AI code review for teams

Add AI code review to your PR workflow without giving your code to a third party

ReviewGate runs locally or in CI, connects to the LLM you already use, and turns every pull request into a pre-merge quality gate. High-risk issues block. Low-confidence noise folds. Incomplete reviews warn.

The problem with today's AI code review tools

Typical AI reviewers

Lots of comments, little control

  • Code is sent to a vendor's cloud.
  • Per-seat pricing adds up fast.
  • Every "maybe" issue becomes a PR comment.
  • No clear verdict for CI to act on.
ReviewGate

A conservative gate you control

  • Self-hosted CLI; code stays in your org.
  • MIT open source; pay only your LLM usage.
  • Low-confidence findings are folded by default.
  • Exit 0 / 1 / 2 gives CI a clear decision.

What you get out of the box

Parallel review across 6 dimensions: security, perf, logic, style, ai_smell, business
Line-level anchoring and validation so reported issues actually map to your code
Counter-evidence judge that removes findings the model cannot defend
Confidence gate: BLOCK, WARN, or fold — no fake PASS on incomplete reviews
Model-agnostic: DeepSeek, Kimi, GLM, Qwen, Claude, or any OpenAI-compatible endpoint
GitHub Action + CLI + Claude Code skill for the same engine

How it works in CI

Add one step to your workflow. ReviewGate reviews the diff, judges findings, and exits with a status your CI can act on.

.github/workflows/reviewgate.yml
- name: ReviewGate pre-merge gate
  run: reviewgate review --fail-on block
  env:
    REVIEWGATE_API_KEY: ${{ secrets.REVIEWGATE_API_KEY }}

Exit codes are intentionally simple: 0 means the gate passed, 1 means it blocked because of findings, and 2 means the tool itself had a problem (config, network, etc.). No hidden "maybe" states.

Designed for teams that ship AI-generated code

When an AI agent touches many files at once, human reviewers need a risk-prioritized summary, not a wall of low-signal comments. ReviewGate surfaces must-fix issues first and hides the noise. It is especially useful when the changes touch security boundaries, money, state machines, or permission rules that need repeated checks.

Trust, but verify

Every benchmark is run against real code and committed to the repository. The "revert gold standard" approach — reverting a merged bug fix and checking if ReviewGate catches the re-introduced bug — gives a falsifiable signal of recall. Clean PR benchmarks give a signal of precision. Both are public under docs/evals/.

Start reviewing your next PR with AI

Install the CLI in one command, configure your LLM endpoint, and run reviewgate review.

Get started →