An AI tool that reads every PR and posts a senior-engineer-style briefing.
Project description
PR Context Engine
An AI tool that reads every PR and writes the briefing — and the fixes — a senior engineer would, with the calibration data to prove it's not just guessing.
What it does
Every PR opens with three problems for the reviewer: what is this actually doing, what could it break, and what should I push back on. A diff doesn't answer any of those.
PR Context Engine reads the diff plus surrounding code, recent git history, and semantically similar code from elsewhere in the repo, then posts a terse briefing written like a senior backend engineer would write it:
## PR Briefing
**What changed**
Refactors the session token storage from an in-memory dict to Redis, adding a
configurable TTL. The auth middleware is updated to hit Redis on every request.
**Blast radius**
Any caller of `get_session()` now depends on Redis being reachable. If Redis is
down, all authenticated requests will 401. The previous in-memory store had no
such single point of failure.
**Risk flags**
- `modifies_auth`: src/auth/session.py line 42 — `token = generate_token(user_id)`
**Questions for the reviewer**
1. The Redis client is initialised once at import time — is there a reconnect
strategy if the connection drops mid-deploy?
2. `SESSION_TTL` defaults to 3600 but the old in-memory store had no TTL — have
existing sessions been migrated or will they all expire immediately after deploy?
3. There are no tests for the Redis-down path — is 401-on-outage the intended
degradation, or should it fall back to the old store?
No praise. No filler. No "this LGTM." Just the context a reviewer needs.
Quickstart (5 minutes)
Option A — GitHub Action (recommended)
- Get a free Groq API key — no credit card.
- Add it as a secret: Settings → Secrets → Actions → New secret →
GROQ_API_KEY. - Enable write permissions: Settings → Actions → General → Workflow permissions → Read and write.
- Add this to
.github/workflows/pr-briefing.yml:
name: PR Briefing
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
brief:
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: read
steps:
- uses: paramahastha/pr-context-engine@main
with:
groq-api-key: ${{ secrets.GROQ_API_KEY }}
That's it. Every new PR gets a briefing comment automatically.
Option B — CLI (any CI or local)
pipx install pr-context-engine
export GROQ_API_KEY=<your-groq-key>
export GITHUB_TOKEN=$(gh auth token)
# Check your setup first
pr-context-engine quickstart
# Dry-run: see the briefing without posting it
pr-context-engine review --pr 42 --repo owner/name --dry-run
# Post the real comment
pr-context-engine review --pr 42 --repo owner/name
Switching LLM providers
Set LLM_PROVIDER to any of groq (default), gemini, ollama, or anthropic. Nothing downstream changes.
| Provider | Key env var | Notes |
|---|---|---|
groq (default) |
GROQ_API_KEY |
Free, ~1 000 req/day, fast |
gemini |
GEMINI_API_KEY |
Free-tier fallback; auto-engaged on Groq 429 |
ollama |
— | Local, offline, no rate limits |
anthropic |
ANTHROPIC_API_KEY |
BYO key, no free tier |
Automatic failover: if GEMINI_API_KEY is set, the tool fails over to Gemini on any Groq 429 or error and notes it in the PR comment footer. See ADR-7.
Fix suggestions (opt-in)
When ENABLE_FIXES=true, the tool generates confidence-gated patch suggestions for located issues. Only high/medium confidence suggestions become one-click GitHub suggestion blocks; low confidence produces prose notes only. Max 3 suggestions per PR.
- uses: paramahastha/pr-context-engine@main
with:
groq-api-key: ${{ secrets.GROQ_API_KEY }}
enable-fixes: "true"
See ADR-5 for why this is opt-in and confidence-gated.
Eval results
pytest tests/eval/ produces a scorecard across five rubric dimensions (Accuracy, Blast radius, Risk flags, Question quality, Brevity) plus fix correctness and calibration rate.
pytest tests/eval/ -v
Results are committed to tests/eval/scores/ so improvements are visible in git history. The headline metrics are fix correctness rate and false-confidence rate (when the model said high confidence, how often was the patch actually correct).
Architecture
Front door A: Front door B:
GitHub Action wrapper pipx install + run in any CI / locally
(paramahastha/pr-context-engine@main)
│ │
└────────────┬────────────────────┘
▼
┌─────────────────────────────────────┐
│ CLI core (src/cli.py + orchestrator)│
└─────────────────────────────────────┘
│
├──► analyzers/ diff → FileChange objects, AST symbols, risk flags
├──► context/ git history, sqlite-vec codebase index (RAG)
├──► briefing/ prompt assembly → LLM call → structured output
├──► fixes/ confidence-gated patch suggestions (opt-in)
├──► llm/ pluggable providers + FailoverProvider
└──► github_api/ fetch diff, post comment + suggestion blocks
The CLI is the product; the GitHub Action is a thin wrapper. See docs/architecture.md and docs/design-decisions.md.
Data & privacy
What leaves your machine:
- The PR diff and parsed metadata (file paths, function names, changed lines) are sent to the active LLM provider (Groq or Gemini by default).
- No source code beyond the diff is sent to any external API. The codebase index (RAG) runs entirely locally via
fastembed+sqlite-vec. - Git history and PR metadata are fetched from the GitHub API using your
GITHUB_TOKEN.
Provider data policies:
- Groq and Gemini free tiers may use inputs for model improvement. See their respective privacy policies before using on private/sensitive repos.
- Use
LLM_PROVIDER=ollamaorLLM_PROVIDER=anthropic(withANTHROPIC_API_KEY) if you need a provider with stronger data-isolation guarantees. - The tool has no shared backend. Your API key, your quota, your data.
Configuration
See CONFIG.md for the full reference of every env var and flag.
Design decisions
See docs/design-decisions.md for ADRs covering: why provider abstraction is built early, why SQLite over Pinecone, why fixes are opt-in, why MIT license, and more.
Cost
$0/month for a portfolio-scale project on public repos.
- GitHub Actions: free for public repos.
- Groq: free tier, ~1 000 req/day.
- Gemini fallback: free tier (~1 500 req/day).
- Local embeddings (
fastembed): $0, no API. - The tool has no shared backend — your usage costs stay yours regardless of how many repos adopt it.
Contributing
See CONTRIBUTING.md. Bug reports and feature requests go in Issues.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pr_context_engine-0.1.0.tar.gz.
File metadata
- Download URL: pr_context_engine-0.1.0.tar.gz
- Upload date:
- Size: 163.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0b500988d3a123b09053f0e18f4035a91fb4db12fa67992d8da7d431f27ba910
|
|
| MD5 |
ed5a49a6bbb42d9ddac367c1974c638b
|
|
| BLAKE2b-256 |
9d68a9649cf6b642ede2eaa00f4e0a975b5fd5145e40c350b4ddaa0586578c3f
|
Provenance
The following attestation bundles were made for pr_context_engine-0.1.0.tar.gz:
Publisher:
release.yml on paramahastha/pr-context-engine
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
pr_context_engine-0.1.0.tar.gz -
Subject digest:
0b500988d3a123b09053f0e18f4035a91fb4db12fa67992d8da7d431f27ba910 - Sigstore transparency entry: 1575528303
- Sigstore integration time:
-
Permalink:
paramahastha/pr-context-engine@90c0b3868b3c98aef76a12d6493fc54676e1a33e -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/paramahastha
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@90c0b3868b3c98aef76a12d6493fc54676e1a33e -
Trigger Event:
push
-
Statement type:
File details
Details for the file pr_context_engine-0.1.0-py3-none-any.whl.
File metadata
- Download URL: pr_context_engine-0.1.0-py3-none-any.whl
- Upload date:
- Size: 39.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
897cb97e85f4dc88d0202c603b85cf18b06092e8fd98d46503b63d98e6df3b7e
|
|
| MD5 |
0e7729ec487322d20058fbdc140180c2
|
|
| BLAKE2b-256 |
2537e173247e247f953bbaa2a2fdf7132a0df971095a78bd7812551b1f2e605f
|
Provenance
The following attestation bundles were made for pr_context_engine-0.1.0-py3-none-any.whl:
Publisher:
release.yml on paramahastha/pr-context-engine
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
pr_context_engine-0.1.0-py3-none-any.whl -
Subject digest:
897cb97e85f4dc88d0202c603b85cf18b06092e8fd98d46503b63d98e6df3b7e - Sigstore transparency entry: 1575528334
- Sigstore integration time:
-
Permalink:
paramahastha/pr-context-engine@90c0b3868b3c98aef76a12d6493fc54676e1a33e -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/paramahastha
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@90c0b3868b3c98aef76a12d6493fc54676e1a33e -
Trigger Event:
push
-
Statement type: