Linter Autofix Patterns
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/detect-and-fix.shuses theevalcommand to execute linter and formatter commands that are constructed dynamically based on the files detected in the project directory. - [REMOTE_CODE_EXECUTION]: The script utilizes
npxto run JavaScript tools like@biomejs/biome,eslint, andprettier. If these tools are not already installed locally,npxwill download and execute them from the npm registry. - [COMMAND_EXECUTION]: Tools such as
cargo clippyandgo vetare invoked by the skill. These commands often trigger compilation of the source code in the target project, which can lead to the execution of arbitrary code (e.g., via Rust build scripts or Go package initialization). - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it makes decisions based on the presence and content of files in the current directory.
- Ingestion points: The script checks for the existence of several configuration files (e.g.,
biome.json,pyproject.toml,Cargo.toml,go.mod) and searches for shell files (*.sh) to determine which commands to run. - Boundary markers: No boundary markers or instructions to ignore embedded commands are used when processing these files.
- Capability inventory: The skill has access to the
Bashtool and filesystem tools (Read,Edit,Grep), allowing it to execute arbitrary shell commands and modify files. - Sanitization: The script does not perform any validation or sanitization of the configuration files or project structure before executing the corresponding tools.
Audit Metadata