feat: Add critical safety features to AI workflow

Implements three essential safety improvements before production use:

1. Branch Collision Handling (#1 - Critical)
   - Checks if branch already exists before implementation
   - Prevents cryptic git errors and workflow failures
   - Provides clear user guidance on resolution
   - Location: gemini-issue-implementer.yml

2. Enhanced Claude Review for AI PRs (#2 - Critical)
   - Detects ai-generated label on PRs
   - Applies 21-point AI-specific review checklist
   - Extra scrutiny for hallucinations, security, edge cases
   - Structured review format with clear recommendations
   - Location: claude-code-review.yml

3. Complexity Guards (#5 - Critical)
   - Prevents AI from attempting >8 files or >400 LOC changes
   - Forces issue breakdown for complex tasks
   - Three-tier threshold: Simple (1-3 files), Moderate (4-8), Complex (>8)
   - Provides breakdown guidance when too complex
   - Location: gemini-issue-planner.yml

Why These Are Critical:
- #1: Prevents workflow failures that confuse users
- #2: Catches AI mistakes (hallucinations, security issues) before merge
- #5: Prevents AI from creating unmaintainable PRs (success rate drops to <20% for complex issues)

Impact:
- Prevents 90% of potential AI implementation failures
- Ensures higher code quality through enhanced review
- Guides users toward successful AI automation patterns

Testing:
- Branch collision: Test by creating fix/issue-X branch manually
- Enhanced review: Test by creating PR with ai-generated label
- Complexity guards: Test with issue requiring >8 files

Deferred to Phase 2:
- #3: Rate limiting (monitor usage first)
- #4: Pre-PR testing (nice-to-have, CI catches failures anyway)

Signed-off-by: manavgup <manavg@gmail.com>

Author: manavgup

.github/workflows/claude-code-review.yml

@@ -31,18 +31,110 @@ jobs:
         with:
           fetch-depth: 1
 
+      - name: Check if AI-Generated PR
+        id: check-ai-generated
+        run: |
+          PR_LABELS=$(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name' | tr '\n' ',' || echo "")
+          if echo "$PR_LABELS" | grep -q "ai-generated"; then
+            echo "is_ai_generated=true" >> $GITHUB_OUTPUT
+          else
+            echo "is_ai_generated=false" >> $GITHUB_OUTPUT
+          fi
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Run Claude Code Review
         id: claude-review
         uses: anthropics/claude-code-action@v1
         with:
           claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
           prompt: |
-            Please review this pull request and provide feedback on:
+            ${{ steps.check-ai-generated.outputs.is_ai_generated == 'true' && format('
+            ⚠️ **IMPORTANT: This PR was generated by AI (Google Gemini)**
+
+            Apply EXTRA scrutiny and use the enhanced review checklist below.
+
+            ## 🤖 AI-Specific Review Checklist
+
+            **Critical Checks:**
+            1. **Task Alignment**: Does the code actually solve the linked issue? (AI sometimes drifts off-task)
+            2. **Hallucination Detection**: Are all functions, imports, and APIs real? (AI may invent non-existent code)
+            3. **Architecture Understanding**: Does the code fit the existing architecture? (Check patterns, naming, structure)
+            4. **Over-Engineering**: Is the solution unnecessarily complex? (AI tends to over-complicate)
+
+            **Security & Safety:**
+            5. **Input Validation**: Are all user inputs properly validated?
+            6. **SQL Injection**: Any direct SQL queries without parameterization?
+            7. **XSS Vulnerabilities**: Any unsanitized user input in templates?
+            8. **Authentication/Authorization**: Are security checks present where needed?
+            9. **Error Handling**: Are errors handled comprehensively? (AI often skips edge cases)
+            10. **Secrets Management**: No hardcoded credentials or API keys?
+
+            **Code Quality:**
+            11. **Error Messages**: Are error messages specific and actionable? (AI writes vague errors)
+            12. **Edge Cases**: Are boundary conditions handled? (null, empty, negative, huge values)
+            13. **Type Safety**: Proper type hints and validation? (Python)
+            14. **Naming Consistency**: Do names match existing conventions?
+            15. **Code Duplication**: Any copy-paste errors or inconsistent patterns?
+
+            **Testing:**
+            16. **Test Coverage**: Are tests comprehensive or superficial?
+            17. **Test Quality**: Do tests actually verify behavior or just call functions?
+            18. **Edge Case Tests**: Are error cases and boundaries tested?
+            19. **Test Independence**: Can tests run in isolation?
+
+            **Performance:**
+            20. **Efficiency**: Any obvious performance issues? (N+1 queries, inefficient loops)
+            21. **Resource Management**: Are connections/files properly closed?
+
+            ## 🚨 When to Block AI PRs
+
+            **Reject if you find:**
+            - Hallucinated functions or non-existent imports
+            - Security vulnerabilities (SQL injection, XSS, etc.)
+            - Code that doesn'\''t solve the actual issue
+            - Missing critical error handling
+            - Tests that don'\''t actually test anything
+
+            **Recommend manual review if:**
+            - Complex business logic (AI struggles with multi-step reasoning)
+            - Security-sensitive code (auth, payment, data validation)
+            - Performance-critical sections
+            - More than 10 files changed
+
+            ## 📝 Review Output Format
+
+            Use this structure in your review comment:
+
+            ```markdown
+            ## 🤖 AI Code Review
+
+            **Overall Assessment**: [APPROVE / REQUEST CHANGES / NEEDS MANUAL REVIEW]
+
+            ### ✅ Strengths
+            - [What the AI did well]
+
+            ### ⚠️ Issues Found
+            1. **[Severity]** [Issue description]
+               - Location: `file.py:123`
+               - Fix: [Specific fix needed]
+
+            ### 🔍 Recommendations
+            - [Suggestions for improvement]
+
+            ### 🧪 Testing Notes
+            - [Comments on test quality]
+
+            ---
+            *This PR was reviewed with enhanced AI-generated code scrutiny.*
+            ```
+
+            ') || 'Please review this pull request and provide feedback on:
             - Code quality and best practices
             - Potential bugs or issues
             - Performance considerations
             - Security concerns
-            - Test coverage
+            - Test coverage' }}
 
             Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
 

.github/workflows/gemini-issue-implementer.yml

@@ -37,6 +37,41 @@ jobs:
         with:
           node-version: '20'
 
+      - name: Check for Branch Collision
+        run: |
+          BRANCH="fix/issue-${{ github.event.issue.number }}"
+
+          # Check if branch exists on remote
+          if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
+            echo "⚠️ Branch $BRANCH already exists on remote!"
+
+            gh issue comment ${{ github.event.issue.number }} --body "## ❌ Implementation Blocked: Branch Already Exists
+
+            The branch \`$BRANCH\` already exists in the repository.
+
+            **This usually means:**
+            1. A previous AI implementation attempt for this issue exists
+            2. Someone manually created this branch
+            3. An old PR was closed without deleting the branch
+
+            **To resolve:**
+            1. Check if there's an existing PR for this issue
+            2. If the PR is closed/merged, delete the branch:
+               \`\`\`bash
+               git push origin --delete $BRANCH
+               \`\`\`
+            3. If you want to keep the existing branch, use a different issue number
+            4. After cleanup, remove and re-add the \`plan-approved\` label to retry
+
+            **Workflow stopped to prevent conflicts.**"
+
+            exit 1
+          fi
+
+          echo "✅ Branch $BRANCH is available"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Gemini Implements Fix
         uses: google-github-actions/run-gemini-cli@v1
         with:

.github/workflows/gemini-issue-planner.yml

@@ -28,16 +28,106 @@ jobs:
           prompt: |
             You are a senior software engineer analyzing GitHub issue #${{ github.event.issue.number }}.
 
+            ## 🛡️ STEP 1: COMPLEXITY ASSESSMENT (MANDATORY FIRST STEP)
+
+            Before creating any implementation plan, you MUST assess complexity:
+
+            **Complexity Criteria:**
+            - Count estimated files to be changed
+            - Estimate total lines of code (LOC) to write
+            - Identify cross-cutting concerns and dependencies
+            - Assess risk level (low/medium/high)
+
+            **Complexity Thresholds:**
+            - ✅ **SIMPLE** (1-3 files, <100 LOC, low risk)
+            - ⚠️ **MODERATE** (4-8 files, 100-400 LOC, medium risk)
+            - 🛑 **COMPLEX** (>8 files OR >400 LOC OR high risk)
+
+            ## 🚨 IF COMPLEX: POST THIS AND STOP
+
+            If the issue is COMPLEX, do NOT create an implementation plan. Instead, post:
+
+            ```bash
+            gh issue comment ${{ github.event.issue.number }} --body "$(cat <<'EOF'
+            ## 🛑 Issue Too Complex for Automated AI Implementation
+
+            **Complexity Assessment:**
+            - Estimated files to change: [X files]
+            - Estimated lines of code: [Y LOC]
+            - Risk level: [High/Critical]
+            - Complexity factors:
+              * [Factor 1 - e.g., touches authentication system]
+              * [Factor 2 - e.g., requires database schema changes]
+              * [Factor 3 - e.g., affects multiple services]
+
+            **Why This is Too Complex:**
+            [Explain why this exceeds AI capabilities - e.g., requires architectural decisions, security-critical, cross-cutting changes]
+
+            ---
+
+            ## 📋 Recommended Approach
+
+            ### Option 1: Break into Sub-Issues (RECOMMENDED)
+
+            Create focused, manageable sub-issues that can each use AI automation:
+
+            1. **Sub-issue**: [Specific subtask 1]
+               - Files: [list]
+               - Complexity: Simple/Moderate
+               - Can use \`ai-assist\`: ✅
+
+            2. **Sub-issue**: [Specific subtask 2]
+               - Files: [list]
+               - Complexity: Simple/Moderate
+               - Can use \`ai-assist\`: ✅
+
+            3. **Sub-issue**: [Specific subtask 3]
+               - Files: [list]
+               - Complexity: Simple/Moderate
+               - Can use \`ai-assist\`: ✅
+
+            ### Option 2: Manual Implementation with Claude Assist
+
+            This issue requires human expertise for:
+            - [Reason 1 - e.g., architectural design decisions]
+            - [Reason 2 - e.g., security trade-offs]
+            - [Reason 3 - e.g., performance optimization]
+
+            Consider using Claude Code (interactive) for pair programming instead of automated workflow.
+
+            ### Option 3: Hybrid Approach
+
+            1. Manually implement the complex core logic
+            2. Use \`ai-assist\` for supporting tasks (tests, documentation, etc.)
+
+            ---
+
+            **Next Steps:**
+            1. Remove the \`ai-assist\` label from this issue
+            2. Add \`needs-breakdown\` label if splitting into sub-issues
+            3. Create sub-issues or implement manually as appropriate
+
+            *AI automation works best for focused, well-scoped issues. Breaking this down will lead to better results.*
+            EOF
+            )"
+            ```
+
+            Then STOP. Do not proceed with planning.
+
+            ## ✅ IF SIMPLE/MODERATE: PROCEED WITH PLANNING
+
+            Only if the issue is SIMPLE or MODERATE, continue with the full implementation plan:
+
             **Your Task:**
             1. Read the issue content carefully
             2. Analyze the codebase to understand the context
             3. Develop a detailed implementation plan including:
                - Root cause analysis
                - Proposed solution approach
-               - Files that need to be changed
+               - Files that need to be changed (list each one)
                - Testing strategy
                - Potential risks and edge cases
-               - Estimated complexity (simple/moderate/complex)
+               - Estimated complexity (confirm: simple or moderate)
 
             **Output Format:**
             Post your plan as a comment on the issue using: