feat: Add PR Review Agent Kit

[Supsource]

What This Kit Does

AI-powered GitHub pull request reviewer. Paste any public PR URL and get an instant structured code review, with file-level citations, before/after code diffs, and actionable fixes ready to copy-paste.

What it returns:

• Summary : 3-4 sentences on what the PR does, why it exists, and what systems it touches
• Issues : bugs, security holes, and edge cases with exact file + line number, the problematic snippet, and a ready-to-paste fix
• Suggestions : PERF / STYLE / TEST / DOCS improvements with before/after code
• Verdict : approve, needs_changes, or discuss

Why this is useful: Teams using Lamatic can drop this into their dev workflow to get consistent, structured reviews on every PR, without waiting for a senior engineer to be available.

Providers & Prerequisites

• GitHub API : no auth required for public repos. For private repos, add a GITHUB_TOKEN to your env and pass it as Authorization: Bearer in the API node header.
• LLM provider : tested with Gemini 2.5 Pro. Works with GPT-4o and Claude 3.5 Sonnet. Connect via Lamatic Studio → Connections.
• Lamatic account : free trial available at lamatic.ai

How to Run Locally

1. cd kits/automation/pr-review
2. npm install
3. cp .env.example .env and fill in values
4. npm run dev

Open http://localhost:3000, paste a GitHub PR URL, hit Review PR.

Full flow setup instructions: flows/pr-review-flow/README.md

Live Preview

https://judgethepr.vercel.app/

Lamatic Flow

Flow ID: a70ea776-386d-4474-953c-a7fe7bf54d41

Built with: API Request → Code (URL parser) → API (GitHub diff fetch) → Generate JSON (LLM review) → API Response

---

Checklist

• Kit runs locally with npm run dev
• .env.example has no secrets, only placeholders
• README.md documents setup and usage
• Folder structure follows kits/automation/pr-review/
• config.json is present and valid
• All flows exported in flows/ folder
• Vercel deployment works
• Live preview URL works end-to-end

• New PR Review Agent kit at kits/automation/pr-review: AI-powered GitHub PR reviewer (Lamatic flow) that accepts a PR URL and returns structured JSON review (3–4 sentence summary, file/line-cited issues with snippets & fixes, suggestions with before/after code, verdict: approve|needs_changes|discuss).
• Supports public and private repos (optional GITHUB_TOKEN); tested with Gemini 2.5 Pro and compatible with GPT-4o / Claude 3.5 Sonnet.
• Key files:
  • Frontend: components/PRReviewForm.tsx (client UI), app/page.tsx, app/layout.tsx.
  • Backend/orchestration: actions/orchestrate.ts (exports ReviewItem, PRReviewResult, and reviewPR).
  • SDK client: lib/lamatic-client.ts (singleton Lamatic client).
  • Config: config.json, flows/pr-review-flow/README.md (5-node flow: API Request → URL parser → GitHub diff fetch → LLM JSON generation → API Response).
  • Tooling: package.json, tsconfig.json, .env.example, .gitignore, README.md, next-env.d.ts.
• Local run & demo: npm install; cp .env.example .env; npm run dev (UI at http://localhost:3000); live preview deployed at https://judgethepr.vercel.app/.
• Notes: .env.example contains placeholders only; lamatic client reads env vars with non-null assertions; orchestrate.ts robustly extracts/parses flow output and raises descriptive errors on invalid responses.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 63f6168e-2970-422b-8ec4-3a0052e41873

📥 Commits

Reviewing files that changed from the base of the PR and between 03b8f72 and ca3158a.

📒 Files selected for processing (1)

• kits/automation/pr-review/config.json

✅ Files skipped from review due to trivial changes (1)

• kits/automation/pr-review/config.json

---

📝 Walkthrough

Walkthrough

A new PR review automation kit for Lamatic is added, including a Next.js frontend with a PR URL form, a server action that executes a Lamatic flow to analyze PR diffs fetched from GitHub, client components to render structured review JSON, and accompanying docs and config files.

Changes

Cohort / File(s)	Summary
Configuration & Setup kits/automation/pr-review/.env.example, kits/automation/pr-review/.gitignore, kits/automation/pr-review/package.json, kits/automation/pr-review/tsconfig.json, kits/automation/pr-review/next-env.d.ts	Added environment template, gitignore, npm manifest, and TypeScript/Next.js config for the new kit.
Documentation kits/automation/pr-review/README.md, kits/automation/pr-review/flows/pr-review-flow/README.md, kits/automation/pr-review/config.json	Added kit README, detailed Lamatic flow README (5-node flow spec), and kit metadata/config.
Next.js App Shell kits/automation/pr-review/app/layout.tsx, kits/automation/pr-review/app/page.tsx	Added root layout and main page that mounts the PR review form.
Client UI kits/automation/pr-review/components/PRReviewForm.tsx	Added a large client-side PRReviewForm component handling input, async review call, rendering verdict/summary/issues/suggestions, diffs, and copy actions.
Server / Orchestration kits/automation/pr-review/actions/orchestrate.ts, kits/automation/pr-review/lib/lamatic-client.ts	Added server action reviewPR with URL validation, flow execution, robust response extraction/parsing, types (ReviewItem, PRReviewResult); added Lamatic SDK singleton initialized from env vars.
Type declarations & build kits/automation/pr-review/next-env.d.ts, kits/automation/pr-review/tsconfig.json	Added Next.js TypeScript references and strict TS config for the kit.

Sequence Diagram

sequenceDiagram
    actor User
    participant Browser as Browser / Frontend
    participant Server as Next.js Server
    participant Lamatic as Lamatic Flow
    participant GitHub as GitHub API
    participant LLM as LLM

    User->>Browser: Enter PR URL & submit
    Browser->>Server: POST reviewPR(prUrl)
    activate Server
    Server->>Server: Validate PR URL
    Server->>Lamatic: executeFlow(PR_REVIEW_FLOW_ID, { pr_url })
    activate Lamatic
    Lamatic->>Lamatic: Parse URL -> owner/repo/pr_number
    Lamatic->>GitHub: GET /repos/{owner}/{repo}/pulls/{pr} (Accept: diff)
    activate GitHub
    GitHub-->>Lamatic: PR diff
    deactivate GitHub
    Lamatic->>LLM: Generate structured JSON (summary, issues, suggestions, verdict)
    activate LLM
    LLM-->>Lamatic: JSON response
    deactivate LLM
    Lamatic-->>Server: Return flow output
    deactivate Lamatic
    Server->>Server: Extract/parse review JSON
    Server-->>Browser: PRReviewResult
    deactivate Server
    Browser->>Browser: Render verdict, summary, issues, suggestions, diffs
    Browser-->>User: Display structured review

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Fix : Config Removal #42: Changes how Lamatic client is initialized from environment config; overlaps with this PR's lib/lamatic-client.ts initialization approach.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: Add PR Review Agent Kit' directly and clearly describes the main change: adding a new PR review automation kit.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 9

🧹 Nitpick comments (4)

kits/automation/pr-review/.gitignore (1)

1-2: Consider expanding env/log patterns for safer defaults.

You may want to also ignore additional local env variants and package-manager debug logs to prevent accidental commits across developer setups.

Optional hardening diff

 .env
 .env.local
+.env.*.local
 .next/
 node_modules/
 .DS_Store
 *.log
+npm-debug.log*
+yarn-debug.log*
+pnpm-debug.log*

Also applies to: 6-6

kits/automation/pr-review/.env.example (1)

1-4: Reduce dotenv-linter noise in the example env file.
If dotenv-linter is CI-gated, removing quotes and using a consistent key order avoids avoidable warnings.

♻️ Suggested cleanup

-PR_REVIEW_FLOW_ID="YOUR_FLOW_ID"
-LAMATIC_API_URL="YOUR_API_ENDPOINT"
-LAMATIC_PROJECT_ID="YOUR_PROJECT_ID"
-LAMATIC_API_KEY="YOUR_API_KEY"
+LAMATIC_API_KEY=YOUR_API_KEY
+LAMATIC_API_URL=YOUR_API_ENDPOINT
+LAMATIC_PROJECT_ID=YOUR_PROJECT_ID
+PR_REVIEW_FLOW_ID=YOUR_FLOW_ID

kits/automation/pr-review/config.json (2)

9-15: Consider declaring all required runtime env vars in config metadata.
steps currently exposes only PR_REVIEW_FLOW_ID, but runtime also depends on LAMATIC_API_KEY, LAMATIC_PROJECT_ID, and LAMATIC_API_URL (see kits/automation/pr-review/lib/lamatic-client.ts, Lines 4-6). Surfacing them in kit config improves setup reliability.

🧩 Suggested config extension

   "steps": [
     {
       "id": "pr-review-flow",
       "type": "mandatory",
       "envKey": "PR_REVIEW_FLOW_ID"
+    },
+    {
+      "id": "lamatic-api-key",
+      "type": "mandatory",
+      "envKey": "LAMATIC_API_KEY"
+    },
+    {
+      "id": "lamatic-project-id",
+      "type": "mandatory",
+      "envKey": "LAMATIC_PROJECT_ID"
+    },
+    {
+      "id": "lamatic-api-url",
+      "type": "mandatory",
+      "envKey": "LAMATIC_API_URL"
     }
   ],

---

24-27: Fill public URLs (or use explicit TODO placeholders) before release.
Leaving demoUrl, deployUrl, and documentationUrl blank makes the kit harder to validate and adopt.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dc230a63-249e-4d9e-94f4-9e5f246fcfd1

📥 Commits

Reviewing files that changed from the base of the PR and between 994954e and 03b8f72.

⛔ Files ignored due to path filters (1)

• kits/automation/pr-review/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (13)

• kits/automation/pr-review/.env.example
• kits/automation/pr-review/.gitignore
• kits/automation/pr-review/README.md
• kits/automation/pr-review/actions/orchestrate.ts
• kits/automation/pr-review/app/layout.tsx
• kits/automation/pr-review/app/page.tsx
• kits/automation/pr-review/components/PRReviewForm.tsx
• kits/automation/pr-review/config.json
• kits/automation/pr-review/flows/pr-review-flow/README.md
• kits/automation/pr-review/lib/lamatic-client.ts
• kits/automation/pr-review/next-env.d.ts
• kits/automation/pr-review/package.json
• kits/automation/pr-review/tsconfig.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Tighten PR URL validation.

Line 23 only checks includes("github.com"), so malformed/non-PR URLs can pass and fail later with less actionable errors.

🔍 Suggested validation fix

 export async function reviewPR(prUrl: string): Promise<PRReviewResult> {
-  if (!prUrl || !prUrl.includes("github.com")) {
-    throw new Error("Please provide a valid GitHub PR URL.");
-  }
+  if (!prUrl) throw new Error("Please provide a valid GitHub PR URL.");
+  let parsed: URL;
+  try {
+    parsed = new URL(prUrl);
+  } catch {
+    throw new Error("Please provide a valid GitHub PR URL.");
+  }
+  const isGitHubHost = parsed.hostname === "github.com" || parsed.hostname === "www.github.com";
+  const isPullRequestPath = /^\/[^/]+\/[^/]+\/pull\/\d+\/?$/.test(parsed.pathname);
+  if (!isGitHubHost || !isPullRequestPath) {
+    throw new Error("Please provide a valid GitHub PR URL.");
+  }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (!prUrl || !prUrl.includes("github.com")) {
	throw new Error("Please provide a valid GitHub PR URL.");
	}
	if (!prUrl) throw new Error("Please provide a valid GitHub PR URL.");
	let parsed: URL;
	try {
	parsed = new URL(prUrl);
	} catch {
	throw new Error("Please provide a valid GitHub PR URL.");
	}
	const isGitHubHost = parsed.hostname === "github.com" || parsed.hostname === "www.github.com";
	const isPullRequestPath = /^\/[^/]+\/[^/]+\/pull\/\d+\/?$/.test(parsed.pathname);
	if (!isGitHubHost || !isPullRequestPath) {
	throw new Error("Please provide a valid GitHub PR URL.");
	}

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Avoid throwing raw flow payloads in error messages.

Lines 43 and 51 append raw model/flow output to thrown errors, which can leak large or sensitive response content and bloat error transport.

🔒 Suggested safer errors

-      throw new Error("Could not parse review: " + review);
+      throw new Error("Could not parse review payload from flow response.");
 ...
-  throw new Error("Could not find review in response: " + JSON.stringify(response));
+  throw new Error("Flow response did not include a valid review object.");

Also applies to: 51-51

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Validate full review shape before returning to UI.

Line 47 only checks review.summary; if issues/suggestions are missing or non-arrays, the client will crash when reading .filter() / .length.

✅ Suggested shape guard

-  if (review?.summary) {
+  if (
+    review &&
+    typeof review.summary === "string" &&
+    Array.isArray(review.issues) &&
+    Array.isArray(review.suggestions) &&
+    (review.verdict === "approve" || review.verdict === "needs_changes" || review.verdict === "discuss")
+  ) {
     return review as PRReviewResult;
   }

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix copy behavior: BEFORE pane currently copies the fix.

Both panes call copyFix, so clicking Copy on the “BEFORE” block copies the wrong content.

📋 Suggested fix

 function CodeDiff({ code, fix }: { code: string; fix: string }) {
+  async function copyCode() {
+    try {
+      await navigator.clipboard.writeText(code);
+    } catch {
+      // no-op
+    }
+  }
+
   async function copyFix() {
     try {
       await navigator.clipboard.writeText(fix);
@@
-      <CodePane label="BEFORE" symbol="-" text={code} tone="#ff000015" onCopy={copyFix} />
+      <CodePane label="BEFORE" symbol="-" text={code} tone="#ff000015" onCopy={copyCode} />
       <CodePane label="AFTER" symbol="+" text={fix} tone="#00ff0015" borderTop onCopy={copyFix} />

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	<CodePane label="BEFORE" symbol="-" text={code} tone="#ff000015" onCopy={copyFix} />
	<CodePane label="AFTER" symbol="+" text={fix} tone="#00ff0015" borderTop onCopy={copyFix} />
	function CodeDiff({ code, fix }: { code: string; fix: string }) {
	async function copyCode() {
	try {
	await navigator.clipboard.writeText(code);
	} catch {
	// no-op
	}
	}
	async function copyFix() {
	try {
	await navigator.clipboard.writeText(fix);
	} catch {
	// no-op
	}
	}
	return (
	<>
	<CodePane label="BEFORE" symbol="-" text={code} tone="#ff000015" onCopy={copyCode} />
	<CodePane label="AFTER" symbol="+" text={fix} tone="#00ff0015" borderTop onCopy={copyFix} />
	</>
	);
	}

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Show errors when review generation fails.

When reviewPR throws, result stays null, and Line 565 routes to EmptyLeftPanel, so the error set at Line 627 is never rendered.

🛠️ Suggested rendering fix

-            ) : !result || !verdict ? (
+            ) : error ? (
+              <div style={{ fontSize: 13, color: "#fca5a5" }}>{error}</div>
+            ) : !result || !verdict ? (
               <EmptyLeftPanel />
             ) : (

Also applies to: 627-627

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix node count mismatch in flow description.

Line 17 says “4 nodes,” but the pipeline shown includes 5 nodes (API Request → Code → API → Generate JSON → API Response).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add a language identifier to the fenced code block.

This fence is missing a language tag, which triggers markdownlint MD040.

🧹 Suggested markdown fix

-```
+```text
 You are a senior software engineer doing a thorough code review. You will receive a unified diff from a GitHub pull request.
 ...
-```
+```

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	```
	You are a senior software engineer doing a thorough code review. You will receive a unified diff from a GitHub pull request.
	Return ONLY a valid JSON object with this exact shape:
	{
	"summary": "3-4 sentences describing what this PR does, why it exists, and what files/systems it touches",
	"issues": [
	{
	"severity": "CRITICAL",
	"file": "src/auth.ts",
	"line": 42,
	"description": "specific description of the problem and WHY it is dangerous",
	"code": "exact snippet from the diff that is problematic (max 3 lines)",
	"fix": "exact replacement code, ready to copy-paste (max 5 lines)",
	"fix_explanation": "one sentence explaining what the fix does and why it solves the problem"
	}
	],
	"suggestions": [
	{
	"type": "PERF",
	"file": "src/utils.ts",
	"line": 18,
	"description": "specific improvement and its impact",
	"code": "current code snippet (max 3 lines)",
	"fix": "improved version, ready to copy-paste (max 5 lines)",
	"fix_explanation": "one sentence explaining the improvement"
	}
	],
	"verdict": "approve"
	}
	Rules:
	- verdict must be one of: "approve", "needs_changes", "discuss"
	- severity must be one of: "CRITICAL", "WARNING", "INFO"
	- type must be one of: "PERF", "STYLE", "TEST", "DOCS"
	- fix field MUST be valid, working, copy-pasteable code — not a description of what to do
	- fix_explanation must be plain English, not code
	- file and line must reference actual files and line numbers from the diff
	- If no issues or suggestions exist, use empty arrays
	- No markdown, no code fences, no explanation outside the JSON. Just the raw JSON object.
	```

🧰 Tools

🪛 markdownlint-cli2 (0.21.0)

[warning] 82-82: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Replace non-null assertions with explicit env validation.
Current initialization can crash at import time with poor diagnostics when any required variable is missing.

🛠️ Suggested fix

 import { Lamatic } from "lamatic";
 
+function requiredEnv(name: "LAMATIC_API_KEY" | "LAMATIC_PROJECT_ID" | "LAMATIC_API_URL"): string {
+  const value = process.env[name];
+  if (!value) {
+    throw new Error(`Missing required environment variable: ${name}`);
+  }
+  return value;
+}
+
 export const lamatic = new Lamatic({
-  apiKey: process.env.LAMATIC_API_KEY!,
-  projectId: process.env.LAMATIC_PROJECT_ID!,
-  endpoint: process.env.LAMATIC_API_URL!,
+  apiKey: requiredEnv("LAMATIC_API_KEY"),
+  projectId: requiredEnv("LAMATIC_PROJECT_ID"),
+  endpoint: requiredEnv("LAMATIC_API_URL"),
 });

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	export const lamatic = new Lamatic({
	apiKey: process.env.LAMATIC_API_KEY!,
	projectId: process.env.LAMATIC_PROJECT_ID!,
	endpoint: process.env.LAMATIC_API_URL!,
	});
	import { Lamatic } from "lamatic";
	function requiredEnv(name: "LAMATIC_API_KEY" | "LAMATIC_PROJECT_ID" | "LAMATIC_API_URL"): string {
	const value = process.env[name];
	if (!value) {
	throw new Error(`Missing required environment variable: ${name}`);
	}
	return value;
	}
	export const lamatic = new Lamatic({
	apiKey: requiredEnv("LAMATIC_API_KEY"),
	projectId: requiredEnv("LAMATIC_PROJECT_ID"),
	endpoint: requiredEnv("LAMATIC_API_URL"),
	});

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Populate or remove the empty Demo section.

Line 20 contains only an empty quote marker, so the “Demo” section renders blank and looks unfinished.

📝 Suggested doc fix

 ## Demo
 
-> 
+Add a screenshot/GIF or live demo URL here.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	## Demo
	>
	## Demo
	Add a screenshot/GIF or live demo URL here.

[amanintech]

Missing Lamatic Flow Configs