Add repo standards (CLAUDE.md, safety hooks, templates)#71
Conversation
Add CLAUDE.md, AGENTS.md, safety hooks, issue/PR templates, CodeRabbit config, and issue writing guide. These files enable both human Claude Code users and autonomous agents to work effectively and safely in this repo. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (5)
WalkthroughAdds governance hooks and CI gates, CodeRabbit review configuration, GitHub issue/PR templates and a writing guide, and documentation for shared protobufs/agents; introduces scripts that block dangerous operations, notify on failures, and enforce a quality gate. Changes
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
CLAUDE.md (1)
34-47: Consider adding language identifier to the architecture code block.The directory tree structure would benefit from a language identifier for consistency with linting rules.
📝 Optional: Add language identifier
-``` +```text proto/vultisig/ → .proto definitions (SOURCE OF TRUTH) Sources/swift/vultisig/ → Generated Swift code (do not edit)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@CLAUDE.md` around lines 34 - 47, Update the fenced code block that contains the directory tree (the block starting with ``` and listing proto/vultisig, Sources/swift/vultisig, go/vultisig, etc.) to include a language identifier by replacing the opening ``` with ```text so the block becomes ```text and satisfies the linter/formatting rule.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/hooks/block-dangerous.sh:
- Around line 39-51: The DESTRUCTIVE_PATTERNS array has regex gaps: update the
entries for "git push.*-f " to allow end-of-line or next arg and for "git
checkout \." / "git checkout -- \." to match "./" variants; specifically replace
the "git push.*-f " pattern with something like "git push.*-f($|\\s)" (or use
"\b" equivalent) and replace "git checkout \." and "git checkout -- \." with
patterns that accept a trailing slash or end-of-line, e.g. "git
checkout\\s+\\.(?:/|$)" and "git checkout\\s+--\\s+\\.(?:/|$)"; keep these
changes within the DESTRUCTIVE_PATTERNS array so other entries remain untouched.
---
Nitpick comments:
In `@CLAUDE.md`:
- Around line 34-47: Update the fenced code block that contains the directory
tree (the block starting with ``` and listing proto/vultisig,
Sources/swift/vultisig, go/vultisig, etc.) to include a language identifier by
replacing the opening ``` with ```text so the block becomes ```text and
satisfies the linter/formatting rule.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 992c730f-b8b2-4d37-9d67-b8b99be20622
📒 Files selected for processing (9)
.claude/hooks/block-dangerous.sh.claude/settings.json.coderabbit.yaml.github/ISSUE_GUIDE.md.github/ISSUE_TEMPLATE/bug_report.md.github/ISSUE_TEMPLATE/feature_request.md.github/PULL_REQUEST_TEMPLATE.mdAGENTS.mdCLAUDE.md
- Add quality-gate.sh (TaskCompleted: make build must pass before done) - Add on-failure-notify.sh (PostToolUseFailure: surfaces build error context) - Add PostToolUseFailure + TaskCompleted hooks to settings.json Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Link to vultisig/vultisig-knowledge for deeper context on repo structure, cross-repo impact, and dependencies. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/hooks/on-failure-notify.sh:
- Around line 8-13: The build-failure notifier only matches go/make/protoc
commands via the grep in the on-failure-notify.sh hook, so add the repo's other
build invocations to that pattern: update the CMD grep -qE expression (used
inside the if [ "$TOOL" = "Bash" ] block where CMD is set) to also match buf
commands (e.g., "buf" and common subcommands) and the local build script (e.g.,
"./build.sh" or "build.sh"); keep the existing groups for go/make/protoc and
expand the alternation to include buf and build.sh so errors from those
workflows get the same extra context logging.
In @.claude/hooks/quality-gate.sh:
- Around line 7-11: The MODIFIED detection currently uses "git diff --name-only
--diff-filter=ACMR HEAD" which omits untracked files; update the logic that sets
MODIFIED to also include untracked .go and .proto files (e.g., combine the
existing git diff output with files from "git ls-files --others
--exclude-standard" filtered by \.(go|proto)$) so newly created files are
detected by the quality gate; ensure the variable assignment that creates
MODIFIED still falls back to empty safely (|| true) and that subsequent checks
for [ -z "$MODIFIED" ] continue to work unchanged.
- Around line 13-16: The quality gate hook currently runs "make build" which
triggers build.sh and may modify files; change the hook to run a read-only
verification target instead (e.g., "make verify") so it only validates and does
not rewrite files—update the conditional in .claude/hooks/quality-gate.sh that
checks "make build" to call the verify target, ensuring the Makefile's verify
target performs lint/build checks without running buf format -w or buf generate.
In `@CLAUDE.md`:
- Around line 34-47: The fenced code block listing repo folders in CLAUDE.md is
missing a language tag which triggers markdownlint; update the opening fence
from ``` to ```text for that block (the one starting with "proto/vultisig/
→ .proto definitions (SOURCE OF TRUTH)") so the block is treated as plain text
and the lint warning is cleared.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 20cdbbf1-9dfb-40ce-9098-a42c8ef05fbe
📒 Files selected for processing (5)
.claude/hooks/block-dangerous.sh.claude/hooks/on-failure-notify.sh.claude/hooks/quality-gate.sh.claude/settings.jsonCLAUDE.md
🚧 Files skipped from review as they are similar to previous changes (1)
- .claude/hooks/block-dangerous.sh
| if [ -f Makefile ] && ! make build 2>&1; then | ||
| echo "Quality gate: build failed" >&2 | ||
| exit 2 | ||
| fi |
There was a problem hiding this comment.
Keep the quality gate read-only.
In this repo, make delegates to build.sh, and build.sh runs buf format -w plus buf generate. Running that from TaskCompleted can rewrite files and leave the tree dirty after every task instead of just validating it. Please switch this hook to a verify-only target/path.
🔧 Proposed fix
-if [ -f Makefile ] && ! make build 2>&1; then
+if [ -f Makefile ] && ! make verify 2>&1; then
echo "Quality gate: build failed" >&2
exit 2
fimake verify should only validate, e.g. lint/build checks, and must not run buf format -w or buf generate.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.claude/hooks/quality-gate.sh around lines 13 - 16, The quality gate hook
currently runs "make build" which triggers build.sh and may modify files; change
the hook to run a read-only verification target instead (e.g., "make verify") so
it only validates and does not rewrite files—update the conditional in
.claude/hooks/quality-gate.sh that checks "make build" to call the verify
target, ensuring the Makefile's verify target performs lint/build checks without
running buf format -w or buf generate.
Agent-agnostic link to vultisig/vultisig-knowledge for any AI coding agent. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Prevent agents from running printenv, env, or echoing TOKEN/API_KEY/SECRET/PASSWORD/CREDENTIAL values. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… files - Tighten destructive git patterns for end-of-line and ./ variants - Add buf and build.sh to failure notifier detection - Include untracked files in quality gate MODIFIED check - Add text language tag to architecture code block in CLAUDE.md
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.claude/hooks/quality-gate.sh (1)
18-21:⚠️ Potential issue | 🔴 CriticalCall a real verify path instead of
make build.Line 18 invokes
make build, but the provided repo context only exposes the defaultmakeworkflow and./build.sh; there is nobuildtarget. That means any.goor.protochange will trip this gate even when the tree is healthy. Point the hook at an actual read-only verification command/target instead of a non-existent build target.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.claude/hooks/quality-gate.sh around lines 18 - 21, The hook currently runs "make build" (in quality-gate.sh) which doesn't exist in this repo and causes false failures; change the command to invoke an actual read-only verification target such as the repository's "./build.sh" script or the default "make" target (or a "make verify"/"make test" target if present) so the gate runs an existent verification step instead of "make build"; update the conditional that checks for Makefile to run "./build.sh" when present or fall back to "make" (replacing occurrences of "make build") and keep the same exit handling and messages.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@AGENTS.md`:
- Around line 18-21: Update AGENTS.md to remove or clarify the blanket "Only
edit files in `proto/vultisig/`" restriction so agents are not prevented from
modifying legitimate repo-owned data in `tokens/`; specifically, change the
sentence referencing `proto/vultisig/` / `Sources/swift/` / `go/vultisig/` to
state that only generated code in `Sources/swift/` and `go/vultisig/` should not
be edited, while `tokens/` (repo-owned metadata) may be edited when appropriate,
and keep the instruction to run `buf generate` and commit generated code after
proto changes; ensure the edit mentions `tokens/` by name so automated agents
understand it's allowed to change token metadata.
---
Duplicate comments:
In @.claude/hooks/quality-gate.sh:
- Around line 18-21: The hook currently runs "make build" (in quality-gate.sh)
which doesn't exist in this repo and causes false failures; change the command
to invoke an actual read-only verification target such as the repository's
"./build.sh" script or the default "make" target (or a "make verify"/"make test"
target if present) so the gate runs an existent verification step instead of
"make build"; update the conditional that checks for Makefile to run
"./build.sh" when present or fall back to "make" (replacing occurrences of "make
build") and keep the same exit handling and messages.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 0ec9555e-5446-4c32-8fc2-4257672ad7c6
📒 Files selected for processing (5)
.claude/hooks/block-dangerous.sh.claude/hooks/on-failure-notify.sh.claude/hooks/quality-gate.shAGENTS.mdCLAUDE.md
🚧 Files skipped from review as they are similar to previous changes (1)
- .claude/hooks/block-dangerous.sh
| 1. This is a submodule used by iOS, Android, and Go services — changes ripple everywhere | ||
| 2. Run `make` (or `./build.sh`) to validate current state | ||
| 3. Only edit files in `proto/vultisig/` — never touch `Sources/swift/` or `go/vultisig/` (generated) | ||
| 4. After proto changes: run `buf generate` and commit generated code alongside proto changes |
There was a problem hiding this comment.
Don't tell agents that tokens/ is off-limits.
Line 20 says to edit only proto/vultisig/, but Line 28 later identifies tokens/ as repo-owned source data. That instruction will steer agents away from legitimate token metadata changes in this repo.
✏️ Suggested wording
-3. Only edit files in `proto/vultisig/` — never touch `Sources/swift/` or `go/vultisig/` (generated)
+3. Edit source files in `proto/vultisig/` and `tokens/` as needed — never touch `Sources/swift/` or `go/vultisig/` (generated)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@AGENTS.md` around lines 18 - 21, Update AGENTS.md to remove or clarify the
blanket "Only edit files in `proto/vultisig/`" restriction so agents are not
prevented from modifying legitimate repo-owned data in `tokens/`; specifically,
change the sentence referencing `proto/vultisig/` / `Sources/swift/` /
`go/vultisig/` to state that only generated code in `Sources/swift/` and
`go/vultisig/` should not be edited, while `tokens/` (repo-owned metadata) may
be edited when appropriate, and keep the instruction to run `buf generate` and
commit generated code after proto changes; ensure the edit mentions `tokens/` by
name so automated agents understand it's allowed to change token metadata.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Broaden secret file patterns to catch credentials.json, secret.txt, keystore - Register MultiEdit and NotebookEdit in hook matchers Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Agent metadata is now wrapped in <!-- AGENT ... --> blocks so it's invisible in rendered issues but still parseable from raw markdown. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
gomesalexandre
left a comment
There was a problem hiding this comment.
Standards + Claude hooks. Looks clean. AGENTS.md + CLAUDE.md pattern matches agent-backend conventions. Safety hooks and CR config are sensible. Good to merge.
gomesalexandre
left a comment
There was a problem hiding this comment.
CLAUDE.md/AGENTS.md/safety-hooks/templates — the same standards already merged to other Vultisig repos (#72 was the templates PR). Content is accurate, hooks are sensible (block force-push, mainnet RPCs, secret file edits). The quality-gate.sh hook requiring build success is a good default. Approved.
Summary
Why
These files enable the Vultisig developer agent framework. They give both human devs (using Claude Code) and autonomous agents the context they need to work safely in this repo. Safety hooks provide defense-in-depth alongside branch protection.
What to review
The safety hooks and PR template are standardized across all Vultisig repos.
Summary by CodeRabbit
Documentation
Chores