Lints GoPhish-format email templates for deliverability, tracking, merge tags, and spam triggers. Companion to HailBytes SAT.
Automatically lint GoPhish-format email templates before deployment. Catches deliverability issues, missing tracking pixels, broken merge tags, and spam trigger words — so your simulated phishing campaigns actually land in inboxes.
npm install @hailbytes/phishing-template-linter
# or run directly
npx @hailbytes/phishing-template-linter ./templates/# Lint all templates in a directory
npx @hailbytes/phishing-template-linter ./templates/
# Lint a single template file
npx @hailbytes/phishing-template-linter ./templates/it-helpdesk.html
# Output as JSON for CI integration
npx @hailbytes/phishing-template-linter ./templates/ --format jsonimport { lint } from '@hailbytes/phishing-template-linter';
const result = lint(templateHtml);
console.log(result.errors); // RuleViolation[] — must-fix issues
console.log(result.warnings); // RuleViolation[] — should-fix issues
console.log(result.suggestions); // RuleViolation[] — nice-to-have improvements
// Exit non-zero in CI if any errors
if (result.errors.length > 0) process.exit(1);MSSPs, red teamers, and security-awareness trainers managing GoPhish campaign templates who want automated quality checks before deployment.
@hailbytes/asm-scope-parser— Attack surface scope parsing- HailBytes SAT Platform
Part of the HailBytes open-source security toolkit.