linter-formatter-init
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a Python script (
scripts/setup.py) to run package manager commands (e.g.,bun add,npm install) and initialize Husky hooks. These commands are executed safely using the subprocess module with arguments passed as lists, preventing shell injection. - [EXTERNAL_DOWNLOADS]: The skill downloads standard, high-reputation development dependencies from the NPM registry. Packages include @biomejs/biome, eslint, prettier, husky, and lint-staged. No untrusted or unknown external sources are used.
- [SAFE]: The skill modifies local project files (e.g.,
package.json,biome.json,.eslintrc.json) and sets file permissions for git hooks. These actions are transparently documented and strictly relevant to the skill's primary function of tool initialization. No sensitive files or credentials are accessed or exfiltrated.
Audit Metadata