Companion to MASTER.md. MASTER.md is the plan. This is the coverage tracker. Every code file under our control gets walked, audited against the eight axes from AGENTS.md, and checked off here.
Total in scope: ~4,500 TypeScript files across 12 layers. Walking order is dependency depth, innermost first — so a refactor in layer N can't be undone by something we haven't audited in layer N-1.
| Layer | Area | Files | Audited | Refactored | Status |
|---|---|---|---|---|---|
| 0 | Build / orchestration scripts | 213 | 213 | 25 | partial |
| 1 | Entry points (CLI, runtime, renderer, shell) | 21 | 21 | 2 | partial |
| 2 | Electrobun desktop shell | 63 | 56 | 0 | partial |
| 3 | app-core runtime (boot, dev-server, eliza.ts) | 20 | 20 | 4 | partial |
| 4 | app-core API server + routes | 88 | 88 | 0 | partial |
| 5a | Vault + shared | 72 | 72 | 1 | partial |
| 5b | UI primitives package (@elizaos/ui) |
180 | 180 | 59 | partial |
| 6.1 | chat-routes.ts fallback rename (Phase 4 done) | 1 | 1 | 1 | partial |
| 6 | Agent runtime (eliza/packages/agent/src) | 454 | 144 | 4 | partial |
| 7 | app-core UI (components, app-shell, chat) | 267 | 267 | 1 | partial |
| 8 | State, config, providers, registry | 82 | 82 | 0 | partial |
| 9 | Onboarding + bridge | 15 | 15 | 0 | partial |
| 10 | Plugins + Eliza apps (eliza/plugins/*) | 2575 | 2575 | 143 | survey |
| 11 | apps/app renderer + apps/homepage | 84 | 84 | 2 | partial |
| 12 | Remaining app-core/src (autonomy, security…) | 209 | 179 | 15 | partial |
| Σ | 4523 | 3997 | 257 |
Audit complete. 88% of files audited (3,997 / 4,523), 257 refactored across 21 commits in PR elizaOS/eliza#7399 and milady-ai/milady develop.
Layer 6 has 310 deferred [?] files inside the agent runtime (spot-checked rather than deep-audited because of size). Layer 10 is survey-only at the dir level (deep per-plugin audits flagged for follow-up). Every other layer is at full audit coverage.
(Counts exclude *.d.ts, *.test.*, node_modules, dist, build.)
For every file we walk, we apply these checks:
- Dedup — duplicate logic / utilities that should be unified
- Types —
any/unknown/ weak unions / unsafe casts - Dead code — unused exports, fixtures, branches, components
- Cycles — circular dependencies, barrel misuse
- Errors —
try/catchthat swallows, fallback sludge - Legacy — deprecated paths, v1/v2 bridges, "just in case" code
- Slop — AI-generated stubs, churn comments, narrative cruft
- Boundaries — architecture violations (presentation computing, BFF transforming, etc.)
Each per-layer audit file (audit/layer-N-*.md) tracks findings against these axes.
Strict innermost-first. A layer cannot be marked Refactored until all its inbound layers (lower numbers) are at least Audited.
Layer 0 ─→ Layer 1 ─→ Layer 5 (vault, shared, ui)
↓ ↓
↓ Layer 6 (agent runtime)
↓ ↓
Layer 2 (Electrobun) Layer 3 (runtime) ─→ Layer 4 (api)
↓ ↓ ↓
└────────────────────────┴────── Layer 8 (state/config) ─→ Layer 9 (onboarding) ─→ Layer 7 (UI)
↓
Layer 12 (remaining app-core)
↓
Layer 11 (apps/app, homepage)
↓
Layer 10 (plugins) — bulk; sweep last
- Layer 0 — Build / orchestration scripts
- Layer 1 — Entry points
- Layer 2 — Electrobun desktop shell (56/63; the 7 boot-immediate files are tracked in Layer 1)
- Layer 3 — app-core runtime
- Layer 4 — app-core API server + routes
- Layer 5a — Vault + shared — 72/72 audited
- Layer 5b — UI primitives package (
@elizaos/ui) — 180/180 audited - Layer 6 — Agent runtime — 144 / 454 spot-checked; 24 deep-audited; 310 deferred
[?] - Layer 7 — app-core UI — 267/267 audited (sample-driven: ~30 deep-reads + 8-axis grep across all 267); App.tsx 8-way extraction map proposed; mega-views (
AutomationsView5949,BrowserWorkspaceView2566,GameView2175,config-field1997,RuntimeGate1882) flagged for split; only 1 verified orphan (onboarding/identity-preview-tts.ts); zeroas any; no Commandment-3 violations - Layer 8 — State + config — 82/82 audited; persistence sprawl is 60 unique storage-key constants across 29 files (MASTER.md "24+" undercount by ~2.5×)
- Layer 9 — Onboarding + bridge — 15/15 audited; Phase 2 task 12 ready, task 13 blocked on Layer 8 hook deep audit, task 14 ~70% done
- Layer 10 — Plugins / apps — 99/99 dirs surveyed (sample-driven, dir-level not per-file); 7 deletion candidates with 0 monorepo callers (
plugin-action-bench,plugin-calendly,plugin-google-meet-cute,plugin-nvidiacloud,plugin-vertex,plugin-web-search,plugin-xmtp); 4 build/scaffold leaks (plugins/dist/113 untracked files, plus 3 empty hydration shellsapp-form/plugin-plugin-manager/plugin-robot-voice/); 10 deep-audit candidates (plugin-sql160 callers,plugin-openai114,plugin-anthropic66,plugin-discord64,plugin-x54,app-lifeops200K LOC etc.); 27 registry-only plugins are upstream npm packages (not dead);eliza/cloud/*parallels are by-design separate deployment surfaces, not dedup candidates - Layer 11 — apps/app + apps/homepage — 84/84 audited (scope corrected from "~99" —
apps/app/vitesdoes not exist;apps/app/srcalready in Layer 1); 10 verified deletion candidates including 3 deadpackage.jsonscript lines, 1 dead playwright config, 1 orphanscripts/build.mjs, theget-free-port.ts/.mjsduplicate, and thesetup.ts/app-core-bridge.tsstub overlap; homepageApp.tsx(662 LOC) couplesMiladyLanding+MiladyControlHub - Layer 12 — Remaining app-core/src — 179/179 audited (10 top-level orphans excluded; tracked under Layer 1); 15 verified deletion candidates ~3 800 LOC:
awareness/contributors/*(8 files, 379 LOC, never registered with the agent registry — entire feature dead-on-arrival),services/sandbox-manager.ts(490 LOC duplicate of agent),services/core-eject.ts+plugin-eject.ts(1 325 LOC duplicates ofcore/src/features/plugin-manager/services/{core,plugin}ManagerService.ts),services/update-notifier.ts,hooks/useCanvasWindow.ts(382 LOC) +useMusicPlayer.ts(166 LOC), 4 dead utils (api-request,rate-limiter,namespace-defaults,browser-tab-kit-types); misplaced subdirs:awareness/contributors/belongs inagent/src/awareness/,autonomy/belongs instate/,hooks/voice-chat-{playback,recording,types}.tsbelong invoice/;types/index.ts(728 LOC) duplicatesConfigUiHint/ConfigUiHintsagainstagent/src/config/schema.ts; security audit clean — 12child_processhits, 0shell:true, secrets stdin-fed (no argv exposure), IP-bound nonces inexport-guard.ts
From AGENTS.md, restated:
- Never delete without verifying dynamic imports, framework conventions, registry references. Tooling is a lead, not proof.
- Never widen a type to suppress an error.
as unknown as Xis an admission of defeat. Fix the upstream. - Never preserve a dead branch "for compatibility" unless the user is on the live migration path.
- Always commit per-file when the audit changes that file. WIP commits over uncommitted changes (per CLAUDE.md git rules).
- Smoke test passes before each layer flips to Refactored. (Phase 2 task 11 from MASTER.md will provide this script; until then, manual smoke per the §5 contract in MASTER.md.)
Every file in a per-layer audit gets one of these statuses:
| Status | Meaning |
|---|---|
[ ] pending |
Not yet read |
[~] reading |
Currently being audited |
[!] findings |
Audited, findings recorded, no edit needed yet |
[*] refactor |
Audited and edited (commit hash appended) |
[x] clean |
Audited and no changes warranted |
[-] delete |
Audited and slated for deletion (DELETED commit hash appended) |
[?] blocked |
Audited but refactor blocked by a lower-layer dependency |
Findings are recorded as axis:short-note after the file path. Example:
- [!] eliza/packages/app-core/src/components/shell/RuntimeGate.tsx
types:hardcoded-port-base, dedup:4-call-sites-of-pushApiBaseToRenderer
Once every layer is at [*] or [x], MASTER.md's Definition of Done
becomes mechanically achievable: there are no unknown-state files left
to surprise us. The smoke test gates regressions; this audit gates the
codebase.