AR-2: Add public security page

[baanish]

Summary

• Adds /security with static-mode data boundary, leak caveats, markdown/Mermaid policy, headers guidance, and report path
• Links Security from the shell nav/footer
• Adds e2e coverage for the security page link and key copy

Validation

• npm run build

Summary by CodeRabbit

• New Features

  • Added a new public Security documentation page with detailed information and external links
  • Added Security links throughout the application navigation and footer

• Style

  • Updated navigation link styling with improved hover and focus-visible states
  • Introduced footer component styling with proper spacing and typography

• Tests

  • Added end-to-end test validating Security page navigation

[coderabbitai]

Warning

Rate limit exceeded

@baanish has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 22 minutes and 57 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 785c3982-4db3-42f7-9508-25e71c94118d

📥 Commits

Reviewing files that changed from the base of the PR and between ace5a81 and 5f87716.

📒 Files selected for processing (3)

• src/components/viewer-shell.tsx
• tests/components/viewer-shell.test.tsx
• tests/e2e/viewer.spec.ts

📝 Walkthrough

Walkthrough

This PR adds a new public Security documentation page accessible from the main viewer. It introduces CSS styling for navigation elements and footer layout, creates the SecurityPage component with metadata and content sections, integrates security links throughout the ViewerShell, and validates the navigation with an end-to-end test.

Changes

Security Documentation Page Addition

Layer / File(s)	Summary
Styling Foundation src/app/globals.css	Adds .nav-text-link with hover/focus-visible styling and .site-footer with layout, typography, and link colors.
Security Page Structure src/app/security/page.tsx	New page component exporting metadata, defines sections array with security content, and renders bento-style layout with GitHub security advisory link.
Navigation Integration src/components/viewer-shell.tsx	Adds Link import, includes Security link in header navigation, replaces static security card with /security link, updates empty-state text, and adds footer with site name and security link.
E2E Testing tests/e2e/viewer.spec.ts	New test verifies navigation from viewer empty state to /security/ and asserts visibility of security page content.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 A security page hops into view,
With links in the nav—and a footer one too!
The footer appears, the style flows just right,
Documentation's shining in accessible light. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'AR-2: Add public security page' accurately summarizes the main change—adding a new public security documentation page with links and tests.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/ar-2

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kilo-code-bot]

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Files Reviewed (1 file)

• tests/e2e/viewer.spec.ts

---

_{Reviewed by gpt-5.4-mini-2026-03-17 · 367,984 tokens}

[cloudflare-workers-and-pages]

Deploying agent-render with    Cloudflare Pages

Latest commit:	5f87716
Status:	⚡️  Build in progress...

View logs