# Specialists — enable or disable individual specialists.# Default: all four enabled. Core (synthesizer) is always on.specialists: glyph: true # Architecture warden: true # Security spark: true # Performance weave: true # Semantics# Severity thresholds — see /how-it-works/confidence-scoring.thresholds: critical_min_score: 5 warning_min_score: 4 info_min_score: 2 score1_cap: 5 # Max score-1 nits aggregated in summary block_merge_at: critical # Verdict cutoff: critical | warning | none# Ignore — paths and patterns to skip.ignore: paths: - "dist/**" - "node_modules/**" - "vendor/**" - "**/*.generated.*" - "**/__snapshots__/**" - "package-lock.json" - "yarn.lock" - "pnpm-lock.yaml" - "Cargo.lock" # Patterns within files (regex on each line) patterns: - "// sigilix-ignore" # Lines marked with this comment are skipped# Review — how Sigilix posts.review: comment_style: greptile # greptile | minimal | verbose show_advisory_nits: true # Show the "Advisory nits" line in the summary show_specialist_attribution: true # Each finding shows [Glyph], [Warden], etc. approve_when_clean: true # Submit APPROVE when no blocking findings request_changes_when_blocking: true # Submit REQUEST_CHANGES when a blocker exists# Mentions — @sigilix behavior.mentions: enabled: true reply_in_thread: true # Reply within the comment thread vs. top-level# Rate limits — per-tier defaults; can be overridden if your plan allows.rate_limit: window_hours: 5 max_reviews: 4 # Free tier default; Pro is 8-10, Max is 15-20# Custom rules — team-specific heuristics injected into specialist prompts.custom_rules: glyph: - "Domain code in `src/domain/` may not import from `src/infra/`." - "Repository pattern: data access lives only in `src/repositories/`." warden: - "All routes accepting POST/PUT/DELETE must use requireCsrf middleware." spark: [] weave: - "Function names with side effects must include a verb describing the side effect."
Disabling a specialist saves a model call per review. Note: disabling Warden on a security-sensitive codebase isn’t recommended — see the Ensemble for why redundant coverage matters.
Tune what counts as Critical / Warning / Info. See Confidence Scoring for the score-to-severity mapping.
thresholds: critical_min_score: 5 # Only score-5 findings block merge warning_min_score: 4 info_min_score: 2 score1_cap: 5 # Aggregate up to 5 nits in summary block_merge_at: critical # critical | warning | none
block_merge_at: warning means score-4 findings will also REQUEST_CHANGES — useful for high-bar codebases.
block_merge_at: none means Sigilix never blocks merge — only ever submits APPROVE or COMMENT.
Glob patterns relative to the repo root. Files matching are skipped before specialists run.Defaults already include node_modules/**, common build outputs, and lockfiles. Add team-specific patterns here.
Controls how the review is posted to GitHub.comment_style: greptile is the default. Each inline finding leads with **category:** (e.g., **security:**). Other options:
minimal — no category prefix
verbose — includes severity badge + category prefix
Team-specific heuristics injected into the relevant specialist’s system prompt. Each rule is a single sentence describing the rule.Custom rules are applied additively to Sigilix’s default checks — they don’t replace them.
Sigilix validates sigilix.yaml on every review. If the file has invalid syntax or unknown keys, the review proceeds with defaults and logs a warning in the summary footer:
_⚠️ sigilix.yaml validation: unknown key `specialist` (did you mean `specialists`?)._
A standalone config linter (sigilix lint) ships with the public CLI later in 2026 — until then Sigilix’s per-review validation is the source of truth.
