docs: revise security observability design

[jj-blazity]

Summary

• Made architecture cloud-agnostic via adapters (AWS first, GCP/Azure via equivalents)
• Added disclaimer that thresholds and integration details are preliminary — review after first month
• Removed DNS tunneling detection (unreliable heuristics, trivially bypassed)
• Removed endpoint allowlist — agents need unrestricted research access; rely on volume anomaly detection instead
• Removed code safety / OWASP section — better handled by dedicated SAST tooling outside this pipeline
• Added token budget exceeded as critical severity (circuit breaker for runaway agents)
• Simplified Jira integration — removed "Security Review" column references, Slack alerts are the primary notification channel
• Cleaned up severity and monitoring stream tables

Test plan

• Review changes against current architecture assumptions
• Confirm no references to removed sections remain elsewhere in the codebase

Summary by CodeRabbit

• New Features

  • Added Jira webhook endpoint for automatic ticket dispatch.
  • Introduced GitLab VCS adapter support alongside existing GitHub integration.
  • Added usage and cost tracking with Slack reporting per workflow phase.
  • Implemented security observability monitoring for threat detection and observability across workflow execution.

• Improvements

  • Enhanced environment variable validation with clearer error messages.
  • Improved authentication environment variable persistence for Claude Code support.

• Documentation

  • Added GitLab adapter implementation plan and design specification.
  • Added security observability specification for threat monitoring and response workflows.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 69b83564-3ae6-476e-a79d-6935e75eba1a

📥 Commits

Reviewing files that changed from the base of the PR and between 9a77c51 and c380cf3.

📒 Files selected for processing (15)

• .gitignore
• docs/superpowers/plans/2026-04-09-gitlab-vcs-adapter.md
• docs/superpowers/specs/2026-04-09-gitlab-vcs-adapter-design.md
• docs/superpowers/specs/2026-04-09-security-observability-design.md
• env.ts
• src/lib/prompts.ts
• src/routes/webhooks/jira.post.ts
• src/sandbox/manager.test.ts
• src/sandbox/manager.ts
• src/sandbox/poll-agent.ts
• src/sandbox/usage.test.ts
• src/sandbox/usage.ts
• src/sandbox/wrapper-script.test.ts
• src/sandbox/wrapper-script.ts
• src/workflows/agent.ts

---

📝 Walkthrough

Walkthrough

This pull request introduces GitLab VCS adapter planning and design specifications, adds Jira webhook integration for ticket dispatch, implements sandbox environment variable persistence via shell scripts, and adds usage tracking utilities for Claude Code CLI execution metrics with corresponding updates to agent workflows.

Changes

Cohort / File(s)	Summary
GitLab VCS Adapter Documentation docs/superpowers/plans/2026-04-09-gitlab-vcs-adapter.md, docs/superpowers/specs/2026-04-09-gitlab-vcs-adapter-design.md	Comprehensive planning and design specs for GitLab VCS integration, including adapter interface implementation, API mappings, error handling patterns, test coverage, and factory wiring to support VCS_KIND=gitlab.
Security Observability Design docs/superpowers/specs/2026-04-09-security-observability-design.md	End-to-end security observability specification covering threat detection (prompt injection, data exfiltration, secrets/PII leakage, behavioral anomalies), response actions by severity, and on-demand debug mode with content/network/behavioral capture.
Configuration & Validation .gitignore, env.ts, src/lib/prompts.ts	Added worktrees directory to gitignore, extended environment schema with optional JIRA_WEBHOOK_SECRET and custom validation error formatting, and added explicit constraint to agent prompts preventing .gitignore modification of session memory directory.
Jira Webhook Integration src/routes/webhooks/jira.post.ts	New endpoint handling Jira webhooks with HMAC signature verification, ticket extraction, project filtering, and dispatch via existing dispatchTicket logic with structured logging and response handling.
Sandbox Environment Management src/sandbox/manager.ts, src/sandbox/manager.test.ts, src/sandbox/wrapper-script.ts, src/sandbox/wrapper-script.test.ts, src/sandbox/poll-agent.ts	Persists authentication environment variables (ANTHROPIC_API_KEY or CLAUDE_CODE_OAUTH_TOKEN) to /tmp/agent-env.sh with proper shell escaping; updated wrapper scripts to source env file before phase execution and always use JSON output format; poll-agent sources env in retry flow.
Usage Tracking Utilities src/sandbox/usage.ts, src/sandbox/usage.test.ts	New utilities to parse Claude Code CLI JSON result envelopes, extract per-phase usage metrics (cost, duration, turns), unwrap research text, and format aggregated usage reports for Slack notifications.
Agent Workflow Integration src/workflows/agent.ts	Updated workflow to dynamically extract usage metrics after each phase, track usage across Research/Impl/Review stages with retry labels, and append formatted usage report to final PR-ready Slack notification.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat: add gitlab #49: Implements the same GitLab VCS adapter code and tests planned in this PR's documentation, directly advancing the integration to implementation phase.
• feat: push inside the sandbox #40: Shares sandbox infrastructure changes (environment variable persistence, wrapper script sourcing, poll-agent retry flow) that parallel the env management updates in this PR.
• feat: implement new agent flow #43: Introduces the three-phase unified agent workflow foundation that this PR extends with usage tracking and reporting capabilities.

Poem

🐰 The warren whispers of adapters new,
GitLab paths join the GitHub crew,
With Jira bells and secrets kept,
And usage coins in ledgers swept,
The sandbox breathes through scripts so fine—
What chaos spawned will soon align! 🌿

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

ai-workflow/src/routes/webhooks/jira.post.ts

Lines 87 to 89 in c380cf3

	const expectedSig = createHmac(method, env.JIRA_WEBHOOK_SECRET!)
	.update(rawBody, "utf8")
	.digest("hex");

Reject unsupported HMAC algorithms instead of throwing 500

The signature method is taken directly from X-Hub-Signature and passed into createHmac. If a request sends something like foo=<hex>, createHmac throws Invalid digest, which escapes as a 500 instead of the intended 401 for bad auth. In production this lets unauthenticated callers trigger server errors and noisy retries/logging; validate the method (e.g., only sha256) or catch digest errors and convert them to createError({ statusCode: 401, ... }).

---

ai-workflow/src/routes/webhooks/jira.post.ts

Line 26 in c380cf3

const body = rawBody ? JSON.parse(rawBody) : {};

Return 400 for malformed webhook JSON bodies

The handler parses rawBody with a bare JSON.parse, so any malformed payload (from Jira misconfiguration, retries, or random internet traffic) throws a SyntaxError and becomes a 500. This is a client-input failure, so returning 500 causes unnecessary error alerts/retries and obscures true server issues; wrap parsing in try/catch and map invalid JSON to a 400/ignored response.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".