feat: Add review path instructions to .coderabbit.yaml

[rjmurillo]

Fixes #266

Pull Request

Summary

Specification References

Type	Reference	Description
Issue	Closes #
Spec	.agents/planning/...
Spec	.agents/specs/...

Spec Requirement Guidelines

PR Type	Spec Required?	Guidance
Feature (feat:, feat(scope):)	✅ Required	Link issue, REQ-*, or spec file in .agents/planning/
Bug fix (fix:, fix(scope):)	Optional	Link issue if exists; explain root cause if complex
Refactor (refactor:, refactor(scope):)	Optional	Explain rationale and scope in PR description
Documentation (docs:)	Not required	N/A
Infrastructure (ci:, build:, chore:)	Optional	Link ADR or design doc if architecture impacted

Changes

Type of Change

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update
• Infrastructure/CI change
• Refactoring (no functional changes)

Testing

• Tests added/updated
• Manual testing completed
• No testing required (documentation only)

Agent Review

Security Review

Required for: Authentication, authorization, CI/CD, git hooks, secrets, infrastructure

• No security-critical changes in this PR
• Security agent reviewed infrastructure changes
• Security agent reviewed authentication/authorization changes
• Security patterns applied (see .agents/security/)

Files requiring security review:

Other Agent Reviews

• Architect reviewed design changes
• Critic validated implementation plan
• QA verified test coverage

Checklist

• Code follows project style guidelines
• Self-review completed
• Comments added for complex logic
• Documentation updated (if applicable)
• No new warnings introduced

Related Issues

---

[gemini-code-assist]

Code Review

This pull request adds review path instructions to the .coderabbit.yaml configuration. However, it introduces a duplicate reviews key, which would cause the new instructions to be ignored. My feedback corrects this by merging the two reviews sections into one, ensuring the configuration is valid and both path_instructions and tools are correctly applied.

[Copilot]

Pull request overview

This PR adds path-specific review instructions to CodeRabbit's configuration for agent prompt files in the src/claude/ directory. The instructions define prioritized review criteria (P0, P1, P2) for agent prompts, including checks for required frontmatter, model assignments per ADR-002, and absolute paths in documentation.

Key Changes:

• Adds path_instructions configuration for src/claude/**/*.md files with structured review criteria

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Adds path-specific review instructions to .coderabbit.yaml targeting Markdown under src/claude/, defining P0 (Must Fix) and P1 (Should Fix) criteria with a prefix directive. No other tooling behavior or exported signatures changed.

Changes

Cohort / File(s)	Summary
CodeRabbit configuration \.coderabbit.yaml	Introduces path_instructions for src/claude/**/*.md containing an instructions block with P0/P1 criteria and a prefix directive. No other configuration keys modified.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Linked Issues check	❓ Inconclusive	PR changes partially address #266 objectives by introducing path instructions with P0/P1 priority framework, but implementation scope appears limited compared to multi-faceted requirements.	Verify that path instructions include CWE-specific security patterns, duplicate detection logic, concrete validation criteria, and test coverage thresholds as specified in #266.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title follows conventional commit format with 'feat:' prefix and clearly describes adding review path instructions to .coderabbit.yaml.
Description check	✅ Passed	Description mentions issue #266 and contains template structure relating to configuration changes, though most fields are uncompleted.
Out of Scope Changes check	✅ Passed	Only .coderabbit.yaml was modified with path-based review instructions, which aligns directly with issue #266 objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/coderabbit-config

---

📜 Recent review details

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9b5790c and 2182825.

📒 Files selected for processing (1)

• .coderabbit.yaml

🚧 Files skipped from review as they are similar to previous changes (1)

• .coderabbit.yaml

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.coderabbit.yaml (1)

25-28: Duplicate reviews: key breaks YAML parsing.

YAML forbids duplicate keys. Parser fails at line 25, blocking all CodeRabbit functionality.

🔎 Fix: Merge both sections under one `reviews:` key

 reviews:
   path_instructions:
     - path: "src/claude/**/*.md"
       instructions: |
         ## Agent Prompt Review Criteria
         ### P0 (Must Fix)
         - Missing required frontmatter
         - Model assignment violating ADR-002
         - Absolute paths in documentation
         ### P1 (Should Fix)
         - Missing Core Identity section
         - Drift from VS Code/Copilot CLI versions
         Prefix all comments with: [P0], [P1], or [P2]
-
-reviews:
   tools:
     markdownlint:
       enabled: false

🧹 Nitpick comments (1)

.coderabbit.yaml (1)

11-24: Make criteria more specific to reduce false positives.

The P0/P1 criteria need operational detail to hit the 80%+ actionability target from issue #266:

• "Missing required frontmatter" - list which fields (e.g., title, model, version)
• "Model assignment violating ADR-002" - state the actual constraint (e.g., "must use claude-3.5-sonnet")
• "Drift from VS Code/Copilot CLI versions" - specify expected versions or reference location

Vague criteria generate false positives when reviewers can't verify compliance.

🔎 Example of more specific instructions

       instructions: |
         ## Agent Prompt Review Criteria
         ### P0 (Must Fix)
-        - Missing required frontmatter
+        - Missing required frontmatter fields: model, version, compatibility
-        - Model assignment violating ADR-002
+        - Model assignment must be claude-3.5-sonnet (per ADR-002)
-        - Absolute paths in documentation
+        - Documentation uses absolute paths (must be relative to repo root)
         ### P1 (Should Fix)
-        - Missing Core Identity section
+        - Missing ## Core Identity section in prompt
-        - Drift from VS Code/Copilot CLI versions
+        - Model version differs from versions in .vscode/settings.json
         Prefix all comments with: [P0], [P1], or [P2]

Based on PR objectives to reduce false positives and increase actionability.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cc38cb0 and 9b5790c.

📒 Files selected for processing (1)

• .coderabbit.yaml

🧰 Additional context used

📓 Path-based instructions (1)

.coderabbit.yaml

📄 CodeRabbit inference engine (.agents/analysis/QUICK-REFERENCE-CODERABBIT.md)

Configure CodeRabbit with tiered enforcement: 'Chill' profile for general code to reduce noise comments, and full enforcement for CI/CD files (.github/workflows/*) and Git hooks (.githooks/*)

Files:

• .coderabbit.yaml

🔍 Remote MCP Context7, DeepWiki

It appears the repository information provided in the context (rjmurillo/dotfiles) is not accessible or may be a private/test repository. Let me search for general information about CodeRabbit configuration best practices and review path instructions that would be relevant to reviewing this PR:Now let me search for information about reducing false positives in code review tools and signal quality improvements:Based on my research, I can now provide you with comprehensive context for reviewing PR #270:

Summary of Additional Context Found

CodeRabbit Path Instructions Configuration Context

Path-based instructions allow you to provide specific review guidelines based on file paths. This enables tailored feedback for different file types, technologies, or code areas. Path-based instructions are configured in the .coderabbit.yaml file under the reviews.path_instructions section.

Paths accept glob patterns. Add custom review instructions using path-based patterns or AST rules. Configure CodeRabbit to follow specific guidelines for different file types and enforce coding standards.

Best Practices for Path Instructions:

• Path Instructions and Code Guidelines serve different purposes. Many users mistakenly put guideline file names in path_instructions, which causes CodeRabbit to review the guideline files instead of using them as reference.
• Use path-based instructions when you want CodeRabbit to follow specific guidelines beyond standard reviews, such as enforcing style guides by file types or directories.
• Make sure your instructions are clear and understandable not only by the coderabbit but also by other developers. Ensure that you use the correct file path to ensure the appropriate review.

P0/P1 Priority Framework Context

The PR references establishing a P0/P1/P2 priority framework for review comments. Industry standards define these as:

P0 (Critical/Must Fix): P0s represent the highest priority items to be completed – a P0 is something so critical that you would hold the release to include or fix it. P0 represents system outage, or system down, or service unavailable to all users, which is business critical. Requires 24/7 response.

P1 (Should Fix): P1 stands as a high-priority level, second only to the critical urgency of P0. P1 tasks are significant. They're like warning lights on your car's dashboard; ignore them, and you're in for a world of trouble, but you don't have to pull over this instant. These issues can affect the project's progress or user experience but typically don't cause a complete breakdown of functionality.

CWE-Specific Security Patterns Context

Unlike CVE (Common Vulnerabilities and Exposures), which documents specific, real-world vulnerabilities, CWE focuses on underlying flaws in code, architecture, or configuration that attackers often exploit. Maintained by the MITRE Corporation with support from industry partners and the U.S. Department of Homeland Security, the CWE project provides a standardized language and structure for identifying, discussing, and preventing common software errors across the development lifecycle.

Integrating CWE into an organization's SDLC allows for consistent tracking of recurring code issues, more accurate root cause analysis, and better communication between engineering and security teams.

Utilize CWE in Code Reviews. Beyond tools, have human reviewers check for CWE-specific weaknesses to ensure comprehensive security.

Reducing False Positives in Code Review

The bigger the context, the higher the chance of missing bugs, slowing reviews, or getting irrelevant AI comments. This aligns with the PR's goal to improve CodeRabbit's actionability rate from 50% to 80%+ by being more prescriptive and reducing false positives.

Markdown File Review Context

The PR targets Markdown documentation files (src/claude/**/*.md), which is appropriate for configuration documentation and guidelines. Markdown files in documentation paths typically require specific guidance around clarity, completeness, and adherence to documentation standards.

---

[::web_search::],,

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.