t3219: fix CodeRabbit review feedback on prompt-guard patterns

[alex-solovyev]

Summary

Addresses unactioned CodeRabbit review feedback from PR #2715 (issue #3219).

Changes

_PG_YAML_PATTERNS_LOADED flag moved after successful parse+cache

Bug: _PG_YAML_PATTERNS_LOADED="true" was set after file discovery succeeds but before parsing. If parsing produced no patterns (e.g., malformed YAML, empty file), the flag was already set to true with an empty cache. Subsequent calls would hit the cache check, find _PG_YAML_PATTERNS_CACHE empty, and return 1 — permanently disabling YAML loading for the session.

Fix: Move the flag assignment to after _PG_YAML_PATTERNS_CACHE="$patterns" so it is only set on a successful parse+cache. Transient parse failures now allow retries.

Zero-width character pattern uses literal Unicode chars

Bug: The YAML pattern '[\xE2\x80\x8B\xE2\x80\x8C\xE2\x80\x8D\xEF\xBB\xBF]' used byte-level \xNN hex escapes. In a character class, these match individual bytes (0xE2, 0x80, 0x8B, etc.), not the multi-byte UTF-8 codepoints U+200B/U+200C/U+200D/U+FEFF.

Fix: Replace with literal Unicode characters (U+200B ZWSP, U+200C ZWNJ, U+200D ZWJ, U+FEFF BOM) — same approach used for the homoglyph patterns. Verified: rg correctly matches the literal chars against test input.

Verification

• shellcheck: SC1091 info only (pre-existing, not a violation)
• prompt-guard-helper.sh status: 119 YAML patterns loaded correctly
• prompt-guard-helper.sh test: all PASS

Closes #3219

Summary by CodeRabbit

Release Notes

• Bug Fixes

  • Fixed an issue where failed pattern parsing would permanently disable pattern loading. Patterns will now correctly reload on subsequent attempts.

• Updates

  • Enhanced zero-width character detection patterns for improved accuracy in pattern matching.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses previously unactioned feedback, enhancing the robustness and correctness of the prompt-guard system. It rectifies a caching logic flaw that could prematurely disable YAML pattern loading and refines a zero-width character detection pattern for improved cross-platform compatibility.

Highlights

• _PG_YAML_PATTERNS_LOADED flag logic: The _PG_YAML_PATTERNS_LOADED flag's assignment was moved to occur only after successful parsing and caching of YAML patterns. This prevents transient parsing failures from permanently disabling YAML loading, ensuring retries are possible.
• Zero-width character pattern: The zero-width character pattern in prompt-injection-patterns.yaml was updated to use literal Unicode characters instead of byte-level hex escapes. This ensures correct matching of multi-byte UTF-8 codepoints across different grep implementations.

Changelog

• .agents/configs/prompt-injection-patterns.yaml
  • Updated the zero-width character pattern to use literal Unicode characters for better portability and correct matching of UTF-8 codepoints.
• .agents/scripts/prompt-guard-helper.sh
  • Relocated the assignment of the _PG_YAML_PATTERNS_LOADED flag to execute only after YAML patterns are successfully parsed and cached.

Activity

• Addressed unactioned CodeRabbit review feedback from PR t1375.1: Add YAML pattern loading and Lasso pattern merge to prompt-guard #2715.
• Closed issue quality-debt: .agents/configs/prompt-injection-patterns.yaml — PR #2715 review feedback (critical) #3219.
• Verified changes with shellcheck, prompt-guard-helper.sh status, and prompt-guard-helper.sh test, all passing.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)

• no-review

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 85cb4974-9c26-4fd4-a6d9-041182c8d79e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

Updated the zero-width character pattern from hex-escaped byte sequences to literal Unicode characters for portability, and repositioned the YAML patterns loaded flag to trigger only after successful parsing rather than after file discovery, preventing transient failures from permanently disabling pattern loading.

Changes

Cohort / File(s)	Summary
Pattern Format Update .agents/configs/prompt-injection-patterns.yaml	Replaced hex-escaped UTF-8 byte sequence [\xE2\x80\x8B\xE2\x80\x8C\xE2\x80\x8D\xEF\xBB\xBF] with literal Unicode characters [​‌‍] for zero-width character detection, improving cross-tool compatibility with grep/ggrep fallbacks and ripgrep.
Load State Management .agents/scripts/prompt-guard-helper.sh	Moved _PG_YAML_PATTERNS_LOADED flag assignment to occur only after successful YAML parsing and caching, preventing transient parse errors from permanently blocking future pattern loading attempts.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• t1375.1: Add YAML pattern loading and Lasso pattern merge to prompt-guard #2715: Introduced the prompt-injection patterns YAML and initial YAML-loading logic in the prompt-guard helper; this PR applies critical fixes to pattern portability and load-state handling based on review feedback from that PR.

Suggested labels

bug

Poem

Zero-width shadows now dance in plain sight,
Literal Unicode, portable and bright,
No more false negatives when fallbacks take hold—
A-grade automation, resolute and bold! ✨

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/t3219-homoglyph-patterns

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 347 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Sat Mar 14 07:19:17 UTC 2026: Code review monitoring started
Sat Mar 14 07:19:18 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 347

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 347
• VULNERABILITIES: 0

Generated on: Sat Mar 14 07:19:20 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[gemini-code-assist]

Code Review

This pull request effectively addresses two separate issues. The first fix correctly defers setting the _PG_YAML_PATTERNS_LOADED flag in prompt-guard-helper.sh until after patterns are successfully parsed and cached, which robustly handles transient parsing failures. The second fix in prompt-injection-patterns.yaml corrects a faulty regex pattern for zero-width characters. While the fix is correct, I've suggested a small improvement to use YAML's Unicode escape sequences for better maintainability. Overall, these are solid improvements.

[gemini-code-assist]

For better readability and maintainability, consider using YAML's standard Unicode escape sequences within a double-quoted string. This approach makes the pattern explicit and avoids potential issues with editors or source control tools mishandling the literal, invisible zero-width characters.

    pattern: "[\u200B\u200C\u200D\uFEFF]"

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud