An automated code review agent that leverages Google's Gemini models and LangGraph to provide intelligent, multi-perspective feedback on GitHub Pull Requests. This agent scans PR diffs for security vulnerabilities, performance bottlenecks, and adherence to Python best practices, then posts summarized reports directly back to GitHub.
- Multi-Agent Analysis: Uses a specialized graph-based workflow to run three distinct analysis nodes:
- Security Agent: Scans for SQL injection, XSS, hardcoded secrets, and PII exposure.
- Performance Agent: Identifies N+1 queries, expensive loops, and memory leaks.
- Style Agent: Ensures PEP8 compliance, proper naming conventions, and type hint usage.
- Interactive Web UI: Built with Streamlit for easy PR URL entry and real-time analysis visualization.
- Direct GitHub Integration: Automatically fetches PR file patches and posts structured review comments (including code suggestions) back to the PR.
- Structured Output: Utilizes Pydantic models to ensure consistent reporting of issue severity, line numbers, and actionable advice.
The system is built on a LangGraph state machine, which orchestrates the flow of data between different AI specialized agents:
- Entry: Fetches files from GitHub via
GitHubConnector. - Security Scan: Initial analysis for critical vulnerabilities.
- Performance Scan: Evaluation of code efficiency.
- Style Scan: Linting and best practice review.
- Aggregator: Consolidates all agent findings into a final report.
- LLM: Google Gemini 2.5 Flash Lite
- Orchestration: LangChain & LangGraph
- Frontend: Streamlit
- API: PyGithub
- Validation: Pydantic
- Python 3.11+
- A GitHub Personal Access Token (with repo permissions)
- A Google AI (Gemini) API Key
- Clone the repository:
git clone https://github.com/manthan-jsharma/ai-pr-agent.git
cd ai-pr-agent- Install dependencies:
pip install -r requirements.txt- Configure Environment Variables: Create a
.envfile in the root directory or configure Streamlit secrets:
GITHUB_ACCESS_TOKEN=your_github_token
GOOGLE_API_KEY=your_gemini_api_key
Launch the interactive dashboard to review PRs by URL:
streamlit run app.py- Enter a public GitHub PR URL (e.g.,
https://github.com/user/repo/pull/1). - Click Run Analysis to see identified issues.
- Review suggestions and click Post These Comments to GitHub to update the PR.
For automated or local testing, run the agent via the terminal:
python main.pyNote: Update the REPO and PR_ID variables in main.py before running.
agent.py: Defines the LangGraph workflow and individual agent prompts.app.py: Streamlit frontend implementation.github_utils.py: GitHub API wrappers for fetching files and posting comments.models.py: Data schemas forCodeIssueandPRReviewResult.main.py: Entry point for CLI-based reviews..devcontainer/: Configuration for VS Code Dev Containers.