GH#3702: Fix critical quality-debt in code-audit-helper.sh

[marcusquinn]

Summary

• Numeric validation: Added integer sanitisation for all jq-parsed API values (total, critical, high, medium, low) before SQL interpolation and bash arithmetic — prevents SQL syntax errors and arithmetic failures from malformed SonarCloud API responses
• DB query consolidation: Replaced three separate SELECT queries for the previous regression snapshot with a single query returning all columns via pipe-separated output, reducing DB round-trips

Context

Addresses critical and major findings from CodeRabbit review on PR #1418:

1. Duplicate check-regression case arm (dead code) — already fixed in current code
2. Numeric validation (major) — API-derived values interpolated into SQL without validation
3. DB query consolidation (nitpick) — three queries for the same row
4. unified_task_creator variable reuse in pulse.sh — pulse.sh is archived, not applicable

Closes #3702

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

Warning

Rate limit exceeded

@marcusquinn has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 5 minutes and 56 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 70fd4711-b493-4fca-80f0-adf3a840ead3

📥 Commits

Reviewing files that changed from the base of the PR and between d64428e and f6f6dbb.

📒 Files selected for processing (1)

• .agents/scripts/code-audit-helper.sh

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/code-audit-quality-debt-3702

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 125 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Sat Mar 7 21:22:10 UTC 2026: Code review monitoring started
Sat Mar 7 21:22:11 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 125

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 125
• VULNERABILITIES: 0

Generated on: Sat Mar 7 21:22:13 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[marcusquinn]

@coderabbitai review

Review bots were rate-limited when this PR was created (affected: coderabbitai gemini-code-assist). Requesting a review retry.

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

@marcusquinn: Sure! Kicking off a fresh review of PR #3720 now. 🚀

---

🧠 Learnings used

Learnt from: marcusquinn
Repo: marcusquinn/aidevops PR: 0
File: :0-0
Timestamp: 2026-03-03T16:33:18.313Z
Learning: For the marcusquinn/aidevops repository: The daily quality sweep system (pulse-wrapper.sh) should only mention coderabbitai for full codebase review when there are significant changes (Quality Gate failure, +10 issues in one day, etc.), not on every automated sweep with stable metrics.

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[marcusquinn]

This PR appears orphaned — no active worker process found and no activity for 7+ hours. Flagging for re-dispatch.

[marcusquinn]

This PR appears orphaned — no active worker process found and no activity for 14+ hours. Flagging for re-dispatch. If work is still in progress, remove the status:orphaned label.

[marcusquinn]

Merging via pulse supervisor.

• CI: All checks passing
• Reviews: 0 formal reviews (systemic issue systemic: CodeRabbit not submitting formal reviews on maintainer PRs — all merges blocked #3932 — CodeRabbit commenting but not submitting formal reviews on maintainer PRs)
• Bot gate: PASS (CodeRabbit commented, Gemini rate-limited)
• Rationale: PASS_RATE_LIMITED scenario — PR is 3+ hours old with bot gate PASS. Safe to merge per pulse.md. Bot reviews will arrive later and can be addressed in follow-up PRs.