Info Description No Script Tag

info-description-no-script-tag

info experience: securityexperience: documentation spec: info

Info Description MUST NOT Have Script Tag

Script tags MUST not be included in the description of an API, keeping descriptions to just the text that is needed, and relying on the rest of the OpenAPI to describe what is possible.

Rule definition

The full Spotlight rule — drop it into a ruleset (.spotlight.yaml / .spectral.yaml) and run it with any Spotlight tool.

info-description-no-script-tag:
  title: Info Description No Script Tag
  reference: https://spotlight-rules.com/spec/rules/openapi/info-description-no-script-tag/
  description: Script tags MUST not be included in the description of an API,
    keeping descriptions to just the text that is needed, and relying on the
    rest of the OpenAPI to describe what is possible.
  message: Info Description MUST NOT Have Script Tag
  severity: info
  given: $.info
  then:
    field: description
    function: pattern
    functionOptions:
      notMatch: ^\b(<script)\b
  tags:
    - format:openapi
    - spec:info
    - experience:security
    - experience:documentation
  prompt: "You are editing an OpenAPI document to satisfy the Spotlight API
    governance rule 'info-description-no-script-tag' (Info Description No Script
    Tag). Requirement: Script tags MUST not be included in the description of an
    API, keeping descriptions to just the text that is needed, and relying on
    the rest of the OpenAPI to describe what is possible. To fix: Ensure
    `description` does NOT match the regular expression `^\\b(<script)\\b`;
    rename or rewrite any value that does. This rule is evaluated at the
    JSONPath `$.info` — inspect every location it matches and correct only what
    violates the rule. Make the smallest change that satisfies the rule, leave
    all unrelated content, key order, comments, and formatting unchanged, and
    keep the document valid OpenAPI. Return only the complete corrected
    document, with no commentary."

AI fix prompt — send this to Claude, Gemini, or ChatGPT with your artifact to auto-fix this rule

You are editing an OpenAPI document to satisfy the Spotlight API governance rule 'info-description-no-script-tag' (Info Description No Script Tag). Requirement: Script tags MUST not be included in the description of an API, keeping descriptions to just the text that is needed, and relying on the rest of the OpenAPI to describe what is possible. To fix: Ensure `description` does NOT match the regular expression `^\b(





  
    Artifact OpenAPI
    Applies at (given) $.info
    Severity info — educational by default; raise to warn/error to enforce
    Reference https://spotlight-rules.com/spec/rules/openapi/info-description-no-script-tag/
  






  
  
  
    ← Info Description No Eval Tag
  
  all OpenAPI rules
  
    Info License →

Artifact	OpenAPI
Applies at (given)	`$.info`
Severity	info — educational by default; raise to `warn`/`error` to enforce
Reference	`https://spotlight-rules.com/spec/rules/openapi/info-description-no-script-tag/`