pipelineink/render-to-screen.ts:84-198— Phase-by-phase timing breakdownink/reconciler.ts:287,311—SLOW_YOGAandSLOW_PAINTdiagnostic logging for layout bottleneck detectionink/log-update.ts:460— Slow render detection (>5ms threshold)
"external" === 'ant' guards code unreachable in public builds across:
main.tsx(14 guards) — event loop stall detector, session data uploading, ANT org warnings, native auto-updaterscreens/REPL.tsx— ANT-specific UI elementstools/— task mode config, model overridescomponents/— 8 files with internal-only UI
main.tsx:429 — imports ./utils/eventLoopStallDetector.js which does not exist in codebase. Dead code referencing a removed module.
| Tool | Feature Gate | Lines |
|---|---|---|
RemoteTriggerTool |
AGENT_TRIGGERS_REMOTE | Full directory |
SleepTool |
PROACTIVE or KAIROS | Full directory |
MonitorTool |
MONITOR_TOOL | Full directory |
SubscribePRTool |
KAIROS_GITHUB_WEBHOOKS | Full directory |
SendUserFileTool |
KAIROS | Full directory |
PushNotificationTool |
KAIROS or KAIROS_PUSH_NOTIFICATION | Full directory |
WebBrowserTool |
WEB_BROWSER_TOOL | Full directory |
OverflowTestTool |
OVERFLOW_TEST_TOOL | Full directory |
TerminalCaptureTool |
TERMINAL_PANEL | Full directory |
CtxInspectTool |
CONTEXT_COLLAPSE | Full directory |
SnipTool |
HISTORY_SNIP | Full directory |
ListPeersTool |
UDS_INBOX | Full directory |
WorkflowTool |
WORKFLOW_SCRIPTS | Full directory |
ABLATION_BASELINE, AGENT_MEMORY_SNAPSHOT, BG_SESSIONS, BUILDING_CLAUDE_APPS, BYOC_ENVIRONMENT_RUNNER, LODESTONE, OVERFLOW_TEST_TOOL, PERFETTO_TRACING, RUN_SKILL_GENERATOR
entrypoints/mcp.ts:136— MCP tool inputs not validated with Zod (TODO in source)tools/MCPTool— Uses.passthrough()Zod schema, skipping all validationtools/SyntheticOutputTool— Also uses.passthrough(), no validationtools/PowerShellTool/powershellSecurity.ts:968— Set-Alias effects can't be validated statically
tools/WebFetchTool/preapproved.ts:5— SECURITY WARNING: preapproved domains ONLY for GET requeststools/AskUserQuestionTool:257— onclick handlers possible; consumers must sanitizetools/SendMessageTool:592— Cross-machine prompt injection must stay bypass-immunetools/FileEditTool/utils.ts:527-636— Sanitization/desanitization pattern: strings sanitized by API that Claude can't see must be de-sanitized in edit operations. Critical but fragile API boundary.tools/BashTool/bashSecurity.ts:195— "EXTREMELY CAREFUL" note about ANSI-C shell quoting
constants/apiLimits.ts:10— Dynamic limits fetching from server (#13240)services/mcp/auth.ts:1743— Cross-process lockfile needed before MCP OAuth GAservices/lsp/LSPServerManager.ts:374— LSP integration with compact system pendingtools/SkillTool:528— Default to requiring permission in futureutils/plugins/schemas.ts:432,463— Glob support in plugin config, gist support, single file support planned