feat(commands): add /pr-review command for batch PR review with worktrees

[rjmurillo-bot]

Summary

Add a Claude command for processing multiple PR review comments in parallel using git worktrees for isolation.

Related Issues:

• Partially addresses feat: Add Git Worktree Operating Guide for AI Agents #184 (Git Worktree Operating Guide for AI Agents)
• Partially addresses feat: Enable Parallel Agent Execution with Batch Spawning #168 (Enable Parallel Agent Execution with Batch Spawning)

Features

• Single or batch processing: Handle one PR or multiple PRs in a single command
• Parallel execution: Use git worktrees to process PRs simultaneously
• Automatic cleanup: Commit uncommitted changes, push, and remove worktrees
• Progress monitoring: Track status of all PRs during execution
• Error recovery: Handle common failure scenarios gracefully

Files Added

File	Purpose
.claude/commands/pr-review.md	Main command documentation with usage examples
scripts/Invoke-BatchPRReview.ps1	PowerShell helper for worktree management

Usage Examples

# Single PR
/pr-review 194

# Multiple PRs sequentially
/pr-review 53,141,143

# Multiple PRs in parallel with worktrees
/pr-review 53,141,143,194,199,201,202,206 --parallel

# All open PRs needing review
/pr-review all-open --parallel

PowerShell Helper

# Setup worktrees
.\scripts\Invoke-BatchPRReview.ps1 -PRNumbers 53,141,143 -Operation Setup

# Check status
.\scripts\Invoke-BatchPRReview.ps1 -PRNumbers 53,141,143 -Operation Status

# Cleanup (commit, push, remove)
.\scripts\Invoke-BatchPRReview.ps1 -PRNumbers 53,141,143 -Operation Cleanup

Test Plan

• Verify command documentation renders correctly
• Test single PR workflow
• Test parallel execution with 2-3 PRs
• Test cleanup with uncommitted changes
• Test error handling for non-existent PRs

Generated with Claude Code

[coderabbitai]

Caution

Review failed

The pull request is closed.

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Adds a new PowerShell tool and tests to manage batch PR reviews via per-PR git worktrees, plus a pr-review command workflow doc, session/handoff and slash-command reference docs; removes a generated PR-225 comments map file. (36 words)

Changes

Cohort / File(s)	Summary
Batch PR Review Script scripts/Invoke-BatchPRReview.ps1	New PowerShell script providing Setup/Status/Cleanup/All operations and functions: Get-PRBranch, New-PRWorktree, Get-WorktreeStatus, Remove-PRWorktree, Push-WorktreeChanges. Adds parameters PRNumbers, Operation, WorktreeRoot, Force and checks for LASTEXITCODE/upstream.
Test Suite scripts/tests/Invoke-BatchPRReview.Tests.ps1	New Pester test suite validating script structure, required parameters and ValidateSet, presence of functions, LASTEXITCODE/error handling, code-quality patterns, try/finally Push-Location cleanup, and an integration-style Status scenario.
PR Review Command Doc .claude/commands/pr-review.md	New pr-review command workflow document describing usage, arguments, end-to-end flow, parallel worktree constraints, error-recovery, prerequisites, examples, and stepwise commands.
Removed PR Comments Map .agents/pr-comments/PR-225/comments.md	Deleted generated PR-225 comments map that contained per-comment metadata and detailed comment narratives, statuses, and resolutions.
Session & Handoff Docs .agents/HANDOFF.md, .agents/sessions/2025-12-21-session-61-slash-command-skills.md	Added Session 61 entry and session-61 doc about slash-command skills atomization; removed Session 57 entry.
Slash-Command Reference .serena/memories/claude-code-slash-commands.md	New comprehensive reference for Claude Code slash commands: schema/frontmatter, allowed-tools, argument handling, examples, anti-patterns, and best practices.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Script as Invoke-BatchPRReview.ps1
    participant GH as GitHub CLI (gh)
    participant Git as git

    User->>Script: run with PRNumbers + Operation
    Script->>GH: gh pr view --json headRefName (Get-PRBranch)
    GH-->>Script: branch name or error

    alt branch resolved
        Script->>Git: git fetch && git worktree add <path> <branch> (New-PRWorktree)
        Git-->>Script: created / error
    else branch unresolved
        Script-->>User: error + guidance
    end

    Script->>Git: git status / rev-parse / log (Get-WorktreeStatus)
    Git-->>Script: status details

    alt uncommitted or unpushed
        Script->>Git: git add && git commit && git push (Push-WorktreeChanges)
        Git-->>Script: success / failure
    end

    alt Cleanup requested
        Script->>Git: check upstream/existence
        alt safe or Force
            Script->>Git: git worktree remove <path> (Remove-PRWorktree)
            Git-->>Script: removed
        else abort
            Script-->>User: abort cleanup
        end
    end

    Script-->>User: operation summary

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

• Verify LASTEXITCODE handling after gh, git add/commit/push and non-terminating error paths.
• Audit Remove-PRWorktree safety checks (uncommitted/unpushed detection, Force semantics).
• Validate New-PRWorktree fallback logic for origin refs and upstream detection.
• Review try/finally Push-Location and ErrorActionPreference usage.
• Inspect Pester tests for robust assertions vs brittle environment assumptions.

Suggested reviewers

• rjmurillo

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title follows conventional commit format with type(scope): subject structure and clearly describes the main feature being added.
Description check	✅ Passed	Description is directly related to the changeset, covering the /pr-review command, worktree management, features, files added, usage examples, and test plan.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b08c3f1 and f153a1f.

📒 Files selected for processing (1)

• .agents/pr-comments/PR-225/comments.md

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Spec-to-Implementation Validation

Warning

No spec references found

This PR does not reference any specifications (REQ-, DESIGN-, TASK-*, or linked issues).

How to add spec references

Add spec references to your PR description to enable traceability:

Method	Example
Reference requirements	Implements REQ-001
Link issues	Closes #123
Reference spec files	.agents/specs/requirements/...

Spec Requirement by PR Type:

PR Type	Required?
Feature (feat:)	✅ Required
Bug fix (fix:)	Optional
Refactor (refactor:)	Optional
Documentation (docs:)	Not required
Infrastructure (ci:, build:, chore:)	Optional

See PR template for full guidance.

---

_{Powered by AI Spec Validator - Validation skipped - no specs found}

[github-actions]

AI Quality Gate Review

Caution

❌ Final Verdict: CRITICAL_FAIL

Walkthrough

This PR was reviewed by six AI agents in parallel, analyzing different aspects of the changes:

• Security Agent: Scans for vulnerabilities, secrets exposure, and security anti-patterns
• QA Agent: Evaluates test coverage, error handling, and code quality
• Analyst Agent: Assesses code quality, impact analysis, and maintainability
• Architect Agent: Reviews design patterns, system boundaries, and architectural concerns
• DevOps Agent: Evaluates CI/CD, build pipelines, and infrastructure changes
• Roadmap Agent: Assesses strategic alignment, feature scope, and user value

Review Summary

Agent	Verdict	Status
Security	PASS	✅
QA	CRITICAL_FAIL	❌
Analyst	WARN	⚠️
Architect	WARN	⚠️
DevOps	PASS	✅
Roadmap	PASS	✅

Architect Review Details

Design Quality Assessment

Aspect	Rating (1-5)	Notes
Pattern Adherence	4	Follows PowerShell conventions, single responsibility per function, clear separation
Boundary Respect	4	Command doc in .claude/commands/, script in scripts/, uses existing skill infrastructure
Coupling	3	Depends on gh CLI, git, and external pr-comment-responder skill
Cohesion	4	Each function has single purpose: branch lookup, worktree create/status/remove, push
Extensibility	4	Operations are modular, new operations can be added via switch statement

Overall Design Score: 4/5

Architectural Concerns

Severity	Concern	Location	Recommendation
Medium	References non-existent skill path	pr-review.md:39	Skill path .claude/skills/github/scripts/pr/Get-PRContext.ps1 exists but pr-comment-responder skill is referenced without verification it exists
Low	Hardcoded commit message format	Invoke-BatchPRReview.ps1:193	Consider making commit message configurable via parameter
Low	Error recovery using --force-with-lease documented but not implemented	pr-review.md:150	Implementation should match documentation or note it as TODO

Breaking Change Assessment

• Breaking Changes: No
• Impact Scope: None (new capability)
• Migration Required: No
• Migration Path: N/A

Technical Debt Analysis

• Debt Added: Low
• Debt Reduced: Low
• Net Impact: Neutral

The implementation is clean. Minor debt: documentation references Python pseudocode that will never execute (lines 24-28, 60-75 in pr-review.md). This creates confusion about whether Claude interprets these as executable.

ADR Assessment

• ADR Required: No
• Decisions Identified:
  1. Git worktrees for parallel isolation (implementation of ADR-009 patterns)
  2. Parent directory placement for worktrees
• Existing ADR: ADR-009-parallel-safe-multi-agent-design.md covers parallel execution patterns
• Recommendation: N/A. This implements ADR-009 principles. No new architectural decision introduced.

Alignment Check

ADR	Status	Notes
ADR-005	Aligns	PowerShell-only scripting honored
ADR-009	Aligns	Implements parallel-safe patterns via worktree isolation

Recommendations

1. Verify pr-comment-responder skill exists at expected path before merge, or document that it must be created
2. Replace Python pseudocode in pr-review.md with actual Claude command syntax or mark clearly as "conceptual example"
3. Add Invoke-BatchPRReview.Tests.ps1 to scripts/tests/ for parity with other scripts

Verdict

VERDICT: WARN
MESSAGE: Sound architecture implementing ADR-009 parallel patterns. Two non-blocking issues: (1) pr-comment-responder skill dependency unverified, (2) Python pseudocode in command doc may cause confusion.

Analyst Review Details

Now let me examine the existing patterns for Claude commands and PowerShell scripts in this repository to understand consistency requirements.

Now I have enough context. Let me analyze this PR:

PR Review Analysis: feat(commands): add /pr-review command for batch PR review with worktrees

Code Quality Score

Criterion	Score (1-5)	Notes
Readability	4	Clear function names, good commenting, well-organized
Maintainability	3	Missing tests, hardcoded paths, no module reuse
Consistency	3	Does not follow existing patterns (GitHubHelpers.psm1 not used)
Simplicity	4	Straightforward worktree management logic

Overall: 3.5/5

Impact Assessment

• Scope: Isolated - new command and helper script only
• Risk Level: Low - no changes to existing code
• Affected Components: .claude/commands/, scripts/

Findings

Priority	Category	Finding	Location
Medium	Consistency	PowerShell script does not use shared GitHubHelpers.psm1 module (pattern used by all other GitHub-related scripts)	scripts/Invoke-BatchPRReview.ps1
Medium	Testing	No Pester tests included; existing scripts in scripts/ have corresponding tests in scripts/tests/	scripts/tests/
Low	Documentation	PR description references batch-pr-review.md file that does not exist in the diff	PR description
Low	Consistency	Command file lacks YAML front matter that other skill files use	.claude/commands/pr-review.md
Low	Code Quality	Exit codes not documented; other scripts use standardized exit codes per SKILL.md pattern (0-5)	scripts/Invoke-BatchPRReview.ps1
Low	Security	--force-with-lease mentioned in error recovery but not implemented in the script	scripts/Invoke-BatchPRReview.ps1:191

Recommendations

1. Add Pester tests - Create scripts/tests/Invoke-BatchPRReview.Tests.ps1 following the pattern in scripts/tests/Sync-McpConfig.Tests.ps1
2. Use GitHubHelpers.psm1 - Import from .claude/skills/github/modules/GitHubHelpers.psm1 for Get-RepoInfo and Test-GhAuthenticated instead of inline implementations
3. Add YAML front matter to command file matching skill file patterns (name, description, allowed-tools)
4. Document exit codes in comment block header per existing SKILL.md conventions
5. Implement --force-with-lease in Push-WorktreeChanges if documented in error recovery table, or remove from documentation

Verdict

VERDICT: WARN
MESSAGE: Functional implementation with minor consistency gaps. Missing tests and shared module usage reduce maintainability score. No blocking issues.

Roadmap Review Details

Strategic Alignment Assessment

Criterion	Rating	Notes
Aligns with project goals	High	Batch PR processing supports multi-agent coordination workflow
Priority appropriate	Medium	Developer tooling but not on current roadmap; fills operational gap
User value clear	High	Reduces manual effort for maintainers handling multiple PR reviews
Investment justified	High	3 files, low maintenance burden, enables parallel workflow

Feature Completeness

• Scope Assessment: Right-sized
• Ship Ready: Yes
• MVP Complete: Yes
• Enhancement Opportunities: Metrics collection for PR review efficiency, integration with session protocol

Impact Analysis

Dimension	Assessment	Notes
User Value	High	Maintainers processing 8+ PRs can parallelize work via worktrees
Business Impact	Medium	Operational efficiency; no direct user adoption impact
Technical Leverage	High	Worktree pattern reusable for other batch operations
Competitive Position	Improved	Demonstrates sophisticated agent coordination

Concerns

Priority	Concern	Recommendation
Low	Not tracked in roadmap	Add to backlog as developer tooling enhancement
Low	PowerShell-only helper	Acceptable given project PowerShell standardization

Recommendations

1. Add /pr-review command to roadmap backlog under developer tooling
2. Track usage metrics to validate RICE assumptions post-ship

Verdict

VERDICT: PASS
MESSAGE: Feature aligns with multi-agent coordination goals, provides clear maintainer value for batch PR processing, and has appropriate scope with low maintenance overhead.

DevOps Review Details

Pipeline Impact Assessment

Area	Impact	Notes
Build	None	No build configuration changes
Test	None	No test pipeline modifications
Deploy	None	No deployment automation changes
Cost	None	No new workflow files added

CI/CD Quality Checks

Check	Status	Location
YAML syntax valid	N/A	No workflow files modified
Actions pinned	N/A	No GitHub Actions added
Secrets secure	✅	No secrets referenced
Permissions minimal	N/A	No workflow permissions defined
Shell scripts robust	✅	scripts/Invoke-BatchPRReview.ps1

Findings

Severity	Category	Finding	Location	Fix
Low	Error Handling	git worktree add stderr redirected with 2>&1 but error message could be more informative	scripts/Invoke-BatchPRReview.ps1:84	Consider capturing stderr separately for debugging
Low	Documentation	Command doc references .claude/skills/github/scripts/pr/Get-PRContext.ps1 which may not exist	.claude/commands/pr-review.md:42	Verify path exists or update to correct path
Low	Shell Safety	git add . commits all files without explicit path validation	scripts/Invoke-BatchPRReview.ps1:192	Acceptable for worktree context but note the behavior

Template Assessment

• PR Template: Not modified by this PR
• Issue Templates: Not modified by this PR
• Template Issues: N/A

Automation Opportunities

Opportunity	Type	Benefit	Effort
Add Pester tests for Invoke-BatchPRReview.ps1	Test	Medium - ensures script reliability	Low
Extract worktree management to reusable module	Module	Medium - could benefit other scripts	Medium

Recommendations

1. Add a shebang or script-level comment indicating PowerShell 7+ requirement for cross-platform compatibility
2. Consider adding -WhatIf support for the Cleanup operation to preview changes before execution
3. The script has proper $ErrorActionPreference = 'Stop' which is good for fail-fast behavior

VERDICT: PASS
MESSAGE: No CI/CD infrastructure changes. PowerShell script follows good practices with proper error handling, parameter validation, and structured output.

QA Review Details

Now I have the full context. Let me analyze the PR changes and produce a QA review.

QA Review: PR Review Command with Batch Worktrees

Test Coverage Assessment

Area	Status	Evidence	Files Checked
Unit tests	MISSING	No Invoke-BatchPRReview.Tests.ps1 exists	scripts/Invoke-BatchPRReview.ps1
Edge cases	MISSING	No tests for null/empty inputs, invalid PRs	Invoke-BatchPRReview.ps1
Error paths	UNTESTED	exit 1 at line 55, Write-Error calls at lines 87, 165, 205	Invoke-BatchPRReview.ps1
Assertions	N/A	No tests exist to have assertions	tests/

Quality Concerns

Severity	Issue	Location	Evidence	Required Fix
BLOCKING	Zero tests for new 269-line PowerShell script	scripts/Invoke-BatchPRReview.ps1	No corresponding *.Tests.ps1 file	Create tests/Invoke-BatchPRReview.Tests.ps1 with coverage for all 5 functions
BLOCKING	Error handling silent on gh command failures	scripts/Invoke-BatchPRReview.ps1:62-67	$prInfo = gh pr view ... | ConvertFrom-Json - if gh returns error JSON, ConvertFrom-Json may succeed with unexpected structure	Add explicit $LASTEXITCODE check after gh pr view
HIGH	No validation for empty PRNumbers array	scripts/Invoke-BatchPRReview.ps1:31-32	[int[]]$PRNumbers accepts empty array @()	Add [ValidateCount(1, 100)] or check in script body
HIGH	Unpushed check may fail on new branches	scripts/Invoke-BatchPRReview.ps1:117	git log "@{u}.." fails if no upstream exists	Add error handling or check upstream exists
MEDIUM	Push-WorktreeChanges catch block re-throws	scripts/Invoke-BatchPRReview.ps1:204-206	Write-Error after catch will terminate due to $ErrorActionPreference = 'Stop'	Use Write-Warning or return $false without throwing
MEDIUM	Missing -WhatIf support	scripts/Invoke-BatchPRReview.ps1	Script modifies git state but has no SupportsShouldProcess	Add [CmdletBinding(SupportsShouldProcess)]
LOW	Command documentation uses batch-pr-review.md reference	PR description	Mentions .claude/commands/batch-pr-review.md but file not in diff	Verify file exists or remove reference

Regression Risk Assessment

• Risk Level: Medium
• Affected Components: Git worktree management, GitHub CLI integration, parallel agent execution
• Breaking Changes: None (new feature)
• Required Testing: Manual verification of Setup/Status/Cleanup operations with real PRs; error case testing for non-existent PRs

Edge Cases NOT Tested

Input	Expected Behavior	Risk
Empty $PRNumbers array	Should error early	Medium
PR number 0 or negative	Should reject	Low
Non-existent PR	Get-PRBranch returns $null, handled	Low
Branch already checked out	git worktree add fails	High
No upstream configured	git log "@{u}.." fails	High
Disk full during worktree creation	Unhandled	Medium
Permission denied on parent dir	Unhandled	Medium

Functions Requiring Tests

1. Get-PRBranch - 0 tests
2. New-PRWorktree - 0 tests
3. Get-WorktreeStatus - 0 tests
4. Remove-PRWorktree - 0 tests
5. Push-WorktreeChanges - 0 tests

---

VERDICT: CRITICAL_FAIL
MESSAGE: New 269-line PowerShell script has zero tests covering 5 functions with external dependencies (git, gh).

EVIDENCE:
- Tests found: 0 for 5 new functions
- Edge cases: 0 categories covered (empty input, invalid PR, no upstream, branch conflict all untested)
- Error handling: Untested for lines 55, 87, 165, 205, 117
- Blocking issues: 2 (no tests, silent gh error handling)

---

Required Actions Before Merge

1. Create tests/Invoke-BatchPRReview.Tests.ps1 with:

   • Parameter validation tests (empty array, negative numbers)
   • Get-PRBranch tests with mocked gh output
   • Get-WorktreeStatus tests for existing/non-existing paths
   • Remove-PRWorktree tests for clean/dirty/unpushed states
   • Error path tests for git/gh failures

2. Fix error handling at scripts/Invoke-BatchPRReview.ps1:62-67:

   $rawOutput = gh pr view $PRNumber --json headRefName 2>&1
   if ($LASTEXITCODE -ne 0) {
       Write-Warning "PR #$PRNumber not found: $rawOutput"
       return $null
   }
   $prInfo = $rawOutput | ConvertFrom-Json

3. Add upstream check at line 117:

   $hasUpstream = git rev-parse --abbrev-ref '@{u}' 2>$null
   $unpushed = if ($hasUpstream) { git log "@{u}.." --oneline 2>$null } else { $null }

Security Review Details

Security Review: PR Review Command with Batch Worktree Support

Findings

Severity	Category	Finding	Location	CWE
Medium	Command Injection	PR numbers passed to shell commands without validation beyond type casting. Malicious input via all-open workflow could inject commands through crafted branch names.	pr-review.md:57, Invoke-BatchPRReview.ps1:84	CWE-78
Low	Input Validation	--force-with-lease retry in error recovery could overwrite legitimate remote changes if used improperly.	pr-review.md:154	CWE-20
Low	Information Disclosure	Error messages may expose internal paths via $worktreePath in warning/error output.	Invoke-BatchPRReview.ps1:79,143,148,169	CWE-209

Analysis Details

Command Injection Risk (Medium)

Location: Invoke-BatchPRReview.ps1:84

git worktree add $worktreePath $branch 2>&1

The $branch variable comes from gh pr view JSON output. If an attacker controls a branch name with shell metacharacters, this could execute arbitrary commands. However, risk is mitigated because:

1. Branch names come from GitHub API (trusted source)
2. PowerShell handles arguments differently than bash
3. PR numbers are typed as [int[]] preventing string injection

Risk Score: 4/10 (Low likelihood due to GitHub API as data source, Medium impact if exploited)

Force Push Behavior (Low)

The --force-with-lease retry in error recovery section is documentation only and not implemented in the script. If implemented without safeguards, it could overwrite legitimate commits.

Path Disclosure (Low)

Internal file system paths appear in user-facing output. This is acceptable for CLI tools but could reveal directory structure to logs.

Positive Security Patterns

1. Type validation: [int[]]$PRNumbers prevents string injection
2. Error handling: $ErrorActionPreference = 'Stop' ensures failures don't silently continue
3. No hardcoded secrets: No credentials in code
4. ValidateSet: Operation parameter limited to known values
5. Clean worktree checks: Prevents accidental data loss during cleanup

Recommendations

1. Sanitize branch names before shell execution:

# Add validation in Get-PRBranch
if ($prInfo.headRefName -match '[;&|`$]') {
    Write-Error "Invalid branch name contains shell metacharacters"
    return $null
}

2. Use argument arrays consistently (already done in line 159-162, good pattern)

3. Document security assumptions about GitHub API trust boundary

Verdict

VERDICT: PASS
MESSAGE: No critical vulnerabilities found. Medium-risk command injection mitigated by GitHub API trust and PowerShell argument handling. Code follows secure patterns for input validation and error handling.

---

Run Details

Property	Value
Run ID	20417589001
Triggered by	pull_request on 225/merge
Commit	115cbbf9f72ab599c8ef49da856efddf12871e9e

_{Powered by AI Quality Gate - View Workflow}

[gemini-code-assist]

Code Review

This pull request introduces a new /pr-review command for batch processing of pull request reviews using git worktrees, along with supporting documentation and a PowerShell script for worktree management. The changes are well-structured and the documentation is clear.

My review focuses on adherence to the repository's comprehensive style guide, particularly for PowerShell scripting and Markdown standards. I've identified several areas for improvement:

• PowerShell Scripting: The script Invoke-BatchPRReview.ps1 has some style guide violations, including the use of non-approved verbs, improper use of Write-Host, and a lack of -WhatIf support for state-changing operations. More critically, there is a potential path traversal vulnerability that needs to be addressed.
• Markdown Documentation: The new command documentation files are missing language identifiers on some code blocks, which is required by the style guide.

I've provided specific suggestions to address these points, which will improve the script's safety, maintainability, and compliance with repository standards.

I am having trouble creating individual review comments. Click here to see my feedback.

scripts/Invoke-BatchPRReview.ps1 (31)

This script performs state-modifying operations like creating/removing worktrees and pushing commits, but it doesn't support the -WhatIf common parameter. This is a crucial safety feature in PowerShell to allow users to preview changes before they are made. According to the repository style guide, scripts that modify state should support -WhatIf.

[CmdletBinding(SupportsShouldProcess = $true)]

References

1. The style guide (line 128) states: "Support -WhatIf and -Verbose parameters for scripts that modify state." ^(link)

scripts/Invoke-BatchPRReview.ps1 (40-41)

The $WorktreeRoot parameter is used to construct file paths without proper validation. This could lead to a path traversal vulnerability (CWE-22) if a user provides a malicious path like ../../... The style guide requires validation of all external inputs.

    [ValidateScript({ Test-Path -Path $_ -PathType Container })]
    [string]$WorktreeRoot,

.claude/commands/batch-pr-review.md (7)

This code block is missing a language identifier, which prevents syntax highlighting and can make the code harder to read. Per the style guide, all fenced code blocks should have a language identifier.

```bash

References

1. The style guide requires all fenced code blocks to have a language identifier for syntax highlighting. ^(link)

.claude/commands/batch-pr-review.md (94)

This code block, which illustrates a directory structure, is missing a language identifier. This can lead to inconsistent rendering. The style guide requires language identifiers for all fenced code blocks.

```text

References

1. The style guide requires all fenced code blocks to have a language identifier for syntax highlighting. ^(link)

.claude/commands/pr-review.md (7)

This code block is missing a language identifier, which prevents syntax highlighting and can make the code harder to read. The style guide requires language identifiers for all fenced code blocks.

```bash

References

1. The style guide requires all fenced code blocks to have a language identifier for syntax highlighting. ^(link)

scripts/Invoke-BatchPRReview.ps1 (79)

This script uses Write-Host for status messages. The style guide recommends using Write-Verbose for progress/debug information and Write-Warning for non-terminating issues. This allows users to control script verbosity. This specific message seems like a warning. This feedback applies to other Write-Host calls in the script as well; they should be converted to Write-Verbose for progress messages.

        Write-Warning "Worktree already exists: $worktreePath"

References

1. The style guide (lines 70-86) specifies using Write-Error, Write-Warning, and Write-Verbose for script output, and discourages Write-Host for debugging or status messages. ^(link)

scripts/Invoke-BatchPRReview.ps1 (173)

The function Push-WorktreeChanges uses the verb Push, which is not on the approved list in the repository's PowerShell style guide. To maintain consistency, it should be renamed.

function Invoke-WorktreeSync {

References

1. The style guide (lines 18-28) provides a list of approved PowerShell verbs. Push is not on this list. ^(link)

[Copilot]

Pull request overview

This PR adds a new /pr-review Claude command for processing multiple PR review comments in parallel using git worktrees for isolation. The feature enables batch processing of PRs with automatic cleanup and progress monitoring.

• Adds PowerShell helper script for git worktree management (setup, status, cleanup)
• Provides two command documentation files explaining single/batch PR review workflows
• Implements parallel execution support using git worktrees for isolated PR processing

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 7 comments.

File	Description
scripts/Invoke-BatchPRReview.ps1	PowerShell helper script that manages git worktrees for parallel PR review operations, including creation, status monitoring, and cleanup with automatic commit/push
.claude/commands/pr-review.md	Main command documentation defining the /pr-review command with usage examples for single and batch PR processing, including sequential and parallel execution modes
.claude/commands/batch-pr-review.md	Detailed workflow specification for the /batch-pr-review command covering setup, parallel execution, monitoring, cleanup, and error handling phases

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 9 comments.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

.claude/commands/pr-review.md (1)

99-101: Documentation shows git push origin {branch} but script uses git push.

This was flagged in a past review. The script correctly uses git push without hardcoded remote. Documentation example at line 100 still shows the old pattern.

Fix documentation to match implementation

-    git push origin {branch}
+    git push

🧹 Nitpick comments (2)

scripts/tests/Invoke-BatchPRReview.Tests.ps1 (1)

13-29: Missing AfterAll block for final cleanup.

Per coding guidelines, Pester tests should use AfterAll to clean temp directories after all tests complete. AfterEach handles per-test cleanup, but if a test throws before AfterEach runs, artifacts may persist.

Add AfterAll block

 BeforeAll {
     $Script:ScriptPath = Join-Path $PSScriptRoot "..\Invoke-BatchPRReview.ps1"
     $Script:TestDir = Join-Path $TestDrive "worktree-test"
 }
+
+AfterAll {
+    if (Test-Path $Script:TestDir) {
+        Remove-Item -Path $Script:TestDir -Recurse -Force -ErrorAction SilentlyContinue
+    }
+}

scripts/Invoke-BatchPRReview.ps1 (1)

93-96: Write-Error with ErrorActionPreference='Stop' terminates before return.

Line 94 uses Write-Error which terminates execution when $ErrorActionPreference = 'Stop'. Line 95's return $false never runs. This isn't critical since the script stops on error, but the return statement is dead code.

Consider using Write-Warning and returning false for graceful continuation, or remove the unreachable return:

Option: Use Write-Warning for graceful failure

     if ($LASTEXITCODE -ne 0) {
-        Write-Error "Failed to create worktree for PR #$PRNumber"
+        Write-Warning "Failed to create worktree for PR #$PRNumber"
         return $false
     }

📜 Review details

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dc0efc5 and 05b34a6.

📒 Files selected for processing (4)

• .agents/pr-comments/PR-225/comments.md
• .claude/commands/pr-review.md
• scripts/Invoke-BatchPRReview.ps1
• scripts/tests/Invoke-BatchPRReview.Tests.ps1

🧰 Additional context used

📓 Path-based instructions (42)

**/.agents/**/*.md

📄 CodeRabbit inference engine (.agents/governance/interview-response-template.md)

Primary deliverables from agents should be saved to .agents/[category]/[pattern].md with naming convention [PREFIX]-NNN-[description].md

Single-source agent files should use frontmatter markers to delineate platform-specific sections for VS Code and Copilot CLI variants

Maintain artifact synchronization markers in tracking files (.md) with status indicators ([COMPLETE], [RESOLVED], [VERIFIED]) and timestamps to document completion and verification of work

Files:

• .agents/pr-comments/PR-225/comments.md

.agents/**/*.{md,yml,yaml,json}

📄 CodeRabbit inference engine (.agents/critique/001-agent-templating-critique.md)

For agent platform files, evaluate whether near-identical variants (99%+ overlap) can be consolidated with conditional configuration rather than maintaining separate files

Files:

• .agents/pr-comments/PR-225/comments.md

.agents/**/*.md

📄 CodeRabbit inference engine (.agents/retrospective/pr43-coderabbit-root-cause-analysis.md)

.agents/**/*.md: Use PREFIX-NNN naming convention (e.g., EPIC-001, CRITIQUE-001) for sequenced artifacts and type-prefixed naming (e.g., prd-, tasks-) for non-sequenced artifacts
Normalize all file paths in markdown documents to be repository-relative before committing, removing absolute machine-specific paths

.agents/**/*.md: Session logs and documentation must include Phase checklist verification (Phase 1-3 protocol compliance including agent activation, instruction reading, handoff file updates, and session logging)
Session logs must document Session ID, date, agent name, and branch information in a standardized header format

All artifact files in .agents/ must be in Markdown format

Document analysis recommendations with specific rationale when adding new governance documents like PROJECT-CONSTRAINTS.md

Maintain debugging skills documentation in .agents/ directory

Document implementation notes explaining deviations from user prompts or decisions made during development (e.g., using plural form for directory names)

Run markdown lint on all generated artifacts before completing a session

Files:

• .agents/pr-comments/PR-225/comments.md

**/.agents/pr-comments/**/*.md

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-20-pr-147-comment-2637248710-failure.md)

**/.agents/pr-comments/**/*.md: Update artifact status atomically with fix application before API calls - immediately update tasks.md and comments.md status fields when implementing a fix, before posting follow-up comments or resolving threads
Check artifact state matches API state using diff before resolution - verify that artifact status (tasks.md, comments.md) matches intended GitHub API state changes before calling resolveThread mutation or closing threads
Synchronize artifact state with every state change, not deferred to session end - update corresponding tracking artifacts immediately after any work state change (fix applied, comment posted, thread resolved), treating artifacts as real-time source of truth

Files:

• .agents/pr-comments/PR-225/comments.md

.agents/**

⚙️ CodeRabbit configuration file

Agent configuration files. Only flag security issues or broken cross-references. Ignore style, formatting, and structure.

Files:

• .agents/pr-comments/PR-225/comments.md

scripts/**/*.ps1

📄 CodeRabbit inference engine (.agents/security/infrastructure-file-patterns.md)

PowerShell scripts in scripts directory (scripts/**/*.ps1) should trigger security agent review due to high security implications

Validation scripts belong in scripts/ directory; may duplicate to .agents/utilities/ for agent access

All scripts must avoid credential handling and should not store or process sensitive authentication information

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,psm1,psd1}

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-15-cva-install-scripts.md)

Extract environment variations to .psd1 data files, keeping logic generic rather than hardcoding configuration in scripts

Convert PathInfo objects to string representations when passing to string-typed parameters to prevent type mismatch errors

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

scripts/**/*.{ps1,psm1,psd1}

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-15-documentation-gap.md)

Create module-specific README documentation for PowerShell scripts and modules, including parameter documentation and usage examples

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,psd1}?(@(test|spec))

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-15-install-scripts-session.md)

Use BeforeAll blocks for all variable initialization in Pester 5.x tests; avoid variable assignments outside BeforeAll during Discovery phase

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.ps1

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-15-instruction-files-gap.md)

User instruction files should be excluded from agent file copying during installation to prevent them from being treated as agent files

Use .Path property to extract string value from PathInfo objects returned by Resolve-Path in PowerShell (e.g., (Resolve-Path $Path).Path instead of Resolve-Path $Path)

PowerShell scripts should normalize output line endings (convert CRLF to LF) when output is intended to be processed by shell commands like grep to ensure cross-platform compatibility

Use -cmatch instead of -match when pattern requires case-sensitive matching in PowerShell validation scripts (e.g., EPIC vs epic for naming conventions)

**/*.ps1: In PowerShell script scope, use exit with explicit exit codes instead of return; return exits with code 0 regardless of boolean value
Document the bash-PowerShell exit code contract explicitly in PowerShell script comments: exit code 0 means success, non-zero means failure

When combining ShouldProcess with PassThru in PowerShell cmdlets: always provide explicit return value in else branch when ShouldProcess returns false

Before executing any PowerShell generation script, audit its code for alignment with known user requirements and identify dead/unused functions

**/*.ps1: Create regression tests for PowerShell scripts covering wildcard character detection, path resolution correctness, and edge cases when fixing path handling logic
In PowerShell, validate wildcard detection logic by distinguishing between literal wildcard characters (? and *) vs. actual wildcard patterns, using the -like operator correctly with character class escaping (e.g., *[?]* instead of *?*)

**/*.ps1: Before implementing features search for pre-existing test coverage
When tests pre-exist run them first to understand feature expectations
Use deep cloning to preserve source data integrity when transforming configurations
Use regex with exact match anchors (^...$) to prevent partial matches in configuration transformations
Up...

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/{install,*.ps1,*.json}

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-15-instruction-files-gap.md)

Verify that all files referenced in installer configuration (InstructionsFile, SourceDir, etc.) exist in their expected locations before release

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

{install.ps1,build/**/*.{ps1,sh},scripts/**/*.{ps1,sh}}

📄 CodeRabbit inference engine (.agents/roadmap/epic-agent-consolidation.md)

Build script must generate platform-specific YAML frontmatter for VS Code and Copilot CLI variants at build time

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/scripts/tests/**/*.ps1

📄 CodeRabbit inference engine (.agents/planning/PRD-visual-studio-install-support.md)

Add unit tests in 'scripts/tests/' directory for new VisualStudio configuration and installation functions

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

**/*.Tests.ps1

📄 CodeRabbit inference engine (.agents/qa/047-test-pollution-fix-verification.md)

**/*.Tests.ps1: Add BeforeEach cleanup block to Pester test contexts to prevent test pollution between tests
Use BeforeAll block in Pester tests to create isolated temp directories for test execution
Use AfterAll block in Pester tests to clean up and remove temp directories after all tests complete
Clean temp test directory using Get-ChildItem -Recurse | Remove-Item -Force pattern with -ErrorAction SilentlyContinue to safely remove test artifacts
Verify test isolation through file count assertions in Pester tests to detect if previous test files remain

Pre-compute collections before Pester hashtable initialization; pipeline operators inside hashtable index expressions are not supported

**/*.Tests.ps1: Include $LASTEXITCODE assertion tests in Pester test suites for PowerShell scripts invoked from bash hooks to validate exit code contracts
Verify that Pester tests for PowerShell scripts check both internal logic and external exit code behavior when scripts are executed from bash contexts

**/*.Tests.ps1: PowerShell cmdlets with 2+ switch parameters require combination testing: n parameters = n individual + C(n,2) pair tests minimum
Integration tests must include first-time setup scenario where config files don't exist yet
Organize PowerShell Pester test files with contexts for: Basic Functionality, Error Handling, Parameter Combinations, and Edge Cases

**/*.Tests.ps1: Use Pester test isolation pattern with BeforeAll, AfterAll, and BeforeEach blocks when creating file system-based tests in PowerShell
Achieve 100% branch coverage and 80%+ edge case coverage for wildcard detection and path resolution tests, with execution time under 5 seconds
For file system-based tests in PowerShell, use temp directory isolation with proper cleanup in BeforeAll/AfterAll blocks to prevent test pollution and ensure test repeatability

Pester test files must follow the AAA (Arrange-Act-Assert) pattern and use mocking for dependencies with behavior verification as docum...

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

**/*.{md,json,yml,yaml,ps1,sh,bash,toml,ini,cfg,config,txt}

📄 CodeRabbit inference engine (.agents/retrospective/phase1-remediation-pr43.md)

Use relative paths only in documentation and configuration files; avoid absolute paths (e.g., C:\ on Windows) to prevent environment contamination and maintain cross-platform portability

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/tests/**/*.Tests.ps1

📄 CodeRabbit inference engine (.agents/retrospective/pr-feedback-remediation.md)

Create Pester tests following 5.x structure with test cases covering Pattern Detection, File Filtering, Exit Code Behavior, Reporting, and Edge Cases for validation scripts

Create Pester tests for error handling paths in skill scripts (e.g., skill-*.ps1) to verify graceful failure handling

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

**/*.{ps1,psm1}

📄 CodeRabbit inference engine (.agents/steering/powershell-patterns.md)

**/*.{ps1,psm1}: Use approved verbs for PowerShell functions (Get-, Set-, New-, Remove-, etc.)
Implement parameter conventions and validation in PowerShell functions
Use proper error handling with ErrorActionPreference, try/catch blocks in PowerShell
Follow PowerShell pipeline usage and best practices for function design
Use comment-based help standards in PowerShell functions
Implement advanced function templates with CmdletBinding attribute
Use parameter validation attributes in PowerShell functions
Handle pipeline input properly in PowerShell cmdlets
Implement progress reporting for long-running PowerShell operations
Use proper configuration management patterns in PowerShell
Avoid using aliases in PowerShell scripts
Never suppress errors without proper error handling in PowerShell
Avoid hardcoded paths in PowerShell scripts

Use .claude/skills/github/ scripts for GitHub operations. NEVER use raw gh commands directly.

**/*.{ps1,psm1}: All PowerShell scripts (.ps1, .psm1) must include corresponding Pester test files (.Tests.ps1) with test coverage
PowerShell modules should use type safety, object pipelines, and structured error handling rather than string-based output

**/*.{ps1,psm1}: Use PowerShell regex pattern ^[a-zA-Z0-9][a-zA-Z0-9 _\-\.]{0,48}[a-zA-Z0-9]?$ for GitHub label validation to allow spaces in labels
All GitHub label validation must reject empty strings, accept single characters only if alphanumeric, reject newlines and tabs, enforce maximum 50 character limit per GitHub's specifications, and allow spaces in label names
Document all regex edge cases including empty string rejection, single character handling, newline/tab rejection, and character limit rationale in PowerShell code comments

MUST use PowerShell for all scripting (.ps1, .psm1)

**/*.{ps1,psm1}: Sanitize all values written to $env:GITHUB_OUTPUT by escaping newlines and special characters to prevent injection of arbitrary output variables
Quote label names in gh commands or...

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,yml,yaml,md}

📄 CodeRabbit inference engine (.agents/analysis/003-session-protocol-skill-gate.md)

Validate skill availability before implementing GitHub operations - Check if .claude/skills/github/ directory exists and contains the required capability; list available GitHub skill scripts; read the skill-usage-mandatory memory; document available skills in session log; use existing skills if they exist rather than writing inline code

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,yml,yaml}

📄 CodeRabbit inference engine (.agents/analysis/003-session-protocol-skill-gate.md)

NEVER use raw gh commands (like gh pr view, gh issue create, gh api) when a Claude skill exists for that functionality - Always use the tested skill scripts from .claude/skills/github/ instead of writing inline commands

**/*.{ps1,yml,yaml}: Use atomic gh label create $label --force operation instead of separate check + create steps to prevent TOCTOU race conditions
Implement all 4 mandatory Phase 1 security hardening conditions (label creation atomicity, auth check always-run, GITHUB_OUTPUT sanitization, debug file path randomization) before merge approval

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/{ai-issue-triage.yml,*.ps1}

📄 CodeRabbit inference engine (.agents/analysis/004-pr-60-gap-coverage-validation.md)

Add explicit exit code checks for npm and GitHub CLI commands instead of using || true error suppression patterns

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{yml,yaml,ps1}

📄 CodeRabbit inference engine (.agents/analysis/004-pr-60-gap-coverage-validation.md)

Generate unique temporary directories for each workflow run using timestamped or UUID-based naming to prevent directory collision

Ensure authentication checks always run and are not skipped by conditional logic in diagnostics mode - remove or restructure conditions that bypass authentication

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{Tests.ps1,yml}

📄 CodeRabbit inference engine (.agents/critique/004-pr-60-remediation-final-validation.md)

All test cases must pass before PR merge; implement blocking acceptance gate for 7 mandatory Pester injection tests (5 for labels, 2 for milestone) as required criteria

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

**/*.{ps1,psm1,yml,yaml}

📄 CodeRabbit inference engine (.agents/planning/PR-60/006-agent-validation-sign-offs.md)

Align all PowerShell implementations with ADR-005 (PowerShell-only requirement) and ADR-006 (thin workflows principle) to maintain architecture coherence

Add rate limiting for label operations to prevent DoS of GitHub API quota by capping the maximum number of labels per issue

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{Tests.ps1,yml,yaml}

📄 CodeRabbit inference engine (.agents/planning/PR-60/006-agent-validation-sign-offs.md)

Establish daily test execution gate requiring all Pester tests to PASS with exit code 0 before proceeding to next implementation phase

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

{**/*.yml,**/*.ps1}

📄 CodeRabbit inference engine (.agents/planning/PR-60/007-phase-1-detailed-schedule.md)

Verify exit code after each critical command (gh issue edit, npm install) in PowerShell workflows and scripts

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

{**/*.ps1,**/*.yml}

📄 CodeRabbit inference engine (.agents/planning/PR-60/007-phase-1-detailed-schedule.md)

Remove or justify all '|| true' patterns in PowerShell scripts and workflows to prevent silent failures

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

{**/*.psm1,**/*.ps1}

📄 CodeRabbit inference engine (.agents/planning/PR-60/007-phase-1-detailed-schedule.md)

Replace 'exit 1' with 'throw' statements in PowerShell modules and scripts for proper exception handling

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.Tests.{ps1,sh}

📄 CodeRabbit inference engine (.agents/planning/pr-60-implementation-plan.md)

Add test cases for security vulnerabilities including code injection prevention scenarios, malformed input handling, and edge cases in critical paths

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

**/*.{md,js,ts,tsx,jsx,json,yaml,yml,sh,ps1}

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-18-serena-memory-reference-migration.md)

Search entire codebase for pattern before migration to identify all references

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,psm1,sh,bash}

📄 CodeRabbit inference engine (.agents/security/SR-PR60-implementation-review.md)

Use unique, secured temporary file paths with random identifiers and cleanup logic instead of hardcoded predictable paths like /tmp/categorize-output.txt

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*Tests.ps1

📄 CodeRabbit inference engine (.agents/sessions/2025-12-18-session-28-pr-60-qa-strategy.md)

Use Mock with endpoint pattern matching and mode switching (Success, ApiError, NotFound, Unauthenticated) for realistic gh CLI API mocking across test files

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

scripts/tests/*.Tests.ps1

📄 CodeRabbit inference engine (scripts/AGENTS.md)

All PowerShell test files must use Pester framework and cover the corresponding script/module functions

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1

**/*.{js,ts,ps1,py,json,yaml,yml,md}

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-19-skill-extraction-summary.md)

Use identical syntax for all instances when migrating patterns to maintain consistency

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*{.ps1,github,reaction}*

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-20-pr-94-acknowledgment-failure.md)

PowerShell script failure requires immediate gh CLI fallback attempt (dual-path tooling for GitHub operations)

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,js,ts,tsx,jsx,py}

📄 CodeRabbit inference engine (.agents/sessions/2025-12-20-session-43-qa-validation-pr147.md)

Use regex patterns with single-line mode flag (?s) for multi-line matching in YAML comment extraction

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.@(js|ts|py|go|java|rb|php|ps1|regex)

📄 CodeRabbit inference engine (.agents/critique/047-pr-212-retrospective-critique.md)

Use ([pattern])? instead of [pattern]? for optional trailing groups in regex to ensure correct optional behavior and prevent special character bypass

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,js,ts,py}

📄 CodeRabbit inference engine (.agents/retrospective/2025-12-20-pr-212-comment-response.md)

Use atomic optional groups ([pattern])?$ instead of [pattern]?$ for optional trailing characters in regex validation to prevent special character bypass

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,ts,tsx,js}

📄 CodeRabbit inference engine (.agents/sessions/2025-12-20-session-01.md)

Verify regex validation patterns in security remediation code

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,sh,bash}

📄 CodeRabbit inference engine (.agents/sessions/2025-12-21-session-53-pr212-security-continuation.md)

Transform validation error messages into 5-word activation prompts that trigger correct behavior

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,psm1,psd1,yml,yaml,sh}

📄 CodeRabbit inference engine (.agents/HANDOFF.md)

Use PowerShell exclusively for implementation in GitHub Actions workflows, scripts, and automation; avoid bash unless absolutely necessary for CI/CD platform compatibility

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

**/*.{ps1,psm1,yml}

📄 CodeRabbit inference engine (.agents/sessions/2025-12-21-session-57-pr-222-review-response.md)

Include the -Force flag when using Import-Module to ensure module reload and prevent stale module state

Files:

• scripts/tests/Invoke-BatchPRReview.Tests.ps1
• scripts/Invoke-BatchPRReview.ps1

scripts/*.ps1

📄 CodeRabbit inference engine (.agents/sessions/2025-12-18-session-21-check-skill-exists.md)

PowerShell scripts must support -Operation, -Action, and -ListAvailable parameters with ValidateSet constraint for valid operations

Files:

• scripts/Invoke-BatchPRReview.ps1

🔍 Remote MCP

Since I'm having difficulty locating the exact repository, let me use DeepWiki to explore common repository patterns related to Claude commands and PR review automation. However, I note that the context provided contains comprehensive summaries already. Let me search for relevant best practices and patterns related to the technologies used:Excellent! Now I have comprehensive context about git worktree best practices and PowerShell error handling. Let me compile the findings.

Summary of Relevant Context for PR #225 Review

Based on my research, here is additional context relevant to reviewing this PR:

Git Worktree Best Practices and Architecture

Git worktree lets you attach extra working directories that share the same .git store, each checked out at a different branch or commit. A branch can be checked out in only one worktree at a time. The PR's implementation aligns with this constraint by using structured worktree management functions.

Best practice involves organizing worktrees in a structured hierarchy like worktrees/feature/, worktrees/bugfix/, worktrees/review/ for different purposes. The PR's approach of per-PR worktrees follows this pattern.

Key isolation benefits per worktree design:

• Each worktree keeps its own working files like node_modules, builds, and caches. The repository data like commits, branches, tags and stashes, is shared across them all.

PowerShell Error Handling - Critical for this PR

The PR extensively implements error checking via $LASTEXITCODE. This is correct approach for external commands:

To trap exit code from external processes, utilize the $LastExitCode PowerShell variable. When the launched process exits, PowerShell will write the exit code directly to $LastExitCode. In most cases an exit code of 0 means success, and 1 or greater indicates a failure.

Critical caveat for git commands: When you need to call an external executable, most of the time you'll get the best results by checking $LASTEXITCODE for status information. However, $LASTEXITCODE is not set if you pipe the output of the native command to a cmdlet. This is important if the PR's script uses piped commands.

PowerShell-specific behavior to note: When you redirect stderr to stdout using 2>&1, in PowerShell this merge changes how stderr is handled for native commands: Native stderr gets converted into PowerShell ErrorRecord objects.

Batch PR Review Workflow Patterns

A common pattern with GitHub CLI is creating PR-specific worktrees: branch=$(gh pr view "$pr" --json headRefName -q .headRefName); git fetch "$remote" "$branch"; git worktree add "../$branch" "$branch"

If there are uncommitted changes in a particular folder, Git will not allow you to remove it by default. You can override this restriction by using the --force option. The PR's Remove-PRWorktree function correctly implements force handling.

Review Quality Considerations for PR #225

Based on best practices, key review areas should include:

1. Worktree isolation enforcement - Verify the PR implements safeguards against concurrent branch checkouts across worktrees
2. LASTEXITCODE checks - Confirm all git operations (add, commit, push) have explicit exit code validation immediately after the command
3. Error recovery paths - Test cleanup behavior when errors occur mid-operation
4. Upstream branch validation - The PR mentions checking upstream existence before querying status, which aligns with avoiding detached HEAD state issues
5. Test coverage - The 23 Pester tests should cover edge cases like malformed PR numbers, missing branches, uncommitted changes

[::web_search::]

🔇 Additional comments (12)

scripts/tests/Invoke-BatchPRReview.Tests.ps1 (3)

63-111: Structural verification approach is acceptable.

These tests verify implementation patterns via regex rather than behavior. This is a pragmatic approach for ensuring error handling code exists. No issues here.

---

113-125: Tests cover mandatory parameter validation correctly.

---

178-203: Integration test properly uses try/finally and skip condition.

Good pattern: conditional skip for git availability, proper cleanup with try/finally. Test validates graceful handling of non-existent PRs.

.claude/commands/pr-review.md (2)

176-243: Constraints section documents isolation requirements well.

The five blocking constraints cover worktree isolation, working directory, path validation, git operations, and verification. Clear guidance for parallel execution safety.

---

245-256: Prerequisites and related commands documented correctly.

Past feedback addressed: pr-comment-responder marked as optional with separate installation guidance.

.agents/pr-comments/PR-225/comments.md (1)

1-158: PR comment tracking artifact is well-structured.

Documents all review comments with status tracking, resolutions, and QA findings. No security issues or broken references.

scripts/Invoke-BatchPRReview.ps1 (6)

59-75: Get-PRBranch error handling looks good.

LASTEXITCODE check after gh command with early return prevents JSON parse errors on failure. Warning message includes actionable troubleshooting.

---

102-145: Get-WorktreeStatus handles upstream detection correctly.

Proper try/finally for Push-Location cleanup. Upstream check before @{u} reference prevents errors on branches without tracking. Clean implementation.

---

147-184: Remove-PRWorktree has good safety checks.

Idempotent behavior (returns true if already removed). Safety checks for uncommitted/unpushed changes before removal. Same dead code issue at line 179 as noted in New-PRWorktree.

---

186-233: Push-WorktreeChanges implements robust error handling.

LASTEXITCODE checks after each git operation. Uses ${PRNumber} syntax correctly. try/catch/finally ensures cleanup. Git push without hardcoded remote. Addresses all past feedback.

---

255-271: Cleanup operation handles push-before-remove correctly.

Pushes changes before removing worktrees. Out-Null suppresses boolean returns, not errors (errors terminate due to ErrorActionPreference). Shows remaining worktrees after cleanup.

---

31-45: Parameter design prevents injection risks.

PR numbers typed as int[] - blocks command injection. ValidateSet constrains Operation. WorktreeRoot used only with Join-Path, never directly in shell commands.