{"id":51103021,"url":"https://github.com/sukhrobnurali/pr-review-agent","last_synced_at":"2026-06-24T12:30:58.642Z","repository":{"id":356834704,"uuid":"1234218512","full_name":"sukhrobnurali/pr-review-agent","owner":"sukhrobnurali","description":"Multi-agent PR reviewer on LangGraph — four specialists (security, performance, tests, quality) review in parallel. Self-hostable, model-agnostic. GitHub Action + CLI + Python library.","archived":false,"fork":false,"pushed_at":"2026-05-10T00:20:50.000Z","size":369,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-06-20T11:32:40.096Z","etag":null,"topics":["code-review","github-action","langchain","langgraph","llm","multi-agent","pr-review","python"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/multi-agent-pr-reviewer","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sukhrobnurali.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"docs/agents.md","dco":null,"cla":null}},"created_at":"2026-05-09T22:38:06.000Z","updated_at":"2026-05-24T09:23:20.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/sukhrobnurali/pr-review-agent","commit_stats":null,"previous_names":["sukhrobnurali/pr-review-agent"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/sukhrobnurali/pr-review-agent","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sukhrobnurali%2Fpr-review-agent","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sukhrobnurali%2Fpr-review-agent/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sukhrobnurali%2Fpr-review-agent/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sukhrobnurali%2Fpr-review-agent/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sukhrobnurali","download_url":"https://codeload.github.com/sukhrobnurali/pr-review-agent/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sukhrobnurali%2Fpr-review-agent/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34733256,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-24T02:00:07.484Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-review","github-action","langchain","langgraph","llm","multi-agent","pr-review","python"],"created_at":"2026-06-24T12:30:57.270Z","updated_at":"2026-06-24T12:30:58.629Z","avatar_url":"https://github.com/sukhrobnurali.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# pr-review-agent\n\n\u003e Multi-agent pull-request reviewer built on LangGraph. Specialist agents (security, performance, tests, quality) review a PR in parallel; a supervisor synthesizes a structured, severity-ranked review comment.\n\nShips as a **GitHub Action**, a **CLI**, and a **Python library**. Model-agnostic — runs against OpenAI, Anthropic, or any OpenAI-compatible endpoint (Ollama, vLLM, internal gateway). Open-source, self-hostable, no data egress.\n\n[![GitHub Marketplace](https://img.shields.io/badge/marketplace-Multi--Agent%20PR%20Reviewer-blue?logo=github)](https://github.com/marketplace/actions/multi-agent-pr-reviewer)\n[![CI](https://github.com/sukhrobnurali/pr-review-agent/actions/workflows/ci.yml/badge.svg)](https://github.com/sukhrobnurali/pr-review-agent/actions/workflows/ci.yml)\n[![License: Apache-2.0](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](LICENSE)\n[![Python: 3.12+](https://img.shields.io/badge/python-3.12%2B-blue.svg)](pyproject.toml)\n\n## How it works\n\n```\n            diff + PR metadata\n                    │\n                    ▼\n          ┌───────────────────┐\n          │     supervisor    │  picks specialists from\n          │  (path + keyword  │  enabled registry; quality\n          │     heuristics)   │  + tests always run\n          └────────┬──────────┘\n                   │ selected\n                   ▼\n       ┌───────────┴───────────┐\n       │   parallel fan-out    │\n       ▼     ▼     ▼     ▼\n   Quality Tests Perf Security    each returns findings + cost\n       └─────┴─────┴─────┘\n                   │\n                   ▼\n          ┌───────────────────┐\n          │  dedup + rank by  │\n          │     severity      │\n          └────────┬──────────┘\n                   │\n                   ▼\n          ┌───────────────────┐\n          │  compose markdown │\n          │  + post (or       │  idempotent via\n          │  update) comment  │  \u003c!-- pr-review-agent:run --\u003e marker\n          └───────────────────┘\n```\n\nSpecialist scoping is enforced in the prompt — the security agent doesn't comment on naming, the quality agent doesn't comment on N+1 queries. Parallel fan-out keeps the wall-clock floor at one slow call, not four.\n\n## Quick start\n\n### Drop into a repo as a GitHub Action\n\n```yaml\n# .github/workflows/pr-review.yml\nname: PR Review\non:\n  pull_request:\n    types: [opened, synchronize, reopened]\n\npermissions:\n  contents: read\n  pull-requests: write\n\njobs:\n  review:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: sukhrobnurali/pr-review-agent@v0.1.0\n        with:\n          provider: openai\n          model: gpt-4o-mini\n          api_key: ${{ secrets.OPENAI_API_KEY }}\n```\n\nThat's it — the bot reviews every PR open / sync, posts a single comment, updates it on subsequent pushes.\n\n### CLI\n\n```bash\npip install pr-review-agent\nexport OPENAI_API_KEY=sk-...\nexport GITHUB_TOKEN=ghp-...\n\npr-review-agent review acme/widgets#42                # post the review\npr-review-agent review acme/widgets#42 --dry-run      # print, don't post\npr-review-agent review --diff-file change.patch       # local, no GitHub call\n```\n\nMore recipes in [`examples/cli-usage.md`](examples/cli-usage.md).\n\n### Library\n\n```python\nimport asyncio\nfrom pr_review_agent import review_pr\n\nasync def main():\n    out = await review_pr(\"acme/widgets#42\")\n    print(out.final_comment)\n    print(f\"cost: ${out.cost_usd:.4f}\")\n\nasyncio.run(main())\n```\n\nFull example: [`examples/library-usage.py`](examples/library-usage.py).\n\n## Sample output\n\nThe agent reviewing a real PR on this repo — `gpt-4o-mini`, **15 findings, run\ncost $0.0089**, posted by `github-actions[bot]` on PR open:\n\n![Bot review comment on a GitHub PR with 15 findings across security, quality, tests, and performance](docs/img/sample-review-1.png)\n\n![Run cost footer: 15 findings, run cost $0.0089](docs/img/sample-review-2.png)\n\nLive demo PR: [`#1` (deliberately bad, do not merge)](https://github.com/sukhrobnurali/pr-review-agent/pull/1).\nRaw Markdown of an earlier fixture run is at [`scripts/dev/last_review.md`](scripts/dev/last_review.md)\nif you want to see exactly what the composer emits.\n\nSpecialist scoping is enforced in the prompts — security flags injection,\nquality flags nesting, tests flags missing coverage; none of them step on each\nother. The comment updates idempotently via the `\u003c!-- pr-review-agent:run --\u003e`\nHTML marker, so re-runs on the same PR overwrite instead of duplicating.\n\n## Why another PR reviewer\n\n| | |\n|---|---|\n| **CodeRabbit / Greptile / Bito / Qodo** | Closed SaaS. Code leaves your network. Most enterprises can't ship to a third party. |\n| **Generic \"GPT review\" Actions** | Single-prompt, one specialist's worth of attention spread across every concern. Output reads as filler. |\n| **GitHub Copilot review** | Microsoft-hosted, opinionated, can't be steered. |\n| **Claude Code / Cursor** | Interactive, editor-side. Don't run unattended on PRs. |\n| **`pr-review-agent`** | Open-source, self-hosted, multi-agent, model-agnostic. Works with local models for air-gapped use. |\n\nThe architecture is the differentiator. Four specialists in parallel produce far better signal than one prompt asked to do everything — and the prompts are flat Markdown files you can iterate on without touching code.\n\n## Cost \u0026 latency\n\nPer-review cost depends on the diff size and which models the supervisor selects. The hard ceiling is enforced in CI: a 500-line synthetic PR fanned out across all four specialists must come in under **$0.50** and **90 seconds**, parametrized over OpenAI / Anthropic / Ollama — see [`tests/integration/test_cost_under_cap.py`](tests/integration/test_cost_under_cap.py).\n\nIn practice the cost is dominated by input tokens (the diff itself), so a small PR on `gpt-4o-mini` is typically a fraction of a cent. The composer renders the actual cost in the comment footer of every review, so the number is never hidden.\n\nWall-clock latency is bounded by the slowest single specialist call rather than the sum, because the four agents fan out in parallel — see [architecture.md → graph](docs/architecture.md#graph) and [`tests/integration/test_parallel_fanout.py`](tests/integration/test_parallel_fanout.py).\n\n## Configuration\n\nDrop a `.pr-review.yml` at your repo root:\n\n```yaml\nprovider: openai\nmodel: gpt-4o-mini\n\nagents:\n  enabled: [quality, tests, performance, security]\n  models:\n    security: gpt-4o   # use a smarter model where false positives hurt most\n\nseverity_threshold: medium\ninclude_paths: [\"**/*\"]\nexclude_paths: [\"vendor/**\", \"**/*.generated.*\"]\n```\n\nFull schema: [`docs/configuration.md`](docs/configuration.md).\n\n## Documentation\n\n| | |\n|---|---|\n| [`docs/architecture.md`](docs/architecture.md) | how the graph, supervisor, agents, cache, and reporter fit together |\n| [`docs/agents.md`](docs/agents.md) | per-specialist scope, severity calibration, supervisor selection rules |\n| [`docs/configuration.md`](docs/configuration.md) | full `.pr-review.yml` reference, provider switching, path filters |\n| [`docs/prompts.md`](docs/prompts.md) | prompt format, output schema, iteration recipe |\n| [`docs/benchmarks.md`](docs/benchmarks.md) | eval methodology and v0.1.0 baseline numbers |\n| [`docs/landscape.md`](docs/landscape.md) | competitor survey and where this project fits |\n\n## Hacking\n\n```bash\ngit clone https://github.com/sukhrobnurali/pr-review-agent\ncd pr-review-agent\nuv sync --extra dev\n\nuv run pytest                  # full suite (incl. eval benchmark)\nuv run pytest -m \"not eval\"    # fast loop\nuv run pytest -m eval -s       # benchmark with per-fixture report\nuv run ruff check\nuv run mypy src/\n```\n\nAdding a new specialist takes ~6 lines of Python plus a prompt — see [`docs/agents.md` → Adding a specialist](docs/agents.md#adding-a-specialist).\n\n## License\n\n[Apache 2.0](LICENSE). Patent grant matters for code-touching tools.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsukhrobnurali%2Fpr-review-agent","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsukhrobnurali%2Fpr-review-agent","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsukhrobnurali%2Fpr-review-agent/lists"}