From c3bd024ee7960b1faa8d20360cd236873c2ee155 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 24 Jun 2025 10:34:44 +0800
Subject: [PATCH] Update .review-bot

---
 .review-bot | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.review-bot b/.review-bot
index efd2dd72ee5..0a8b69ecca8 100644
--- a/.review-bot
+++ b/.review-bot
@@ -55,13 +55,14 @@ Don’t:
 After functional validation, check:
 
 - Template is in the correct folder, and filename matches `id`.
-- `id` is unique, descriptive, and uses 2-3 keywords (e.g., `alumni-management-sqli.yaml`).
+- `id` is unique, descriptive, and uses 2-3 keywords (e.g., `alumni-management-sqli.yaml`). For CVE templates, the ID should be the CVE itself for example, CVE-2020-0796
 - `name` follows the format: `<Company> <Product> <Version> - <Vulnerability Class>` (e.g., `Adobe Coldfusion <=8.0.1 - Cross-Site Scripting`).
 - Fix capitalization, typos, or grammatical errors.
 - Update `tags`:
   - Add vendor names (e.g., `Atlassian` for Jira/Confluence).
   - Use `misconfig` for misconfigurations, `oss` for open-source CMS, `oast` for OAST templates, `intrusive` for file uploads or modifications.
   - For CVEs, include `cve` and `cveYYYY` (e.g., `cve2022`).
+  - Tags should not contain spaces
 - Use `metadata` for additional info (e.g., `verified: true`, Shodan/FOFA queries).
 - Ensure proper `references` (e.g., WordPress plugin links, vendor pages).
 - Maintain consistent template structure and remove unnecessary headers/parameters.