Fix pr-security-preflight trust config inheritance

[justin808]

Fixes #19.

Summary

• Resolve pr-security-preflight trust config through explicit, repo-local, env, home, and packaged fallback layers.
• Add a fail-closed packaged fallback allowlist so public installs have a deterministic default without trusting repo-specific humans or automation.
• Require owner-qualified teams in user-global/env trust configs while keeping bare team slugs valid for repo-local and explicit configs.
• Document repo-specific github-actions[bot] trust guidance for generated workflow comments.
• Add an Unreleased changelog entry for the published workflow-pack behavior fix.

Tests

• ruby skills/pr-batch/bin/pr-security-preflight-test.rb
• bin/validate
• Current-head hosted validate passed for 198a5147480ba0449a19727d077c6591821145fa.
• skills/pr-batch/bin/pr-security-preflight --repo shakacode/agent-workflows 20: SECURITY_PREFLIGHT_OK.
• skills/pr-batch/bin/pr-ci-readiness 20 --repo shakacode/agent-workflows: READY.

Review / Readiness Evidence

• Current head: 198a5147480ba0449a19727d077c6591821145fa.
• Merge state: CLEAN.
• Inline PR review comments: none.
• Unresolved review threads: none.
• Hosted claude-review: passed for current head.
• Maintainer-triggered @claude review run 28282963532: completed with is_error: true after failing to compute a SHA for the new skills/pr-batch/trusted-github-actors.yml file from the issue-comment checkout; no inline comments or findings were posted. The current-head hosted claude-review check above is the usable Claude review evidence.
• CodeRabbit: current-head status is success, but its comment says review was rate-limited and no findings were produced.
• Codex GitHub review: unavailable due usage limits; no findings were produced.
• Local Codex review accepted and fixed findings for packaged fallback trust, global team scoping, and missing explicit config fallback. A final codex review --uncommitted rerun was stopped after it recursively spawned nested reviews.
• /simplify: skipped. Local Claude CLI was available, but the sandbox reviewer rejected the command because it would export repository content to an external Claude service with spend and the user had not explicitly authorized that path.
• Merge ledger: not applicable; AGENTS.md sets Merge ledger to n/a.

QA Evidence

• QA lane: coordinator closeout by codex-cace-pr-20-merge; private claim succeeded for PR Fix pr-security-preflight trust config inheritance #20.
• Scope checked: trust config resolution behavior, team scoping, packaged fallback policy, trusted workflow-bot guidance, docs, and changelog.
• Tested at: 198a5147480ba0449a19727d077c6591821145fa.
• Automated checks: targeted helper tests, local bin/validate, hosted validate, hosted claude-review, security preflight, and pr-ci-readiness.
• Manual checks: PR metadata, merge state, comments, inline review comments, and GraphQL review threads.
• Findings: no code blockers; CodeRabbit and Codex GitHub review were unavailable/rate-limited rather than reporting findings.
• QA required: yes.
• QA required rationale: developer-workflow/security helper behavior changed; local and hosted automated checks cover the changed surface.
• QA lane status: satisfied.
• Release-blocking status: clear.
• Process-gap disposition: not applicable.

Decision Log

• Packaged fallback is intentionally empty/fail-closed. Human maintainers and trusted automation are repo- or user-specific, so they belong in repo-local or user-global trust config.
• User-global/env trusted_teams entries must be owner-qualified as OWNER/team-slug; repo-local and explicit configs may keep using bare team slugs for the current repo owner.
• A missing --trust-config file now falls through to the remaining layers. A present empty file remains intentional local policy.
• github-actions[bot] is documented as an opt-in repo-specific trusted bot because workflow comments can include generated CI/status metadata that each consumer repo must decide whether to trust.

[coderabbitai]

Warning

Review limit reached

@justin808, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 19 minutes and 11 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d4970e46-e892-4522-a68e-b91d6ce3efd2

📥 Commits

Reviewing files that changed from the base of the PR and between d003ad5 and 198a514.

📒 Files selected for processing (9)

• CHANGELOG.md
• README.md
• docs/security-posture.md
• examples/trusted-github-actors.yml
• skills/pr-batch/SKILL.md
• skills/pr-batch/bin/pr-security-preflight
• skills/pr-batch/bin/pr-security-preflight-test.rb
• skills/pr-batch/trusted-github-actors.yml
• workflows/pr-processing.md

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch jg-codex/issue-19-trust-config-inheritance

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, add credits to your account and enable them for code reviews in your settings.

[justin808]

@claude review this PR.

[claude]

Claude finished @justin808's task in 2s —— View job

---

I'll analyze this and get back to you.