Linter for AI instruction files — skills, prompts, and agent specs
Project description
skill-lint
Linter for AI instruction files — skills, prompts, and agent specs.
skill-lint scans AI instruction files (CLAUDE.md, AGENTS.md, GEMINI.md, SKILL.md, .cursorrules, .github/copilot-instructions.md, .github/instructions/, and agent/skill directories) for issues that cause token waste, hallucination risk, and unpredictable agent behavior. 40 rules across 8 categories with fix suggestions.
Quick Start
pip install ai-skill-lint # or: pipx install ai-skill-lint
skill-lint . # Scan current project
skill-lint /path/to/project # Scan a local directory
skill-lint https://github.com/org/repo # Scan a GitHub repo
skill-lint . --format sarif --fail-on warning # CI gate
skill-lint . -v # Verbose
What It Checks
| Category | Rules | Examples |
|---|---|---|
| Token cost | 11 | Oversized files, duplicates, filler phrases, hedging |
| Description | 5 | Too long, missing trigger conditions |
| Hallucination risk | 4 | Vague instructions, no output format, prompt injection risk |
| Framing | 4 | Prohibition overuse, emphasis overuse, bare directives |
| Output quality | 3 | No examples, no verification, no role statement |
| Best practice | 5 | No model, no error handling, model-complexity mismatch |
| Structure | 7 | Broken refs, encoding, file too large |
| Cross-file | 1 | Contradictions between CLAUDE.md and skill files |
Each file scored 0-100 with actionable fix suggestions.
CI Integration
# GitHub Actions
- run: pip install ai-skill-lint
- run: skill-lint . --format sarif --fail-on warning > results.sarif
- uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
pre-commit
repos:
- repo: https://github.com/rajusem/skill-lint
rev: v0.1.0
hooks:
- id: skill-lint
Baseline (incremental adoption)
skill-lint . --save-baseline # Save current findings
skill-lint . --diff # Show only NEW issues
Inline Suppression
<!-- skill-lint: disable TCOST005 -->
<!-- skill-lint: disable TCOST003, HRISK001 -->
Configuration
Option 1: .skill-lint.yaml
disable:
- HRISK002
- OQUAL001
fail_on: warning
Option 2: pyproject.toml
[tool.skill-lint]
disable = ["HRISK002", "OQUAL001"]
fail_on = "warning"
Precedence: CLI flags > .skill-lint.yaml > pyproject.toml
Custom Rules
Write your own rules by extending the Rule base class:
from skill_lint.scanner import Rule, Issue, register_rule
class MyRule(Rule):
id = "CUSTOM_001"
description = "Check for company-specific patterns"
def check(self, ctx):
issues = []
if "legacy API" in ctx.content:
issues.append(Issue(
category="best-practice",
severity="suggestion",
message="References legacy API",
fix="Use the new v2 API instead",
rule_id=self.id,
))
return issues
register_rule(MyRule())
Custom rule IDs must use the CUSTOM_ prefix. The ctx object provides: content, lines, regions, filepath, root, tokens, and content_text (code-fence-filtered).
Philosophy
- Help, don't restrict — every finding is a suggestion, not a gate
- Show, don't enforce — display impact, let users decide
- Honest numbers — no inflated claims; validated across 15+ repos
License
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ai_skill_lint-0.1.0.tar.gz.
File metadata
- Download URL: ai_skill_lint-0.1.0.tar.gz
- Upload date:
- Size: 45.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ebd423a887725e5a00edc5b93482ecfec2ef47291029a2924aed11bf8aaed876
|
|
| MD5 |
2114fe02ff237ffa7ee67754f5f00211
|
|
| BLAKE2b-256 |
4e185b2ce5e7da7cfadada3cc815b11998c434da0a8ea9ed614d300b58f9ab5f
|
Provenance
The following attestation bundles were made for ai_skill_lint-0.1.0.tar.gz:
Publisher:
publish.yml on rajusem/skill-lint
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ai_skill_lint-0.1.0.tar.gz -
Subject digest:
ebd423a887725e5a00edc5b93482ecfec2ef47291029a2924aed11bf8aaed876 - Sigstore transparency entry: 2141750778
- Sigstore integration time:
-
Permalink:
rajusem/skill-lint@8b4b8563a99a4c836acd4345f1ce96195c37f46a -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/rajusem
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@8b4b8563a99a4c836acd4345f1ce96195c37f46a -
Trigger Event:
push
-
Statement type:
File details
Details for the file ai_skill_lint-0.1.0-py3-none-any.whl.
File metadata
- Download URL: ai_skill_lint-0.1.0-py3-none-any.whl
- Upload date:
- Size: 27.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
db44a726c19e86c2442a99016a546ce9cae053411055b49db705d6e097f697fb
|
|
| MD5 |
b6456644bb5981a7a131291b338582a7
|
|
| BLAKE2b-256 |
b917c1d0e0c9feb3ac2162a26adcf19252fa5bc1c7343053adb394dfc2db0496
|
Provenance
The following attestation bundles were made for ai_skill_lint-0.1.0-py3-none-any.whl:
Publisher:
publish.yml on rajusem/skill-lint
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ai_skill_lint-0.1.0-py3-none-any.whl -
Subject digest:
db44a726c19e86c2442a99016a546ce9cae053411055b49db705d6e097f697fb - Sigstore transparency entry: 2141750845
- Sigstore integration time:
-
Permalink:
rajusem/skill-lint@8b4b8563a99a4c836acd4345f1ce96195c37f46a -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/rajusem
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@8b4b8563a99a4c836acd4345f1ce96195c37f46a -
Trigger Event:
push
-
Statement type: