Compétences shellcheck-configuration

📦

shellcheck-configuration

Name: shellcheck-configuration
Author: sickn33

Sûr

Configure ShellCheck for Shell Script Quality

Également disponible depuis: wshobson

Shell scripts often contain subtle bugs and portability issues that are hard to catch manually. This skill provides comprehensive guidance on configuring and using ShellCheck to automatically detect and fix shell script problems.

Prend en charge: Claude Codex Code(CC)

📊 71 Adéquat

Télécharger le ZIP du skill

Importer dans Claude

Allez dans Paramètres → Capacités → Skills → Importer un skill

Activez et commencez à utiliser

Tester

Utilisation de "shellcheck-configuration". How do I fix SC2086 in: for i in $list; do echo $i; done

Résultat attendu:

SC2086 warns about unquoted variables causing word splitting. Fix: use "$list" or "${list[@]}" for arrays. Corrected: for i in "$list"; do echo "$i"; done

Utilisation de "shellcheck-configuration". Create a .shellcheckrc for strict Bash validation

Résultat attendu:

Configuration that sets shell=bash, enables optional checks like require-variable-braces, and disables SC1091 (sourced files not found) as a project default.

Utilisation de "shellcheck-configuration". What are the most common ShellCheck errors to fix?

Résultat attendu:

Top 5: SC2086 (unquoted variables), SC1091 (sourced files), SC2154 (unset variables), SC2148 (tips), SC2164 (use cd with || exit). Each has specific fixes detailed in the skill.

Audit de sécurité

Sûr

v1 • 2/25/2026

All 111 static findings are false positives. The skill contains shell command examples used to demonstrate ShellCheck error codes (SC2086, SC1091, etc.). The scanner misidentified 'SC' as 'C2' keywords. URLs point to legitimate ShellCheck project resources. References to ~/.shellcheckrc and ~/.bashrc are standard config file paths, not malicious file access. The skill is purely educational documentation for ShellCheck static analysis tool.

Fichiers analysés

469

Lignes analysées

résultats

Total des audits

Problèmes à risque élevé (1)

SKILL.md:80 SKILL.md:110 SKILL.md:113 SKILL.md:116 SKILL.md:119 SKILL.md:122 SKILL.md:125 SKILL.md:129 SKILL.md:132 SKILL.md:137 SKILL.md:140 SKILL.md:144 SKILL.md:183 SKILL.md:218-219 SKILL.md:286 SKILL.md:292 SKILL.md:296 SKILL.md:307 SKILL.md:318 SKILL.md:333 SKILL.md:347 SKILL.md:357 SKILL.md:424

False Positive: Scanner misidentified ShellCheck error codes as C2 keywords

The static scanner flagged 'C2 keywords' at multiple lines (80, 110, 113, 116, etc.), but these are actually ShellCheck error codes like SC2086, SC1091, SC2119. The scanner misread 'SC' as 'C2'. This is a documentation skill teaching users about ShellCheck error codes - no actual C2/malware content exists.

Problèmes à risque moyen (3)

SKILL.md:22 SKILL.md:47-62 SKILL.md:62-68

False Positive: Shell command examples are documentation content, not execution

The static scanner flagged 'external_commands' (73 occurrences) showing backticks, $(), and shell invocations. These are example shell script patterns shown in the skill to demonstrate what ShellCheck will detect. The skill is teaching users about ShellCheck - not executing these commands.

SKILL.md:55 SKILL.md:466 SKILL.md:467 SKILL.md:468

False Positive: Network URLs are legitimate ShellCheck project resources

Hardcoded URLs point to github.com/koalaman/shellcheck and shellcheck.net - the official ShellCheck project and documentation. These are appropriate resources for a ShellCheck configuration skill.

SKILL.md:93 SKILL.md:138

False Positive: Filesystem references are standard shell config paths

References to ~/.shellcheckrc and ~/.bashrc are standard configuration file paths in shell scripting. These are not malicious file access attempts - they are example configuration file locations.

Problèmes à risque faible (1)

SKILL.md:263

False Positive: sudo apt-get install is legitimate installation instruction

Line 263 shows 'sudo apt-get install shellcheck' which is the standard way to install ShellCheck on Debian/Ubuntu systems. This is not privilege escalation for malicious purposes.

Audité par: claude

Score de qualité

Architecture

100

Maintenabilité

Contenu

Communauté

Sécurité

100

Conformité aux spécifications

Ce que vous pouvez construire

DevOps Engineer: CI/CD Pipeline Setup

Set up automated shell script linting in GitHub Actions, GitLab CI, or other CI/CD systems to catch issues before deployment.

Software Developer: Script Quality Improvement

Fix existing shell script errors and improve portability across different Unix/Linux environments using ShellCheck guidance.

System Administrator: Team Code Standards

Enforce consistent code quality standards across team scripts with project-level configuration and pre-commit validation.

Essayez ces prompts

Install ShellCheck

How do I install ShellCheck on macOS, Ubuntu, or from source?

Understand Error Code

What does ShellCheck error SC2086 mean and how do I fix it in my script?

Configure Project Settings

Create a .shellcheckrc configuration file for a Bash project that enables strict checking but disables SC1091 and SC2119.

CI/CD Integration

Show me how to integrate ShellCheck into a GitHub Actions workflow that checks all .sh files and fails the build if any issues are found.

Bonnes pratiques

Run ShellCheck in CI/CD pipelines to catch issues before merging
Configure the target shell correctly - do not analyze Bash scripts as POSIX sh
Document why specific warnings are suppressed using inline directives

Éviter

Disabling warnings without understanding why they appear
Analyzing scripts for wrong shell dialect (Bash as sh)
Ignoring ShellCheck output without addressing the underlying issue

Foire aux questions

What is ShellCheck?

ShellCheck is a static analysis tool that finds bugs, warnings, and issues in shell scripts. It supports Bash, sh, dash, ksh, and other POSIX shells.

How do I install ShellCheck?

On macOS: brew install shellcheck. On Ubuntu/Debian: apt-get install shellcheck. Or build from source at github.com/koalaman/shellcheck.

What do ShellCheck error codes mean?

Codes are grouped: SC1000-1099 (parser errors), SC2000-2099 (shell issues), SC2100-2199 (quoting), SC3000-3999 (POSIX compliance). Each code has specific guidance.

How do I suppress specific warnings?

Use inline directives: # shellcheck disable=SC2086. Or configure .shellcheckrc with disable=SC2086 to suppress project-wide.

Can ShellCheck catch security issues?

ShellCheck detects some security-related patterns like unquoted variables, but it is not a security scanner. Use dedicated security tools for vulnerability assessment.

How do I integrate ShellCheck with my editor?

Most editors have ShellCheck plugins: VS Code (vscode-shellcheck), Sublime Text, Vim (ale plugin), Emacs (flycheck). These provide real-time feedback.

Détails du développeur

Auteur

sickn33

Licence

MIT

Dépôt

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/shellcheck-configuration

Réf

main

Structure de fichiers

📄 SKILL.md