Back to use cases
10 CODE REVIEW Development and operations Medium

Automated Code Review on Every PR

Automated review pipeline with security, spec compliance, provenance, and auto-fix on every pull request.

intake ★★☆
architect ★★★
vigil ★★★
licit ★★☆
Architecture diagram
Context

CI/CD pipeline that runs automated review on every PR: vigil for security, intake for spec compliance, architect for logic review, and licit for PR provenance.

Flow with 4 tools
Phase 01 vigil

AI-code security

Scans PR code for vulnerabilities specific to AI-generated code.

◇ vigil 
vigil scan src/ --format sarif --output vigil.sarif
Phase 02 intake

Spec compliance

Verifies changes comply with specifications.

◻ intake 
intake verify specs/ --project-dir . --format junit
Phase 03 licit

PR provenance

Adds a comment to the PR with % of AI code in changes and compliance status.

⬡ licit 
licit trace --since "$(git log --format=%aI -1 origin/main)"
licit connect vigil --sarif vigil.sarif
licit status --format markdown >> pr-comment.md
Phase 04 architect

Logic review

Reviews the PR focusing on logic and suggests improvements.

△ architect 
architect run "Review this PR" \
  --agent review \
  --context-git-diff origin/main \
  --report github --budget 0.20