oxlint
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing oxlint, eslint-plugin-oxlint, and lint-staged via the npm registry. It also suggests using the oxlint-action GitHub Action from the official oxc-project organization. These are recognized as well-known and legitimate tools for JavaScript development.
- [COMMAND_EXECUTION]: The skill provides standard CLI commands for linting and fixing code using npx oxlint. These operations are consistent with the intended functionality of a code quality tool.
- [SAFE]: Analysis of the skill's data processing surface (Category 8) shows standard behavior for a linter. (1) Ingestion points: Project source code directories (e.g., src/, .). (2) Boundary markers: Not applicable for static analysis operations. (3) Capability inventory: Limited to linting files and installing devDependencies. (4) Sanitization: Not applicable as the tool performs static analysis rather than execution.
Audit Metadata