Github Code Review
Run a structured, multi-agent GitHub PR review with security, performance, and style passes using gh CLI plus swarm orchestration.
Overview
GitHub Code Review is an agent skill most often used in Ship (also Build) that orchestrates multi-agent GitHub PR reviews via gh CLI and ruv-swarm.
Install
npx skills add https://github.com/ruvnet/ruflo --skill github-code-reviewWhat is this skill?
- Multi-agent review swarm: security, performance, style, architecture, and accessibility reviewers in one review-init pas
- GitHub CLI-first workflow: gh pr view/diff/comment to bind context, additions/deletions, and file lists to the swarm
- Depth control: comprehensive review mode with PR metadata and full diff piped into npx ruv-swarm github review-init
- PR automation: status comments, intelligent review commentary, and quality-gate style enforcement hooks
- Declared stack dependencies: github-cli, ruv-swarm, and claude-flow per skill metadata
- 5 named specialized review agents in the comprehensive example: security, performance, style, architecture, accessibilit
Adoption & trust: 695 installs on skills.sh; 58.5k GitHub stars; 0/3 security scanners passed (skills.sh audits).
What problem does it solve?
You merge PRs with shallow agent comments and no consistent split across security, performance, and architecture concerns.
Who is it for?
Small teams and solo builders using GitHub PRs who want swarm-based, category-specific review without standing up a full commercial code-review product.
Skip if: Repos not on GitHub, flows without gh CLI access, or teams that forbid automated PR comments and require human-only review policy.
When should I use this skill?
You need comprehensive GitHub PR review with swarm coordination, automated comments, and multi-agent analysis beyond static lint.
What do I get? / Deliverables
You get an initialized review swarm, structured agent passes on the PR diff, and GitHub comments that act as a repeatable pre-merge quality gate.
- Swarm-initialized review run tied to a PR number
- Categorized findings aligned to reviewer roles
- GitHub PR comments documenting review status and results
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Canonical shelf is Ship because the skill is built around pull requests, diffs, and review comments—the quality gate before merge and release. Review subphase matches PR-centric workflows: review-init, specialized agents, and comment generation on GitHub threads.
Where it fits
Pipe gh pr diff 123 into review-init with security and architecture agents before approving merge.
Run the security reviewer agent on a PR that touches auth and secrets handling.
Validate an API integration PR with performance and style agents while feature work is still open.
How it compares
Use as a workflow orchestration layer on top of gh pr diff—not a drop-in substitute for platform-native required reviewers or SOC2-grade SAST alone.
Common Questions / FAQ
Who is github-code-review for?
It is for developers shipping on GitHub who want AI-assisted, multi-topic PR reviews coordinated through github-cli and ruv-swarm from an agent session.
When should I use github-code-review?
Use it in Ship during PR review before merge; also late in Build when a feature branch is ready for comprehensive security, performance, and architecture passes on the diff.
Is github-code-review safe to install?
It needs GitHub API access via gh, npm/npx for ruv-swarm, and can post PR comments; review the Security Audits panel on this page and scope tokens to the repos you trust.
SKILL.md
READMESKILL.md - Github Code Review
# GitHub Code Review Skill > **AI-Powered Code Review**: Deploy specialized review agents to perform comprehensive, intelligent code reviews that go beyond traditional static analysis. ## 🎯 Quick Start ### Simple Review ```bash # Initialize review swarm for PR gh pr view 123 --json files,diff | npx ruv-swarm github review-init --pr 123 # Post review status gh pr comment 123 --body "🔍 Multi-agent code review initiated" ``` ### Complete Review Workflow ```bash # Get PR context with gh CLI PR_DATA=$(gh pr view 123 --json files,additions,deletions,title,body) PR_DIFF=$(gh pr diff 123) # Initialize comprehensive review npx ruv-swarm github review-init \ --pr 123 \ --pr-data "$PR_DATA" \ --diff "$PR_DIFF" \ --agents "security,performance,style,architecture,accessibility" \ --depth comprehensive ``` --- ## 📚 Table of Contents <details> <summary><strong>Core Features<$strong><$summary> - [Multi-Agent Review System](#multi-agent-review-system) - [Specialized Review Agents](#specialized-review-agents) - [PR-Based Swarm Management](#pr-based-swarm-management) - [Automated Workflows](#automated-workflows) - [Quality Gates & Checks](#quality-gates--checks) <$details> <details> <summary><strong>Review Agents<$strong><$summary> - [Security Review Agent](#security-review-agent) - [Performance Review Agent](#performance-review-agent) - [Architecture Review Agent](#architecture-review-agent) - [Style & Convention Agent](#style--convention-agent) - [Accessibility Agent](#accessibility-agent) <$details> <details> <summary><strong>Advanced Features<$strong><$summary> - [Context-Aware Reviews](#context-aware-reviews) - [Learning from History](#learning-from-history) - [Cross-PR Analysis](#cross-pr-analysis) - [Custom Review Agents](#custom-review-agents) <$details> <details> <summary><strong>Integration & Automation<$strong><$summary> - [CI/CD Integration](#cicd-integration) - [Webhook Handlers](#webhook-handlers) - [PR Comment Commands](#pr-comment-commands) - [Automated Fixes](#automated-fixes) <$details> --- ## 🚀 Core Features ### Multi-Agent Review System Deploy specialized AI agents for comprehensive code review: ```bash # Initialize review swarm with GitHub CLI integration PR_DATA=$(gh pr view 123 --json files,additions,deletions,title,body) PR_DIFF=$(gh pr diff 123) # Start multi-agent review npx ruv-swarm github review-init \ --pr 123 \ --pr-data "$PR_DATA" \ --diff "$PR_DIFF" \ --agents "security,performance,style,architecture,accessibility" \ --depth comprehensive # Post initial review status gh pr comment 123 --body "🔍 Multi-agent code review initiated" ``` **Benefits:** - ✅ Parallel review by specialized agents - ✅ Comprehensive coverage across multiple domains - ✅ Faster review cycles with coordinated analysis - ✅ Consistent quality standards enforcement --- ## 🤖 Specialized Review Agents ### Security Review Agent **Focus:** Identify security vulnerabilities and suggest fixes ```bash # Get changed files from PR CHANGED_FILES=$(gh pr view 123 --json files --jq '.files[].path') # Run security-focused review SECURITY_RESULTS=$(npx ruv-swarm github review-security \ --pr 123 \ --files "$CHANGED_FILES" \ --check "owasp,cve,secrets,permissions" \ --suggest-fixes) # Post findings based on severity if echo "$SECURITY_RESULTS" | grep -q "critical"; then # Request changes for critical issues gh pr review 123 --request-changes --body "$SECURITY_RESULTS" gh pr edit 123 --add-label "sec