PR Guardian AI is an advanced GitHub App that automatically reviews pull requests using artificial intelligence. It reads your code diffs, finds problems, and writes professional comments inside the PR, just like a human reviewer.
This tool helps developers deliver high-quality code faster, reduces review workload, and provides consistent feedback across teams.
| Feature | Description |
|---|---|
| AI-powered Code Review | Automatically analyzes PR diffs using OpenAI. |
| Detects Code Issues | Finds bugs, security risks, optimization issues, unused code, etc. |
| Comments Inside PR | Posts human-like comments directly in the conversation. |
| Real-Time Webhook Processing | Handles PR events instantly (opened, updated). |
| Secure GitHub App Authentication | Uses JWT & installation token best practices. |
| Works on Any Repository | Easy installation & setup. |
| Developer Friendly | Fully open-source & customizable. |
GitHub triggers a webhook event:
pull_request with action opened, synchronize, etc.
Your backend receives it on:
POST /webhook
It contains:
- PR number
- repo information
- diff URL
- installation ID
Using X-Hub-Signature-256 and your GITHUB_WEBHOOK_SECRET.
It generates:
- JWT
- Installation Access Token
Using:
https://patch-diff.githubusercontent.com/raw/.../pull/<id>.diff
It sends diff to OpenAI with a structured prompt:
- detect bugs
- find performance issues
- detect bad naming
- security warnings
- suggest improvements
Using:
POST /repos/{owner}/{repo}/issues/{pr_number}/comments
┌──────────────┐
│ Developer │
│ creates PR │
└──────┬───────┘
│
▼
┌────────────────────┐
│ GitHub Webhook │────────────┐
└──────┬─────────────┘ │
│ (pull_request event) │
▼ │
┌───────────────────────┐ │
│ FastAPI Backend │ │
│ /webhook │ │
└──────┬────────────────┘ │
│ │
▼ │
┌─────────────────────────┐ │
│ Verify Signature │ │
└──────┬──────────────────┘ │
│ │
▼ │
┌─────────────────────────────┐ │
│ Generate GitHub JWT │ │
│ Get Installation Token │ │
└──────┬──────────────────────┘ │
│ │
▼ │
┌──────────────────────────────┐ │
│ Fetch PR diff (.diff) │ │
└──────┬───────────────────────┘ │
│ │
▼ │
┌────────────────────────────┐ │
│ Send code to OpenAI │ │
│ AI Review Engine │ │
└──────┬─────────────────────┘ │
│ │
▼ │
┌─────────────────────────────┐ │
│ GitHub API: Post Comment │◄──┘
│ inside Pull Request │
└─────────────────────────────┘
git clone https://github.com/AmirhosseinHonardoust/PR-Guardian-AI.git
cd github-ai-reviewerpip install -r requirements.txtGITHUB_APP_ID=123456
GITHUB_PRIVATE_KEY_PATH=./private-key.pem
GITHUB_WEBHOOK_SECRET=your-secret
OPENAI_API_KEY=your-key
LOG_LEVEL=info
uvicorn app.main:app --host 0.0.0.0 --port 8000npm install --global smee-client
smee --url https://smee.io/YOUR_ID --target http://localhost:8000/webhookGitHub → App settings → Webhook URL
https://smee.io/YOUR_ID
| Platform | Status | Difficulty |
|---|---|---|
| Railway | Recommended | Easy |
| Render | Works well | Medium |
| DigitalOcean Droplet | Medium | |
| Heroku | Requires paid Dyno | |
| VPS / Bare-metal | Full control |
Create or update a pull request → Check PR conversation → AI comments should appear automatically.
If not:
- Check GitHub delivery logs
- Check backend logs
- Check Smee console
Pull requests are welcome.
You can contribute:
- Better AI prompts
- Support for multiple file types
- Line-by-line review
- Security scanning
- Performance analysis
Distributed under the MIT License.
Built with care by Amir Hossein Honardoust Helping developers write clean, optimized, and secure code using AI.
If you like this project Star the repo and Share with others!