AI-powered local code reviewer — catch issues before you push
Project description
critiq
AI-powered local code reviewer — catch issues before you push.
critiq reads your git diff and runs an AI review before you push. It flags security vulnerabilities, bugs, and performance issues with severity ratings so you can fix what matters most.
$ critiq
Reviewing staged changes · +28/-6 lines · src/auth.py, src/db.py
┌─────────────────── Summary ────────────────────────────────┐
│ 🚨 Needs work │
│ │
│ The change introduces direct SQL string interpolation, │
│ a critical security vulnerability. │
└────────────────────────────────────────────────────────────┘
┌── 🚨 [CRITICAL] SQL Injection vulnerability ──────────────┐
│ src/auth.py L42 security │
│ │
│ **Issue:** User input interpolated into SQL string │
│ **Fix:** Use parameterized queries: │
│ db.execute("SELECT * FROM users WHERE name=?", (user,)) │
└───────────────────────────────────────────────────────────┘
┌── ⚠️ [WARNING] Missing input validation ──────────────────┐
│ src/db.py L15 correctness │
│ │
│ **Issue:** `user_id` can be None; no null check before use │
│ **Fix:** Add `if user_id is None: raise ValueError(...)` │
└───────────────────────────────────────────────────────────┘
Install
pip install critiq
Set your API key (or use Ollama for zero-cost local review):
export ANTHROPIC_API_KEY=your-key # Claude (default)
export OPENAI_API_KEY=your-key # or OpenAI
# or use --provider ollama # local, no API key needed
Usage
# Review staged changes (most common — run before git push)
critiq
# Review all changes vs main branch
critiq --diff main
# Review a specific file
critiq --file src/auth.py
# Focus on a specific concern
critiq --focus security
critiq --focus performance
critiq --focus readability
critiq --focus correctness
# Only show critical issues
critiq --severity critical
# Compact output (good for scripts/CI)
critiq --compact
# Add context for the AI reviewer
critiq --context "This module handles payments — be strict about error handling"
# Use local Ollama (no API key)
critiq --provider ollama --model llama3.2
# Use OpenAI
critiq --provider openai --model gpt-4o
Focus Areas
| Flag | Reviews |
|---|---|
--focus all |
Everything (default) |
--focus security |
SQL injection, auth, XSS, SSRF, secrets exposure |
--focus performance |
N+1 queries, blocking I/O, inefficient algorithms |
--focus correctness |
Logic bugs, null handling, edge cases, race conditions |
--focus readability |
Naming, complexity, dead code, missing docs |
--focus style |
Formatting, conventions, unused imports |
Severity Levels
| Level | Meaning |
|---|---|
| 🚨 CRITICAL | Must fix before merging (critiq exits with code 1) |
| ⚠️ WARNING | Should fix |
| ℹ️ INFO | Consider fixing |
| 💡 SUGGESTION | Nice to have |
critiq exits with code 1 if any CRITICAL issues are found, making it easy to use in pre-push hooks or CI.
Pre-push Hook
Add to .git/hooks/pre-push to automatically review before every push:
#!/bin/sh
critiq --diff origin/main --severity critical --compact
chmod +x .git/hooks/pre-push
Now every git push automatically runs a security review. The push is blocked only if CRITICAL issues are found.
Providers
| Provider | Command | Notes |
|---|---|---|
| Claude (default) | --provider claude |
Best results; requires ANTHROPIC_API_KEY |
| OpenAI | --provider openai |
Requires OPENAI_API_KEY |
| Ollama | --provider ollama |
Free, runs locally; no API key needed |
# Default model per provider
critiq --provider claude # claude-opus-4-6
critiq --provider openai # gpt-4o
critiq --provider ollama # llama3.2
# Custom model
critiq --provider claude --model claude-haiku-4-5-20251001 # faster + cheaper
critiq --provider ollama --model codellama
Developer Workflow Integration
critiq fits into the AI-powered git workflow:
# 1. Morning: generate standup from yesterday's commits
standup-ai ~/projects/myapp
# 2. Write code, then review before committing
critiq # AI review of staged changes
git add -p # stage what looks good
# 3. Generate conventional commit message
gpr --commit-run
# 4. Pack codebase context for LLM-assisted PR review
gitbrief . --budget 8000 --clipboard
# 5. Generate PR description
gpr
# 6. At release: generate CHANGELOG
changelog-ai --from v0.1.0 --prepend CHANGELOG.md
Related Tools
- gitbrief — git-history-aware context packer for LLMs
- gpr — AI commit messages + PR descriptions
- standup-ai — daily standup from git commits
- changelog-ai — AI-generated CHANGELOG
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
critiq-0.1.0.tar.gz
(16.6 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
critiq-0.1.0-py3-none-any.whl
(14.3 kB
view details)
File details
Details for the file critiq-0.1.0.tar.gz.
File metadata
- Download URL: critiq-0.1.0.tar.gz
- Upload date:
- Size: 16.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
89acca87c144aab195ce7fc22f161d4097e32e6af20155602cd275097f44d22c
|
|
| MD5 |
8ca419f9dc07e875ecedce1ba908c2c5
|
|
| BLAKE2b-256 |
7a0b5f98197dd1ee4a70335d929c45f17d38257e5aa8c5131ea4bdc5e48da9de
|
File details
Details for the file critiq-0.1.0-py3-none-any.whl.
File metadata
- Download URL: critiq-0.1.0-py3-none-any.whl
- Upload date:
- Size: 14.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b995a00e199b43d78a0c7fcf000f7989dd321e6cad0edbb78340070c93cdc0a0
|
|
| MD5 |
82b7ccaa5ea59bfe71352c74e8355410
|
|
| BLAKE2b-256 |
544598d0c5316f33c480432a4c1029015fce5286c82eaed9614db7fac00ea29f
|
