lintai docs

Appearance

Rule Reference

SEC460lintai-ai-securitystablemarkdownwarn

AI markdown: pip config http find-links

AI-native markdown configures Python package discovery with insecure `http://` find-links

Provider
lintai-ai-security
Surface
markdown
Scope
per_file
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

previewmembership
skillsmembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Checks AI-native markdown for `pip config set` commands that point package discovery configuration at `http://` find-links sources.

Deterministic signal basis

MarkdownSignals exact `pip config set`, `pip3 config set`, or `python -m pip config set` token analysis with `global.find-links http://` detection inside parsed markdown regions.

Malicious corpus
skill-pip-config-http-find-links
Benign corpus
skill-pip-config-https-find-links-safe
structured evidence required remediation reviewed
Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC352AI markdown: unscoped Bash tool grantAI-native markdown frontmatter grants unscoped Bash tool accessmarkdownstable
SEC417AI markdown: unpinned pip git installAI-native markdown installs Python packages from an unpinned `git+https://` sourcemarkdownstable
SEC428AI markdown: unsafe Read path grantAI-native markdown frontmatter grants `Read(...)` over an unsafe repo-external pathmarkdownstable
SEC429AI markdown: unsafe Write path grantAI-native markdown frontmatter grants `Write(...)` over an unsafe repo-external pathmarkdownstable
SEC430AI markdown: unsafe Edit path grantAI-native markdown frontmatter grants `Edit(...)` over an unsafe repo-external pathmarkdownstable
SEC431AI markdown: unsafe Glob path grantAI-native markdown frontmatter grants `Glob(...)` over an unsafe repo-external pathmarkdownstable

SEC460 / MD-PIP-CONFIG-HTTP-FIND-LINKS

SEC460 flags AI-native markdown when a pip config set, pip3 config set, or python -m pip config set command points global.find-links at http://....

Why It Matters

Changing pip config to an insecure find-links source makes later package discovery trust an unencrypted location. In shared AI-native instructions, that turns a persistent supply-chain downgrade into copy-pastable setup guidance.

What Triggers It

  • AI-native markdown surface
  • the same parsed markdown region contains:
    • pip config set
    • pip3 config set
    • or python -m pip config set
  • the same region also contains:
    • global.find-links http://
    • or global.find-links=http://

The finding points to http://.

What Does Not Trigger It

  • https:// find-links config
  • install-time --find-links http://... examples, because those are covered by SEC456
  • unrelated prose that mentions http:// without a matching pip config command

Example

Bad:

bash
pip config set global.find-links http://packages.example.test/simple

Better:

bash
pip config set global.find-links https://packages.example.test/simple

Remediation

Replace the insecure http:// find-links config with a normal TLS-verified https:// source.