Skip to content

faw21/critiq-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
examples
examples
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 

Repository files navigation

critiq-action

AI-powered code review for your GitHub pull requests — powered by critiq

GitHub Marketplace

Add instant AI code review to any repository in under 5 minutes. critiq analyzes your PR diff and posts a review comment with findings categorized by severity — before your teammates even look at it.

🔴 CRITICAL  auth.py:42  SQL injection risk: user input concatenated directly into query
⚠️  WARNING   api.py:15   Missing input validation on POST /users endpoint
💡 INFO      utils.py:8  Consider using a context manager for file handling

Features

  • 🤖 AI-powered — understands code intent, not just style
  • 🏠 Local LLM support — use Ollama for fully private, zero-cost reviews
  • 🎯 Focus modes — review for security, performance, correctness, or all
  • 💬 PR comments — posts findings directly on the pull request
  • 📋 Step Summary — results visible in the Actions tab
  • 🚦 CI gate — fails the workflow if CRITICAL issues are found
  • Fast — typically completes in under 60 seconds

Quick Start

# .github/workflows/critiq.yml
name: critiq Code Review

on:
  pull_request:
    branches: [main, master]

permissions:
  pull-requests: write   # required for posting PR comments

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0   # required for git diff

      - uses: faw21/critiq-action@v1
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}

That's it. Add ANTHROPIC_API_KEY to your repository secrets and you're done.

Inputs

Input Description Default
anthropic_api_key Anthropic API key (Claude) ''
openai_api_key OpenAI API key ''
provider LLM provider: claude, openai, ollama claude
model Model name (uses provider default if not set) ''
focus Review focus: all, security, performance, readability, correctness, style all
severity Minimum severity to show: critical, warning, info, suggestion warning
fail_on_critical Fail the workflow if CRITICAL issues are found true
post_comment Post review as a PR comment true
github_token GitHub token for posting comments github.token

Outputs

Output Description
has_critical true if CRITICAL issues were found, false otherwise

Examples

Security-focused review only

- uses: faw21/critiq-action@v1
  with:
    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
    focus: security
    severity: critical    # only show critical security issues

Use OpenAI instead of Claude

- uses: faw21/critiq-action@v1
  with:
    openai_api_key: ${{ secrets.OPENAI_API_KEY }}
    provider: openai
    model: gpt-4o

Use local Ollama (free, private)

# Requires a self-hosted runner with Ollama installed
- uses: faw21/critiq-action@v1
  with:
    provider: ollama
    model: qwen2.5:7b
    post_comment: 'false'   # no API key needed

Don't fail CI, just warn

- uses: faw21/critiq-action@v1
  with:
    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
    fail_on_critical: 'false'

Review only readability issues

- uses: faw21/critiq-action@v1
  with:
    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
    focus: readability
    severity: info
    fail_on_critical: 'false'

Use has_critical output in subsequent steps

- uses: faw21/critiq-action@v1
  id: critiq
  with:
    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
    fail_on_critical: 'false'   # don't fail automatically

- name: Notify Slack if critical issues
  if: steps.critiq.outputs.has_critical == 'true'
  run: |
    curl -X POST ${{ secrets.SLACK_WEBHOOK }} \
      -d '{"text": "⚠️ critiq found CRITICAL issues in PR #${{ github.event.pull_request.number }}"}'

Permissions

critiq-action requires the following permissions to post PR comments:

permissions:
  pull-requests: write

If you only want the Step Summary output (no PR comments), set post_comment: 'false' and no extra permissions are needed.

How It Works

  1. actions/checkout checks out the PR branch
  2. critiq fetches the base branch (github.base_ref) and runs git diff
  3. The diff is sent to your chosen LLM provider for analysis
  4. Results are written to the GitHub Step Summary and optionally posted as a PR comment
  5. The action exits with code 1 if CRITICAL issues are found (when fail_on_critical: true)

Privacy

  • Your code diff is sent to the LLM provider you configure (Anthropic or OpenAI)
  • For fully private reviews, use provider: ollama on a self-hosted runner
  • API keys are passed as environment variables and never logged

Related Tools

critiq is part of a developer workflow toolkit:

Tool Purpose
critiq AI code review before you push (local CLI)
critiq-action AI code review in CI (this action)
gpr AI-generated commit messages & PR descriptions
prcat AI review of incoming PRs from teammates
gitbrief Pack codebase context for LLMs
standup-ai Generate daily standups from git history
changelog-ai AI-generated changelogs from git history
  • mergefix — AI merge conflict resolver | chronicle | Turn git history into readable stories | | difftests | AI-generated tests from git diffs | | testfix | Automatically fix failing tests with AI |

License

MIT

About

GitHub Action for AI-powered code review on pull requests — powered by critiq

github.com/faw21/critiq

Topics

ai ci developer-tools code-review github-actions pull-request-review llm

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors