← Back to Skills

Sast Eslint Security

🌐Community
by vchirrav · vlatest · Repository

Helps with ESLint, security as part of implementing security and authentication workflows.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add sast-eslint-security npx -- -y @trustedskills/sast-eslint-security
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "sast-eslint-security": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/sast-eslint-security"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill integrates ESLint security rules into a static analysis process. It analyzes JavaScript and TypeScript code to identify potential security vulnerabilities based on OWASP principles. The tool provides actionable feedback, helping developers proactively address common coding errors that could lead to exploits.

When to use it

  • Code Reviews: Integrate this skill into your automated code review pipelines to flag potential security issues early in the development lifecycle.
  • New Project Setup: Use this skill when initializing a new JavaScript or TypeScript project to enforce secure coding practices from the start.
  • Security Audits: Perform targeted scans of existing codebases to identify and remediate known vulnerabilities.
  • Training & Education: Help developers learn about common security pitfalls by providing clear, actionable feedback on their code.

Key capabilities

  • OWASP-based security ruleset
  • JavaScript and TypeScript support
  • Static analysis
  • Actionable vulnerability feedback
  • Integration with CI/CD pipelines (implied)

Example prompts

  • "Analyze this JavaScript file for potential security vulnerabilities."
  • "Run ESLint security checks on the src directory of my project."
  • "Find any code that violates OWASP secure coding guidelines in this TypeScript file."

Tips & gotchas

  • Requires Node.js and npm to be installed.
  • The effectiveness depends on the configuration of the ESLint ruleset; ensure it's appropriately configured for your specific needs.
View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
vchirrav
Installs
4
Repository (canonical source) →

🌐 Community

Passed automated security scans.