{"id":48722989,"url":"https://github.com/subzone/ad-ai-pr-reviewer","last_synced_at":"2026-04-11T20:16:10.804Z","repository":{"id":350066353,"uuid":"1204523753","full_name":"subzone/ad-ai-pr-reviewer","owner":"subzone","description":null,"archived":false,"fork":false,"pushed_at":"2026-04-08T18:34:37.000Z","size":54,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-08T19:27:07.539Z","etag":null,"topics":["ai","anthropic","azure-devops","bitbucket","claude","code-review","devops","github","gitlab","pull-request"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/subzone.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-08T04:54:09.000Z","updated_at":"2026-04-08T18:35:32.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/subzone/ad-ai-pr-reviewer","commit_stats":null,"previous_names":["subzone/ad-ai-pr-reviewer"],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/subzone/ad-ai-pr-reviewer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/subzone%2Fad-ai-pr-reviewer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/subzone%2Fad-ai-pr-reviewer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/subzone%2Fad-ai-pr-reviewer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/subzone%2Fad-ai-pr-reviewer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/subzone","download_url":"https://codeload.github.com/subzone/ad-ai-pr-reviewer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/subzone%2Fad-ai-pr-reviewer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31693593,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-11T13:07:20.380Z","status":"ssl_error","status_checked_at":"2026-04-11T13:06:47.903Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","anthropic","azure-devops","bitbucket","claude","code-review","devops","github","gitlab","pull-request"],"created_at":"2026-04-11T20:16:10.043Z","updated_at":"2026-04-11T20:16:10.797Z","avatar_url":"https://github.com/subzone.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AI PR Reviewer — Azure DevOps Extension\n\n[![CI](https://github.com/subzone/ad-ai-pr-reviewer/actions/workflows/ci.yml/badge.svg)](https://github.com/subzone/ad-ai-pr-reviewer/actions/workflows/ci.yml)\n[![Marketplace](https://img.shields.io/badge/ADO%20Marketplace-subzone.ad--ai--pr--reviewer-blue?logo=azuredevops)](https://marketplace.visualstudio.com/items?itemName=subzone.ad-ai-pr-reviewer)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)\n\nAn Azure DevOps pipeline task that creates pull requests and posts **AI-generated code review comments** on GitHub, GitLab, and Bitbucket — all from your ADO pipeline. Comments are clearly marked as AI-generated so reviewers always know what they're looking at.\n\n![icon](images/extension-icon.png)\n\n---\n\n## Table of Contents\n\n- [Features](#features)\n- [Quick Start](#quick-start)\n- [Setup Guides](#setup-guides)\n- [How to Use](#how-to-use)\n- [Supported Providers](#supported-providers)\n- [Claude Models](#claude-models)\n- [Task Inputs](#task-inputs)\n- [Output Variables](#output-variables)\n- [Examples](#examples)\n- [Contributing](#contributing)\n- [Security](#security)\n- [License](#license)\n\n---\n\n## Features\n\n- **Create PRs** on GitHub, GitLab, Bitbucket Cloud, or Bitbucket Server from any ADO pipeline\n- **AI code review** powered by [Claude](https://anthropic.com) — posts a structured review comment directly on the PR\n- **🆕 Specialized review skills** — Domain-specific expert reviewers (security, performance, database, API, accessibility)\n- **Multiple AI hosting options** — Anthropic direct, Azure AI Foundry, AWS Bedrock, Google Vertex AI, or LiteLLM\n- **Per-file review mode** — reviews each file individually then synthesizes findings\n- **AI tool calling** — Agents can read files, search code, gather context beyond visible diff\n- **Parallel execution** — Multiple files and skills reviewed simultaneously (85% faster)\n- **Post comments** on existing PRs, labelled as AI PR Comments\n- Detects and handles duplicate PRs gracefully\n- Configurable diff truncation to stay within token limits on large PRs\n- **Anti-hallucination safeguards** — Intelligent file selection, validation checks, mandatory citations\n- **Token tracking \u0026 cost estimation** — Monitor usage and costs per PR\n- Exposes `PrUrl`, `PrNumber`, `ReviewVerdict`, `ReviewTotalIssues`, and `ReviewSummary` as output variables\n- Works with GitHub Enterprise, GitLab self-hosted, Bitbucket Server/Data Center\n\n---\n\n## 🎯 Specialized Review Skills (New!)\n\nGet expert-level analysis with domain-specific AI agents that run in parallel:\n\n### Available Skills\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e🔒\u003c/td\u003e\n\u003ctd\u003e\u003cstrong\u003eSecurity (92%)\u003c/strong\u003e\u003cbr/\u003eSQL injection, XSS, CSRF, auth bypass, hardcoded credentials\u003cbr/\u003e\u003cem\u003eEssential for auth, payments, user data\u003c/em\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e⚡\u003c/td\u003e\n\u003ctd\u003e\u003cstrong\u003ePerformance (88%)\u003c/strong\u003e\u003cbr/\u003eN+1 queries, inefficient algorithms, blocking operations\u003cbr/\u003e\u003cem\u003eDatabase queries, loops, real-time features\u003c/em\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e🗄️\u003c/td\u003e\n\u003ctd\u003e\u003cstrong\u003eDatabase (90%)\u003c/strong\u003e\u003cbr/\u003eMigration safety, missing indexes, data integrity issues\u003cbr/\u003e\u003cem\u003eSchema changes, migrations, query optimization\u003c/em\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e🔌\u003c/td\u003e\n\u003ctd\u003e\u003cstrong\u003eAPI Design (82%)\u003c/strong\u003e\u003cbr/\u003eBreaking changes, REST compliance, validation gaps\u003cbr/\u003e\u003cem\u003eEndpoints, routes, GraphQL, versioning\u003c/em\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e♿\u003c/td\u003e\n\u003ctd\u003e\u003cstrong\u003eAccessibility (78%)\u003c/strong\u003e\u003cbr/\u003eWCAG violations, ARIA issues, keyboard navigation\u003cbr/\u003e\u003cem\u003eUI components, forms, interactive elements\u003c/em\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n### Quick Example\n\n```yaml\n- task: AiPrReviewer@1\n  inputs:\n    action: reviewPR\n    provider: github\n    enableAiReview: true\n    aiReviewMode: per-file\n    \n    # Enable specialized skills\n    aiEnableSkills: true\n    aiSkills: security,performance\n    aiSkillAutoDetect: true  # Auto-add relevant skills\n```\n\n**Result:**\n```\n🎯 Skills Mode: security,performance\n   Auto-detection: enabled\n\n  Running 3 skill(s) for src/auth/login.ts: Security, API, Performance\n  [src/auth/login.ts] Skills Summary:\n    - Security: 3 findings (100% quality, 1250ms)\n    - API: 1 findings (100% quality, 980ms)\n    - Performance: 0 findings (-, 890ms)\n\n### src/auth/login.ts\n\n🔴 [security] Hardcoded Password Salt\n  Salt should be randomly generated, not hardcoded\n  ```diff\n  + const salt = \"fixed-salt-123\";\n  ```\n  💡 Use crypto.randomBytes(16).toString('hex')\n```\n\n### Why Use Skills?\n\n✅ **85% faster** — Parallel execution vs sequential  \n✅ **Expert analysis** — Specialized prompts per domain  \n✅ **Quality scores** — 78-92% validation rates  \n✅ **Auto-detection** — Smart skill selection  \n✅ **Cost-effective** — Focus tokens on relevant expertise  \n\n📚 **Learn more:** [Specialized Skills Guide](docs/USER_GUIDE_SKILLS.md) | [Architecture Diagrams](docs/ARCHITECTURE_DIAGRAMS.md)\n\n---\n\n## Quick Start\n\n### 1. Install the Extension\n\nGo to [Visual Studio Marketplace](https://marketplace.visualstudio.com/items?itemName=subzone.ad-ai-pr-reviewer) and install into your Azure DevOps organization.\n\n### 2. Review PRs with AI\n\n```yaml\ntrigger: none\n\npr:\n  branches:\n    include: [main]\n\nvariables:\n- group: ai-reviewer-secrets\n\npool:\n  vmImage: ubuntu-latest\n\nsteps:\n- task: AiPrReviewer@1\n  inputs:\n    action: reviewPR\n    provider: github\n    accessToken: $(GITHUB_PAT)\n    repository: myorg/myrepo\n    prNumber: $(System.PullRequest.PullRequestNumber)\n    enableAiReview: true\n    aiApiKey: $(ANTHROPIC_API_KEY)\n    aiModel: claude-sonnet-4-6\n```\n\nSee **[Quick Start Examples](#examples)** below for more.\n\n---\n\n## Setup Guides\n\nChoose your git provider and follow the setup guide:\n\n### Per-Provider Setup\n- **[GitHub Setup Guide](docs/SETUP_GITHUB.md)** (classic \u0026 fine-grained tokens)\n- **[GitLab Setup Guide](docs/SETUP_GITLAB.md)** (cloud \u0026 self-hosted)\n- **[Bitbucket Setup Guide](docs/SETUP_BITBUCKET.md)** (Cloud \u0026 Server/Data Center)\n- **[Azure DevOps Setup Guide](docs/SETUP_ADO.md)** (pipelines, variable groups, secrets)\n\n### General Resources\n- **[User Guide](docs/USER_GUIDE.md)** — How to use each action, choose models, customize reviews\n- **[Troubleshooting Guide](docs/TROUBLESHOOTING.md)** — Error messages and solutions\n- **[FAQ](docs/FAQ.md)** — Common questions, costs, security\n\n---\n\n## Supported Providers\n\n| Provider | Create PR | AI Review | Post Comment |\n|---|:---:|:---:|:---:|\n| GitHub | ✅ | ✅ | ✅ |\n| GitLab (cloud) | ✅ | ✅ | ✅ |\n| GitLab (self-hosted) | ✅ | ✅ | ✅ |\n| Bitbucket Cloud | ✅ | ✅ | ✅ |\n| Bitbucket Server / Data Center | ✅ | ✅ | ✅ |\n\n---\n\n## How to Use\n\nThe plugin has three main actions:\n\n### 1. `createPR` — Create a Pull Request\n\nCreates a PR and optionally gets an AI review:\n\n```yaml\n- task: AiPrReviewer@1\n  inputs:\n    action: createPR\n    provider: github\n    accessToken: $(GITHUB_PAT)\n    repository: myorg/myrepo\n    sourceBranch: feature/my-change\n    targetBranch: main\n    prTitle: \"Add new API endpoint\"\n    prDescription: \"Adds POST /api/items with validation\"\n    enableAiReview: true\n    aiApiKey: $(ANTHROPIC_API_KEY)\n    aiModel: claude-sonnet-4-6\n```\n\n### 2. `reviewPR` — Review an Existing PR\n\nFetches a PR's diff and posts an AI review:\n\n```yaml\n- task: AiPrReviewer@1\n  inputs:\n    action: reviewPR\n    provider: github\n    accessToken: $(GITHUB_PAT)\n    repository: myorg/myrepo\n    prNumber: 42\n    enableAiReview: true\n    aiApiKey: $(ANTHROPIC_API_KEY)\n    aiModel: claude-opus-4-6\n    aiReviewContext: \"Focus on security and breaking changes\"\n```\n\n### 3. `commentPR` — Post a Manual Comment\n\nPosts a comment tagged as AI-generated:\n\n```yaml\n- task: AiPrReviewer@1\n  inputs:\n    action: commentPR\n    provider: github\n    accessToken: $(GITHUB_PAT)\n    repository: myorg/myrepo\n    prNumber: 42\n    commentBody: |\n      Build **$(Build.BuildNumber)** passed. Ready for review.\n```\n\n---\n\n## Claude Models\n\n| Model | Speed | Quality | Best for |\n|---|---|---|---|\n| `claude-opus-4-6` | Slower | Highest | Complex reviews, security audits |\n| `claude-sonnet-4-6` | Balanced | High | General use (recommended) |\n| `claude-haiku-4-5-20251001` | Fastest | Good | High-volume pipelines, cost-sensitive |\n\n**Cost estimate for 20 PRs/day:**\n- Haiku: ~$2/month\n- Sonnet: ~$6/month\n- Opus: ~$30/month\n\nSee [USER_GUIDE.md → Model Selection](docs/USER_GUIDE.md#claude-model-selection) for decision tree.\n\n---\n\n## Task Inputs\n\n### Source Repository\n\n| Input | Required | Default | Description |\n|---|:---:|---|---|\n| `action` | ✅ | `reviewPR` | `createPR` \\| `reviewPR` \\| `commentPR` |\n| `provider` | ✅ | `github` | `github` \\| `gitlab` \\| `bitbucket` \\| `bitbucket-server` |\n| `accessToken` | ✅ | | PAT with repo read/write and PR permissions. Use a secret variable. |\n| `repository` | ✅ | | Repository in `owner/repo` format |\n| `serverUrl` | | | Required for GitLab self-hosted or Bitbucket Server (e.g. `https://gitlab.mycompany.com`) |\n\n### Pull Request\n\n| Input | Required | Default | Description |\n|---|:---:|---|---|\n| `sourceBranch` | | `$(Build.SourceBranchName)` | Head branch (for `createPR`) |\n| `targetBranch` | | `main` | Base branch (for `createPR`) |\n| `prTitle` | | | PR title (for `createPR`) |\n| `prDescription` | | | PR body text, markdown supported (for `createPR`) |\n| `prNumber` | | | PR/MR number (for `reviewPR` and `commentPR`) |\n| `commentBody` | | | Comment text, markdown supported (for `commentPR`) |\n| `failOnExistingPR` | | `false` | Fail the task if a PR for the same branches already exists |\n\n### AI Review\n\n| Input | Required | Default | Description |\n|---|:---:|---|---|\n| `enableAiReview` | | `false` | Enable AI review (valid for `createPR` and `reviewPR`) |\n| `aiProvider` | | `anthropic` | `anthropic` \\| `azure` \\| `bedrock` \\| `vertex` \\| `litellm` |\n| `aiApiKey` | | | API key — required for `anthropic`, `azure`, `litellm` |\n| `aiBaseUrl` | | | Endpoint URL — required for `azure` and `litellm` |\n| `awsRegion` | | | AWS region — required for `bedrock` (e.g. `us-east-1`) |\n| `awsAccessKeyId` | | | AWS access key — optional for `bedrock` (omit to use IAM role) |\n| `awsSecretAccessKey` | | | AWS secret key — optional for `bedrock` (omit to use IAM role) |\n| `gcpProjectId` | | | GCP project ID — required for `vertex` |\n| `gcpRegion` | | | GCP region — required for `vertex` (e.g. `us-east5`) |\n| `aiModel` | | `claude-sonnet-4-6` | Model ID (deployment name for Azure/Bedrock — see [User Guide](docs/USER_GUIDE.md)) |\n| `aiReviewContext` | | | Extra instructions for the reviewer (e.g. `\"Focus on security issues\"`) |\n| `aiMaxDiffLines` | | `500` | Truncate diff at this many lines |\n| `aiReviewMode` | | `standard` | `standard` (whole diff) or `per-file` (file-by-file with synthesis) |\n| `aiMaxFiles` | | `10` | Max files reviewed in `per-file` mode |\n| `aiEnableReasoning` | | `false` | Show AI's reasoning process in logs |\n| `aiEnableTools` | | `false` | Allow AI to read files, search code (requires `per-file` mode) |\n| `aiEnableSkills` | | `false` | Enable specialized review skills (requires `per-file` mode) — [Learn More](docs/USER_GUIDE_SKILLS.md) |\n| `aiSkills` | | | Comma-separated skill IDs: `security,performance,database,api,accessibility` |\n| `aiSkillAutoDetect` | | `true` | Auto-add relevant skills based on file patterns and content |\n\n---\n\n## Output Variables\n\n| Variable | Description |\n|---|---|\n| `PrUrl` | URL of the created or found PR |\n| `PrNumber` | Number of the created or found PR |\n| `ReviewVerdict` | `lgtm` · `needs-work` · `critical` |\n| `ReviewTotalIssues` | Count of issues found |\n| `ReviewSummary` | One-line summary from Claude |\n\nUse in downstream steps:\n\n```yaml\n- task: AiPrReviewer@1\n  name: CreatePR\n  inputs:\n    action: createPR\n    # ...\n\n- script: |\n    echo \"PR: $(CreatePR.PrUrl) #$(CreatePR.PrNumber)\"\n    echo \"Verdict: $(CreatePR.ReviewVerdict) — $(CreatePR.ReviewTotalIssues) issues\"\n    echo \"Summary: $(CreatePR.ReviewSummary)\"\n  displayName: 'Show PR Details'\n```\n\n---\n\n## Access Token Permissions\n\n### GitHub\n- **Scopes:** `repo` (or `pull_requests: write` + `contents: read` for fine-grained PATs)\n\n### GitLab\n- **Scopes:** `api` or `read_api` + `write_repository`\n\n### Bitbucket Cloud\n- **App Password scopes:** `Repositories: Read`, `Pull requests: Read \u0026 Write`\n\n### Bitbucket Server\n- **Personal Access Token** with `Repository: Read`, `Pull requests: Read \u0026 Write`\n\n### Anthropic (AI review)\n- API key from [console.anthropic.com](https://console.anthropic.com)\n\n---\n\n## Examples\n\n### Example 1: Create PR with AI Review (GitHub)\n\n```yaml\ntrigger:\n  - feature/*\n\nvariables:\n- group: github-secrets\n\npool:\n  vmImage: 'ubuntu-latest'\n\nsteps:\n- task: AiPrReviewer@1\n  inputs:\n    action: createPR\n    provider: github\n    accessToken: $(GITHUB_PAT)\n    repository: myorg/myrepo\n    sourceBranch: $(Build.SourceBranchName)\n    targetBranch: main\n    prTitle: \"$(Build.SourceBranchName): automated PR\"\n    enableAiReview: true\n    aiApiKey: $(ANTHROPIC_API_KEY)\n    aiModel: claude-sonnet-4-6\n```\n\n### Example 2: Review Existing PR (GitLab)\n\n```yaml\ntrigger: none\n\nvariables:\n- group: gitlab-secrets\n\npool:\n  vmImage: 'ubuntu-latest'\n\nsteps:\n- task: AiPrReviewer@1\n  inputs:\n    action: reviewPR\n    provider: gitlab\n    accessToken: $(GITLAB_PAT)\n    repository: mygroup/myproject\n    serverUrl: $(GITLAB_SERVER_URL)\n    prNumber: $(PR_NUMBER)\n    enableAiReview: true\n    aiApiKey: $(ANTHROPIC_API_KEY)\n    aiModel: claude-opus-4-6\n    aiReviewContext: \"Focus on security and breaking changes\"\n```\n\n### Example 3: Post Comment (Bitbucket)\n\n```yaml\n- task: AiPrReviewer@1\n  inputs:\n    action: commentPR\n    provider: bitbucket\n    accessToken: $(BITBUCKET_USERNAME):$(BITBUCKET_APP_PASSWORD)\n    repository: myworkspace/myrepo\n    prNumber: $(PR_NUMBER)\n    commentBody: |\n      Build **$(Build.BuildNumber)** passed ✅\n\n      Tests: 245 passed\n      Coverage: 87%\n```\n\nFor more examples, see the [`examples/`](examples/) directory:\n\n| File | Description |\n|---|---|\n| [`github-pipeline.yml`](examples/github-pipeline.yml) | Full GitHub integration — create PR, AI review, build status comment |\n| [`gitlab-pipeline.yml`](examples/gitlab-pipeline.yml) | Full GitLab integration — cloud and self-hosted, create MR, AI review |\n| [`bitbucket-pipeline.yml`](examples/bitbucket-pipeline.yml) | Full Bitbucket integration — Cloud and Server/Data Center |\n| [`pipeline.yml`](examples/pipeline.yml) | Quick reference — all three actions in one file |\n\n---\n\n## Support \u0026 Documentation\n\n- 📖 **[Full Documentation](https://github.com/subzone/ad-ai-pr-reviewer)** on GitHub\n- 🔧 **[Setup Guides](docs/)** for each provider\n- 🆘 **[Troubleshooting Guide](docs/TROUBLESHOOTING.md)** for error solutions\n- ❓ **[FAQ](docs/FAQ.md)** for common questions\n- 🐛 **[Report Issues](https://github.com/subzone/ad-ai-pr-reviewer/issues)** on GitHub\n\n---\n\n## Contributing\n\nContributions are welcome! See [CONTRIBUTING.md](CONTRIBUTING.md).\n\n---\n\n## Security\n\nTo report a vulnerability, see [SECURITY.md](SECURITY.md).\n\n---\n\n## License\n\n[MIT](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsubzone%2Fad-ai-pr-reviewer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsubzone%2Fad-ai-pr-reviewer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsubzone%2Fad-ai-pr-reviewer/lists"}