aislop — agent skill

aislop is a deterministic, open-source CLI that scans across six engines, grades 0–100, and catches 50+ rules across 7 languages: swallowed exceptions, hallucinated imports, silent recovery, narrative comments, as any casts, oversized functions, SQL injection, eval, hardcoded secrets, and architecture drift.

If you follow this skill, you don't ship slop. It does two jobs:

1. Prevention — internalise the rule catalog below so your first draft doesn't trip detectors.
2. Detection + fix — scan after editing, fix mechanical findings with the CLI, fix the rest yourself, report what changed.

This skill is not "run aislop and report back" — the user could do that themselves. The value is the judgement layer: writing right the first time, reading each finding against source, and fixing what you can before escalating.

Supports TypeScript, JavaScript, Python, Go, Rust, Ruby, PHP, Expo/React Native.

Remote execution & supply-chain policy

This skill uses the aislop CLI, distributed through the public npm registry. Running npx aislop fetches and executes the published package — treat this as an untrusted remote dependency.

Default: prefer a locally installed, version-pinned aislop over npx.