Code Review Roadmap

The current implementation gives Geppetto a reliable audit baseline. The product opportunity is to turn that baseline into a structured review assistant.

Now

• format, compile, and clippy gates
• security knowledge in anti_patterns
• upstream dependency impact maps and PR body generation

Next

• geppetto audit --report json|md
• rule IDs for signer, owner, PDA, discriminator, unchecked arithmetic, and dispatch mistakes
• PR diff mode with file, line, severity, rationale, and suggested fix
• Cloudflare-hosted docs page for every rule