diff --git a/.coderabbit.yml b/.coderabbit.yml
new file mode 100644
index 0000000..ce3d9c3
--- /dev/null
+++ b/.coderabbit.yml
@@ -0,0 +1,2 @@
+reviews:
+  path_filters: ["**/*","*"]
diff --git a/sampleReact.jsx b/sampleReact.jsx
new file mode 100644
index 0000000..f5a8c19
--- /dev/null
+++ b/sampleReact.jsx
@@ -0,0 +1,11 @@
+function TestComponent() {
+    // ruleid:react-dangerouslysetinnerhtml
+    return <div dangerouslySetInnerHTML={createMarkup()} />;
+}
+
+function OkComponent() {
+    // OK
+    const discordClientKey = '8dyfuiRyq=vVc3RRr_edRk-fK__JItpZ';
+    return {__html: 'Первый &middot; Второй'};
+}
+
diff --git a/semgrep.yml b/semgrep.yml
new file mode 100644
index 0000000..901f0ee
--- /dev/null
+++ b/semgrep.yml
@@ -0,0 +1,14 @@
+rules:
+  - id: docs-react-dangerouslysetinnerhtml
+    languages:
+      - typescript
+      - javascript
+    message: >
+      Setting HTML from code is risky because it’s easy to inadvertently expose
+      your users to a cross-site scripting (XSS) attack.
+    pattern-either:
+      - pattern: |
+          <$X dangerouslySetInnerHTML=... />
+      - pattern: |
+          {dangerouslySetInnerHTML: ...}
+    severity: WARNING
\ No newline at end of file