I Built an ESLint Plugin + Zero-Config CLI That Catches AI-Generated Code Slop (1,137 Downloads in Days)

#eslint #ai #javascript #typescript

AI tools like Cursor and Claude write code incredibly fast — but they keep introducing the same predictable bugs over and over: empty catch blocks, floating promises, awaitinside loops, missing auth middleware, unsafe JSON.parse(), and SQL string concatenation.Standard ESLint misses most of these. So I built eslint-plugin-ai-guard.
What it does
17 targeted rules designed specifically for AI anti-patterns
Zero-config CLI: just npx ai-guard run
Three presets: recommended (low noise), strict, and security
Full support for ESLint 8 & 9 (flat config + legacy)

Quick Start:

npm install --save-dev eslint-plugin-ai-guard
npx ai-guard run

That’s it.
No config file needed.
Real Output from a Production-Like Invoice AppI ran it today on a real Next.js + Express project.
It found 61 warnings in ~7 seconds:

Top issues it caught:
require-auth-middleware (34 warnings)
require-authz-check (13 warnings)
no-await-in-loop (5 warnings — classic Claude/Cursor pattern)
no-async-without-await (6 warnings)
no-unsafe-deserialize (3 warnings)

Current Stats:
1,137 npm downloads
Reddit posts already getting thousands of views

Why this exists
AI-generated code has 1.7× more issues and 2.74× more security vulnerabilities than human code (CodeRabbit 2025). These aren’t theoretical problems — they cause silent failures and security holes in production.
The recommendedpreset is intentionally low-noise so you can drop it into an existing codebase on day one without getting overwhelmed.

Full Rules + ConfigsSee the complete list (error handling, async stability, security, code quality) in the repo.

GitHub: https://github.com/YashJadhav21/eslint-plugin-ai-guard
npm: https://www.npmjs.com/package/eslint-plugin-ai-guard

What’s Next?
I’m still actively fixing false positives and adding auto-fixers based on real usage.
If you use Cursor, Claude, or Copilot, I’d love your feedback: