diff --git a/.coderabbit.yml b/.coderabbit.yml
new file mode 100644
index 0000000..dcf8c91
--- /dev/null
+++ b/.coderabbit.yml
@@ -0,0 +1,2 @@
+reviews:
+  path_filters: ["**/*.yml","**/*.yaml"]
diff --git a/semgrep/example.py b/semgrep/example.py
new file mode 100644
index 0000000..6a3d3cc
--- /dev/null
+++ b/semgrep/example.py
@@ -0,0 +1,32 @@
+import os
+import sys
+import hashlib
+
+# Hardcoded credentials
+USERNAME = "admin"
+PASSWORD = "secret123"
+
+def dangerous_eval():
+    user_input = input("Enter a Python expression: ")
+    result = eval(user_input)
+    print("Evaluated result:", result)
+
+def delete_data(path):
+    os.system("rm -rf " + path)  # Semgrep: shell injection
+
+def hash_password(password):
+    hashed = hashlib.md5(password.encode()).hexdigest()  # Semgrep: weak hash
+    return hashed
+
+def main():
+    print("Logging in as", USERNAME)
+    password_hash = hash_password(PASSWORD)
+    print("Password hash:", password_hash)
+
+    if len(sys.argv) > 1:
+        delete_data(sys.argv[1])
+    
+    dangerous_eval()
+
+main()
+
diff --git a/semgrep/semgrep.yml b/semgrep/semgrep.yml
new file mode 100644
index 0000000..405b747
--- /dev/null
+++ b/semgrep/semgrep.yml
@@ -0,0 +1,8 @@
+rules:
+  - id: hardcoded-password
+    pattern: password = "$SECRET"
+    message: "Avoid hardcoded passwords"
+    severity: ERROR
+    languages: [python]
+    metadata:
+      category: security