How to Automate Code Reviews with AI GitHub Actions

Code reviews are a bottleneck. Your senior dev is in meetings all day, PRs pile up, and junior devs wait. What if every PR got instant feedback the moment it was opened?

You can set that up in 15 minutes with GitHub Actions and AI.

What We're Building

A GitHub Action that triggers on every pull request, reads the diff, sends it to an AI model, and posts a review comment with suggestions, bugs, and improvements.

Step 1: Create the Workflow File

Create .github/workflows/ai-review.yml in your repo:

name: AI Code Review
on:
  pull_request:
    types: [opened, synchronize]

permissions:
  contents: read
  pull-requests: write

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Get PR diff
        id: diff
        run: |
          git diff origin/${{ github.base_ref }}...HEAD > diff.txt
          echo "diff_size=$(wc -c < diff.txt)" >> $GITHUB_OUTPUT

      - name: AI Review
        if: steps.diff.outputs.diff_size > 0
        env:
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
        run: |
          DIFF=$(cat diff.txt | head -c 10000)
          RESPONSE=$(curl -s https://api.anthropic.com/v1/messages \
            -H "content-type: application/json" \
            -H "x-api-key: $ANTHROPIC_API_KEY" \
            -H "anthropic-version: 2023-06-01" \
            -d "{
              \"model\": \"claude-sonnet-4-20250514\",
              \"max_tokens\": 1024,
              \"messages\": [{
                \"role\": \"user\",
                \"content\": \"Review this code diff. List bugs, security issues, and improvements. Be concise.\\n\\n$DIFF\"
              }]
            }")
          echo "$RESPONSE" | jq -r '.content[0].text' > review.txt

      - name: Post Review Comment
        uses: actions/github-script@v7
        with:
          script: |
            const fs = require('fs');
            const review = fs.readFileSync('review.txt', 'utf8');
            await github.rest.issues.createComment({
              owner: context.repo.owner,
              repo: context.repo.repo,
              issue_number: context.issue.number,
              body: `## 🤖 AI Code Review\n\n${review}`
            });

Step 2: Add Your API Key

Go to your repo's Settings > Secrets and variables > Actions. Add ANTHROPIC_API_KEY with your Claude API key.

You can use any AI provider here. Swap the curl command for OpenAI, Gemini, or whatever you prefer.

Step 3: Push and Test

git add .github/workflows/ai-review.yml
git commit -m "Add AI code review action"
git push

Open a pull request. Within 30 seconds, you'll see an AI review comment.

Making It Smarter

The basic version works, but here's how to level it up.

Focus on Changed Files Only

Large diffs overwhelm the AI. Filter to only the files that matter:

- name: Get relevant diff
  run: |
    git diff origin/${{ github.base_ref }}...HEAD \
      -- '*.ts' '*.js' '*.py' '*.go' \
      ':!package-lock.json' ':!*.min.js' \
      > diff.txt

This skips lock files, minified code, and non-code files.

Add Context with Your Coding Standards

STANDARDS=$(cat .github/CODING_STANDARDS.md 2>/dev/null || echo "No standards file found")

Include $STANDARDS in your prompt so the AI reviews against your team's conventions.

Review Only Large PRs Manually

- name: Skip small PRs
  if: steps.diff.outputs.diff_size < 500
  run: echo "PR too small for AI review, skipping"

Small PRs (typo fixes, config changes) don't need AI review. Save your API credits.

Handling Structured Feedback

If you want the AI to return structured data instead of freeform text, you can pipe the diff through a structured data API. For example, using StructureAI:

curl -X POST https://api-service-wine.vercel.app/api/extract \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_KEY" \
  -d "{
    \"text\": \"$(cat diff.txt | head -c 5000)\",
    \"schema\": \"custom\",
    \"custom_fields\": [\"bugs\", \"security_issues\", \"improvements\", \"severity\"]
  }"

This gives you JSON you can parse programmatically — useful if you want to block merges on critical bugs.

Cost Breakdown

Claude Sonnet costs roughly $0.003 per 1K input tokens. A typical PR diff is 500-2000 tokens. That's about $0.006 per review. For a team doing 50 PRs/week, that's $1.20/month.

Compare that to the hours your senior devs spend reviewing.

What This Won't Replace

AI code review catches patterns: unused variables, missing error handling, security anti-patterns, style violations. It won't catch business logic errors or architectural problems. Keep human reviews for those.

Use AI for the first pass. Let humans focus on the hard stuff.

Try It Now

1. Copy the workflow file above
2. Add your API key to GitHub Secrets
3. Open a PR and watch it work

The whole setup takes 15 minutes. Your team gets instant feedback on every PR from now on.

---

Built by Avatrix LLC. Need structured data extraction? Try StructureAI — 10 free requests with the MCP server.