MIT License · Rust

A pre-merge
quality gate for AI code

Catch high-risk issues first, fold low-value review noise. It doesn't replace tests or human review — it filters PRs before merge: risks up front, low-confidence findings folded by default.

$ curl -fsSL https://raw.githubusercontent.com/dengmengmian/ReviewGate/main/install.sh | sh
Read-only by default 45-language evals Revert gold set
Why ReviewGate

Three jobs, done right

Not another AI reviewer — a gate that promotes risk, suppresses noise, and refuses to fake a pass.

Catch high-risk

Parallel review across security, logic, performance, and business-rule dimensions — must-fix issues surface first.

Cut the noise

Cross-dimension dedup, counter-evidence judging, and confidence filtering fold low-value feedback by default.

No fake pass

Timeouts, oversized context, and incomplete units degrade to WARN with a non-zero exit — never a fake PASS.

How it works

From diff to gate, in four steps

Parallel review

Multiple agents each focus on one dimension and scan your diff in parallel, tracing callers across files as needed.

Line anchoring

Models annotate line numbers; the engine validates and relocates them via code anchors to reduce drift.

Dedup + judge

Same-spot findings merge and gain confidence; each is then independently judged with evidence before it survives.

Confidence gate

High-confidence issues block (BLOCK), low-confidence folds by default, incomplete reviews degrade to WARN.

Six review dimensions

security

Injection, authz bypass, secret leaks, unsafe deserialization

perf

N+1 queries, needless copies, hot-path complexity, blocking calls

logic

Edge cases, nulls, error paths, concurrency races

style

Naming, readability, duplicated code

ai_smell

Hallucinated APIs, plausible-but-wrong code, assumption drift

business

Business rules, permission boundaries, state machines, money/orders/inventory

Why trust it

Conservative, verifiable, scoped

Public eval logs

Real PRs, revert gold sets, 45-language samples, large PRs, and intent reviews are all logged under docs/evals/.

Read-only by default

Except for explicit --fix with per-finding confirmation, it never writes your worktree or runs arbitrary shell.

Conservative gate

Low-confidence folds by default; timeouts, overflow, and incomplete reviews degrade to WARN rather than wave a PR through.

Good fit

  • AI changes many files and reviewers need risk prioritization
  • Permission, money, or state-machine rules need repeated checks
  • You want a high-confidence PR/CI gate
  • You want --intent to check implementation against requirements

Not a fit

  • Replacing unit tests, integration tests, or human review
  • Auto-merging model-generated fixes with no review
  • Teams that cannot tolerate conservative WARNs
  • No LLM API key, or code cannot be sent to a model
Quick start

Three things to get going

A git repo, an LLM API key, and the reviewgate command. Model-agnostic — any OpenAI-compatible or Anthropic endpoint.

① Install — Linux / macOS
$ curl -fsSL https://raw.githubusercontent.com/\
    dengmengmian/ReviewGate/main/install.sh | sh
Windows (PowerShell)
PS> irm https://raw.githubusercontent.com/\
     dengmengmian/ReviewGate/main/install.ps1 | iex

Prefer not to pipe a remote script? Download install.sh to inspect, or grab the binary from GitHub Releases. Upgrade anytime with reviewgate upgrade.

② Configure + review
# Global config shared across repos
$ cat > ~/.reviewgate/config.toml <"deepseek"
[providers.deepseek]
protocol = "openai"
base_url = "https://api.deepseek.com/v1"
model    = "deepseek-v4-pro"
EOF

# Inject key via env, not config file
$ export REVIEWGATE_API_KEY="your key"

$ reviewgate llm test     # verify connectivity
$ reviewgate review       # review current changes

In CI: reviewgate review --fail-on block. Exit 0 pass · 1 blocked by the gate · 2 tool error (config/network) — distinct codes so CI can retry or alert.

Integrations

One engine, several forms

All just call the same reviewgate CLI. CLI is primary and the Action is for PR/CI; the Claude Skill, Codex, and AtomCode are thinner agent shells (experimental).

Primary

CLI

Run locally or in CI. Workspace / commit / branch range, JSON output, and --intent technical review.

$ reviewgate review --from main --to HEAD
CI

GitHub Action

Auto-review PRs and post a summary plus inline suggestions the author can apply in one click.

uses: dengmengmian/ReviewGate/
      integrations/github-action@v0
experimental

Agent shells: Claude / Codex / AtomCode

Drop into Claude Code (trigger with /reviewgate), Codex (AGENTS.md), or AtomCode (.atomcode/skills) to call the same engine from chat. Thinner and newer than CLI/Action.

$ integrations/claude-skill/install-into-project.sh
$ integrations/codex/install-into-project.sh
$ integrations/atomcode/install-into-project.sh
FAQ

Questions you might have

How is it different from a normal AI code reviewer?

It's a gate, not another reviewer. Findings are deduplicated, independently counter-evidence-judged, and confidence-filtered; low-value feedback folds by default; timeouts or incomplete reviews degrade to WARN with a non-zero exit instead of faking a PASS.

Which models or providers are supported?

Model-agnostic — any OpenAI-compatible or Anthropic endpoint works: DeepSeek, Kimi, GLM, Qwen, Claude, and more, chosen by your team's cost, latency, and context-window needs.

Does it send my code to a third party?

Only to the LLM endpoint you configure — no other server. The review path is read-only by default: unless you pass --fix with per-finding confirmation, it never writes your worktree or runs arbitrary shell.

How do I add it to CI?

Run reviewgate review --fail-on block (exit 0 pass / 1 blocked by the gate / 2 tool error), or use the GitHub Action to auto-review PRs and post inline suggestions.

Is it free?

The tool itself is open source under MIT and free. You only pay for your own LLM API usage.

Will there be too many false positives?

Every finding passes a counter-evidence judge and a confidence gate; low-confidence ones fold by default. Tune block/warn thresholds, raise recall with --samples, or speed up with --no-judge.

How is it different from CodeRabbit or PR-Agent?

ReviewGate doesn't run on a third-party SaaS; it only calls the LLM endpoint you configure and is read-only by default, so code never leaves your infrastructure. It is intentionally conservative: it degrades to WARN rather than mark an incomplete review as PASS, and puts deduplication, counter-evidence judging, and a confidence gate at the core.

Does it support GitLab or Azure DevOps?

The CLI works in any CI that can run a shell (GitLab CI, Azure Pipelines, Jenkins, Buildkite, etc.) as long as reviewgate gets a git worktree and an API key. The GitHub Action is GitHub-only for now.

Does it modify my code?

Read-only by default. It only writes suggested patches to the worktree when you explicitly use --fix and confirm each finding; it never auto-commits or auto-merges.

Put a gate in front of your PRs

Open source, MIT, model-agnostic. Roll out in WARN / comment-only mode first, then enforce BLOCK once you trust it.