Skip to content

Add repo standards (CLAUDE.md, safety hooks, templates)#71

Open
realpaaao wants to merge 10 commits into
mainfrom
add-repo-standards
Open

Add repo standards (CLAUDE.md, safety hooks, templates)#71
realpaaao wants to merge 10 commits into
mainfrom
add-repo-standards

Conversation

@realpaaao

@realpaaao realpaaao commented Mar 5, 2026

Copy link
Copy Markdown
Contributor

Summary

  • CLAUDE.md — Build commands (make, build.sh, buf), architecture map, proto conventions. For humans with Claude Code and autonomous agents.
  • AGENTS.md — Quick start, patterns, security notes. Agent-focused reference.
  • .claude/settings.json + hooks/block-dangerous.sh — PreToolUse safety hooks that block mainnet RPCs, destructive git, secret file edits, force push, and direct push to main.
  • .github/ — PR template, issue templates (bug + feature) with agent-friendly frontmatter, issue writing guide.
  • .coderabbit.yaml — CodeRabbit review config (chill profile, proto review rules, generated code flagged as read-only).

Why

These files enable the Vultisig developer agent framework. They give both human devs (using Claude Code) and autonomous agents the context they need to work safely in this repo. Safety hooks provide defense-in-depth alongside branch protection.

What to review

  • CLAUDE.md — Does the architecture map match reality? Are buf commands correct?
  • AGENTS.md — Anything missing for someone new to this repo?
  • .coderabbit.yaml — Proto review rules and generated-code handling match your preferences?
  • Issue templates — Frontmatter fields useful? Acceptance criteria defaults correct?

The safety hooks and PR template are standardized across all Vultisig repos.

Summary by CodeRabbit

  • Documentation

    • Added a comprehensive issue-writing guide, bug and feature request templates, and a standardized pull-request template
    • Added agent/protobuf workflow and repo onboarding docs
  • Chores

    • Added repository safety hooks to block risky operations and to notify on failures
    • Added a task-completion quality gate to enforce successful builds
    • Added code-review configuration and auto-review tooling settings

Add CLAUDE.md, AGENTS.md, safety hooks, issue/PR templates, CodeRabbit config,
and issue writing guide. These files enable both human Claude Code users and
autonomous agents to work effectively and safely in this repo.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented Mar 5, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@realpaaao has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 2 minutes and 55 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f19696c4-7489-4b51-bb41-897afa653c2e

📥 Commits

Reviewing files that changed from the base of the PR and between 37ffb1c and d1535cd.

📒 Files selected for processing (5)
  • .claude/hooks/block-dangerous.sh
  • .claude/settings.json
  • .github/ISSUE_TEMPLATE/bug_report.md
  • .github/ISSUE_TEMPLATE/feature_request.md
  • CLAUDE.md

Walkthrough

Adds governance hooks and CI gates, CodeRabbit review configuration, GitHub issue/PR templates and a writing guide, and documentation for shared protobufs/agents; introduces scripts that block dangerous operations, notify on failures, and enforce a quality gate.

Changes

Cohort / File(s) Summary
Claude hooks & settings
.claude/hooks/block-dangerous.sh, .claude/hooks/on-failure-notify.sh, .claude/hooks/quality-gate.sh, .claude/settings.json
Adds a pre-tool hook that blocks mainnet RPCs, protected-branch pushes/merges, destructive git commands, secret/credential edits, and env secret exposure; a post-tool failure notifier for build-related Bash commands; a quality-gate that runs make build when .go/.proto changes are present; and settings wiring these hooks to tool events.
Code review configuration
.coderabbit.yaml
Adds CodeRabbit config with language/profile, auto-review rules, proto/codegen guidance for Swift/Go, path-based review instructions, tool configs (markdownlint, GitHub checks) and timeouts.
GitHub issue templates & guide
.github/ISSUE_GUIDE.md, .github/ISSUE_TEMPLATE/bug_report.md, .github/ISSUE_TEMPLATE/feature_request.md
Adds a detailed issue-writing guide and two machine-readable templates (bug report, feature request) with frontmatter and structured sections (problem, solution, scope, acceptance criteria, examples, pre-submit checklist).
GitHub PR template
.github/PULL_REQUEST_TEMPLATE.md
Adds a PR template with description, type/category checklist, agent metadata, and verification checklist.
Repository docs: agents & protobufs
AGENTS.md, commondata/CLAUDE.md
Adds documentation describing agent/commondata layout, proto source-of-truth, generation workflows (buf/Docker/local), security tiers and critical boundaries, code conventions, and update/release workflows for generated Swift/Go code.
🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely summarizes the main changes: adding repository standards including CLAUDE.md documentation, safety hooks, and GitHub templates.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch add-repo-standards

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
CLAUDE.md (1)

34-47: Consider adding language identifier to the architecture code block.

The directory tree structure would benefit from a language identifier for consistency with linting rules.

📝 Optional: Add language identifier
-```
+```text
 proto/vultisig/         → .proto definitions (SOURCE OF TRUTH)
 Sources/swift/vultisig/ → Generated Swift code (do not edit)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@CLAUDE.md` around lines 34 - 47, Update the fenced code block that contains
the directory tree (the block starting with ``` and listing proto/vultisig,
Sources/swift/vultisig, go/vultisig, etc.) to include a language identifier by
replacing the opening ``` with ```text so the block becomes ```text and
satisfies the linter/formatting rule.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.claude/hooks/block-dangerous.sh:
- Around line 39-51: The DESTRUCTIVE_PATTERNS array has regex gaps: update the
entries for "git push.*-f " to allow end-of-line or next arg and for "git
checkout \." / "git checkout -- \." to match "./" variants; specifically replace
the "git push.*-f " pattern with something like "git push.*-f($|\\s)" (or use
"\b" equivalent) and replace "git checkout \." and "git checkout -- \." with
patterns that accept a trailing slash or end-of-line, e.g. "git
checkout\\s+\\.(?:/|$)" and "git checkout\\s+--\\s+\\.(?:/|$)"; keep these
changes within the DESTRUCTIVE_PATTERNS array so other entries remain untouched.

---

Nitpick comments:
In `@CLAUDE.md`:
- Around line 34-47: Update the fenced code block that contains the directory
tree (the block starting with ``` and listing proto/vultisig,
Sources/swift/vultisig, go/vultisig, etc.) to include a language identifier by
replacing the opening ``` with ```text so the block becomes ```text and
satisfies the linter/formatting rule.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 992c730f-b8b2-4d37-9d67-b8b99be20622

📥 Commits

Reviewing files that changed from the base of the PR and between 5793a3d and 14afe2c.

📒 Files selected for processing (9)
  • .claude/hooks/block-dangerous.sh
  • .claude/settings.json
  • .coderabbit.yaml
  • .github/ISSUE_GUIDE.md
  • .github/ISSUE_TEMPLATE/bug_report.md
  • .github/ISSUE_TEMPLATE/feature_request.md
  • .github/PULL_REQUEST_TEMPLATE.md
  • AGENTS.md
  • CLAUDE.md

Comment thread .claude/hooks/block-dangerous.sh
realpaaao and others added 3 commits March 5, 2026 12:08
- Add quality-gate.sh (TaskCompleted: make build must pass before done)
- Add on-failure-notify.sh (PostToolUseFailure: surfaces build error context)
- Add PostToolUseFailure + TaskCompleted hooks to settings.json

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Link to vultisig/vultisig-knowledge for deeper context on repo structure,
cross-repo impact, and dependencies.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.claude/hooks/on-failure-notify.sh:
- Around line 8-13: The build-failure notifier only matches go/make/protoc
commands via the grep in the on-failure-notify.sh hook, so add the repo's other
build invocations to that pattern: update the CMD grep -qE expression (used
inside the if [ "$TOOL" = "Bash" ] block where CMD is set) to also match buf
commands (e.g., "buf" and common subcommands) and the local build script (e.g.,
"./build.sh" or "build.sh"); keep the existing groups for go/make/protoc and
expand the alternation to include buf and build.sh so errors from those
workflows get the same extra context logging.

In @.claude/hooks/quality-gate.sh:
- Around line 7-11: The MODIFIED detection currently uses "git diff --name-only
--diff-filter=ACMR HEAD" which omits untracked files; update the logic that sets
MODIFIED to also include untracked .go and .proto files (e.g., combine the
existing git diff output with files from "git ls-files --others
--exclude-standard" filtered by \.(go|proto)$) so newly created files are
detected by the quality gate; ensure the variable assignment that creates
MODIFIED still falls back to empty safely (|| true) and that subsequent checks
for [ -z "$MODIFIED" ] continue to work unchanged.
- Around line 13-16: The quality gate hook currently runs "make build" which
triggers build.sh and may modify files; change the hook to run a read-only
verification target instead (e.g., "make verify") so it only validates and does
not rewrite files—update the conditional in .claude/hooks/quality-gate.sh that
checks "make build" to call the verify target, ensuring the Makefile's verify
target performs lint/build checks without running buf format -w or buf generate.

In `@CLAUDE.md`:
- Around line 34-47: The fenced code block listing repo folders in CLAUDE.md is
missing a language tag which triggers markdownlint; update the opening fence
from ``` to ```text for that block (the one starting with "proto/vultisig/      
→ .proto definitions (SOURCE OF TRUTH)") so the block is treated as plain text
and the lint warning is cleared.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 20cdbbf1-9dfb-40ce-9098-a42c8ef05fbe

📥 Commits

Reviewing files that changed from the base of the PR and between 14afe2c and d359abf.

📒 Files selected for processing (5)
  • .claude/hooks/block-dangerous.sh
  • .claude/hooks/on-failure-notify.sh
  • .claude/hooks/quality-gate.sh
  • .claude/settings.json
  • CLAUDE.md
🚧 Files skipped from review as they are similar to previous changes (1)
  • .claude/hooks/block-dangerous.sh

Comment thread .claude/hooks/on-failure-notify.sh
Comment thread .claude/hooks/quality-gate.sh Outdated
Comment on lines +13 to +16
if [ -f Makefile ] && ! make build 2>&1; then
echo "Quality gate: build failed" >&2
exit 2
fi

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Keep the quality gate read-only.

In this repo, make delegates to build.sh, and build.sh runs buf format -w plus buf generate. Running that from TaskCompleted can rewrite files and leave the tree dirty after every task instead of just validating it. Please switch this hook to a verify-only target/path.

🔧 Proposed fix
-if [ -f Makefile ] && ! make build 2>&1; then
+if [ -f Makefile ] && ! make verify 2>&1; then
   echo "Quality gate: build failed" >&2
   exit 2
 fi

make verify should only validate, e.g. lint/build checks, and must not run buf format -w or buf generate.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.claude/hooks/quality-gate.sh around lines 13 - 16, The quality gate hook
currently runs "make build" which triggers build.sh and may modify files; change
the hook to run a read-only verification target instead (e.g., "make verify") so
it only validates and does not rewrite files—update the conditional in
.claude/hooks/quality-gate.sh that checks "make build" to call the verify
target, ensuring the Makefile's verify target performs lint/build checks without
running buf format -w or buf generate.

Comment thread CLAUDE.md Outdated
realpaaao and others added 3 commits March 5, 2026 20:01
Agent-agnostic link to vultisig/vultisig-knowledge for any AI coding agent.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Prevent agents from running printenv, env, or echoing
TOKEN/API_KEY/SECRET/PASSWORD/CREDENTIAL values.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… files

- Tighten destructive git patterns for end-of-line and ./ variants
- Add buf and build.sh to failure notifier detection
- Include untracked files in quality gate MODIFIED check
- Add text language tag to architecture code block in CLAUDE.md

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

♻️ Duplicate comments (1)
.claude/hooks/quality-gate.sh (1)

18-21: ⚠️ Potential issue | 🔴 Critical

Call a real verify path instead of make build.

Line 18 invokes make build, but the provided repo context only exposes the default make workflow and ./build.sh; there is no build target. That means any .go or .proto change will trip this gate even when the tree is healthy. Point the hook at an actual read-only verification command/target instead of a non-existent build target.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.claude/hooks/quality-gate.sh around lines 18 - 21, The hook currently runs
"make build" (in quality-gate.sh) which doesn't exist in this repo and causes
false failures; change the command to invoke an actual read-only verification
target such as the repository's "./build.sh" script or the default "make" target
(or a "make verify"/"make test" target if present) so the gate runs an existent
verification step instead of "make build"; update the conditional that checks
for Makefile to run "./build.sh" when present or fall back to "make" (replacing
occurrences of "make build") and keep the same exit handling and messages.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@AGENTS.md`:
- Around line 18-21: Update AGENTS.md to remove or clarify the blanket "Only
edit files in `proto/vultisig/`" restriction so agents are not prevented from
modifying legitimate repo-owned data in `tokens/`; specifically, change the
sentence referencing `proto/vultisig/` / `Sources/swift/` / `go/vultisig/` to
state that only generated code in `Sources/swift/` and `go/vultisig/` should not
be edited, while `tokens/` (repo-owned metadata) may be edited when appropriate,
and keep the instruction to run `buf generate` and commit generated code after
proto changes; ensure the edit mentions `tokens/` by name so automated agents
understand it's allowed to change token metadata.

---

Duplicate comments:
In @.claude/hooks/quality-gate.sh:
- Around line 18-21: The hook currently runs "make build" (in quality-gate.sh)
which doesn't exist in this repo and causes false failures; change the command
to invoke an actual read-only verification target such as the repository's
"./build.sh" script or the default "make" target (or a "make verify"/"make test"
target if present) so the gate runs an existent verification step instead of
"make build"; update the conditional that checks for Makefile to run
"./build.sh" when present or fall back to "make" (replacing occurrences of "make
build") and keep the same exit handling and messages.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0ec9555e-5446-4c32-8fc2-4257672ad7c6

📥 Commits

Reviewing files that changed from the base of the PR and between d359abf and 37ffb1c.

📒 Files selected for processing (5)
  • .claude/hooks/block-dangerous.sh
  • .claude/hooks/on-failure-notify.sh
  • .claude/hooks/quality-gate.sh
  • AGENTS.md
  • CLAUDE.md
🚧 Files skipped from review as they are similar to previous changes (1)
  • .claude/hooks/block-dangerous.sh

Comment thread AGENTS.md
Comment on lines +18 to +21
1. This is a submodule used by iOS, Android, and Go services — changes ripple everywhere
2. Run `make` (or `./build.sh`) to validate current state
3. Only edit files in `proto/vultisig/` — never touch `Sources/swift/` or `go/vultisig/` (generated)
4. After proto changes: run `buf generate` and commit generated code alongside proto changes

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Don't tell agents that tokens/ is off-limits.

Line 20 says to edit only proto/vultisig/, but Line 28 later identifies tokens/ as repo-owned source data. That instruction will steer agents away from legitimate token metadata changes in this repo.

✏️ Suggested wording
-3. Only edit files in `proto/vultisig/` — never touch `Sources/swift/` or `go/vultisig/` (generated)
+3. Edit source files in `proto/vultisig/` and `tokens/` as needed — never touch `Sources/swift/` or `go/vultisig/` (generated)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@AGENTS.md` around lines 18 - 21, Update AGENTS.md to remove or clarify the
blanket "Only edit files in `proto/vultisig/`" restriction so agents are not
prevented from modifying legitimate repo-owned data in `tokens/`; specifically,
change the sentence referencing `proto/vultisig/` / `Sources/swift/` /
`go/vultisig/` to state that only generated code in `Sources/swift/` and
`go/vultisig/` should not be edited, while `tokens/` (repo-owned metadata) may
be edited when appropriate, and keep the instruction to run `buf generate` and
commit generated code after proto changes; ensure the edit mentions `tokens/` by
name so automated agents understand it's allowed to change token metadata.

realpaaao and others added 3 commits March 7, 2026 11:11
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Broaden secret file patterns to catch credentials.json, secret.txt, keystore
- Register MultiEdit and NotebookEdit in hook matchers

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Agent metadata is now wrapped in <!-- AGENT ... --> blocks so it's
invisible in rendered issues but still parseable from raw markdown.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@realpaaao realpaaao requested a review from johnnyluo March 31, 2026 18:36

@gomesalexandre gomesalexandre left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Standards + Claude hooks. Looks clean. AGENTS.md + CLAUDE.md pattern matches agent-backend conventions. Safety hooks and CR config are sensible. Good to merge.

@gomesalexandre gomesalexandre left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CLAUDE.md/AGENTS.md/safety-hooks/templates — the same standards already merged to other Vultisig repos (#72 was the templates PR). Content is accurate, hooks are sensible (block force-push, mainnet RPCs, secret file edits). The quality-gate.sh hook requiring build success is a good default. Approved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants