lintai docs

Appearance

Rule Reference

SEC416lintai-ai-securityguidancequalitypreviewmarkdownwarn

AI markdown: Claude bare pip install

AI-native markdown models Claude package installation with bare `pip install` despite explicit `uv` preference guidance

Public lane
guidance
Category
quality
Provider
lintai-ai-security
Scope
per-file
Surface
markdown
Tier
preview
Severity
warn
Confidence
high
Detection
heuristic
Remediation
message only
How to read this lane

Advice-oriented guidance and maintainability review.

How to read this category

Contract, schema, or config correctness signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

guidancesidecar lane

Lifecycle

Preview Lifecycle Contract

State

preview

Promotion blocker

This rule depends on transcript-shaped markdown plus explicit `uv` preference context in the same AI-native document, so the first release stays guidance-only while broader ecosystem usefulness is measured.

Promotion requirements

Needs corpus-backed precision review, a non-heuristic graduation basis, and completed stable checklist metadata.

Canonical note

Heuristic preview rule; not a stable contract and may evolve as false-positive tuning improves.

Nearby Signals

Related Rules

SEC353Copilot instructions: exceeds 4000 charsGitHub Copilot instruction markdown exceeds the 4000-character guidance limitguidancequalitymarkdown
SEC354Copilot instructions: missing `applyTo`Path-specific GitHub Copilot instruction markdown is missing `applyTo` frontmatterguidancequalitymarkdown
SEC355AI markdown: wildcard tool grantAI-native markdown frontmatter grants wildcard tool accessguidancehardeningmarkdown
SEC356Plugin agent: `permissionMode` in frontmatterPlugin agent frontmatter sets `permissionMode`guidancequalitymarkdown
SEC357Plugin agent: `hooks` in frontmatterPlugin agent frontmatter sets `hooks`guidancequalitymarkdown
SEC358Plugin agent: `mcpServers` in frontmatterPlugin agent frontmatter sets `mcpServers`guidancequalitymarkdown

SEC416 / MD-CLAUDE-PIP-INSTALL

SEC416 flags AI-native markdown when the same document explicitly says to prefer uv over pip, but still models Claude package installation with bare pip install.

Why It Matters

If a project teaches agents to prefer uv, transcript examples that still show Claude using bare pip install create contradictory guidance. These examples are easy to copy into real agent workflows and make package-management behavior less consistent and less reproducible.

This rule now lives in the explicit guidance lane because it measures consistency inside AI-facing documentation rather than a standalone exploit primitive. The signal is actionable, but the first release keeps it outside default security review lanes while broader ecosystem usefulness is measured.

Trigger Shape

The rule triggers only when all of these are true:

  • the file is an AI-native markdown surface such as CLAUDE.md, AGENTS.md, SKILL.md, Cursor rules, or plugin agent docs
  • the document contains an explicit uv-over-pip preference marker such as use uv not pip or Always use \uv` instead of `pip``
  • a prose, blockquote, or fenced transcript region contains a Claude: line with bare pip install or python -m pip install
  • the matched Claude: line does not already use uv pip install

Clean Cases

These stay clean:

  • Claude: uv pip install pytest
  • bare pip install examples without any explicit uv not pip preference context
  • generic package installation prose that is not framed as a Claude: transcript

Example Trigger

text
- Always use `uv` instead of `pip` for Python packages

Claude: pip install pytest

Safer Example

text
- Always use `uv` instead of `pip` for Python packages

Claude: uv pip install pytest

How To Fix

Replace bare pip install Claude transcript examples with uv pip install, or clearly mark them as intentionally incorrect pre-correction behavior if the document is demonstrating a before-and-after learning flow.