Bug
S005 (no-wildcard-permissions) flags any line containing a wildcard pattern, including inline-code mentions in documentation. Found by dogfooding: the UnityInFlow root CLAUDE.md documents the S005 rule itself in a table, and that table row gets flagged:
:141 error Wildcard tool permission (Tool(*:*)) — use explicit tool names instead of wildcards. (S005)
The flagged line was documentation, not a permission block:
| S005 | no-wildcard-permissions | error | No `Bash(*:*)` or "*" in tool permission blocks |
Expected
The rule should only fire on actual permission contexts (JSON permission blocks, settings snippets), not on backtick-quoted inline code or prose describing the pattern.
Suggested fix
Skip matches inside inline code spans (single backticks) and possibly fenced code blocks that are clearly documentation examples — or at minimum inside markdown table cells with inline code. Repro: run spec-linter check on any file containing the rule reference table above.
🤖 Filed via Claude Code while dogfooding v0.0.1
Bug
S005 (no-wildcard-permissions) flags any line containing a wildcard pattern, including inline-code mentions in documentation. Found by dogfooding: the UnityInFlow root CLAUDE.md documents the S005 rule itself in a table, and that table row gets flagged:
The flagged line was documentation, not a permission block:
Expected
The rule should only fire on actual permission contexts (JSON permission blocks, settings snippets), not on backtick-quoted inline code or prose describing the pattern.
Suggested fix
Skip matches inside inline code spans (single backticks) and possibly fenced code blocks that are clearly documentation examples — or at minimum inside markdown table cells with inline code. Repro: run
spec-linter checkon any file containing the rule reference table above.🤖 Filed via Claude Code while dogfooding v0.0.1