How I automate code reviews with Claude API for $2/month (GitHub Actions walkthrough)

Code reviews take time. Good ones take even more time. I've been experimenting with automating the boring parts — style issues, obvious bugs, missing error handling — so humans can focus on architecture and logic.

Here's the full GitHub Actions setup I'm running, with real examples.

The problem with manual code review

On a solo project or small team, code review is either:

1. You reviewing your own code (which misses the obvious stuff)
2. Waiting for a teammate who's busy
3. Not happening at all

AI review isn't a replacement for human judgment, but it catches the mechanical stuff instantly.

The setup: GitHub Actions + Claude API

I use SimplyLouie's developer API — it's $2/month flat, no per-token billing to worry about.

Here's the workflow file:

# .github/workflows/ai-review.yml
name: AI Code Review

on:
  pull_request:
    types: [opened, synchronize]

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Get PR diff
        id: diff
        run: |
          git diff origin/${{ github.base_ref }}...HEAD > /tmp/pr.diff
          echo "diff_size=$(wc -l < /tmp/pr.diff)" >> $GITHUB_OUTPUT

      - name: AI Review
        if: steps.diff.outputs.diff_size < 500
        run: |
          DIFF=$(cat /tmp/pr.diff)
          RESPONSE=$(curl -s -X POST https://simplylouie.com/api/chat \
            -H "Authorization: Bearer ${{ secrets.LOUIE_API_KEY }}" \
            -H "Content-Type: application/json" \
            -d "{
              \"message\": \"Review this code diff. Flag: (1) potential bugs, (2) missing error handling, (3) security issues. Be concise. Format as markdown bullet points.\\n\\n$DIFF\"
            }")
          echo "$RESPONSE" > /tmp/review.md
          cat /tmp/review.md

      - name: Post review comment
        uses: actions/github-script@v6
        with:
          script: |
            const fs = require('fs');
            const review = fs.readFileSync('/tmp/review.md', 'utf8');
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: `## 🤖 AI Code Review\n\n${review}\n\n*Automated review by SimplyLouie API*`
            });

Real example output

Here's what it flagged on a recent PR:

## 🤖 AI Code Review

**Potential bugs:**
- Line 47: `user.id` accessed without null check — will throw if user is undefined
- Line 89: Promise not awaited in async function — silent failure possible

**Missing error handling:**
- Line 102: Database query has no try/catch — unhandled rejection on connection failure

**Security:**
- Line 156: User input interpolated directly into SQL string — parameterize this query

*Automated review by SimplyLouie API*

That SQL injection flag alone saved me from a production issue.

The API call explained

# Simple test
curl -X POST https://simplylouie.com/api/chat \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "message": "Review this code for bugs and security issues:\n\nfunction getUser(id) { return db.query(\"SELECT * FROM users WHERE id=\" + id); }"
  }'

Response:

{
  "response": "Security issue: SQL injection vulnerability. The `id` parameter is concatenated directly into the query string. Use parameterized queries instead:\n\n```

sql\nSELECT * FROM users WHERE id = ?\n

```\nPass `id` as a bound parameter to prevent injection attacks."
}

Cost math

• SimplyLouie API: $2/month flat
• GitHub Actions: free for public repos, 2000 minutes/month free for private
• Total for a 10-person team doing 50 PRs/month: $2

Comparison:

• Anthropic Claude API direct: ~$0.003/review × 50 PRs = $0.15/month (but you need account setup, billing, rate limit management)
• GitHub Copilot for Business: $19/user/month = $190/month
• Manual review time: 30 min × 50 PRs × $50/hr = $1,250/month of human time

Customizing the review prompt

Different projects need different review focus:

# For a security-sensitive API:
"Review for: SQL injection, XSS, SSRF, authentication bypass, secrets in code"

# For a React frontend:
"Review for: missing key props, useEffect dependency arrays, unnecessary re-renders, accessibility"

# For a Node.js backend:
"Review for: unhandled promise rejections, missing input validation, N+1 queries, memory leaks"

# For a data pipeline:
"Review for: silent data loss, missing type validation, performance with large datasets"

Limitations

This works best for:

• PRs under 500 lines (larger diffs lose context)
• Catching mechanical issues (not architectural decisions)
• Projects with consistent coding patterns

It's not a replacement for:

• Security audits
• Performance profiling
• Architecture review
• Business logic validation

Getting started

1. Sign up at simplylouie.com — $2/month, 7-day free trial
2. Get your API key from the dashboard
3. Add LOUIE_API_KEY to your GitHub repo secrets
4. Copy the workflow file above
5. Open a PR and watch the review appear

The whole setup takes about 10 minutes.

---

Questions about the GitHub Actions setup? Drop them in the comments.