PR review agent

Build a PR review agent that runs on every pull request, reads your repo's CLAUDE.md or AGENTS.md, reviews the diff against those rules, and posts structured feedback as a comment. About 40 lines of Python and a 20-line GitHub Action.

View source on GitHub

What you'll build

• An AI reviewer that runs automatically on every PR via GitHub Actions
• Reads CLAUDE.md or AGENTS.md from your repo to enforce project-specific rules
• Posts structured reviews with categorized issues, security analysis, and test coverage checks

Prerequisites

• Python 3.10+
• Composio API key
• OpenAI API key
• A GitHub repository where you have admin access (for adding secrets and workflows)

Stack: Python, OpenAI Agents SDK, Composio, GitHub Actions

Set up the project

Create a new directory and install dependencies:

mkdir pr-review-agent && cd pr-review-agent
pip install composio composio-openai-agents openai-agents

Set your API keys:

COMPOSIO_API_KEY=your_composio_api_key
OPENAI_API_KEY=your_openai_api_key

Build the agent

Create agent.py:

<include meta='title="agent.py"'>../../examples/pr-review-agent/agent.py</include>

Here's what's happening:

1. Session creation: composio.create(user_id="user_123", toolkits=["github"]) creates a session with GitHub tools like GITHUB_GET_A_PULL_REQUEST, GITHUB_LIST_PULL_REQUESTS_FILES, and GITHUB_CREATE_A_REVIEW_FOR_A_PULL_REQUEST.

2. CLAUDE.md / AGENTS.md as review rules: The agent checks for either file in the repo root and uses it as its review checklist. Your existing project standards become the review guide with zero extra setup.

3. Focused review: The agent only flags new code that could break something or mislead someone. It skips style preferences, pre-existing issues, and anything CI already catches.

Run it locally

python agent.py

If you haven't connected GitHub yet, the agent will prompt you with an auth link. Authorize and rerun.

To review a specific PR:

GITHUB_REPO=owner/repo PR_NUMBER=42 python agent.py

Run it on every PR with GitHub Actions

Add agent.py to the root of your repo, then create .github/workflows/review.yml:

<include meta='title=".github/workflows/review.yml"'>../../examples/pr-review-agent/review.yml</include>

Your repo should look like this:

your-repo/
├── agent.py
├── .github/workflows/review.yml
└── CLAUDE.md (optional)

Then set up your repo:

1. Go to Settings > Secrets and variables > Actions
2. Add COMPOSIO_API_KEY and OPENAI_API_KEY as repository secrets
3. Connect GitHub to Composio (one-time setup). The agent runs as user_123 in CI, so that user needs a GitHub connection before the workflow can post reviews:

python -c "
from composio import Composio
composio = Composio()
session = composio.create(user_id='user_123', toolkits=['github'])
connection = session.authorize('github')
print('Visit this URL to connect GitHub:', connection.redirect_url)
connection.wait_for_connection()
print('Connected!')
"

After you authorize once, the connection persists. The GitHub Action will work for all future PRs.

How it works

When a PR is opened:

1. GitHub Actions triggers the workflow and runs agent.py
2. The agent creates a Composio session with GitHub tools
3. It fetches the PR details and diffs using GITHUB_GET_A_PULL_REQUEST and GITHUB_LIST_PULL_REQUESTS_FILES
4. It checks for CLAUDE.md or AGENTS.md in the repo root
5. It reviews the diff and posts a structured comment using GITHUB_CREATE_A_REVIEW_FOR_A_PULL_REQUEST

Composio handles OAuth, tool discovery, and API execution. You don't write any GitHub API code.

Take it further