Show HN: AI-powered code review tool
ReviewCerberus is an open-source AI code review tool that analyzes git branch differences and generates structured reports. It supports multiple AI providers (AWS Bedrock, Anthropic, Ollama, Moonshot), integrates with GitHub Actions for automated PR reviews, and offers experimental features like Chain-of-Verification and SAST pre-scan.
Notifications You must be signed in to change notification settings
Fork 2
Star 30
BranchesTags
Open more actions menu
Folders and files
NameName
Last commit message
Last commit date
Latest commit
History
59 Commits
59 Commits
.github/workflows
.github/workflows
act-test
act-test
action
action
spec
spec
src
src
tests
tests
.dockerignore
.dockerignore
.env.example
.env.example
.gitignore
.gitignore
DOCKERHUB.md
DOCKERHUB.md
Dockerfile
Dockerfile
LICENSE
LICENSE
Makefile
Makefile
README.md
README.md
logo.png
logo.png
logo_256.png
logo_256.png
poetry.lock
poetry.lock
pyproject.toml
pyproject.toml
Repository files navigation
AI-powered code review tool that analyzes git branch differences and generates comprehensive review reports with structured output.
Key Features
GitHub Action: Automated PR reviews with inline comments and summary
Comprehensive Reviews: Detailed analysis of logic, security, performance, and code quality
Structured Output: Issues organized by severity with summary table
Multi-Provider: AWS Bedrock, Anthropic API, Ollama, or Moonshot
Smart Analysis: Context provided upfront with prompt caching
Git Integration: Works with any repository, supports commit hashes
Verification Mode: Experimental Chain-of-Verification to reduce false positives
Quick Start
Run with Docker (recommended):
docker run --rm -it -v $(pwd):/repo \ -e MODEL_PROVIDER=anthropic \ -e ANTHROPIC_API_KEY=sk-ant-your-api-key \ kirill89/reviewcerberus:latest \ --repo-path /repo --output /repo/review.md
That's it! The review will be saved to review.md in your current directory.
See Configuration for AWS Bedrock setup and other options.
GitHub Action
For automated PR reviews, add to .github/workflows/review.yml:
name: Code Review
on: pull_request: types: [opened, synchronize]
jobs: review: runs-on: ubuntu-latest permissions: contents: write pull-requests: write
steps:
- uses: actions/checkout@v4
with: fetch-depth: 0
- uses: Kirill89/reviewcerberus/action@v1
with: model_provider: anthropic anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
The action posts review comments directly on your PR. See GitHub Action for all options.
Usage
Basic Commands
Run code review
poetry run reviewcerberus
Custom target branch
poetry run reviewcerberus --target-branch develop
Custom output location
poetry run reviewcerberus --output /path/to/review.md poetry run reviewcerberus --output /path/to/dir/ # Auto-generates filename
Output as JSON instead of markdown
poetry run reviewcerberus --json
Different repository
poetry run reviewcerberus --repo-path /path/to/repo
Add custom review guidelines
poetry run reviewcerberus --instructions guidelines.md
Enable verification mode (experimental)
poetry run reviewcerberus --verify
Enable SAST pre-scan (experimental)
poetry run reviewcerberus --sast
Example Commands
Full review with custom guidelines
poetry run reviewcerberus --target-branch main \ --output review.md --instructions guidelines.md
Review a different repo
poetry run reviewcerberus --repo-path /other/repo
What's Included
Comprehensive Code Review
Detailed analysis covering:
Logic & Correctness: Bugs, edge cases, error handling
Security: OWASP issues, access control, input validation
Performance: N+1 queries, bottlenecks, scalability
Code Quality: Duplication, complexity, maintainability
Side Effects: Impact on other system parts
Testing: Coverage gaps, missing test cases
Documentation: Missing or outdated docs, unclear comments
Structured Output
Every review includes:
Summary: High-level overview of changes and risky areas
Issues Table: All issues at a glance with severity indicators (🔴 CRITICAL, 🟠 HIGH, 🟡 MEDIUM, 🟢 LOW)
Detailed Issues: Each issue with explanation, location, and suggested fix
Verification Mode (Experimental)
Enable with --verify flag to reduce false positives using Chain-of-Verification (CoVe):
Generate Questions: Creates falsification questions for each issue
Answer Questions: Answers questions using code context
Score Confidence: Assigns 1-10 confidence score based on evidence
Each issue in the output includes a confidence score and rationale.
SAST Integration (Experimental)
Enable with --sast flag to run an OpenGrep (Semgrep fork) pre-scan before the AI review:
Scans only new findings introduced by the current branch
Findings are provided to the AI agent as supplementary context
The agent independently verifies each finding and dismisses false positives
Combines static analysis precision with AI contextual understanding
How It Works
Detects current git branch and repository
Collects all context upfront: changed files, commit messages, and diffs
Analyzes using AI agent with access to:
Full diff context (truncated at 10k chars per file)
File reading with line ranges
Pattern search across codebase
Directory listing
Generates structured review output rendered as markdown
Progress Display:
Repository: /path/to/repo Current branch: feature-branch Target branch: main
Found 3 changed files:
- src/main.py (modified)
- src/utils.py (modified)
- tests/test_main.py (added)
Starting code review...
🤔 Thinking... ⏱️ 3.0s 🔧 read_file_part: src/main.py
✓ Review completed: review_feature-branch.md
Token Usage: Input tokens: 6,856 Output tokens: 1,989 Total tokens: 8,597
Configuration
All configuration via environment variables (.env file):
Provider Selection
MODEL_PROVIDER=bedrock # or "anthropic", "ollama", "moonshot" (default: bedrock)
AWS Bedrock (if MODEL_PROVIDER=bedrock)
AWS_ACCESS_KEY_ID=your_key AWS_SECRET_ACCESS_KEY=your_secret AWS_REGION_NAME=us-east-1 MODEL_NAME=us.anthropic.claude-opus-4-5-20251101-v1:0 # optional
Docker example with Bedrock:
docker run --rm -it -v $(pwd):/repo \ -e AWS_ACCESS_KEY_ID=your_key \ -e AWS_SECRET_ACCESS_KEY=your_secret \ -e AWS_REGION_NAME=us-east-1 \ kirill89/reviewcerberus:latest \ --repo-path /repo --output /repo/review.md
Anthropic API (if MODEL_PROVIDER=anthropic)
ANTHROPIC_API_KEY=sk-ant-your-api-key-here MODEL_NAME=claude-opus-4-5-20251101 # optional
Ollama (if MODEL_PROVIDER=ollama)
MODEL_PROVIDER=ollama OLLAMA_BASE_URL=http://localhost:11434 # optional, default MODEL_NAME=deepseek-v3.1:671b-cloud # optional
Docker example with Ollama:
Assumes Ollama running on host machine
docker run --rm -it -v $(pwd):/repo \ -e MODEL_PROVIDER=ollama \ -e OLLAMA_BASE_URL=http://host.docker.internal:11434 \ kirill89/reviewcerberus:latest \ --repo-path /repo --output /repo/review.md
Moonshot (if MODEL_PROVIDER=moonshot)
MODEL_PROVIDER=moonshot MOONSHOT_API_KEY=sk-your-api-key-here MOONSHOT_API_BASE=https://api.moonshot.ai/v1 # optional, default MODEL_NAME=kimi-k2.5 # optional
Optional Settings
MAX_OUTPUT_TOKENS=10000 # Maximum tokens in response TOOL_CALL_LIMIT=100 # Maximum tool calls before forcing output VERIFY_MODEL_NAME=... # Model for verification (defaults to MODEL_NAME)
Custom Review Prompts
Customize prompts in src/agent/prompts/:
full_review.md - Main review prompt
context_summary.md - Context compaction for large PRs
GitHub Action
Use ReviewCerberus as a GitHub Action for automated PR reviews.
Action Inputs
Input Description Default
model_provider Provider: bedrock, anthropic, ollama, or moonshot bedrock
anthropic_api_key Anthropic API key -
aws_access_key_id AWS Access Key ID (Bedrock) -
aws_secret_access_key AWS Secret Access Key (Bedrock) -
aws_region_name AWS Region (Bedrock) us-east-1
model_name Model name (provider-specific) -
verify Enable Chain-of-Verification false
sast Enable OpenGrep SAST pre-scan false
min_confidence Min confidence score 1-10 (requires verify) -
fail_on Fail if issues at or above this severity: critical, high, medium, low -
instructions Path to custom review guidelines -
Example with Verification
- uses: Kirill89/reviewcerberus/action@v1
with: model_provider: anthropic anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} verify: "true" min_confidence: "7"
Example with SAST
- uses: Kirill89/reviewcerberus/action@v1
with: model_provider: anthropic anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} sast: "true"
Example as Quality Gate
- uses: Kirill89/reviewcerberus/action@v1
with: model_provider: anthropic anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} fail_on: "high"
Example with AWS Bedrock
- uses: Kirill89/reviewcerberus/action@v1
with: model_provider: bedrock aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws_region_name: us-east-1
What the Action Does
Runs the review using the Docker image
Resolves any existing review threads from previous runs
Posts a summary comment with all issues
Creates inline review comments on specific lines
Development
Local Installation
For local development (not required for Docker usage):
Clone and install
git clone poetry install
Configure credentials
cp .env.example .env
Edit .env with your provider credentials
See Configuration for credential setup.
Run Tests
make test
or
poetry run pytest -v
Integration Test (act)
End-to-end test of the GitHub Action using act with mock Ollama and GitHub API servers:
make act-test
Prerequisites: Docker and act must be installed.
This builds the Docker image, starts mock servers, runs the full action workflow locally, then verifies the recorded API requests with vitest.
Linting & Formatting
make lint # Check with mypy, isort, black, mdformat make format # Auto-format with isort and black
Building Docker Image
make docker-build # Build locally make docker-build-push # Build and push (multi-platform)
Version is auto-read from pyproject.toml. See DOCKER.md for details.
Project Structure
├── src/ # Python CLI │ ├── config.py # Configuration │ ├── main.py # CLI entry point │ └── agent/ │ ├── agent.py # Agent setup │ ├── model.py # Model initialization │ ├── runner.py # Review execution │ ├── prompts/ # Review prompts │ ├── schema.py # Data models (structured output) │ ├── git_utils/ # Git operations │ ├── formatting/ # Context and output rendering │ ├── verification/ # Chain-of-Verification pipeline │ ├── progress_callback_handler.py │ └── tools/ # 3 review tools │ └── action/ # GitHub Action (TypeScript) ├── action.yml # Action definition ├── src/ # Action source code └── dist/ # Bundled action
Code Quality Standards
Strict type checking: All functions require type annotations
Return types: Must be explicit (warn_return_any = true)
Formatting: Black + isort with black profile
Testing: Integration tests with real git operations
Requirements
Python 3.11+
Git
One of:
AWS Bedrock access with Claude models
Anthropic API key
Poetry (for development)
License
MIT
About
AI-powered code review tool that analyzes git branch differences and generates comprehensive review reports. Supports AWS Bedrock and Anthropic API. Features automated analysis of logic, security, performance, and code quality with smart token efficiency through prompt caching.
Topics
git
cli
automation
ai
static-analysis
code-analysis
developer-tools
code-review
code-quality
security-analysis
claude
github-actions
github-action
llm
langchain
ollama
aws-bedrock
Resources
Readme
License
MIT license
Uh oh!
There was an error while loading. Please reload this page.
Activity
Stars
30 stars
Watchers
3 watching
Forks
2 forks
Report repository
Contributors
Uh oh!
There was an error while loading. Please reload this page.
Languages
Python 67.7%
TypeScript 29.0%
JavaScript 1.2%
Dockerfile 1.1%
Makefile 1.0%