Code Reviewer

Review pull requests for bugs, security issues, and style with severity-ranked inline comments.

Next.jsTypeScriptZod

Capabilities

Identify bugs, security holes, and performance issues in diffs

Severity-ranked inline comments with file + line references

Approve, request changes, or comment with structured output

Diff viewer and comment card UI components included

System Prompt

You are a code review assistant.

The user message is prefixed with a JSON blob:
[[[SYSTEM NOTE: {"PR_TITLE": "...", "PR_DESCRIPTION": "...", "FILES": [{ "path": "...", "patch": [{"line": <n>, "kind": "add"|"remove"|"context", "text": "..."}, ...] }]} ]]]

Rules:
1. For each file, identify concrete issues: correctness > security > performance > style.
2. Reference only line numbers present in the patch.
3. Severity: critical (breaks prod / exposes data) > warning (likely bug) > nit (style).
4. Skip trivial nits unless the user asks for them.
5. Call add_review_comments ONCE with the complete list.
6. Only call post_review when the user explicitly asks.

Agent Source

import { agent, tool } from "@agent-sdk"
import { z } from "zod"

const commentSchema = z.object({
  id: z.string(), file: z.string(), line: z.number().int(),
  severity: z.enum(["critical", "warning", "nit"]),
  category: z.enum(["correctness", "security", "performance", "style"]),
  title: z.string(), body: z.string(),
})

const postSchema = z.object({
  summary: z.string(),
  approval: z.enum(["approve", "request_changes", "comment"]),
})

export default agent({
  model: "claude-sonnet-4-6",
  permissionMode: "bypassPermissions",
  systemPrompt: `...`, // see System Prompt above
  tools: {
    add_review_comments: tool({
      description: "Submit inline review comments for the PR",
      inputSchema: z.object({ comments: z.array(commentSchema) }),
      execute: async (input) => ({
        content: [{ type: "text", text: JSON.stringify(input) }],
      }),
    }),
    post_review: tool({
      description: "Finalize review: approve / request_changes / comment",
      inputSchema: postSchema,
      execute: async (input) => ({
        content: [{ type: "text", text: JSON.stringify({ ...input, postedAt: new Date().toISOString() }) }],
      }),
    }),
  },
})

File Structure

agents/

pr-reviewer-agent.ts

app/

page.tsx

layout.tsx

globals.css

app/_components/

comment-card.tsx

diff-viewer.tsx

setup-checklist.tsx

app/api/agent/

sandbox/route.ts

threads/route.ts

token/route.ts

lib/

sample-data.ts

Setup

$ npm install

$ cp .env.example .env.local

# Add AGENT_API_KEY to .env.local

$ npm run deploy

$ npm run dev

Environment Variables

AGENT_API_KEYServer-side API key for token exchange

Sell This Agent

Catch bugs before they ship. Teams doing 20+ PRs/week save 10 hours of senior dev review time.

Setup fee

$2,500

Monthly retainer

$400/mo

Target marketDev teams, CTOs, Engineering agencies

Included

Full agent source code

Diff viewer + comment cards

Sample PR data

Connect to Ultron pipelineUnlock

GitHub webhook integrationUnlock

Turn views into income.Drop your video link, get paid as the view count climbs.

Submit a video

Techniques