| key | type | primitive | tier |
|---|---|---|---|
no_hardcoded_secrets | must_not | regex_match@1 | — |
no_leftover_debug | must_not | regex_match@1 | — |
describes_the_change | scored | llm_judge@1 | 1 |
tests_addressed | scored | llm_judge@1 | 1 |
**Judges:** a PR (description + diff excerpt) against merge hygiene — no committed secrets, no leftover debug statements (deterministic), a real what+why description, and a testing story (judged). **Use when:** you gate auto-generated or high-volume PRs (AI coding agents, large teams) and want an auditable pre-review verdict before a human spends attention.
curl -s -X POST $API/v1/rubrics -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \
-d @templates/code-review-gate/rubric.json
curl -s -X POST $API/v1/verify -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \
-d '{"rubric_id":"<id>","submission":{"inline":"PR: ...\n+ diff lines"},"options":{"wait_ms":30000}}'MCP: `verify_submit` with the PR body + trimmed diff as `submission.inline` (mind the 512 KiB cap — send the description plus the highest-risk hunks, not the whole diff).