Skip to content

feat(pr-review-toolkit): add specialists, improve signals, optimize collection#73

Merged
cblecker merged 1 commit into
mainfrom
feat/pr-review-toolkit-improvements
Jul 7, 2026
Merged

feat(pr-review-toolkit): add specialists, improve signals, optimize collection#73
cblecker merged 1 commit into
mainfrom
feat/pr-review-toolkit-improvements

Conversation

@cblecker

@cblecker cblecker commented Jul 7, 2026

Copy link
Copy Markdown
Owner

Summary

  • 3 new specialist reviewers: security, API compatibility, and concurrency — triggered by new security and concurrency signals plus the existing public-api signal
  • Diff-content signal scanning: supplements path-based heuristics by scanning added lines for keywords (e.g., mutex, token, catch), so specialists trigger even when filenames are generic
  • Threads moved to synthesis only: specialists no longer receive thread data or produce postability classifications — synthesis owns all overlap classification, reducing specialist context size and eliminating triple-redundant classification
  • Parallelized collection: thread and file collection now run concurrently instead of sequentially
  • Increased page size: FILE_PAGE_SIZE from 10 to 30, reducing collection agent count by ~3x
  • Trimmed specialist prompts: removed output format sections and conflicting rating systems redundant with FINDING_SCHEMA, preserving all substantive analytical guidance
  • ExitPlanMode in SKILL.md: prevents permission prompt issues when invoked during plan mode
  • Version bump: 1.9.0 → 1.10.0

Test plan

  • Run /pr-review-toolkit:review-pr against a PR with diverse file types to validate the full workflow completes
  • Verify new specialists trigger correctly (e.g., a PR touching auth code triggers security-reviewer)
  • Verify diff-content signals fire for generically-named files with relevant content
  • Confirm synthesis still correctly classifies findings against existing review threads without specialist pre-classification
  • Run claude plugin validate ./pr-review-toolkit

Summary by CodeRabbit

  • New Features
    • Added support for an additional workflow step to exit plan mode before review begins.
    • Expanded review coverage with specialist agents focused on security/crypto, API compatibility, and concurrency.
  • Bug Fixes
    • Improved review consistency by adjusting required finding details and refining how review signals are detected and prioritized.
  • Documentation
    • Updated the review agents documentation to include the new specialist reviewer types.
  • Chores
    • Updated plugin version metadata.

Copilot AI review requested due to automatic review settings July 7, 2026 02:09
@coderabbitai

coderabbitai Bot commented Jul 7, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 887938a3-42b6-4ef4-86dd-0d2d80dc3ca7

📥 Commits

Reviewing files that changed from the base of the PR and between b5d34e5 and cd404ea.

📒 Files selected for processing (4)
  • pr-review-toolkit/.claude-plugin/plugin.json
  • pr-review-toolkit/README.md
  • pr-review-toolkit/skills/review-pr/SKILL.md
  • pr-review-toolkit/skills/review-pr/review-pr.js
✅ Files skipped from review due to trivial changes (3)
  • pr-review-toolkit/.claude-plugin/plugin.json
  • pr-review-toolkit/README.md
  • pr-review-toolkit/skills/review-pr/SKILL.md

📝 Walkthrough

Walkthrough

This PR bumps the plugin version, updates review-pr skill instructions, removes the required postability field from findings, adds new specialist reviewers and signal detection, and restructures thread collection, context passing, and synthesis logic.

Changes

Review Toolkit Workflow Updates

Layer / File(s) Summary
Plugin version and Exit Plan Mode step
pr-review-toolkit/.claude-plugin/plugin.json, pr-review-toolkit/skills/review-pr/SKILL.md
Version is bumped from 1.9.0 to 1.10.0; the skill allows ExitPlanMode and adds an instruction to exit plan mode before continuing.
Findings schema drops postability requirement
pr-review-toolkit/skills/review-pr/review-pr.js
FINDING_SCHEMA removes the required postability object and keeps suggestedFix as the sole required fix field; the standardization text is updated to match.
Existing reviewer prompt guidance updates
pr-review-toolkit/skills/review-pr/review-pr.js
The silent-failure-hunter, pr-test-analyzer, comment-analyzer, and type-design-analyzer prompts add or expand guidance on retry logic, regression framing, comment quality, and invariant design.
New specialist reviewers and signal-based selection
pr-review-toolkit/skills/review-pr/review-pr.js, pr-review-toolkit/README.md
Adds security-reviewer, api-compat-reviewer, and concurrency-reviewer prompts and registry entries; file and diff signal classification now includes security and concurrency, and reviewer selection can enable the new agents from those signals.
Thread collection and synthesis orchestration
pr-review-toolkit/skills/review-pr/review-pr.js
Shared specialist context omits threads, thread collection is refactored into a named prompt/promise, orchestration waits for threads before diff signal enrichment, board overlap/merge handling changes, and synthesis rules no longer reference postability.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Orchestrator
  participant signalsForFile
  participant enrichSignalsFromDiff
  participant selectReviewers
  participant Specialists
  Orchestrator->>signalsForFile: classify changed files
  Orchestrator->>enrichSignalsFromDiff: scan added diff hunks
  enrichSignalsFromDiff-->>Orchestrator: updated signals
  Orchestrator->>selectReviewers: pass signals
  selectReviewers->>Specialists: enable matching reviewers
Loading

Possibly related PRs

  • cblecker/claude-plugins#45: Both PRs modify the same pr-review-toolkit/skills/review-pr workflow and reviewer orchestration.
  • cblecker/claude-plugins#46: Both PRs change review-pr.js finding handling and routing logic around confidence and related review metadata.
  • cblecker/claude-plugins#49: Both PRs adjust how diff and patch data are collected and incorporated into review context and prompts.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main changes: new specialist reviewers, better signal detection, and collection optimizations.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/pr-review-toolkit-improvements

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
pr-review-toolkit/skills/review-pr/review-pr.js (1)

984-985: 🚀 Performance & Scalability | 🔵 Trivial | 💤 Low value

Substring indexOf matching can over-trigger high-effort specialists.

These are naive substring checks, so 'lock' matches block/blockchain/adblock, 'sync' matches async, 'cert' matches concert/certainty, and 'pool'/'ssl' similarly. Since concurrency-reviewer/security-reviewer run with effort: 'high' (Lines 602/612), spurious matches select expensive agents for unrelated files. Selection is intentionally liberal, but the short/ambiguous tokens above are the main cost drivers and could be tightened (e.g. delimiter-aware matching).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@pr-review-toolkit/skills/review-pr/review-pr.js` around lines 984 - 985, The
`signals` detection in `review-pr.js` is over-matching on short substrings,
which can incorrectly trigger `security` and `concurrency` specialists for
unrelated paths. Update the `p.indexOf(...)` checks in the selection logic to
use tighter matching for ambiguous tokens like `lock`, `sync`, `cert`, `pool`,
and `ssl` (for example, delimiter-aware or whole-segment matching) while keeping
the existing broad intent. Make sure the logic around the
`signals.push('security')` and `signals.push('concurrency')` branches preserves
true positives but avoids common false positives.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@pr-review-toolkit/skills/review-pr/review-pr.js`:
- Around line 1005-1011: The regex patterns in SIGNAL_PATTERNS for types and
concurrency are over-anchored, so normal cases like `@dataclass`, mu.Lock(), and
mu.RLock() are missed. Update the matching logic in review-pr.js by adjusting
the boundary handling around the alternatives in these two patterns so non-word
tokens and method-style calls can match reliably, while preserving the existing
detections for class/interface/enum and lock/async/thread terms.

---

Nitpick comments:
In `@pr-review-toolkit/skills/review-pr/review-pr.js`:
- Around line 984-985: The `signals` detection in `review-pr.js` is
over-matching on short substrings, which can incorrectly trigger `security` and
`concurrency` specialists for unrelated paths. Update the `p.indexOf(...)`
checks in the selection logic to use tighter matching for ambiguous tokens like
`lock`, `sync`, `cert`, `pool`, and `ssl` (for example, delimiter-aware or
whole-segment matching) while keeping the existing broad intent. Make sure the
logic around the `signals.push('security')` and `signals.push('concurrency')`
branches preserves true positives but avoids common false positives.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 5ed2ba95-4713-4494-bc70-5a6f932dc2ea

📥 Commits

Reviewing files that changed from the base of the PR and between a595f4b and b5d34e5.

📒 Files selected for processing (3)
  • pr-review-toolkit/.claude-plugin/plugin.json
  • pr-review-toolkit/skills/review-pr/SKILL.md
  • pr-review-toolkit/skills/review-pr/review-pr.js

Comment thread pr-review-toolkit/skills/review-pr/review-pr.js

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR extends the pr-review-toolkit plugin's review-pr workflow with three new specialist reviewers (security, API compatibility, concurrency), adds diff-content-based signal detection so specialists trigger for generically-named files, moves all thread/overlap classification to the synthesis step, parallelizes thread and file collection, and increases the file page size. It also trims verbose/duplicative sections from the existing reviewer prompts and adds an ExitPlanMode step to the skill.

Changes:

  • Added security-reviewer, api-compat-reviewer, and concurrency-reviewer plus security/concurrency signals and a enrichSignalsFromDiff diff-content scanner.
  • Removed the per-finding postability object from FINDING_SCHEMA/prompts so synthesis owns overlap classification; parallelized thread collection and raised FILE_PAGE_SIZE 10→30.
  • Trimmed redundant output-format/rating sections from reviewer prompts, added ExitPlanMode guidance to SKILL.md, and bumped the version to 1.10.0.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.

File Description
pr-review-toolkit/skills/review-pr/review-pr.js Adds specialists, diff-content signal enrichment, parallel collection, schema/prompt trimming, larger page size
pr-review-toolkit/skills/review-pr/SKILL.md Adds ExitPlanMode to allowed-tools and an "Exit Plan Mode" step
pr-review-toolkit/.claude-plugin/plugin.json Version bump 1.9.0 → 1.10.0

Key review notes:

  • The new concurrency diff-scan pattern's Lock()/RLock() alternatives (and the types pattern's @dataclass) can never match due to the trailing/leading \b around non-word characters, undercutting the generically-named-file detection this PR is meant to add.
  • rebuildSummarySignals is redundant because enrichSignalsFromDiff runs before buildSummary, which already recomputes signal counts.
  • The README "Review Agents" table was not updated to document the three new specialists.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread pr-review-toolkit/skills/review-pr/review-pr.js Outdated
Comment thread pr-review-toolkit/skills/review-pr/review-pr.js Outdated
Comment thread pr-review-toolkit/skills/review-pr/review-pr.js Outdated
Comment thread pr-review-toolkit/skills/review-pr/review-pr.js
@cblecker cblecker force-pushed the feat/pr-review-toolkit-improvements branch from b5d34e5 to 852f9ef Compare July 7, 2026 02:28
Copilot AI review requested due to automatic review settings July 7, 2026 02:50
@cblecker cblecker force-pushed the feat/pr-review-toolkit-improvements branch from 852f9ef to 43a0165 Compare July 7, 2026 02:50

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

Comment thread pr-review-toolkit/skills/review-pr/review-pr.js Outdated
…ollection

- Add security, API-compat, and concurrency specialist reviewers
- Upgrade signal detection with diff-content scanning alongside
  path-based heuristics for more reliable specialist triggering
- Move thread data and overlap classification out of specialists
  into synthesis only, removing postability from FINDING_SCHEMA
- Parallelize thread and file collection for faster wall-clock time
- Increase file page size from 10 to 30 to reduce collection agents
- Trim redundant output format sections from specialist prompts
  while preserving all substantive analytical guidance
- Add ExitPlanMode to SKILL.md to avoid permission prompts
- Bump version to 1.10.0

Assisted-by: Claude:claude-opus-4-6
@cblecker cblecker force-pushed the feat/pr-review-toolkit-improvements branch from 43a0165 to cd404ea Compare July 7, 2026 03:20
@cblecker cblecker merged commit 63530d3 into main Jul 7, 2026
13 checks passed
@cblecker cblecker deleted the feat/pr-review-toolkit-improvements branch July 7, 2026 03:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants