Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From perl-development
Validates Perl scripts for syntax (perl -c/-wc), essential pragmas (strict/warnings/autodie), security issues (two-arg open/backticks/eval), best practices, and POD documentation.
npx claudepluginhub jamie-bitflight/claude_skills --plugin perl-developmentHow this skill is triggered — by the user, by Claude, or both
Slash command
/perl-development:perl-validateThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Comprehensive validation of Perl scripts for syntax, security, and best practices.
Lints Perl code with perlcritic for policy violations and severity analysis, checks syntax with perl -c, and formats with perltidy. Includes tool detection and config guidance.
Provides Perl security patterns for taint mode, input validation, safe process execution, DBI parameterized queries, and web security (XSS/SQLi/CSRF).
Applies Perl security patterns: taint mode, input validation, safe process/file ops, DBI queries, and web defenses against XSS/SQLi/CSRF.
Share bugs, ideas, or general feedback.
Comprehensive validation of Perl scripts for syntax, security, and best practices.
perl -c)# Check syntax
perl -c script.pl
# With warnings
perl -wc script.pl
# Check module
perl -c -I lib lib/MyApp/Module.pm
Success:
script.pl syntax OK
Failure:
syntax error at script.pl line 15, near "my $"
script.pl had compilation errors.
Every production script MUST have:
#!/usr/bin/env perl
use strict;
use warnings;
use autodie; # For scripts with file operations
# Check for strict
grep -l 'use strict' script.pl || echo "MISSING: use strict"
# Check for warnings
grep -l 'use warnings' script.pl || echo "MISSING: use warnings"
# Check shebang
head -1 script.pl | grep -q '^#!' || echo "MISSING: shebang line"
| Issue | Pattern to Find | Fix |
|---|---|---|
| Two-arg open | open\s+\w+,\s*[^<>] | Use 3-arg open |
| Backticks with variables | `.*\$` | Use IPC::System::Simple |
| eval with string | eval\s+" | Use eval block |
| No taint mode | #!/.*perl\s*$ | Add -T flag |
# Find two-argument open
grep -n 'open\s\+[A-Z]\+\s*,' script.pl
# Find unsafe backticks
grep -n '`.*\$' script.pl
# Find string eval
grep -n 'eval\s*"' script.pl
# Check for system with string
grep -n 'system\s*"' script.pl
# Find undeclared variables (after perl -c passes)
# These would be caught by strict, but double-check:
grep -n '\$[a-z_][a-z0-9_]*\s*=' script.pl | head -20
Check for proper function structure:
# Good pattern
sub function_name {
my ($arg1, $arg2) = @_;
# ...
}
# Check for named parameters
grep -n 'sub.*{' script.pl
# Find eval blocks without error check
grep -n 'eval\s*{' script.pl
# These should be followed by or do { } patterns
# Validate POD syntax
podchecker script.pl
# Check for POD presence
perl -MPod::Usage -e 'pod2usage(-input => shift)' script.pl >/dev/null 2>&1 || echo "No POD documentation"
# Check for NAME section
grep -l '^=head1 NAME' script.pl || echo "MISSING: =head1 NAME"
# Check for SYNOPSIS
grep -l '^=head1 SYNOPSIS' script.pl || echo "MISSING: =head1 SYNOPSIS"
Run complete validation:
Syntax only:
perl -wc script.pl
Pragmas check:
head -10 script.pl | grep -E 'use (strict|warnings|autodie)'
Security scan:
perlcritic --severity 5 script.pl
Full validation:
perl -wc script.pl && \
grep -q 'use strict' script.pl && \
grep -q 'use warnings' script.pl && \
echo "Basic validation passed"
Add to top of script:
use strict;
use warnings;
# Wrong
open FILE, $filename;
# Correct
open my $fh, '<', $filename;
# Wrong
system("rm $file");
`ls $dir`;
# Correct
use IPC::System::Simple qw(system capture);
system('rm', $file);
my $output = capture('ls', $dir);
# Wrong
open my $fh, '<', $file;
# Correct (with autodie)
use autodie;
open my $fh, '<', $file;
# Or explicit
open my $fh, '<', $file
or die "Cannot open $file: $!";