Code Reviewer
AI-powered code review agent with GitHub and Jira integration
The code-reviewer template analyzes a GitHub pull request against its linked Jira or Linear ticket and produces a full review with a merge recommendation. It combines an autonomous context-gathering agent with a deterministic, parallel per-file review pass, so every changed file gets an isolated review while a separate pass checks for cross-file security issues.
What you’ll build
- A
context_builder_agentthat autonomously fetches the PR and, if given a ticket URL, cross-references it against the linked Jira or Linear ticket - A parallel, per-file review pass where each file is reviewed in isolation to avoid cross-file hallucination
- A cross-file
security_review_nodethat scans all diffs together for vulnerabilities - A
reviewer_agentthat synthesizes everything into a Markdown report with an APPROVE / REQUEST CHANGES / BLOCK verdict
Requirements
- Python 3.12+ or Node.js 22+
OPENAI_API_KEYGITHUB_TOKENwithreposcope- Optional:
LINEAR_API_TOKEN, orJIRA_EMAIL/JIRA_DOMAIN/JIRA_API_TOKENfor ticket cross-referencing - The AGNT5 CLI
Install
curl -LsSf https://agnt5.com/cli.sh | bashSetup
Scaffold the project
agnt5 create —template python/code_reviewer my-code-reviewer
cd my-code-revieweragnt5 create —template typescript/code_reviewer my-code-reviewer
cd my-code-reviewerSet environment variables
cp .env.example .envInstall dependencies
uv syncpip install -e .npm installStart the AGNT5 dev server
agnt5 dev upHow it works
The workflow runs in four phases. First, the context-builder agent and a structured PR fetch run in parallel - the agent autonomously calls its tools (fetch the PR, detect the ticket source, then fetch the Jira or Linear ticket) to build a context summary, while the parallel fetch gets the structured per-file diff data used later. Second, a tech-stack detection step inspects the changed files to identify languages and frameworks. Third, every reviewable file gets its own review call, run in parallel alongside a single security-review call that sees all diffs together - per-file reviews never see other files, which keeps findings grounded in the actual diff. Fourth, the reviewer agent receives all the structured findings (not the raw code) and synthesizes a final Markdown report.
Each phase is a durable step or parallel step, so a crash partway through a large PR review only re-runs the missing file reviews on replay, not the ones already completed.
The context builder and reviewer are separate agents on purpose: one gathers open-ended context via tool calls, the other only synthesizes structured findings it’s handed. Keeping synthesis tool-free keeps the final report grounded in what was actually found.
Key files
app.py - Worker entry point
src/code_reviewer/workflow.py - the four-phase code_reviewer_workflow
src/code_reviewer/agents.py - context_builder_agent and reviewer_agent definitions
src/code_reviewer/functions.py - fetch_pr_node, detect_tech_stack_node, review_file_node, security_review_node
src/code_reviewer/tools.py - pr_fetcher, detect_ticket_source, jira_ticket_fetcher, linear_ticket_fetcher
src/code_reviewer/prompts/code_review_prompts.py - the context-builder and reviewer system promptsapp.ts - Worker entry point
src/workflow.ts - the four-phase codeReviewerWorkflow
src/agents.ts - contextBuilderAgent and reviewerAgent definitions
src/functions.ts - fetchPrNode, detectTechStackNode, reviewFileNode, securityReviewNode
src/tools.ts - prFetcher, detectTicketSource, jiraTicketFetcher, linearTicketFetcher
src/prompts/index.ts - the context-builder and reviewer system promptsCustomize
Change the review style. The prompts in prompts/code_review_prompts.py are the lever - tighten them for nit-picky reviews, loosen them for architectural feedback.
Skip generated files. Filter pr_data["files"] before building reviewable_files in workflow.py to drop paths matching **/*.generated.* or files over a size threshold.
Swap the model. Both agents are defined with model="openai/gpt-4.1-mini" in agents.py (or modelName: 'openai/gpt-4.1-mini' in agents.ts). Replace with another provider’s model string; structured output parsing stays the same.
Add a severity gate. Use severity_counts (already computed in the workflow) to skip posting or to fail CI when critical findings are present.
Next steps
- Read /docs/build/workflows for the workflow execution model
- See coding_agent for the agentic counterpart that writes code
- Browse /docs/build/workflows for retry and idempotency semantics