AI-powered code review CLI tool for GitHub PRs
Project description
reviewkit
AI-powered code review CLI. Runs 100% locally — your code never leaves your machine.
Install
pip install reviewkit
Usage
Review a GitHub PR
reviewkit review https://github.com/owner/repo/pull/123
Review local changes
reviewkit review --path ./myproject
Scan entire directory
reviewkit scan ./src
Output formats
# JSON output
reviewkit review https://github.com/owner/repo/pull/123 --format json
# Markdown report
reviewkit scan . --format markdown --output report.md
Filter by severity
reviewkit scan . --severity high
What it checks
Security (SEC-*)
- Hardcoded secrets and API keys
- SQL injection vulnerabilities
- Command injection (os.system, shell=True)
- Dangerous eval()/exec() usage
- Insecure random for crypto
- Disabled SSL verification
- Insecure deserialization (pickle)
- XSS via innerHTML
- Weak hash algorithms (MD5/SHA1)
Performance (PERF-*)
- String concatenation in loops
- List membership testing (use sets)
- Nested loop detection
- len() in loop conditions
Code Quality (QUAL-*)
- TODO/FIXME/HACK comments
- Overly long functions (>50 lines)
- Bare except clauses
- Unused imports
- Magic numbers
- console.log in JS
- == instead of === in JS
General (GEN-*)
- Lines over 120 characters
- Trailing whitespace
Rules
reviewkit rules
Lists all available review rules with severity levels.
CI Integration
GitHub Actions
- name: Code Review
run: |
pip install reviewkit
reviewkit review ${{ github.event.pull_request.html_url }} --severity high
Exit codes:
0— No critical/high issues1— Critical issues found (blocks merge)
GitHub Token
For private repos, set GITHUB_TOKEN:
export GITHUB_TOKEN=ghp_xxxxxxxxxxxx
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
reviewkit-0.1.0.tar.gz
(12.7 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
reviewkit-0.1.0-py3-none-any.whl
(13.8 kB
view details)
File details
Details for the file reviewkit-0.1.0.tar.gz.
File metadata
- Download URL: reviewkit-0.1.0.tar.gz
- Upload date:
- Size: 12.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
29b7363c40adff0e60aa3f81eca6b6257092b4bd3537aa67931840d612b6ee89
|
|
| MD5 |
ee2288c1333e8c10cefa3c5a44bfffcf
|
|
| BLAKE2b-256 |
e29621c0d30cd516452dc57c04b7d8a7c513e5cee3a817388ea26a601d00f34b
|
File details
Details for the file reviewkit-0.1.0-py3-none-any.whl.
File metadata
- Download URL: reviewkit-0.1.0-py3-none-any.whl
- Upload date:
- Size: 13.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c00c7ed7bdf1335295388c194c8ddf0936a9efcb5254ed65cc9339814cc41aad
|
|
| MD5 |
169180cdf66faa811ef3120218b4ffd5
|
|
| BLAKE2b-256 |
0ce5a18f05c90a5c9a1e1129140fae359e753f07ad6166efa57f6bcc81b26cef
|
