bash-script-validator_skill

This skill validates bash and POSIX scripts, flags syntax, security issues, and common pitfalls to improve reliability and portability.
  • HCL

83

GitHub Stars

1

Bundled Files

3 weeks ago

Catalog Refreshed

2 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstart where the catalogue uses aiagentskills.

npx veilstart add skill akin-ozer/cc-devops-skills --skill bash-script-validator

  • SKILL.md13.1 KB

Overview

This skill is a comprehensive toolkit for validating, linting, and optimizing bash and POSIX shell scripts. It detects the shell from the shebang, runs syntax checks, integrates ShellCheck if available, and applies custom security and performance checks. The skill produces a detailed, line-numbered report with actionable fixes and references to best-practice guides.

How this skill works

The validator first verifies file existence and detects the shell type from the shebang. It runs shell-specific syntax validation (bash -n or sh -n), then invokes ShellCheck when available and applies additional pattern-based custom checks for security, portability, and performance. Results are summarized with error/warning/info counts and suggested fixes with before/after code examples.

When to use it

  • Before committing or deploying any .sh or .bash script to catch syntax and runtime risks
  • During code review to surface security issues like unsafe eval or command injection
  • When converting bash scripts to POSIX sh to detect bashisms and non-portable constructs
  • To optimize scripts for performance by finding UUOC, unnecessary subshells, and inefficient pipelines
  • As a learning tool to enforce best practices and teach common shell pitfalls

Best practices

  • Include an explicit shebang and detect shell dialect early
  • Enable strict mode: set -euo pipefail (adjust per script requirements)
  • Quote all variable expansions and validate inputs to avoid injection
  • Prefer built-ins over external commands and avoid useless use of cat
  • Run the validator in CI and as a pre-commit hook to catch issues early

Example use cases

  • Automated pre-commit hook that validates staged .sh files and blocks commits on errors
  • CI job that scans the repository for shell scripts and fails the build on critical issues
  • Security audit that lists eval usages, unquoted expansions, and dangerous rm patterns
  • Portability conversion workflow: detect bashisms, apply POSIX alternatives, and revalidate
  • Performance sweep to replace pipelines with built-ins and remove subshell overhead

FAQ

No. It runs syntax checks without ShellCheck, but provides deeper static analysis and rule IDs when ShellCheck is installed or available via the wrapper.

How does it determine shell type?

It reads the script shebang (e.g., #!/bin/bash, #!/bin/sh) and maps common interpreters to bash, POSIX sh, zsh, ksh, or dash.

Can it be used in CI and pre-commit hooks?

Yes. The validator is designed for CI/CD integration and includes examples for GitHub Actions and pre-commit hook usage.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational