DEV Community: Agentspan The latest articles on DEV Community by Agentspan (@agentspan). https://dev.to/agentspan https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Forganization%2Fprofile_image%2F13024%2Fa4023376-49ed-499a-b245-cf4e528cec3a.png DEV Community: Agentspan https://dev.to/agentspan en Three Reviewers, One PR, Zero Wait: Build a Parallel AI Agent Pipeline Deepti Reddy Fri, 10 Apr 2026 04:12:48 +0000 https://dev.to/agentspan/three-reviewers-one-pr-zero-wait-build-a-parallel-ai-agent-pipeline-1ncl https://dev.to/agentspan/three-reviewers-one-pr-zero-wait-build-a-parallel-ai-agent-pipeline-1ncl <p><em>By Deepti Reddy | April 2026</em></p> <p><em>This is Part 2 of an 8-part series covering every multi-agent strategy in AgentSpan. Today: the parallel strategy — multiple agents tackle the same input simultaneously.</em></p> <p>In Part 1, we built a sequential pipeline where each agent’s output feeds into the next: classifier &gt;&gt; responder &gt;&gt; escalation_checker. That works when steps depend on each other.</p> <p>But what about tasks where the steps are independent? A code review doesn’t need the bug reviewer to finish before the security reviewer starts. They can all look at the same code at the same time.</p> <p>Today, I will show you how to build a parallel code review pipeline with AgentSpan. Three reviewers, one piece of code, all running simultaneously. Results arrive together — no waiting.</p> <h3> What is Agentspan </h3> <p><strong>AgentSpan is an orchestration layer for building, bringing, and observing AI agents as durable workflows.</strong></p> <ul> <li><p><strong>Build:</strong> define agents with the Agentspan SDK using Agent, @tool, and 8 multi-agent strategies. Compiles to server-side workflows that survive crashes.</p></li> <li><p><strong>Bring:</strong> already using an agent framework such as LangGraph, OpenAI Agents SDK, or Google ADK. Pass your agents directly to run(). AgentSpan adds durability and orchestration on top.</p></li> <li><p><strong>Observe:</strong> every execution is inspectable in the dashboard. See agent flows, inputs/outputs, tool calls, and token usage. Debug failures, replay runs.</p></li> </ul> <h3> What we are building </h3> <p>A parallel code review with three specialist agents:</p> <ol> <li> <strong>Bug Reviewer</strong> : finds logic errors, crashes, and unhandled edge cases</li> <li> <strong>Security Reviewer</strong> : finds injection flaws, insecure defaults, and OWASP issues</li> <li> <strong>Style Reviewer</strong> : checks for type hints, docstrings, naming, and code quality</li> </ol> <p>All three receive the same code. All three run at the same time. Their results are collected into sub_results — one per agent.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Code → [Bug Reviewer] → bug findings → [Security Reviewer] → security findings → combined review → [Style Reviewer] → style suggestions This is the parallel strategy - agents fan out on the same input and their results arrive together. </code></pre> </div> <h3> Setup </h3> <p>Same as Part 1:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>agentspan agentspan server start </code></pre> </div> <h3> Defining the agents </h3> <p>Three agents, each with a different specialty:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">agentspan.agents</span> <span class="kn">import</span> <span class="n">Agent</span><span class="p">,</span> <span class="n">AgentRuntime</span><span class="p">,</span> <span class="n">Strategy</span> <span class="n">bug_reviewer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">bug_reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are a senior software engineer reviewing code for bugs. </span><span class="sh">"</span> <span class="sh">"</span><span class="s">Read the ACTUAL code carefully. Only report issues you can </span><span class="sh">"</span> <span class="sh">"</span><span class="s">point to in specific lines. Quote the exact code and explain </span><span class="sh">"</span> <span class="sh">"</span><span class="s">what</span><span class="sh">'</span><span class="s">s wrong.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">Look for: logic errors, unhandled edge cases, crashes, and </span><span class="sh">"</span> <span class="sh">"</span><span class="s">incorrect behavior.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">If the code has no bugs, say </span><span class="sh">'</span><span class="s">No bugs found.</span><span class="sh">'</span><span class="s"> </span><span class="sh">"</span> <span class="sh">"</span><span class="s">Do NOT invent issues. Do NOT give generic advice.</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> <span class="n">security_reviewer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">security_reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are an application security engineer reviewing code for </span><span class="sh">"</span> <span class="sh">"</span><span class="s">vulnerabilities. Read the ACTUAL code carefully. Only report </span><span class="sh">"</span> <span class="sh">"</span><span class="s">vulnerabilities you can point to in specific lines.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">Look for: injection flaws, insecure defaults, data exposure, </span><span class="sh">"</span> <span class="sh">"</span><span class="s">missing input validation, OWASP Top 10 issues. Rate each </span><span class="sh">"</span> <span class="sh">"</span><span class="s">finding as Critical, High, Medium, or Low.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">If the code has no security issues, say </span><span class="sh">'</span><span class="s">No security issues </span><span class="sh">"</span> <span class="sh">"</span><span class="s">found.</span><span class="sh">'</span><span class="s"> Do NOT invent vulnerabilities. Do NOT give generic </span><span class="sh">"</span> <span class="sh">"</span><span class="s">security advice.</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> <span class="n">style_reviewer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">style_reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are a Python code quality reviewer. Read the ACTUAL code </span><span class="sh">"</span> <span class="sh">"</span><span class="s">carefully. Only report style issues you can point to in </span><span class="sh">"</span> <span class="sh">"</span><span class="s">specific lines.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">Look for: missing type hints, missing docstrings, hardcoded </span><span class="sh">"</span> <span class="sh">"</span><span class="s">values, print vs logging, naming issues, readability.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">If the code style is good, say </span><span class="sh">'</span><span class="s">Code style looks good.</span><span class="sh">'</span><span class="s"> </span><span class="sh">"</span> <span class="sh">"</span><span class="s">Do NOT invent issues. Do NOT give generic advice.</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> </code></pre> </div> <p>Same Agent class as Part 1. Same model, same instructions pattern. The difference is what comes next.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwwfyr9kdy5yzhse8hqoq.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwwfyr9kdy5yzhse8hqoq.png" width="800" height="440"></a></p> <h3> The parallel strategy </h3> <p>Instead of &gt;&gt;, we wrap the agents in a parent agent with Strategy.PARALLEL:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">review</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span><span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">code_review</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">agents</span><span class="o">=</span><span class="p">[</span><span class="n">bug_reviewer</span><span class="p">,</span> <span class="n">security_reviewer</span><span class="p">,</span> <span class="n">style_reviewer</span><span class="p">],</span> <span class="n">strategy</span><span class="o">=</span><span class="n">Strategy</span><span class="p">.</span><span class="n">PARALLEL</span><span class="p">,</span> <span class="p">)</span> </code></pre> </div> <p>All three agents will run simultaneously on the same input. Compare this to sequential:</p> <h1> Sequential — each waits for the previous one </h1> <p>pipeline = bug_reviewer &gt;&gt; security_reviewer &gt;&gt; style_reviewer</p> <h1> Parallel — all run at the same time </h1> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">review</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span><span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">code_review</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">agents</span><span class="o">=</span><span class="p">[</span><span class="n">bug_reviewer</span><span class="p">,</span> <span class="n">security_reviewer</span><span class="p">,</span> <span class="n">style_reviewer</span><span class="p">],</span> <span class="n">strategy</span><span class="o">=</span><span class="n">Strategy</span><span class="p">.</span><span class="n">PARALLEL</span><span class="p">,</span> <span class="p">)</span> </code></pre> </div> <p>Same agents, different strategy. The sequential version takes 3x as long because each reviewer waits for the one before it. The parallel version takes as long as the slowest reviewer — roughly 1x.</p> <h3> The code to review </h3> <p>Let us feed it a short Python script with a mix of bugs, security issues, and style problems:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">code</span> <span class="o">=</span> <span class="sh">"""</span><span class="s"> import os def process_upload(filename, data): path = f</span><span class="sh">"</span><span class="s">/uploads/{filename}</span><span class="sh">"</span><span class="s"> with open(path, </span><span class="sh">"</span><span class="s">wb</span><span class="sh">"</span><span class="s">) as f: f.write(data) os.chmod(path, 0o777) return path def get_user(db, user_id): query = f</span><span class="sh">"</span><span class="s">SELECT * FROM users WHERE id = {user_id}</span><span class="sh">"</span><span class="s"> return db.execute(query).fetchone() def send_welcome(user): print(f</span><span class="sh">"</span><span class="s">Welcome {user[</span><span class="sh">'</span><span class="s">name</span><span class="sh">'</span><span class="s">]}!</span><span class="sh">"</span><span class="s">) return True </span><span class="sh">"""</span> </code></pre> </div> <p>Three functions, each with problems that a different reviewer would catch. The bug reviewer, security reviewer, and style reviewer each have something to find — but they don’t need each other’s output to do their job.</p> <h3> Running the review </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">with</span> <span class="nc">AgentRuntime</span><span class="p">()</span> <span class="k">as</span> <span class="n">runtime</span><span class="p">:</span><span class="n">result</span> <span class="o">=</span> <span class="n">runtime</span><span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="n">review</span><span class="p">,</span> <span class="n">code</span><span class="p">)</span> <span class="k">for</span> <span class="n">agent_name</span><span class="p">,</span> <span class="n">sub</span> <span class="ow">in</span> <span class="n">result</span><span class="p">.</span><span class="n">sub_results</span><span class="p">.</span><span class="nf">items</span><span class="p">():</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="se">\n</span><span class="si">{</span><span class="sh">'</span><span class="s">=</span><span class="sh">'</span> <span class="o">*</span> <span class="mi">50</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s"> </span><span class="si">{</span><span class="n">agent_name</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="sh">'</span><span class="s">=</span><span class="sh">'</span> <span class="o">*</span> <span class="mi">50</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="n">sub</span><span class="p">)</span> </code></pre> </div> <p>The key difference from Part 1: result.sub_results. In a sequential pipeline, you get one final output. In a parallel pipeline, you get a dictionary, one entry per agent.</p> <p>Let us see what each reviewer found.</p> <h3> Bug Reviewer </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>1. Security Risk (Path Injection): In the process_upload function, the line path = f"/uploads/{filename}" can be exploited if filename contains directory traversal characters (e.g., ../../etc/passwd). This could allow an attacker to write or overwrite protected files on the system. Proper validation or sanitization of filename is necessary to prevent this. 2. Security Risk (SQL Injection): In the get_user function, the query query = f"SELECT * FROM users WHERE id = {user_id}" directly interpolates user_id into the SQL query string. If user_id is not properly sanitized, this code is vulnerable to SQL injection attacks. Using parameterized queries or prepared statements would mitigate this risk. No other bugs found. </code></pre> </div> <h3> Security Reviewer </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>1. Filename Injection: The process_upload function constructs a file path using the unsanitized filename parameter directly from user input. This can lead to path traversal vulnerabilities. For example, a filename like ../../etc/passwd could be used to write outside the intended directory. Rating: High Reference: path = f"/uploads/{filename}" 2. Insecure File Permissions: The file uploaded through process_upload is given permissions 777, which means it is readable, writable, and executable by all users. This poses a security risk as anyone could modify or execute the file. Rating: High Reference: os.chmod(path, 0o777) 3. SQL Injection: The get_user function constructs an SQL query by directly embedding the user_id parameter into the query string without any sanitization. This can lead to SQL injection if user_id is derived from user-controlled input. Rating: Critical Reference: query = f"SELECT * FROM users WHERE id = {user_id}" No other security issues found. </code></pre> </div> <h3> Style Reviewer </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>1. Missing Type Hints: - process_upload is missing type hints for its parameters and return value. - get_user is missing type hints for its parameters and return value. - send_welcome is missing type hints for its parameter and return value. 2. Missing Docstrings: - process_upload lacks a docstring explaining its purpose. - get_user lacks a docstring explaining its purpose. - send_welcome lacks a docstring explaining its purpose. 3. Hardcoded Values: - In process_upload, the path "/uploads/" and the permissions 0o777 are hardcoded. 4. Print vs Logging: - send_welcome uses print() to output text, which is generally discouraged in favor of using a logging framework. </code></pre> </div> <p>Three different perspectives, all from the same code, all produced simultaneously. The bug reviewer found path injection and SQL injection, then said “no other bugs found.” The security reviewer rated each vulnerability by severity and quoted the exact lines. The style reviewer focused on code quality without inventing issues. Each brought a unique lens — and where they overlap (SQL injection), their analysis differs.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcx9ellhgvmi0ivs6blwp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcx9ellhgvmi0ivs6blwp.png" width="800" height="416"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4vm60yb3cjb4tjm66xbx.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4vm60yb3cjb4tjm66xbx.png" width="800" height="463"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F893x9c0yj2w8ftckzbn8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F893x9c0yj2w8ftckzbn8.png" width="800" height="434"></a></p> <h3> Sequential vs Parallel: when to use which </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Sequential (&gt;&gt;) • Use when: Each step depends on the previous • Execution: One at a time, in order • Speed: Sum of all agent times • Output: Single final result • Example: Classify → respond → escalate Parallel (Strategy.PARALLEL) • Use when: Steps are independent • Execution: All at once • Speed: Time of the slowest agent • Output: sub_results dict, one per agent • Example: Bug check + security check + style check </code></pre> </div> <p>The rule is simple: if agent B needs agent A’s output, use sequential. If they can work independently, use parallel.</p> <h3> How durability works (same as sequential) </h3> <p>The parallel pipeline compiles into a durable server-side workflow — same as the sequential pipeline from Part 1. If your process crashes while two reviewers are done and one is still running:</p> <ol> <li>The two completed results are persisted on the server.</li> <li>You restart your script.</li> <li>Only the third reviewer re-runs.</li> <li>Results are collected and returned.</li> </ol> <p>No wasted API calls. No re-running agents that already finished.</p> <h3> Composability </h3> <p>You can mix parallel and sequential in the same pipeline:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Run all three reviews in parallel, then summarize sequentially </span><span class="n">review</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">code_review</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">agents</span><span class="o">=</span><span class="p">[</span><span class="n">bug_reviewer</span><span class="p">,</span> <span class="n">security_reviewer</span><span class="p">,</span> <span class="n">style_reviewer</span><span class="p">],</span> <span class="n">strategy</span><span class="o">=</span><span class="n">Strategy</span><span class="p">.</span><span class="n">PARALLEL</span><span class="p">,</span> <span class="p">)</span> <span class="n">summarizer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">summarizer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="sh">"</span><span class="s">Combine the three reviews into a single verdict: APPROVE, REQUEST CHANGES, or NEEDS DISCUSSION.</span><span class="sh">"</span><span class="p">,</span> <span class="p">)</span> <span class="n">pipeline</span> <span class="o">=</span> <span class="n">review</span> <span class="o">&gt;&gt;</span> <span class="n">summarizer</span> </code></pre> </div> <p>Parallel fan-out, then sequential summarization. Same Agent class, same &gt;&gt; operator, strategies compose naturally.</p> <h3> The full code </h3> <p>from agentspan.agents import Agent, AgentRuntime, Strategy<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">bug_reviewer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span><span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">bug_reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are a senior software engineer reviewing code for bugs. </span><span class="sh">"</span> <span class="sh">"</span><span class="s">Read the ACTUAL code carefully. Only report issues you can </span><span class="sh">"</span> <span class="sh">"</span><span class="s">point to in specific lines. Quote the exact code and explain </span><span class="sh">"</span> <span class="sh">"</span><span class="s">what</span><span class="sh">'</span><span class="s">s wrong.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">Look for: logic errors, unhandled edge cases, crashes, and </span><span class="sh">"</span> <span class="sh">"</span><span class="s">incorrect behavior.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">If the code has no bugs, say </span><span class="sh">'</span><span class="s">No bugs found.</span><span class="sh">'</span><span class="s"> </span><span class="sh">"</span> <span class="sh">"</span><span class="s">Do NOT invent issues. Do NOT give generic advice.</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> <span class="n">security_reviewer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">security_reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are an application security engineer reviewing code for </span><span class="sh">"</span> <span class="sh">"</span><span class="s">vulnerabilities. Read the ACTUAL code carefully. Only report </span><span class="sh">"</span> <span class="sh">"</span><span class="s">vulnerabilities you can point to in specific lines.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">Look for: injection flaws, insecure defaults, data exposure, </span><span class="sh">"</span> <span class="sh">"</span><span class="s">missing input validation, OWASP Top 10 issues. Rate each </span><span class="sh">"</span> <span class="sh">"</span><span class="s">finding as Critical, High, Medium, or Low.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">If the code has no security issues, say </span><span class="sh">'</span><span class="s">No security issues </span><span class="sh">"</span> <span class="sh">"</span><span class="s">found.</span><span class="sh">'</span><span class="s"> Do NOT invent vulnerabilities. Do NOT give generic </span><span class="sh">"</span> <span class="sh">"</span><span class="s">security advice.</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> <span class="n">style_reviewer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">style_reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are a Python code quality reviewer. Read the ACTUAL code </span><span class="sh">"</span> <span class="sh">"</span><span class="s">carefully. Only report style issues you can point to in </span><span class="sh">"</span> <span class="sh">"</span><span class="s">specific lines.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">Look for: missing type hints, missing docstrings, hardcoded </span><span class="sh">"</span> <span class="sh">"</span><span class="s">values, print vs logging, naming issues, readability.</span><span class="se">\n\n</span><span class="sh">"</span> <span class="sh">"</span><span class="s">If the code style is good, say </span><span class="sh">'</span><span class="s">Code style looks good.</span><span class="sh">'</span><span class="s"> </span><span class="sh">"</span> <span class="sh">"</span><span class="s">Do NOT invent issues. Do NOT give generic advice.</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> <span class="n">review</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">code_review</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">agents</span><span class="o">=</span><span class="p">[</span><span class="n">bug_reviewer</span><span class="p">,</span> <span class="n">security_reviewer</span><span class="p">,</span> <span class="n">style_reviewer</span><span class="p">],</span> <span class="n">strategy</span><span class="o">=</span><span class="n">Strategy</span><span class="p">.</span><span class="n">PARALLEL</span><span class="p">,</span> <span class="p">)</span> <span class="n">code</span> <span class="o">=</span> <span class="sh">"""</span><span class="s"> Review this code: import os def process_upload(filename, data): path = f</span><span class="sh">"</span><span class="s">/uploads/{filename}</span><span class="sh">"</span><span class="s"> with open(path, </span><span class="sh">"</span><span class="s">wb</span><span class="sh">"</span><span class="s">) as f: f.write(data) os.chmod(path, 0o777) return path def get_user(db, user_id): query = f</span><span class="sh">"</span><span class="s">SELECT * FROM users WHERE id = {user_id}</span><span class="sh">"</span><span class="s"> return db.execute(query).fetchone() def send_welcome(user): print(f</span><span class="sh">"</span><span class="s">Welcome {user[</span><span class="sh">'</span><span class="s">name</span><span class="sh">'</span><span class="s">]}!</span><span class="sh">"</span><span class="s">) return True </span><span class="sh">"""</span> <span class="k">with</span> <span class="nc">AgentRuntime</span><span class="p">()</span> <span class="k">as</span> <span class="n">runtime</span><span class="p">:</span> <span class="n">result</span> <span class="o">=</span> <span class="n">runtime</span><span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="n">review</span><span class="p">,</span> <span class="n">code</span><span class="p">)</span> <span class="k">for</span> <span class="n">agent_name</span><span class="p">,</span> <span class="n">sub</span> <span class="ow">in</span> <span class="n">result</span><span class="p">.</span><span class="n">sub_results</span><span class="p">.</span><span class="nf">items</span><span class="p">():</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="se">\n</span><span class="si">{</span><span class="sh">'</span><span class="s">=</span><span class="sh">'</span> <span class="o">*</span> <span class="mi">50</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s"> </span><span class="si">{</span><span class="n">agent_name</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="sh">'</span><span class="s">=</span><span class="sh">'</span> <span class="o">*</span> <span class="mi">50</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="n">sub</span><span class="p">)</span> </code></pre> </div> <h3> Going further: connect to GitHub </h3> <p>The hardcoded code snippet was fine for learning Strategy.PARALLEL. But in production, you would pull a real PR diff from GitHub and post the review back. Here is how.</p> <h3> Store your credentials </h3> <p>In the AgentSpan dashboard (localhost:6767), go to <strong>Credentials</strong> and add:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Name: GITHUB_TOKEN Value: Your GitHub personal access token (needs repo scope) </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm0r501ilk1y58iv0jt01.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm0r501ilk1y58iv0jt01.png" width="800" height="208"></a></p> <h3> The tools </h3> <p>Two tools — one to fetch the PR diff, one to post the review:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">agentspan.agents</span> <span class="kn">import</span> <span class="n">tool</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">requests</span> <span class="n">GITHUB_API</span> <span class="o">=</span> <span class="sh">"</span><span class="s">https://api.github.com</span><span class="sh">"</span> <span class="nd">@tool</span><span class="p">(</span><span class="n">credentials</span><span class="o">=</span><span class="p">[</span><span class="sh">"</span><span class="s">GITHUB_TOKEN</span><span class="sh">"</span><span class="p">])</span> <span class="k">def</span> <span class="nf">get_pr_diff</span><span class="p">(</span><span class="n">repo</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pr_number</span><span class="p">:</span> <span class="nb">int</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Fetch the diff for a GitHub pull request. repo format: owner/repo</span><span class="sh">"""</span> <span class="n">token</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">GITHUB_TOKEN</span><span class="sh">"</span><span class="p">]</span> <span class="n">resp</span> <span class="o">=</span> <span class="n">requests</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">GITHUB_API</span><span class="si">}</span><span class="s">/repos/</span><span class="si">{</span><span class="n">repo</span><span class="si">}</span><span class="s">/pulls/</span><span class="si">{</span><span class="n">pr_number</span><span class="si">}</span><span class="sh">"</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">Authorization</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Bearer </span><span class="si">{</span><span class="n">token</span><span class="si">}</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">Accept</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">application/vnd.github.v3.diff</span><span class="sh">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">)</span> <span class="n">pr_info</span> <span class="o">=</span> <span class="n">requests</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">GITHUB_API</span><span class="si">}</span><span class="s">/repos/</span><span class="si">{</span><span class="n">repo</span><span class="si">}</span><span class="s">/pulls/</span><span class="si">{</span><span class="n">pr_number</span><span class="si">}</span><span class="sh">"</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">Authorization</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Bearer </span><span class="si">{</span><span class="n">token</span><span class="si">}</span><span class="sh">"</span><span class="p">},</span> <span class="p">).</span><span class="nf">json</span><span class="p">()</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">title</span><span class="sh">"</span><span class="p">:</span> <span class="n">pr_info</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">title</span><span class="sh">"</span><span class="p">,</span> <span class="sh">""</span><span class="p">),</span> <span class="sh">"</span><span class="s">description</span><span class="sh">"</span><span class="p">:</span> <span class="n">pr_info</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">,</span> <span class="sh">""</span><span class="p">),</span> <span class="sh">"</span><span class="s">diff</span><span class="sh">"</span><span class="p">:</span> <span class="n">resp</span><span class="p">.</span><span class="n">text</span><span class="p">[:</span><span class="mi">10000</span><span class="p">],</span> <span class="sh">"</span><span class="s">files_changed</span><span class="sh">"</span><span class="p">:</span> <span class="n">pr_info</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">changed_files</span><span class="sh">"</span><span class="p">,</span> <span class="mi">0</span><span class="p">),</span> <span class="sh">"</span><span class="s">additions</span><span class="sh">"</span><span class="p">:</span> <span class="n">pr_info</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">additions</span><span class="sh">"</span><span class="p">,</span> <span class="mi">0</span><span class="p">),</span> <span class="sh">"</span><span class="s">deletions</span><span class="sh">"</span><span class="p">:</span> <span class="n">pr_info</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">deletions</span><span class="sh">"</span><span class="p">,</span> <span class="mi">0</span><span class="p">),</span> <span class="p">}</span> <span class="nd">@tool</span><span class="p">(</span><span class="n">credentials</span><span class="o">=</span><span class="p">[</span><span class="sh">"</span><span class="s">GITHUB_TOKEN</span><span class="sh">"</span><span class="p">])</span> <span class="k">def</span> <span class="nf">post_pr_review</span><span class="p">(</span><span class="n">repo</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pr_number</span><span class="p">:</span> <span class="nb">int</span><span class="p">,</span> <span class="n">body</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Post a review comment on a GitHub pull request.</span><span class="sh">"""</span> <span class="n">token</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">GITHUB_TOKEN</span><span class="sh">"</span><span class="p">]</span> <span class="n">resp</span> <span class="o">=</span> <span class="n">requests</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">GITHUB_API</span><span class="si">}</span><span class="s">/repos/</span><span class="si">{</span><span class="n">repo</span><span class="si">}</span><span class="s">/pulls/</span><span class="si">{</span><span class="n">pr_number</span><span class="si">}</span><span class="s">/reviews</span><span class="sh">"</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">Authorization</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Bearer </span><span class="si">{</span><span class="n">token</span><span class="si">}</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">Accept</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">application/vnd.github.v3+json</span><span class="sh">"</span><span class="p">,</span> <span class="p">},</span> <span class="n">json</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">body</span><span class="p">,</span> <span class="sh">"</span><span class="s">event</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">COMMENT</span><span class="sh">"</span><span class="p">},</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">posted</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">pr_number</span><span class="sh">"</span><span class="p">:</span> <span class="n">pr_number</span><span class="p">}</span> </code></pre> </div> <h3> Wire them in </h3> <p>The three reviewers stay the same — no tools needed. Add a fetcher to pull the PR diff and a summarizer that combines the reviews and posts to GitHub:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">fetcher</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span><span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">pr_fetcher</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are a helper that fetches PR diffs. Call the get_pr_diff </span><span class="sh">"</span> <span class="sh">"</span><span class="s">tool and return the COMPLETE diff verbatim as your output.</span><span class="sh">"</span> <span class="p">),</span> <span class="n">tools</span><span class="o">=</span><span class="p">[</span><span class="n">get_pr_diff</span><span class="p">],</span> <span class="p">)</span> <span class="n">summarizer</span> <span class="o">=</span> <span class="nc">Agent</span><span class="p">(</span> <span class="n">name</span><span class="o">=</span><span class="sh">"</span><span class="s">summarizer</span><span class="sh">"</span><span class="p">,</span> <span class="n">model</span><span class="o">=</span><span class="sh">"</span><span class="s">openai/gpt-4o</span><span class="sh">"</span><span class="p">,</span> <span class="n">instructions</span><span class="o">=</span><span class="p">(</span> <span class="sh">"</span><span class="s">You are a tech lead. Given three code review outputs (bugs, </span><span class="sh">"</span> <span class="sh">"</span><span class="s">security, style), combine them into a single PR review comment </span><span class="sh">"</span> <span class="sh">"</span><span class="s">in markdown with sections: ## Bugs, ## Security, ## Style, </span><span class="sh">"</span> <span class="sh">"</span><span class="s">## Verdict (APPROVE / REQUEST CHANGES / NEEDS DISCUSSION).</span><span class="sh">"</span> <span class="p">),</span> <span class="p">)</span> <span class="c1"># Sequential: fetch diff → parallel review → summarize </span><span class="n">pipeline</span> <span class="o">=</span> <span class="n">fetcher</span> <span class="o">&gt;&gt;</span> <span class="n">review</span> <span class="o">&gt;&gt;</span> <span class="n">summarizer</span> </code></pre> </div> <p>The parallel review runs the same as before — three agents, same code, simultaneous. The fetcher pulls the real PR diff from GitHub, the reviewers analyze it, and the summarizer combines everything into one review.</p> <p>That isthe full loop: fetch PR → three parallel reviews → summarize → post review comment.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0pn12ltwh1w8xhaxuxp7.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0pn12ltwh1w8xhaxuxp7.png" width="800" height="657"></a></p> <h3> Try it </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>agentspan agentspan server start python 02_code_review_parallel.py <span class="c"># For the GitHub integration version:</span> <span class="c"># 1. Add GITHUB_TOKEN in the AgentSpan dashboard (Credentials page)</span> <span class="c"># 2. Update REPO and PR_NUMBER in 02_code_review_parallel_github.py</span> <span class="c"># to point at your own repo and PR</span> <span class="c"># 3. python 02_code_review_parallel_github.py</span> </code></pre> </div> <ul> <li> <strong>GitHub</strong> : <a href="https://github.com/agentspan/agentspan" rel="noopener noreferrer">github.com/agentspan/agentspan</a> </li> <li> <strong>Blog examples</strong> : <a href="https://github.com/agentspan/agentspan/tree/main/sdk/python/examples/blog_and_videos/parallel_execution" rel="noopener noreferrer">github.com/agentspan/agentspan/tree/main/sdk/python/examples/blog_and_videos/parallel_execution</a> </li> <li> <strong>Docs</strong> : <a href="https://agentspan.ai/docs" rel="noopener noreferrer">agentspan.ai/docs</a> </li> <li> <strong>Discord:</strong> <a href="https://discord.com/invite/ajcA66JcKq" rel="noopener noreferrer">https://discord.com/invite/ajcA66JcKq</a> </li> </ul> <h3> What’s next </h3> <p><strong>Part 3: The Handoff Strategy</strong>  — The LLM decides which agent to delegate to. A router that thinks, not just matches. Same Agent class, different strategy.</p> aiinfrastructure aiagentsinaction agenticai agents