What is the Interlace ESLint Ecosystem?

The Interlace ESLint Ecosystem is a collection of 18+ production-ready ESLint plugins designed for the AI/Agentic era. These plugins feature LLM-optimized error messages that empower both human developers and AI coding assistants to catch and fix security vulnerabilities automatically.

Why AI-native ESLint plugins?

Traditional ESLint error messages are designed for human developers reading them in an IDE. As AI coding assistants become more prevalent, there's a need for error messages that are also machine-parseable and provide clear remediation guidance. Our plugins bridge this gap.

Which security standards do the plugins cover?

The plugins provide comprehensive coverage for OWASP Top 10 2021, OWASP Mobile 2024, and framework-specific security patterns for Express, NestJS, Lambda, and more. Each plugin includes detailed documentation with Known False Negatives disclosure.

What technologies does Ofri Peretz work with?

Languages: TypeScript, JavaScript, Node.js. Frameworks: React, Express, NestJS. Backend: Kafka, Redis, Serverless. Cloud: AWS, Docker, Kubernetes. DevEx: ESLint, Nx Monorepos, CLIs.

Ofri Peretz

Hey, I'm Ofri Peretz Engineering Leader

Name: Interlace ESLint Ecosystem
Author: Ofri Peretz

Building products that matter. Leading distributed engineering teams, architecting scalable platforms, and revolutionizing the ESLint ecosystem for the AI era.

Projects Articles Impact

Impact Metrics

Real-world signals of developer value

Growing

Downloads

Developers using my npm packages

Total Reach

Views + downloads across platforms

Network

Following across GitHub & Dev.to

Activity

~239 hours invested

Engagement

Reactions & comments

Content

Articles & read time

View Full Dashboard

Metrics that demonstrate real developer value and community impact

Featured Project

Building the security infrastructure for the AI era.

Interlace ESLint Ecosystem

The authoritative, security-focused ESLint registry for the AI era. Rebuilt from the ground up to be Agentic-First—allowing LLMs to fix vulnerabilities with 90%+ success.

Agentic Security

First linter optimized for AI Agents (AEO) with structured metadata.

100x Performance

Linear O(n) complexity architecture replacing legacy import plugins.

299+ Rules

Deep specialized coverage including NestJS and PostgreSQL standard.

Benchmark Precision

Significantly fewer false positives, verified by our open-source suite.

Interlace ESLint Ecosystem

Since Nov 15, 2025

Total Downloads

Explore Documentation View Full Dashboard

299+

Live
Rules

Building & Scaling Technology, Teams, and Products

Leading Snappy's U.S. engineering expansion. Building distributed teams, architecting revenue-generating API platforms, and establishing scalable infrastructure. 🔥 Currently revolutionizing the ESLint plugin ecosystem for the AI/Agentic era — building LLM-optimized, security-first static analysis tools that empower both human developers and AI coding assistants. I value craftsmanship in both code and culture. Whether it's writing clean, testable code or fostering environments where diverse perspectives lead to better outcomes — I find fulfillment in the details that create lasting impact.

Work Experience

2024 - Present

U.S. Site Engineering Manager

Snappy (Austin, TX)

• Built first U.S. engineering team • Leading largest distributed team (US/EU)

2022 - 2024

DevEx Team Lead + API Lead

Snappy (Tel Aviv)

• First monetized API platform • 25+ shared packages, mono-repo

2021 - 2022

Full Stack Engineer

Snappy

• Scaled APIs 100x • 1,000+ tests, TypeScript migration

2025 - Present

Open Source Creator

Interlace ESLint Ecosystem

• 16+ npm packages, 200+ security rules • Author of ofriperetz.dev — deep dives on JS/TS, testing & platform engineering

2015 - 2021

Previous Roles

Full-Stack Engineering

Open Source Philosophy

I believe open source is the ultimate learning accelerator. By building in public, I stay state-of-the-art, give back to the community, and build trust through transparent, well-documented code.

Latest Articles

Technical deep-dives published on dev.to

The AI Hydra Problem: Fix One AI Bug, Get Two More

12 min

Ofri Peretz

Feb 8, 2026

The AI Hydra Problem: Fix One AI Bug, Get Two More

When AI models fix security vulnerabilities, they sometimes introduce entirely new ones. I tested this across 3 remediation rounds with Claude Opus 4.6 using two approaches — ESLint-guided feedback vs. prompt engineering alone. The results expose a fundamental limit of 'fix it again' workflows.

Microsoft's ESLint Security Plugin Catches 10% of Vulnerabilities. Here's What It Misses.

A head-to-head benchmark between @microsoft/eslint-plugin-sdl and the Interlace security ecosystem. Microsoft's SDL standard covers 1 of 14 security categories.

SonarJS Has 269 Rules. It Still Misses 65% of Security Vulnerabilities.

A head-to-head benchmark between eslint-plugin-sonarjs and the Interlace security ecosystem. 269 rules vs 201 rules — more isn't better when 65% of vulnerabilities slip through.

eslint-plugin-security Is Unmaintained. Here's What Nobody Tells You.

eslint-plugin-security has 1.5M weekly downloads but only 13 rules and no meaningful updates since 2020. Learn why it misses 90% of vulnerabilities—including SQL injection, JWT attacks, and AI/LLM security—and what modern ESLint security plugins to use instead.

I Let Claude Write 80 Functions. 65-75% Had Security Vulnerabilities.

AI coding assistants are incredible—until they introduce security holes. I ran an experiment asking Claude (Haiku 3.5, Sonnet 4.5, Opus 4.5, Opus 4.6) to generate 80 common Node.js functions with zero security context using my Claude Pro subscription. 65-75% had vulnerabilities. Then I tested if static analysis could help the models fix their own mistakes.

#ai

#security

#eslint