chore: add duo review instructions

Michael Angelo Riverarequested to merge
gitlab-duo-instructions into main

What does this MR do and why?

Adds GitLab Duo MR review instructions for Rust files. Three review agents are configured:

  • Rust Security: flags unsafe code, unvalidated input, hardcoded secrets, panic vectors (unwrap/expect on untrusted data), integer overflow, SQL injection, JWT validation, overly permissive access control, and DOS vectors
  • Rust Performance: flags unnecessary allocations, inefficient iteration, missing zero-copy patterns, and excessive cloning
  • Logging Security: flags sensitive data in logs (tokens, passwords, keys, PII, user content) and checks for log injection vulnerabilities

Related Issues

N/A

Testing

Configuration file follows GitLab Duo instructions format.

Performance Analysis

  • This merge request does not introduce any performance regression. If a performance regression is expected, explain why.
Edited by Michael Angelo Rivera

Merge request reports