brin
brin

eslint

npm

Is eslint safe to use?

The latest brin safety scan flagged eslint v9.39.2 with risk indicators that warrant review. 1 known CVE vulnerability. Trust score: 75/100. Review the findings below before use. This is an automated assessment and may contain errors.

Install (safety-checked)

eslint Has Warnings

Warnings detected due to potential concerns

warning
CVEs

1

Threats

0

Install Scripts

0

Risk Indicators

  • Can spawn child processes

eslint CVE Vulnerabilities (1)

CVE-2025-50537medium

Withdrawn Advisory: eslint has a Stack Overflow when serializing objects with circular references

Fixed in: 9.26.0

brin Recommendations

  • This package has warnings detected. Evaluate the specific concerns before proceeding.

Install with brin add eslint to automatically apply these checks before installation.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

eslint Capabilities & Permissions

What eslint can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Filesystem Access

Reads and writes to the filesystem.

.env (r)package.json (r).env (r)package.json (r).env (r).env (rw)node_modules (rw)package.json (rw)+14 more

Process Spawning

This package can spawn child processes.

Environment Variables

Accesses the following environment variables.

ESLINT_FLAGSESLINT_USE_FLAT_CONFIGTIMING

AGENTS.md for eslint

Good instructions lead to good results. brin adds eslint documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.

brin init

Vercel's research: 100% accuracy with AGENTS.md vs 53% without →

eslint Documentation & Source Code

For the full eslint README, API documentation, and source code, visit the official package registry.

View on npmView SourceHomepage

Frequently asked questions about eslint safety

Weekly Downloads

75.0M

Version

9.39.2

License

MIT

Other Versions

10.0.1
10.0.0

Last Scanned

Feb 1, 2026

Trust Score

75/100·Legitimacy signals, not safety

CVEs (1)

CVE-2025-50537

Withdrawn Advisory: eslint has a Stack Overflow when serializing objects with circular references

Fixed in: 9.26.0

Capabilities

Filesystem

Reads & Writes files

Process

Spawns child processes

Environment

Accesses: ESLINT_FLAGS, ESLINT_USE_FLAT_CONFIG, TIMING