|
|
|
|
|
|
by a10r
361 days ago
|
|
|
You are absolutely right, and that's a crucial distinction to make. ShellCheck is a linter, not a security scanner. Its role in vet isn't to find malware, but to act as an automated code quality check. A script full of shellcheck warnings is a red flag, which helps inform the user's final decision to trust it or not. It's one of several signals that vet provides. Thanks for the important clarification! |
|
|