diff --git a/.coderabbit.yml b/.coderabbit.yml
new file mode 100644
index 0000000..cf5e4a2
--- /dev/null
+++ b/.coderabbit.yml
@@ -0,0 +1,2 @@
+reviews:
+  path_filters: ["**/*.yml","**/*.yaml","**/*.rego"]
diff --git a/broken.rego b/broken.rego
new file mode 100644
index 0000000..7501dcc
--- /dev/null
+++ b/broken.rego
@@ -0,0 +1,41 @@
+package authz
+
+default allow = false
+
+ALLOW := true
+
+x := 1
+x := 2
+
+unused1 := "test"
+unused2 := input.fake.value
+
+deny[msg] {
+  some x
+  input.user == "admin"
+  input.user == "admin"
+  msg := "Access granted"
+}
+
+allow {
+  x == "user"
+  x := "user"
+  count(x)
+  true
+}
+
+result := {
+  "status": 200,
+  "message": msg
+}
+
+foo {
+  bar := [1, 2, 3]
+  bar = bar
+}
+
+token_check {
+  x := split("abc.def.ghi", ".")
+  x[1] == "def"
+}
+
diff --git a/regal_config.yaml b/regal_config.yaml
new file mode 100644
index 0000000..2d460ef
--- /dev/null
+++ b/regal_config.yaml
@@ -0,0 +1,16 @@
+format:
+  max-line-length: 100
+  indentation: 2
+
+lint:
+  enabled: true
+  severity:
+    default: error  # Escalated for CI to catch violations
+
+rules:
+  - no-unused-vars
+  - no-shadowing
+  - test-missing-assertion
+  - test-does-nothing
+  - var-uppercase
+