I got tired of paying $240/month for a code reviewer that ignored half our standards

DontaRuffin — Wed, 27 May 2026 19:55:59 +0000

I got tired of paying $240/month for a code reviewer that ignored half our standards

At a 10-person team, CodeRabbit runs you around $240/month ($24/user/month billed annually). Greptile is around $300/month ($30/user). Cursor BugBot is around $400/month ($40/user).

For that price, you'd expect the tool to know your team's specific rules. It doesn't. It knows its rules — generic best practices that apply to every codebase equally, which means they apply to yours specifically not at all.

We had a no-any TypeScript rule that we'd explained to every new hire for two years. We had an auth check pattern every route had to follow. We had a list of things the previous team had learned the hard way.

None of that made it into the code reviewer. It flagged missing semicolons and suggested refactors nobody asked for.

The real problem isn't review quality. It's review relevance.

The tools in this space are competing on who catches the most bugs. That's the wrong race for most teams.

A team of 10 shipping production software doesn't need an AI to find every edge case in every PR. They need the AI to enforce their standards — the ones written down nowhere, living only in the heads of whoever's been there longest.

That problem got worse when we started shipping AI-generated code. Cursor and Claude Code are fast. The output is mostly correct. But it has consistent failure patterns: any types everywhere types get hard, unhandled promises, hallucinated imports from libraries the model half-remembered, happy-path-only error handling.

Generic review tools don't know to look for those things specifically. They treat AI-generated code the same as hand-written code and produce the same boilerplate feedback.

What I built

Solon AI reviews every PR against a playbook — a JSON file that describes your team's specific rules. Flat $29/month, no per-seat math.

Today I'm open-sourcing the playbook library: github.com/Solon-Dev/solon-playbooks

Four playbooks to start:

Next.js + TypeScript — 12 rules for App Router codebases. Covers the mistakes that don't show up in linters: useEffect for data fetching, unvalidated route handler input, client components where server components would work, raw <img> tags, missing HTTP status codes.

Security — 12 rules based on OWASP Top 10 for JavaScript/TypeScript. Hardcoded secrets, SQL injection, missing auth checks, IDOR vulnerabilities, localStorage for auth tokens, eval with user input. The things that cause breaches, not the things that cause code review comments.

Accessibility (WCAG 2.2) — 11 rules for Level AA compliance. Focus on the gaps automated tools miss: focus management, keyboard patterns, ARIA correctness, live regions for dynamic content. Automated tools like axe and Lighthouse miss a significant portion of real accessibility issues — semantic structure, keyboard patterns, and focus management require human judgment that automated tools don't have. A playbook encodes that judgment.

Vibe Coder — 12 rules built specifically for AI-generated code. This one took the longest to write because it required cataloging what Cursor and Claude Code get wrong most often: type escape hatches, floating promises, wrong third-party API signatures (the model knows the library but not the version you're running), unnecessary useEffect for derived state, empty catch blocks.

The Vibe Coder playbook is the one I'd start with if your team is shipping any meaningful volume of AI-generated code. The failure modes are consistent enough that they're worth encoding explicitly.

How the playbook format works

Each rule has an ID, a severity (blocking, warning, or info), a description, and a bad/good example:

{
  "id": "no-any-escape-hatches",
  "title": "No 'any' type escape hatches",
  "severity": "blocking",
  "description": "AI models default to 'any' when they're unsure about a type...",
  "examples": {
    "bad": "function transform(data: any): any { return data.map((item: any) => item.value); }",
    "good": "interface DataItem { value: string; } function transform(data: DataItem[]): string[] { return data.map(item => item.value); }"
  }
}

Solon reads the playbook, builds a review prompt from your rules, runs the diff through Claude Haiku, and posts the result as a PR comment. Blocking violations require a human decision before the PR merges.

You can stack multiple playbooks:

{
  "playbooks": ["security", "nextjs-typescript", "vibe-coder"],
  "severity": {
    "blocking": true,
    "warning": true,
    "info": false
  }
}

Why open source the playbooks

Two reasons.

First, these are more useful if the community improves them. The Vibe Coder playbook in particular is going to need updates as the models evolve. A fintech team is going to have security rules I haven't thought of. A team running a design system is going to have accessibility rules I missed.

Second, the playbooks are not the product. The enforcement is the product. A JSON file sitting in a GitHub repo doesn't help you — it helps you when something is reading it on every PR.

What's in the repo

solon-playbooks/
├── README.md
├── schema.json
├── nextjs-typescript/playbook.json
├── security/playbook.json
├── accessibility/playbook.json
└── vibe-coder/playbook.json

Full schema is included if you want to write your own or validate contributions. MIT license — use these in any tool.

Contributions welcome. If your team has a playbook that's earned its way into your process, open a PR.

github.com/Solon-Dev/solon-playbooks

If you want to see them enforced automatically on your PRs: solonreview.dev — free tier is 25 reviews/month, no card required.

I built an AI tool that enforces your team's coding standards on every PR automatically

DontaRuffin — Sat, 11 Apr 2026 14:57:20 +0000

Every team has a checklist of things they should verify in every PR — accessibility compliance, security patterns, code quality rules — but manual checks get forgotten. Tech debt accumulates.

I built Solon AI to solve this. It connects to your GitHub repos as a GitHub App and automatically enforces your team's playbook rules on every pull request.

How it works

Connect your repo to Solon AI
Configure your playbook rules in the dashboard (no config files needed)
Open a PR — Solon reviews it automatically and posts a comment

Example output

I added this intentionally bad code to a test PR:

<img src="photo.jpg">
<button>Click me</button>

Solon caught both violations immediately:

What's built

GitHub App webhook — zero setup, works automatically on every PR
Visual playbook configuration — no config files, configure rules in the dashboard UI
BLOCKING/WARNING severity — teams decide what blocks vs warns
Review history dashboard — every review saved, searchable, deletable
MCP server — check standards directly from Claude Code or Cursor before opening a PR
Ethics by design — no user_id in reviews, diff-only processing, human override always maintained

Pricing

Free tier: 25 reviews/month, 1 repo
Pro: $29/month flat — unlimited reviews, unlimited repos, no per-seat fees

Stack

Next.js 15, TypeScript, Neon Postgres, Claude Haiku, GitHub App webhooks, Stripe, Vercel

Looking for

Engineering managers at teams of 10–50 developers tired of catching the same PR issues every sprint. Happy to set you up on Pro free in exchange for honest feedback.

👉 solonreview.dev

DEV Community: DontaRuffin

I got tired of paying $240/month for a code reviewer that ignored half our standards