[
  {
    "role": "Rex",
    "location": "app/git.js",
    "suggestion": "請避免將敏感資料（如 GITEA_TOKEN）直接寫入環境變數"
  },
  {
    "location": "app/git.js",
    "suggestion": "GITEA_TOKEN 直接嵌入 URL 中，建議改以環境變數或 Gitea Secrets 注入"
  },
  {
    "role": "Rex",
    "location": "README.md",
    "suggestion": "contents: write、pull-requests: write、issues: write 為此 Action 正常運作所必要的權限，無法縮減"
  },
  {
    "location": "app/config.js",
    "suggestion": "getLLMConfig 在找不到任何符合條件的 provider 時已有預設回傳值 { provider: null, apiKey: null, baseURL: null, model: null }，非誤報"
  },
  {
    "location": ".gitea/ai-review/exclusions.json",
    "suggestion": "exclusions.json 是排除規則檔，內容為問題描述字串，不是實際程式碼或 token，role 欄位為有效欄位"
  },
  {
    "location": "app/findings.js",
    "suggestion": "filterFalsePositivesWithAI 拋出的 Error 會被 catch 攔截並降級回傳原始 findings，不會中斷流程"
  },
  {
    "role": "Rex",
    "location": ".gitea/workflows/review.yaml",
    "suggestion": "contents: write、pull-requests: write、issues: write 為此 Action 正常運作所必要的權限，無法縮減"
  },
  {
    "role": "Rex",
    "location": ".gitea/workflows/review.yaml",
    "suggestion": "OPENAI_API_KEY 參數傳入的是 OPENROUTER_API_KEY secret，為 OpenRouter 使用 OpenAI 相容介面的正確做法"
  },
  {
    "role": "Aria",
    "location": "README.md",
    "suggestion": "章節編號連續且正確，無需調整"
  }
]