diff --git a/eslint.config.mjs b/eslint.config.mjs
new file mode 100644
index 0000000..fd3004d
--- /dev/null
+++ b/eslint.config.mjs
@@ -0,0 +1,74 @@
+import security from 'eslint-plugin-security';
+
+export default [
+  {
+    files: ['**/*.js'],
+    ignores: ['node_modules/**', 'release/**', 'tests/**'],
+    plugins: { security },
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: 'commonjs',
+      globals: {
+        require: 'readonly',
+        module: 'readonly',
+        exports: 'readonly',
+        __dirname: 'readonly',
+        __filename: 'readonly',
+        process: 'readonly',
+        console: 'readonly',
+        setTimeout: 'readonly',
+        clearTimeout: 'readonly',
+        setInterval: 'readonly',
+        clearInterval: 'readonly',
+        Buffer: 'readonly',
+        URL: 'readonly',
+        fetch: 'readonly',
+        AbortController: 'readonly',
+        navigator: 'readonly',
+        document: 'readonly',
+        window: 'readonly',
+        localStorage: 'readonly',
+        HTMLElement: 'readonly',
+        alert: 'readonly',
+        confirm: 'readonly',
+        requestAnimationFrame: 'readonly',
+        Intl: 'readonly',
+        crypto: 'readonly',
+        URLSearchParams: 'readonly',
+        EventSource: 'readonly',
+      }
+    },
+    rules: {
+      // Security rules
+      'security/detect-object-injection': 'warn',
+      'security/detect-non-literal-regexp': 'warn',
+      'security/detect-unsafe-regex': 'warn',
+      'security/detect-buffer-noassert': 'warn',
+      'security/detect-eval-with-expression': 'error',
+      'security/detect-no-csrf-before-method-override': 'warn',
+      'security/detect-possible-timing-attacks': 'warn',
+      'security/detect-pseudoRandomBytes': 'warn',
+      // Code quality
+      'no-unused-vars': ['warn', { argsIgnorePattern: '^_', varsIgnorePattern: '^_' }],
+      'no-undef': 'error',
+      'no-constant-condition': 'warn',
+      'no-debugger': 'error',
+      'no-duplicate-case': 'error',
+      'no-empty': ['warn', { allowEmptyCatch: true }],
+      'no-ex-assign': 'error',
+      'no-extra-boolean-cast': 'warn',
+      'no-func-assign': 'error',
+      'no-inner-declarations': 'error',
+      'no-irregular-whitespace': 'error',
+      'no-unreachable': 'error',
+      'use-isnan': 'error',
+      'valid-typeof': 'error',
+      'eqeqeq': ['warn', 'always'],
+      'no-caller': 'error',
+      'no-eval': 'error',
+      'no-implied-eval': 'error',
+      'no-new-func': 'error',
+      'no-throw-literal': 'warn',
+    }
+  }
+];
diff --git a/renderer/app.js b/renderer/app.js
index 22c6493..79b5ad7 100644
--- a/renderer/app.js
+++ b/renderer/app.js
@@ -1852,9 +1852,6 @@ function updateStatusBar() {
 }
 
 // --- Health Check ---
-function setHealthCheckStatus(text) {
-  // Minimal inline status
-}
 
 function renderHealthCheckResults(results) {
   const container = document.getElementById('healthCheckResults');
@@ -1871,7 +1868,7 @@ function renderHealthCheckResults(results) {
   }).join('');
 }
 
-async function executeHealthCheck(hosters, mode) {
+async function executeHealthCheck(hosters, _mode) {
   renderHealthCheckResults([]);
   const result = await window.api.runHealthCheck({ hosters });
   const rows = result && Array.isArray(result.results) ? result.results : [];