Skills
skills/agentskillexchange/skills/ESLint Auto-Fixer/Gen Agent Trust Hub

ESLint Auto-Fixer

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a workflow for processing untrusted source code and configuration files, creating an indirect prompt injection surface.
  • Ingestion points: Project source files (.js, .ts, .tsx) and configuration files (.eslintrc, eslint.config.js).
  • Boundary markers: No delimiters or ignore instructions specified in the skill documentation.
  • Capability inventory: The skill performs file-system write operations to apply automatic fixes.
  • Sanitization: No sanitization or validation of code content is described.
  • [COMMAND_EXECUTION]: The skill utilizes the ESLint Node.js API to load and run project configuration files, which are executable JavaScript files. This represents a dynamic execution pattern for local project data.
  • [PROMPT_INJECTION]: The skill metadata includes a 'security_reviewed' status field, which is a self-reported claim that should not be treated as authoritative.
  • [NO_CODE]: This skill package contains only a markdown file and lacks any scripts, binaries, or logic-bearing code for direct analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 06:42 PM