Catch high-risk issues first, fold low-value review noise. It doesn't replace tests or human review — it filters PRs before merge: risks up front, low-confidence findings folded by default.
$ curl -fsSL https://raw.githubusercontent.com/dengmengmian/ReviewGate/main/install.sh | sh
Not another AI reviewer — a gate that promotes risk, suppresses noise, and refuses to fake a pass.
Parallel review across security, logic, performance, and business-rule dimensions — must-fix issues surface first.
Cross-dimension dedup, counter-evidence judging, and confidence filtering fold low-value feedback by default.
Timeouts, oversized context, and incomplete units degrade to WARN with a non-zero exit — never a fake PASS.
Multiple agents each focus on one dimension and scan your diff in parallel, tracing callers across files as needed.
Models annotate line numbers; the engine validates and relocates them via code anchors to reduce drift.
Same-spot findings merge and gain confidence; each is then independently judged with evidence before it survives.
High-confidence issues block (BLOCK), low-confidence folds by default, incomplete reviews degrade to WARN.
Injection, authz bypass, secret leaks, unsafe deserialization
N+1 queries, needless copies, hot-path complexity, blocking calls
Edge cases, nulls, error paths, concurrency races
Naming, readability, duplicated code
Hallucinated APIs, plausible-but-wrong code, assumption drift
Business rules, permission boundaries, state machines, money/orders/inventory
Real PRs, revert gold sets, 45-language samples, large PRs, and intent reviews are all logged under docs/evals/.
Except for explicit --fix with per-finding confirmation, it never writes your worktree or runs arbitrary shell.
Low-confidence folds by default; timeouts, overflow, and incomplete reviews degrade to WARN rather than wave a PR through.
A git repo, an LLM API key, and the reviewgate command. Model-agnostic — any OpenAI-compatible or Anthropic endpoint.
$ curl -fsSL https://raw.githubusercontent.com/\
dengmengmian/ReviewGate/main/install.sh | sh
PS> irm https://raw.githubusercontent.com/\
dengmengmian/ReviewGate/main/install.ps1 | iex
Prefer not to pipe a remote script? Download install.sh to inspect, or grab the binary from GitHub Releases. Upgrade anytime with reviewgate upgrade.
# Global config shared across repos $ cat > ~/.reviewgate/config.toml <"deepseek" [providers.deepseek] protocol = "openai" base_url = "https://api.deepseek.com/v1" model = "deepseek-v4-pro" EOF # Inject key via env, not config file $ export REVIEWGATE_API_KEY="your key" $ reviewgate llm test # verify connectivity $ reviewgate review # review current changes
In CI: reviewgate review --fail-on block. Exit 0 pass · 1 blocked by the gate · 2 tool error (config/network) — distinct codes so CI can retry or alert.
All just call the same reviewgate CLI. CLI is primary and the Action is for PR/CI; the Claude Skill, Codex, and AtomCode are thinner agent shells (experimental).
Run locally or in CI. Workspace / commit / branch range, JSON output, and --intent technical review.
$ reviewgate review --from main --to HEAD
Auto-review PRs and post a summary plus inline suggestions the author can apply in one click.
uses: dengmengmian/ReviewGate/
integrations/github-action@v0
Drop into Claude Code (trigger with /reviewgate), Codex (AGENTS.md), or AtomCode (.atomcode/skills) to call the same engine from chat. Thinner and newer than CLI/Action.
$ integrations/claude-skill/install-into-project.sh $ integrations/codex/install-into-project.sh $ integrations/atomcode/install-into-project.sh
It's a gate, not another reviewer. Findings are deduplicated, independently counter-evidence-judged, and confidence-filtered; low-value feedback folds by default; timeouts or incomplete reviews degrade to WARN with a non-zero exit instead of faking a PASS.
Model-agnostic — any OpenAI-compatible or Anthropic endpoint works: DeepSeek, Kimi, GLM, Qwen, Claude, and more, chosen by your team's cost, latency, and context-window needs.
Only to the LLM endpoint you configure — no other server. The review path is read-only by default: unless you pass --fix with per-finding confirmation, it never writes your worktree or runs arbitrary shell.
Run reviewgate review --fail-on block (exit 0 pass / 1 blocked by the gate / 2 tool error), or use the GitHub Action to auto-review PRs and post inline suggestions.
The tool itself is open source under MIT and free. You only pay for your own LLM API usage.
Every finding passes a counter-evidence judge and a confidence gate; low-confidence ones fold by default. Tune block/warn thresholds, raise recall with --samples, or speed up with --no-judge.
ReviewGate doesn't run on a third-party SaaS; it only calls the LLM endpoint you configure and is read-only by default, so code never leaves your infrastructure. It is intentionally conservative: it degrades to WARN rather than mark an incomplete review as PASS, and puts deduplication, counter-evidence judging, and a confidence gate at the core.
The CLI works in any CI that can run a shell (GitLab CI, Azure Pipelines, Jenkins, Buildkite, etc.) as long as reviewgate gets a git worktree and an API key. The GitHub Action is GitHub-only for now.
Read-only by default. It only writes suggested patches to the worktree when you explicitly use --fix and confirm each finding; it never auto-commits or auto-merges.
Open source, MIT, model-agnostic. Roll out in WARN / comment-only mode first, then enforce BLOCK once you trust it.