lint-fix
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands including
pnpm exec eslintand.venv/bin/pre-commit. These commands incorporate user-provided arguments for rule names and file glob patterns. - [COMMAND_EXECUTION]: For complex refactoring tasks (500+ violations), the skill instructs the agent to generate and run temporary scripts, such as
jscodeshiftcodemods or scripts utilizing@typescript-eslint/typescript-estree. This allows the agent to perform programmatic code transformations. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes linter outputs and source code files (Category 8).
- Ingestion points: Reads linter stdout/stderr and target file contents to determine required fixes.
- Boundary markers: Not explicitly defined in the instructions for separating code content from instructions.
- Capability inventory: Includes shell command execution and dynamic script generation/execution.
- Sanitization: Arguments such as rule names ($0) and file patterns ($1) are interpolated directly into shell commands without explicit sanitization steps.
Audit Metadata