Skills
skills/levnikolaevich/claude-code-skills/ln-741-linter-configurator/Gen Agent Trust Hub

ln-741-linter-configurator

Warn

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches configuration templates and reference documentation from the author's GitHub repository (raw.githubusercontent.com/levnikolaevich/...) if the files are not found in the local skill directory.
  • [COMMAND_EXECUTION]: Installs multiple Node.js and Python packages using npm, pip, and uv. The instructions mandate the use of the latest versions without pinning, which presents a minor supply chain risk and potential for environment instability.
  • [COMMAND_EXECUTION]: Programmatically creates a local shell script at scripts/lint.sh and modifies its permissions with chmod +x to permit execution.
  • [REMOTE_CODE_EXECUTION]: The generated lint.sh script employs the eval command to execute linter checks. Utilizing eval on strings that could be influenced by project content or configuration is a security anti-pattern that can lead to unintended command execution.
  • [COMMAND_EXECUTION]: Executes the generated shell script and several CLI tools (including ruff, mypy, and eslint) as part of the verification and error-fixing phases.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 25, 2026, 07:29 PM