# agnix

> Linter for AI agent configurations. Validates SKILL.md, CLAUDE.md, hooks, MCP, and more.

- **URL**: https://www.freshcrate.ai/projects/agnix
- **Author**: Avi Fenesh
- **Category**: MCP Servers
- **Latest version**: `v0.30.0` (2026-06-04)
- **License**: MIT OR Apache-2.0
- **Source**: https://github.com/agent-sh/agnix
- **Language**: Rust
- **GitHub**: 196 stars, 15 forks
- **Registry**: npm (`agnix`)
- **Tags**: `agent`, `claude`, `claude-code`, `linter`, `mcp`, `model-context-protocol`, `npm`, `skills`, `validation`

## Description

Linter for AI agent configurations. Validates SKILL.md, CLAUDE.md, hooks, MCP, and more.

## Recent releases

| Version | Date | Urgency | Changes |
| --- | --- | --- | --- |
| `v0.30.0` | 2026-06-04 | High | ### Changed - **Tool baseline**: `codex` bumped `rust-v0.136.0` -> `rust-v0.137.0` (closes #1013). Diffed upstream `codex-rs/core/config.schema.json` and refreshed Codex config allow-lists for new `local_thread_store_compression` / `unified_exec_zsh_fork` feature flags plus per-app `approvals_reviewer`, preventing false positives from `CDX-CFG-011` and `CDX-CFG-006`; `CDX-CFG-024` now accepts `auto_review` and validates app-level reviewer overrides. Added `CDX-PL-015` for non-string `.codex-plu |
| `v0.29.0` | 2026-05-30 | High | ### Added - **CC-SK-021: Hardcoded User Directory Path** (closes #832). New MEDIUM/SHOULD `claude-skills` rule flagging hardcoded user-home paths (`/Users/<name>/`, `/home/<name>/`, `C:\Users\<name>\`) in bundled skill content - they leak the author's identity and are non-portable. The `SkillValidator` walks the skill directory and scans the `SKILL.md` body, sibling `.md` bodies (frontmatter skipped), and bundled scripts (`.sh`/`.bash`/`.zsh`/`.fish`/`.py`/`.rb`/`.pl`/`.lua`/`.js`/`.ts`/`.mjs`, |
| `v0.28.1` | 2026-05-24 | High | ### Changed - **Codex config allow-list audited against the upstream schema** (closes #969). Audited the Codex top-level allow-list against `codex-rs/core/config.schema.json` (rust-v0.129.0 through rust-v0.134.0-alpha.3); no valid upstream key was missing, so there are no new false positives.   - Dropped three keys that appear in no audited schema and are not `[features]` sub-keys: `include_apply_patch_tool` (also removed from the feature-key list), `js_repl_node_path`, and `js_repl_node_module |
| `v0.27.1` | 2026-05-18 | High | ### Fixed - **XML-001 false positives inside indented Markdown code blocks** (related to #942). The shared Markdown scanner now skips 4-space and tab-indented code blocks before extracting XML tags, so placeholder syntax such as `<resolved feature dir>` inside indented JSON/YAML examples no longer triggers XML balance diagnostics or safe-fix suggestions. Fenced code blocks and inline code remain skipped as before, and document-level XML is still validated outside code. - **AS-014 false positive |
| `v0.26.0` | 2026-05-14 | High | ### Added - **CC-PL-015: Default component folder shadowed by manifest** (closes #905). Claude Code v2.1.140 now warns when default plugin component folders are ignored because `plugin.json` overrides the matching component path. CC-PL-015 mirrors that behavior for `.claude-plugin/plugin.json`: if a root `commands/`, `agents/`, `skills/`, or `hooks/` folder exists and the matching manifest field is set without including `./<component>`, agnix emits a MEDIUM warning. Covered by 6 unit tests for |
| `v0.25.0` | 2026-05-08 | High | ### Added - **CC-SET-003: Invalid `worktree.baseRef` value** (closes #883). Claude Code 2.1.133 added the `worktree` nested object with a `baseRef` enum. Allowed values: `"fresh"` (branch from `origin/<default>`, the v2.1.133 default) or `"head"` (branch from local `HEAD`, the pre-v2.1.133 `EnterWorktree` behavior). Any other string value silently falls back to the default with no warning. CC-SET-003 (MEDIUM, WARNING) parses `.claude/settings.json` / `.local.json` / `managed-settings.json`, wal |
| `v0.24.0` | 2026-04-30 | High | ### Added - **GM-010: memoryManager without autoMemory after v0.40 split** (#846). Gemini CLI v0.40 (PR google-gemini/gemini-cli#25601) split the combined `experimental.memoryManager` flag. Pre-v0.40 it gated both the Memory Manager subagent and background skill extraction + `/memory inbox`. Post-v0.40 `memoryManager` gates only the subagent; extraction and the inbox move to the new `autoMemory` flag. Users carrying forward only `memoryManager: true` lose the inbox silently. GM-010 (MEDIUM) war |
| `v0.23.0` | 2026-04-28 | High | ### Added - **MCP-025: non-boolean `alwaysLoad` in MCP server config** (#836). Claude Code 2.1.121 introduced an `alwaysLoad: boolean` field on MCP server entries - when `true`, every tool from that server skips tool-search deferral and is always available. A typo like `"alwaysLoad": "true"` (quoted string) is a silent footgun: Claude Code treats it as truthy in some code paths and ignores it in others, so the user's intent silently fails. MCP-025 (MEDIUM) flags non-boolean values before they r |
| `v0.19.0` | 2026-04-23 | High | ### Added - **Output-style validator (CC-OS-001..006)** - new validator for `.claude/output-styles/*.md` files, surfaced during the Claude Code v2.1.117 triage (#745). The output-style frontmatter spec was added in v2.1.94 with the `keep-coding-instructions` field. New rules: CC-OS-001 missing description (LOW), CC-OS-002 invalid `keep-coding-instructions` type (HIGH), CC-OS-003 unknown frontmatter key (MEDIUM), CC-OS-004 empty body (MEDIUM), CC-OS-005 name exceeds 64 chars (LOW), CC-OS-006 inv |
| `0.17.0` | 2026-04-21 | Low | Imported from npm (0.17.0) |

## Dependency audit

- **Score**: 98/100
- **Total deps**: 3
- **Resolved**: 3
- **Unresolved**: 0
- **License conflicts**: 0
- **Warnings**: 1
- **Scanned**: 2026-05-18

## Citation

- HTML: https://www.freshcrate.ai/projects/agnix
- Markdown: https://www.freshcrate.ai/projects/agnix.md
- Dependencies JSON: https://www.freshcrate.ai/api/projects/agnix/deps

_Generated by freshcrate.ai. Indexes npm releases for AI-agent ecosystem packages._