ShellCheck

ShellCheck is a static analysis CLI for POSIX sh, bash, dash, ksh, and BusyBox shell scripts. It focuses on catching syntax mistakes, quoting bugs, portability problems, and other shell-specific failure modes before they reach production or CI.

• Lint shell scripts in repos, build steps, hooks, or generated checks and fail fast when they introduce warnings above your chosen severity.
• Surface shell-specific portability and correctness issues that depend on the target shell, sourced files, optional checks, or project-level rc configuration.
• Export findings as JSON for downstream parsing or as unified diffs for supported auto-fixes that can be reviewed and applied with standard patch tools.

• Structured json1 output, documented exit codes, and non-interactive flags make it easy to drop into CI, pre-commit, or inspect-then-fix agent loops.
• Directives, .shellcheckrc, --shell, --severity, and source-path controls let an agent adapt checks to the repo instead of treating every shell file the same.
• It is a diagnostic primitive, not a mutating one: most findings still need a separate edit step, and sourced-file coverage can be incomplete until -x, -a, or rc settings are configured.

• Default source handling is conservative because the tool originated as a remote service for untrusted scripts; multi-file projects may need --external-sources, --source-path, or .shellcheckrc setup.
• diff output only covers fixes ShellCheck can express safely, so many warnings remain advisory and require manual or agent-authored edits.