lintai docs

Appearance

Rule Reference

SEC312lintai-ai-securitystablemarkdownwarn

Markdown: private key material

Markdown contains committed private key material

Provider
lintai-ai-security
Surface
markdown
Scope
per_file
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

basemembership
skillsmembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Matches explicit committed private-key PEM markers inside agent markdown surfaces.

Deterministic signal basis

MarkdownSignals private-key marker observation across parsed markdown regions excluding placeholder examples.

Malicious corpus
skill-private-key-pem
Benign corpus
skill-public-key-pem-safe
structured evidence required remediation reviewed
Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC352AI markdown: unscoped Bash tool grantAI-native markdown frontmatter grants unscoped Bash tool accessmarkdownstable
SEC417AI markdown: unpinned pip git installAI-native markdown installs Python packages from an unpinned `git+https://` sourcemarkdownstable
SEC428AI markdown: unsafe Read path grantAI-native markdown frontmatter grants `Read(...)` over an unsafe repo-external pathmarkdownstable
SEC429AI markdown: unsafe Write path grantAI-native markdown frontmatter grants `Write(...)` over an unsafe repo-external pathmarkdownstable
SEC430AI markdown: unsafe Edit path grantAI-native markdown frontmatter grants `Edit(...)` over an unsafe repo-external pathmarkdownstable
SEC431AI markdown: unsafe Glob path grantAI-native markdown frontmatter grants `Glob(...)` over an unsafe repo-external pathmarkdownstable

Why It Matters

SEC312 flags markdown that contains committed private key material in PEM form.

Unlike general secret-pattern heuristics, this rule looks for real PEM private-key markers. That makes it a much stronger signal that sensitive key material has been committed into documentation or examples.

What Triggers

SEC312 triggers when markdown contains a PEM-style private key marker such as:

  • -----BEGIN RSA PRIVATE KEY-----
  • -----BEGIN OPENSSH PRIVATE KEY-----
  • -----BEGIN EC PRIVATE KEY-----
  • -----BEGIN PRIVATE KEY-----

Example that triggers:

pem
-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----

Examples that stay clean:

  • public key PEM blocks such as -----BEGIN PUBLIC KEY-----
  • search-string literals like memory search "BEGIN RSA PRIVATE KEY"
  • obviously redacted placeholders such as example private key

False Positives

This is one of the cleaner markdown security signals because it requires a real PEM private-key marker instead of a generic substring. Recent fixes explicitly stopped matching search-string literals like "BEGIN RSA PRIVATE KEY" without PEM framing.

Remediation

Remove the private key from the repository, rotate the affected credential if it was real, and replace the example with a redacted placeholder or non-sensitive public material.