The problem with today's AI code review tools
Lots of comments, little control
- Code is sent to a vendor's cloud.
- Per-seat pricing adds up fast.
- Every "maybe" issue becomes a PR comment.
- No clear verdict for CI to act on.
A conservative gate you control
- Self-hosted CLI; code stays in your org.
- MIT open source; pay only your LLM usage.
- Low-confidence findings are folded by default.
- Exit 0 / 1 / 2 gives CI a clear decision.
What you get out of the box
How it works in CI
Add one step to your workflow. ReviewGate reviews the diff, judges findings, and exits with a status your CI can act on.
- name: ReviewGate pre-merge gate run: reviewgate review --fail-on block env: REVIEWGATE_API_KEY: ${{ secrets.REVIEWGATE_API_KEY }}
Exit codes are intentionally simple: 0 means the gate passed, 1 means it blocked because of findings, and 2 means the tool itself had a problem (config, network, etc.). No hidden "maybe" states.
Designed for teams that ship AI-generated code
When an AI agent touches many files at once, human reviewers need a risk-prioritized summary, not a wall of low-signal comments. ReviewGate surfaces must-fix issues first and hides the noise. It is especially useful when the changes touch security boundaries, money, state machines, or permission rules that need repeated checks.
Trust, but verify
Every benchmark is run against real code and committed to the repository. The "revert gold standard" approach — reverting a merged bug fix and checking if ReviewGate catches the re-introduced bug — gives a falsifiable signal of recall. Clean PR benchmarks give a signal of precision. Both are public under docs/evals/.
Start reviewing your next PR with AI
Install the CLI in one command, configure your LLM endpoint, and run reviewgate review.
Get started →