enforcing-code-linting

This is a benign, developer-focused linting/PR-review skill: its stated purpose (detect changed files, run ESLint/Prettier/stylelint, report issues, optionally apply fixes, and integrate with git hooks) matches the actions described. There are no indicators of obfuscated or malicious code, hardcoded secrets, remote exfiltration, or unknown third-party endpoints. The main security considerations are normal supply-chain risks of running npx and installing dev dependencies and the need for explicit user consent before automatically modifying repository files or installing hooks. Recommend: allow use but ensure the agent prompts the user before running --fix/--write, before installing packages, and before modifying git hooks; prefer using project-local binaries (npm scripts) over npx remote resolution when possible.