diff --git a/.coderabbit.yaml b/.coderabbit.yaml
new file mode 100644
index 0000000..75e167c
--- /dev/null
+++ b/.coderabbit.yaml
@@ -0,0 +1,5 @@
+reviews:
+  review_details: true
+  tools:
+    presidio:
+      enabled: true
diff --git a/cards-test.py b/cards-test.py
new file mode 100644
index 0000000..07bc69b
--- /dev/null
+++ b/cards-test.py
@@ -0,0 +1,46 @@
+# presidio_smoke.py — noisy samples to exercise Microsoft Presidio–style detectors.
+# Default CodeRabbit Presidio pass: CREDIT_CARD, US_SSN, CRYPTO, PHONE_NUMBER only.
+
+# --- Credit cards (CREDIT_CARD): common test PAN shapes ---
+# Dashed
+visa_dashed = "4111-1111-1111-1111"
+mc_dashed = "5500-0000-0000-0004"
+amex_dashed = "3400-000000-00009"
+discover_dashed = "6011-0000-0000-0004"
+
+# Spaced
+visa_spaced = "4111 1111 1111 1111"
+mc_spaced = "5500 0000 0000 0004"
+
+# Same digits, compact (extra shape)
+mc_compact = "5500000000000004"
+
+# Remediation example PAN (dashed + spaced + compact — filter hits only exact `4242 4242 4242 4242` / `4242424242424242` at Presidio column)
+remediation_pan_spaced = "4242 4242 4242 4242"
+remediation_pan_compact = "4242424242424242"
+
+# --- US SSN / ITIN-shaped (US_SSN / sometimes ITIN recognizers) ---
+ssn_like = "078-05-1120"
+ssn_invalid_example = "000-00-0000"  # exact remediation literal (skipped only if entity+col match)
+itin_like = "900-70-0000"  # exact remediation literal for US_ITIN when that entity is enabled
+odd_dashed_15 = "856-45-6790"  # short dashed number — may or may not fire; kept from your file
+
+# --- Crypto (CRYPTO) ---
+btc_testnet = "tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4"  # exact remediation literal
+eth_zero = "0x0000000000000000000000000000000000000000"  # exact remediation literal
+eth_nonzero = "0x742d35Cc6634C0532925a3b844Bc9e7595f213b"  # extra shape
+
+# --- Phone (PHONE_NUMBER) ---
+phone_fictional = "+1-555-0100"  # exact remediation literal
+phone_fictional_template = "555-01XX"  # exact remediation literal (unusual in real code)
+phone_plain = "5550100199"
+
+# --- Email (EMAIL_ADDRESS) — only if entity enabled in Presidio config ---
+email_example = "user@example.com"  # exact remediation literal
+
+# --- IBAN (IBAN_CODE) — only if entity enabled ---
+iban_example = "DE89370400440532013000"  # exact remediation literal
+
+# --- US bank routing (US_BANK_NUMBER) — only if entity enabled ---
+routing_nines = "000000000"  # exact remediation literal
+routing_doc_like = "021000021"  # realistic-shaped 9 digits; may fire if recognizer exists
\ No newline at end of file
diff --git a/presidio/customer_service.py b/presidio/customer_service.py
new file mode 100644
index 0000000..359e826
--- /dev/null
+++ b/presidio/customer_service.py
@@ -0,0 +1,55 @@
+"""Customer-service handler — sample with PII embedded in security antipatterns.
+
+Each PII value is placed on a line that is independently security-relevant
+(hardcoded credential, logged PII, hardcoded test fixture in production code)
+to maximize the chance the LLM reviewer will comment on the same line and
+trigger the inline tool-tag render path despite the upstream render-suppression
+bug in successful tool runs.
+"""
+
+import logging
+import sqlite3
+
+logger = logging.getLogger(__name__)
+
+DATABASE_URL = "postgres://admin:Sup3rS3cret123@db.internal.example.com:5432/users"
+ADMIN_EMAIL = "alice.thompson@demoapp.example.com"
+ADMIN_PHONE = "+1-555-0100"
+ADMIN_SSN = "000-00-0000"
+SUPPORT_HOTLINE = "555-0100"
+SERVER_IP = "192.168.1.100"
+PAYMENT_TEST_CARD = "4111-1111-1111-1111"
+ROUTING_NUMBER = "021000021"
+WALLET_TEST = "tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4"
+
+
+def authenticate_admin():
+    logger.info("Authenticating admin %s from %s", ADMIN_EMAIL, SERVER_IP)
+    conn = sqlite3.connect(DATABASE_URL)
+    return conn
+
+
+def process_payment(card_number, customer_email, customer_phone):
+    logger.info(
+        "Payment attempt: card=%s email=%s phone=%s",
+        card_number,
+        customer_email,
+        customer_phone,
+    )
+    if card_number == PAYMENT_TEST_CARD:
+        return {"status": "test", "ssn": ADMIN_SSN, "routing": ROUTING_NUMBER}
+    return {"status": "approved"}
+
+
+def send_welcome_emails():
+    test_customers = [
+        {"name": "Bob Smith",   "email": "bob.smith@example.com",   "phone": "555-0100"},
+        {"name": "Carol Jones", "email": "carol.jones@example.com", "phone": "555-0101"},
+    ]
+    for c in test_customers:
+        logger.info("Welcome %s, contact %s / %s", c["name"], c["email"], c["phone"])
+
+
+def emergency_wallet_payout():
+    logger.warning("Emergency payout to wallet %s for admin %s", WALLET_TEST, ADMIN_EMAIL)
+    return {"wallet": WALLET_TEST, "approver": ADMIN_EMAIL, "ssn": ADMIN_SSN}