agent-governance/pipeline/templates/code-review.yaml

name: code-review
description: Code review specialist agent
version: "1.0.0"

tier: 0
role: observer

allowed_actions:
  - read_docs
  - read_code
  - analyze_code
  - generate_review
  - suggest_improvements

forbidden_actions:
  - modify_code
  - commit_changes
  - push_changes

default_config:
  languages:
    - python
    - typescript
    - go
    - bash
  review_focus:
    - security
    - performance
    - maintainability
    - governance_compliance
  max_files: 50
  max_lines_per_file: 2000

review_criteria:
  security:
    - sql_injection
    - command_injection
    - xss_vulnerability
    - hardcoded_secrets
    - insecure_dependencies
  governance:
    - audit_logging
    - error_handling
    - input_validation
    - confidence_reporting

output_format:
  type: structured
  sections:
    - summary
    - findings
    - recommendations
    - governance_compliance_score

error_budget:
  max_total_errors: 8
  max_same_error_repeats: 3
  max_procedure_violations: 1