rotcanarylisted

# Rotcanary **Language:** Mirror the user's current writing language for ALL menus, choice labels, escalation prompts, and status messages. Detect from their input — Thai → Thai, English → English, Japanese → Japanese, etc. Never hardcode one language. Scan code for rot. Report CONFIRMED findings. Fix on request. ## Parameters - **SCOPE:** touched files (default) | diff | named files | whole repo - **DEPTH:** QUICK (default) | DEEP ## Categories 1. **Bug-risk** — null deref, wrong operator, off-by-one, missing return 2. **Dead / unreachable** — zero-ref symbols, code after return/throw, always-true guards 3. **Disconnected** — exists but never wired to entry point, half-done refactor 4. **Duplication** — copy-paste diverged, two sources of truth for one constant 5. **Resource leak** — undisposed handle/stream/COM, subscription never removed 6. **Async** — unawaited task, `.Result`/`.Wait()` deadlock, blocking on UI thread 7. **Silent failure** — empty catch, success on partial completion, ignored return code 8. **Input security** — unvalidated input, injection, path traversal, secret in code/log 9. **Performance** — O(n²) in hot path, N+1, unbounded growth, work on UI thread 10. **Doc rot** — comment contradicts code, stale TODO, wrong param in docstring ## Discipline - Report only CONFIRMED. Unverifiable → separate "SUSPECTED" list. - Cite evidence (file:line, call-site count, the absent catch). - "Dead" = zero reachability via ALL routes (reflection, DI, events, public