Skip to content

best_practices

best_practices

Best-practice validation checks.

Detects common configuration pitfalls and suggests improvements for reliability, correctness, and performance.

Attributes

Classes

JinjaInValidationPathCheck

Check for Jinja syntax in validation paths (V201).

Validation paths use Python .format() syntax ({workspace}), not Jinja ({{ workspace }}). Using Jinja syntax causes paths to render literally with braces intact.

Functions
check 
check(config, config_path, raw_yaml)

Check validation paths for {{ markers.

Source code in src/marianne/validation/checks/best_practices.py 
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Check validation paths for ``{{`` markers."""
    issues: list[ValidationIssue] = []

    for i, validation in enumerate(config.validations):
        path_val = getattr(validation, "path", None)
        if path_val and "{{" in str(path_val):
            issues.append(
                ValidationIssue(
                    check_id=self.check_id,
                    severity=self.severity,
                    message=(
                        f"Validation rule {i + 1} uses Jinja syntax"
                        f" in path: {path_val}"
                    ),
                    line=find_line_in_yaml(raw_yaml, str(path_val)),
                    context=str(path_val),
                    suggestion=(
                        "Use {workspace} not {{ workspace }}"
                        " in validation paths"
                    ),
                    metadata={
                        "validation_index": str(i),
                        "path": str(path_val),
                    },
                )
            )

    return issues

FormatSyntaxInTemplateCheck

Check for format-string syntax in Jinja templates (V202).

Prompt templates use Jinja ({{ name }}), not Python format strings ({name}). Only flags known built-in names to avoid false positives.

Functions
check 
check(config, config_path, raw_yaml)

Scan prompt template for {builtin_name} patterns.

Source code in src/marianne/validation/checks/best_practices.py 
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Scan prompt template for ``{builtin_name}`` patterns."""
    issues: list[ValidationIssue] = []

    template = config.prompt.template
    if not template:
        return issues

    for match in self._PATTERN.finditer(template):
        name = match.group(1)
        issues.append(
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message=(
                    f"Format-string syntax '{{{name}}}' found in"
                    f" prompt template — use Jinja '{{{{ {name} }}}}'"
                ),
                line=find_line_in_yaml(raw_yaml, f"{{{name}}}"),
                context=match.group(0),
                suggestion=(
                    f"Use {{{{ {name} }}}} not {{{name}}}"
                    f" in Jinja templates"
                ),
                metadata={
                    "variable": name,
                },
            )
        )

    return issues

NoValidationsCheck

Check that at least one validation rule exists (V203).

Without validations, sheets always "pass" and you learn nothing about execution quality.

Functions
check 
check(config, config_path, raw_yaml)

Fire when no validations are configured.

Source code in src/marianne/validation/checks/best_practices.py 
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when no validations are configured."""
    if len(config.validations) == 0:
        return [
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message="No validation rules configured",
                suggestion=(
                    "Add at least one validation rule"
                    " — see docs/score-writing-guide.md"
                ),
                metadata={},
            )
        ]
    return []

MissingSkipPermissionsCheck

Check that skip_permissions is enabled for Claude CLI (V204).

Claude CLI will prompt for permission approval, which hangs in unattended mode.

Functions
check 
check(config, config_path, raw_yaml)

Fire when Claude CLI backend lacks skip_permissions.

Source code in src/marianne/validation/checks/best_practices.py 
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when Claude CLI backend lacks skip_permissions."""
    if (
        config.backend.type == "claude_cli"
        and config.backend.skip_permissions is False
    ):
        return [
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message=(
                    "Claude CLI backend without skip_permissions"
                    " will hang waiting for permission approval"
                ),
                line=find_line_in_yaml(raw_yaml, "skip_permissions"),
                suggestion=(
                    "Set backend.skip_permissions: true"
                    " for unattended execution"
                ),
                metadata={
                    "backend_type": config.backend.type,
                },
            )
        ]
    return []

FileExistsOnlyCheck

Check for file_exists-only validations (V205).

file_exists alone cannot detect stale files left from a previous run. Adding file_modified or content checks is recommended.

Functions
check 
check(config, config_path, raw_yaml)

Fire when every validation is file_exists.

Source code in src/marianne/validation/checks/best_practices.py 
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when every validation is file_exists."""
    if not config.validations:
        return []

    all_file_exists = all(
        v.type == "file_exists" for v in config.validations
    )
    if all_file_exists:
        return [
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message=(
                    "All validations are file_exists"
                    " — stale files from previous runs will pass"
                ),
                suggestion=(
                    "Consider adding file_modified or content checks"
                    " to detect stale files"
                ),
                metadata={
                    "validation_count": str(len(config.validations)),
                },
            )
        ]
    return []

FanOutWithoutDependenciesCheck

Check fan-out configs have dependencies (V206).

When fan-out stages are configured without dependencies, stages may execute out of order.

Functions
check 
check(config, config_path, raw_yaml)

Fire when fan-out is configured without dependencies.

Source code in src/marianne/validation/checks/best_practices.py 
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when fan-out is configured without dependencies."""
    if (
        config.sheet.fan_out_stage_map is not None
        and not config.sheet.dependencies
    ):
        return [
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message=(
                    "Fan-out is configured but no sheet dependencies"
                    " are declared — stages may run out of order"
                ),
                line=find_line_in_yaml(raw_yaml, "fan_out"),
                suggestion=(
                    "Add sheet.dependencies to control"
                    " stage execution order"
                ),
                metadata={},
            )
        ]
    return []

FanOutWithoutParallelCheck

Check fan-out configs enable parallel execution (V207).

Fan-out instances are designed to run concurrently, but will execute sequentially if parallel mode is disabled.

Functions
check 
check(config, config_path, raw_yaml)

Fire when fan-out is configured without parallel.

Source code in src/marianne/validation/checks/best_practices.py 
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when fan-out is configured without parallel."""
    if (
        config.sheet.fan_out_stage_map is not None
        and config.parallel.enabled is False
    ):
        return [
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message=(
                    "Fan-out is configured but parallel execution is"
                    " disabled — instances will run sequentially"
                ),
                line=find_line_in_yaml(raw_yaml, "parallel"),
                suggestion=(
                    "Enable parallel.enabled: true to run"
                    " fan-out instances concurrently"
                ),
                metadata={},
            )
        ]
    return []

VariableShadowingCheck

Check for user variables that shadow built-ins (V208).

User-defined prompt variables that share names with Marianne's built-in variables will override the real values, causing unexpected behavior.

Functions
check 
check(config, config_path, raw_yaml)

Fire when prompt.variables shadows a built-in name.

Source code in src/marianne/validation/checks/best_practices.py 
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when prompt.variables shadows a built-in name."""
    issues: list[ValidationIssue] = []

    for name in config.prompt.variables:
        if name in _BUILTIN_NAMES:
            issues.append(
                ValidationIssue(
                    check_id=self.check_id,
                    severity=self.severity,
                    message=(
                        f"Variable '{name}' shadows the"
                        f" built-in {name}"
                    ),
                    line=find_line_in_yaml(raw_yaml, f"{name}:"),
                    suggestion=(
                        f"Rename variable '{name}'"
                        f" — it shadows the built-in {name}"
                    ),
                    metadata={
                        "variable": name,
                    },
                )
            )

    return issues

SkipWhenSheetRangeCheck

Check that skip_when and skip_when_command keys are in-range (V212).

Each key in skip_when/skip_when_command must satisfy 1 ≤ k ≤ total_sheets. Out-of-range keys are silently ignored at runtime — they will never fire. This is a WARNING (non-blocking) because the config is executable, just suspicious.

Functions
check 
check(config, config_path, raw_yaml)

Warn when skip_when or skip_when_command keys are out of range.

Source code in src/marianne/validation/checks/best_practices.py 
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Warn when skip_when or skip_when_command keys are out of range."""
    issues: list[ValidationIssue] = []
    total = config.sheet.total_sheets

    for k in config.sheet.skip_when:
        if not (1 <= k <= total):
            issues.append(
                ValidationIssue(
                    check_id=self.check_id,
                    severity=self.severity,
                    message=(
                        f"skip_when key {k} is out of range "
                        f"(valid: 1\u2013{total}); this rule will never fire"
                    ),
                    suggestion=(
                        f"Remove sheet {k} or adjust total_sheets / fan-out"
                    ),
                    metadata={SHEET_NUM_KEY: str(k), "source": "skip_when"},
                )
            )

    for k in config.sheet.skip_when_command:
        if not (1 <= k <= total):
            issues.append(
                ValidationIssue(
                    check_id=self.check_id,
                    severity=self.severity,
                    message=(
                        f"skip_when_command key {k} is out of range "
                        f"(valid: 1\u2013{total}); this rule will never fire"
                    ),
                    suggestion=(
                        f"Remove sheet {k} or adjust total_sheets / fan-out"
                    ),
                    metadata={
                        SHEET_NUM_KEY: str(k),
                        "source": "skip_when_command",
                    },
                )
            )

    return issues

MissingDisableMcpCheck

Check that disable_mcp is enabled for Claude CLI (V209).

MCP servers can cause deadlocks in unattended orchestration. Disabling MCP provides faster, more reliable execution.

Functions
check 
check(config, config_path, raw_yaml)

Fire when Claude CLI backend lacks disable_mcp.

Source code in src/marianne/validation/checks/best_practices.py 
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
def check(
    self,
    config: JobConfig,
    config_path: Path,
    raw_yaml: str,
) -> list[ValidationIssue]:
    """Fire when Claude CLI backend lacks disable_mcp."""
    if (
        config.backend.type == "claude_cli"
        and config.backend.disable_mcp is False
    ):
        return [
            ValidationIssue(
                check_id=self.check_id,
                severity=self.severity,
                message=(
                    "Claude CLI backend without disable_mcp"
                    " may experience MCP deadlocks"
                ),
                line=find_line_in_yaml(raw_yaml, "disable_mcp"),
                suggestion=(
                    "Set backend.disable_mcp: true"
                    " to prevent MCP deadlocks"
                ),
                metadata={
                    "backend_type": config.backend.type,
                },
            )
        ]
    return []

Functions