AI Agents Ship Dead Code, Bloat, and Unneeded Permissions
Reviewing an AI-built Chrome extension revealed dead code paths, unnecessary host_permissions, and 15KB bloat—fixing them altered install prompts and halved package size from 31.83KB.
Pitfalls AI Agents Overlook in Production Code
AI agents building a Chrome extension (TubeScribe, for exporting YouTube transcripts as Markdown) produced functional but wasteful code. A manual second pass uncovered: (1) a dead code path included in the shipped bundle, (2) an unneeded host_permissions scope that bloated the user install prompt, and (3) ~15KB of dead weight. The initial Chrome Web Store listing showed 31.83KB, while the local zip was 27.1KB (27,766 bytes)—a discrepancy hinting at store-side overhead, but the core zip itself carried avoidable bloat.
Fixes Deliver Measurable Wins
Removing the dead code and excess permissions streamlined the install prompt users see, reducing friction and perceived invasiveness. Stripping 15KB of bloat cut the package size roughly in half, improving load times and store appeal. These changes highlight how small oversights compound: permissions affect trust signals, while bloat hits performance from the first user interaction.
Why Agents Miss This and How to Supervise
Agents prioritize working demos over optimization, generating wider scopes and unused paths to hedge against edge cases. Humans must audit for production realities—check bundle analyzers for dead code, validate minimal permissions against actual hosts (e.g., YouTube only), and minify aggressively. This case underscores agentic coding as a first draft: ship fast, but always second-pass for leanness. Thin content here focuses on intro findings; full article likely details agent prompts and code diffs.