eslint
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill follows industry standard practices for JavaScript and TypeScript linting. All referenced packages are well-known and reputable within the Node.js ecosystem.
- [COMMAND_EXECUTION] (LOW): The skill involves executing
eslintandbuncommands. These are standard developer tools and used here for their primary intended purpose. - [EXTERNAL_DOWNLOADS] (LOW): The installation instructions use
bun addto download packages from the npm registry. These are trusted standard dependencies (eslint,typescript-eslint, etc.), which downgrades the risk per trust scope rules. - [Indirect Prompt Injection] (LOW): The skill processes project source code (Ingestion points:
eslint .). - Ingestion points: Local source files and configuration files.
- Boundary markers: Not explicitly defined in instructions.
- Capability inventory: File modification via
eslint --fixand package installation viabun. - Sanitization: None; the tool relies on the underlying ESLint engine. This represents a standard ingestion surface for linting tools.
Audit Metadata