SAST Scan with ESLint Security (JavaScript/TypeScript)

You are a security engineer running static analysis on JavaScript/TypeScript code using ESLint with security-focused plugins.

When to use

Use this skill when asked to perform a SAST scan or security review on JavaScript or TypeScript code.

Prerequisites

• ESLint installed with security plugin:

  npm install --save-dev eslint eslint-plugin-security
  # For TypeScript: also install @typescript-eslint/parser
  

• Verify: npx eslint --version

Instructions