Dead, unsafe-looking autoLinkText() function defined in conversation.php and never called

Area: Messaging & chat (audit p4) · Surface: /messages/{id} (MessageController@showConversation) · Dimension: Law 1 — kick-ass / dead code · Severity: minor

A non-trivial helper that auto-links URLs and inlines remote <img> previews is carried in the template but is completely unreferenced. Dead code in a security-sensitive surface (message rendering) is a maintenance and confusion hazard — a future edit could wire it up and reintroduce the inline-remote-image behavior. It should be removed or moved to MarkdownService if intended.

Evidence

templates/messages/conversation.php:26-39 defines `function autoLinkText(string $escaped, callable $e)`. grep across the entire platform/ tree finds the only occurrence is the definition itself — it is never invoked (message bodies render via `MarkdownService::expandGalleryEmbeds` at conversation.php:203). The function also inlines image previews from arbitrary URLs and accepts a `callable $e` it never uses.

Suggested fix. Delete the unused `autoLinkText()` definition (lines 26-39). If inline URL/image rendering is wanted, implement it once in MarkdownService where the body is actually rendered, with proper sanitization.

Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.