fix: add open-PR de-dup check at orchestrator planner dispatch

[OriginalGary]

Summary

• Inserts a hard de-duplication check at Step 0 of every git-workflow instruction file: before beginning work on an issue, agents must query gh pr list --state open --search "#<N> in:body,title" and halt or reroute if an open PR is found
• Prevents the duplicate PR pairs observed in the 2026-04-26 complexity-cut review (four issue-pairs, each with two PRs, one closed as duplicate)
• Applied consistently to all 10 instruction surfaces (8 tool git-workflow files + orchestrator-mode.md + AGENTS.md)

Closes

#47

Plan link

#47 (comment)

Test Plan

• test_dedup_rule_present — dedup block present in all 10 files (10 parametrised cases)
• test_dedup_rule_contains_gh_pr_list_command — executable command present in all 10 files
• test_dedup_rule_contains_halt_instruction — "Do not open a new PR" directive in all 10 files
• test_dedup_rule_contains_reroute_option — "plan-reviewer" reroute path in all 10 files
• test_orchestrator_mode_contains_open_pr_check — open-PR rule in orchestrator-mode.md Process Enforcement section
• test_unicode_integrity_all_changed_files — no hidden Unicode characters in any changed file
• test_no_speciesist_language_introduced — skipped (semgrep not installed in CI; rule is enforced separately by the NAV GitHub Action)

Result: 42 passed, 1 skipped

desloppify Score

All changes are additive text insertions in markdown instruction files. desloppify score unchanged (no code modified).

Adversarial considerations

• The gh pr list command is additive read-only. No write operations, no new dependencies, no new data flows.
• All changed files are instruction documents. Rolling back is a plain git revert.
• No advocate, witness, or investigation data touched.
• Unicode integrity verified by test 6.

[coderabbitai]

Warning

Rate limit exceeded

@OpenGaryBot has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 10 minutes and 40 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4640e6d1-bee0-4b20-a62b-a067e0bcad65

📥 Commits

Reviewing files that changed from the base of the PR and between 97e162f and ad102d8.

📒 Files selected for processing (11)

• agents-md/AGENTS.md
• augment-code/.augment/rules/git-workflow.md
• claude-code/.claude/skills/git-workflow/SKILL.md
• cline/.clinerules/git-workflow.md
• cursor/.cursor/rules/git-workflow.mdc
• github-copilot/.github/skills/git-workflow/SKILL.md
• kilo-code/.kilocode/rules/orchestrator-mode.md
• kilo-code/.kilocode/skills/git-workflow/SKILL.md
• roo-code/.roo/rules/git-workflow.md
• scripts/tests/test_dedup_rule.py
• windsurf/.windsurf/rules/git-workflow.md

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bug/47-dedup-open-prs

• 🛠️ fix NAV violations: Commit on current branch
• 🛠️ fix NAV violations: Create PR

---

_{Review rate limit: 0/5 reviews remaining, refill in 10 minutes and 40 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[OriginalGary]

Adversarial

Verdict: pass

Security audit summary (10 steps)

• Dependency audit — No new dependencies. gh pr list is part of the existing gh CLI. PASS.
• API retention — Read-only GitHub search query. No data sent to external services. PASS.
• Storage encryption — No storage changes. Instruction files only. PASS.
• Input validation — No executable code. #<N> is a template placeholder, not a runtime injection vector. PASS.
• Instruction file integrity — CI "Scan for hidden Unicode" passed. Test 6 (test_unicode_integrity_all_changed_files) passed locally. PASS.
• Device seizure / ag-gag / coalition boundaries — Not applicable (documentation only). PASS.

Bug-hunter fleet

1. Scope — All changes additive. No existing lines modified or deleted. Zero blast radius. PASS.
2. Command correctness — gh pr list --state open --search "#<N> in:body,title" --json number,title,url — flags verified against GitHub CLI docs. in:body,title is valid search qualifier. PASS.
3. Format consistency — Long-format (8 files), windsurf condensed, AGENTS.md inline, orchestrator-mode.md dash-list: all formats pass all test assertions. PASS.
4. Adversarial agent behavior — "Do not open a new PR" is a hard instruction. The "OR halt and report" is not a softening — it's a second action path when plan-reviewer delegation is unavailable. Unambiguous. PASS.
5. Regression risk — --state open filter correctly excludes closed/merged PRs. The only false-positive risk is a PR that mentions the issue number without addressing it — handled gracefully by the reroute option. PASS.

Strongest finding

Low severity: in:body,title searches body text broadly; a PR that merely mentions #N in discussion could match. This is a conservative false-positive, not a false-negative. The reroute path to plan-reviewer handles it.

No Critical or High findings. Verdict: pass.