Skill

coderabbit-webhooks-events

Implement CodeRabbit webhook signature validation and event handling. Use when setting up webhook endpoints, implementing signature verification, or handling CodeRabbit event notifications securely. Trigger with phrases like "coderabbit webhook", "coderabbit events", "coderabbit webhook signature", "handle coderabbit events", "coderabbit notifications".

From coderabbit-pack

Install

Run in your terminal

npx claudepluginhub nickloveinvesting/nick-love-plugins --plugin coderabbit-pack

Tool Access

This skill is limited to using the following tools:

ReadWriteEditBash(curl:*)

Skill Content

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

138.6k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

evaluation-methodology

1 file

Details PluginEval's skill quality evaluation: 3 layers (static, LLM judge), 10 dimensions, rubrics, formulas, anti-patterns, badges. Use to interpret scores, improve triggering, calibrate thresholds.

plugin-eval

32.9k

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitMar 20, 2026

Actions

View Source View Plugin View on GitHub View README

CodeRabbit Webhooks & Events

Overview

Handle CodeRabbit events triggered through GitHub and GitLab integrations. CodeRabbit posts AI-powered code review comments on pull requests.

Prerequisites

CodeRabbit installed on your GitHub or GitLab repository
GitHub webhook endpoint configured for PR events
GitHub App or personal access token for API access
.coderabbit.yaml configuration in repository root

Event Types

Event	Source	Payload
`pull_request_review`	GitHub webhook	Review body, state (approved/changes_requested)
`pull_request_review_comment`	GitHub webhook	Line comment, diff position, file path
`check_run.completed`	GitHub Checks API	CodeRabbit analysis results, conclusion
`issue_comment.created`	GitHub webhook	Summary comment, walkthrough
`pull_request.labeled`	GitHub webhook	Labels applied by CodeRabbit

Instructions

Step 1: Configure GitHub Webhook Receiver

import express from "express";
import crypto from "crypto";

const app = express();

app.post("/webhooks/github",
  express.raw({ type: "application/json" }),
  async (req, res) => {
    const signature = req.headers["x-hub-signature-256"] as string;  # 256 bytes
    const secret = process.env.GITHUB_WEBHOOK_SECRET!;

    const expected = "sha256=" + crypto
      .createHmac("sha256", secret)
      .update(req.body)
      .digest("hex");

    if (!crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected))) {
      return res.status(401).json({ error: "Invalid signature" });  # HTTP 401 Unauthorized
    }

    const event = req.headers["x-github-event"] as string;
    const payload = JSON.parse(req.body.toString());
    res.status(200).json({ received: true });  # HTTP 200 OK
    await routeCodeRabbitEvent(event, payload);
  }
);

Step 2: Filter and Route CodeRabbit Events

async function routeCodeRabbitEvent(event: string, payload: any) {
  const isCodeRabbit = payload?.sender?.login === "coderabbitai[bot]";

  if (!isCodeRabbit && event !== "check_run") return;

  switch (event) {
    case "pull_request_review":
      await handleCodeRabbitReview(payload);
      break;
    case "pull_request_review_comment":
      await handleReviewComment(payload);
      break;
    case "check_run":
      if (payload.check_run?.app?.slug === "coderabbitai") {
        await handleCheckRunComplete(payload);
      }
      break;
    case "issue_comment":
      await handleSummaryComment(payload);
      break;
  }
}

Step 3: Process Review Results

async function handleCodeRabbitReview(payload: any) {
  const { review, pull_request } = payload;
  const prNumber = pull_request.number;
  const state = review.state;

  if (state === "changes_requested") {
    const issues = parseReviewIssues(review.body);
    await notifyTeam({
      channel: "#code-reviews",
      message: `CodeRabbit found ${issues.length} issues in PR #${prNumber}`,
      prUrl: pull_request.html_url,
    });
  }

  if (state === "approved") {
    await checkAutoMergeEligibility(prNumber);
  }
}

function parseReviewIssues(body: string): string[] {
  return body.split("\n").filter(line =>
    line.match(/^[-*]\s+(Bug|Issue|Suggestion|Security)/i)
  );
}

Step 4: Configure CodeRabbit Behavior

# .coderabbit.yaml
reviews:
  auto_review:
    enabled: true
    drafts: false
  path_filters:
    - "!**/*.test.ts"
    - "!**/generated/**"
  review_instructions:
    - path: "src/api/**"
      instructions: "Focus on security and input validation"
chat:
  auto_reply: true

Error Handling

Issue	Cause	Solution
No review posted	PR too large	Split PR or adjust `max_files` in config
Invalid signature	Wrong GitHub secret	Verify webhook secret in App settings
Bot not responding	App not installed	Check CodeRabbit GitHub App installation
Duplicate comments	Re-triggered workflow	CodeRabbit deduplicates automatically

Examples

Track Review Metrics

async function handleCheckRunComplete(payload: any) {
  const { check_run } = payload;
  await metricsDb.insert({
    prNumber: check_run.pull_requests?.[0]?.number,
    conclusion: check_run.conclusion,
    issuesFound: check_run.output?.annotations_count || 0,
    completedAt: check_run.completed_at,
  });
}

Resources

Next Steps

For deployment setup, see coderabbit-deploy-integration.

Output

Configuration files or code changes applied to the project
Validation report confirming correct implementation
Summary of changes made and their rationale