/ Docs
GitHub

Reviewer Agents

PR Review Kit runs a team of specialist AI agents, each focused on a different dimension of code quality. Every reviewer uses the same fresh PR-specific context collected before the review starts.

General Review

Covers overall code quality — adapted to your stack with additional best practices generated from project context.

  • Logic correctness and edge case handling
  • Naming conventions and readability
  • DRY principles and code reuse
  • Test coverage and quality
  • Code best practices for the detected stack
  • Stack-specific and project-specific code quality checks

Security Review

Checks security concerns relevant to your project — categories that don't apply to your stack are skipped, and stack-specific threats are added on top.

  • Injection vulnerabilities (SQL, command, XSS, etc.)
  • Secret and credential exposure
  • Authentication and session management
  • Rate limiting and denial-of-service risks
  • Insecure deserialization and broken access control
  • Stack-specific and project-specific security threats

Performance Review

Identifies efficiency problems relevant to your project — categories that don't apply to your stack are skipped, and stack-specific checks are added on top.

  • N+1 query patterns
  • Memory leak risks
  • Missing or incorrect async/await usage
  • Caching opportunities
  • Unnecessary re-renders and expensive computations
  • Stack-specific and project-specific performance patterns

Architecture Review

Checks how the changes fit into the existing codebase structure — categories that don't apply to your architecture are skipped, and project-specific patterns are added on top.

  • SOLID principles adherence
  • Layer separation and boundary violations
  • Coupling and cohesion analysis
  • Consistency with existing patterns in the codebase
  • Abstraction level appropriateness
  • Stack-specific and project-specific architectural patterns

Business Review

Runs last and translates technical findings into business language — adapted to your project with additional business checks generated from project context.

  • User-facing impact of the changes
  • Business risk and feature completeness
  • GDPR and data safety implications
  • Migration safety for database or API changes
  • Deployment recommendations and post-ship monitoring checklist
  • Project-specific business concerns

Code improvement

After reviews are complete, the Improve Code step generates concrete before/after code suggestions for the most important findings. Each suggestion shows the original code and the improved version side by side.

Ask anything

The Ask Code step lets you ask any question about the specific changes in the PR. Use it to understand why a change was made, what the impact of a specific line is, or to explore alternative approaches.

Edit on GitHub Report an issue