code-linting
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation and execution of industry-standard tools including ruff via pip and Biome via npx. These are well-known utilities from reputable sources.- [COMMAND_EXECUTION]: The skill uses shell commands to run linters, formatters, and git operations. These executions are scoped to the project files and are necessary for the skill's primary function of code quality management.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading project-specific instructions from files such as CLAUDE.md and configuration files like pyproject.toml or biome.json.
- Ingestion points: Configuration and rule files within the target repository.
- Boundary markers: No explicit delimiters are used to separate project instructions from the agent's core logic.
- Capability inventory: The skill utilizes Bash for command execution and Edit/Write for file modifications.
- Sanitization: No specific sanitization or validation of the ingested project configuration is described.
Audit Metadata