Skip to content

Replace persona-based PR review with unified Claude orchestrator#310

Merged
DiamondDagger590 merged 5 commits into
recodefrom
claude/review-workflow-cleanup-g4z1dp
Jul 16, 2026
Merged

Replace persona-based PR review with unified Claude orchestrator#310
DiamondDagger590 merged 5 commits into
recodefrom
claude/review-workflow-cleanup-g4z1dp

Conversation

@DiamondDagger590

@DiamondDagger590 DiamondDagger590 commented Jul 16, 2026

Copy link
Copy Markdown
Owner

Summary

Consolidates the multi-workflow AI PR review system (pr-review.yml + ai-persona-review.yml + pr-review.py) into a single unified workflow (claude-review.yml) that uses Anthropic's claude-code-action to orchestrate specialized review lenses. Eliminates the Python script and replaces it with a declarative agent-based architecture where each review concern (security, testing, extensibility, GUI/UX, server config) runs as an isolated subagent, then a central orchestrator merges findings into one sticky comment.

Key Changes

  • Removed legacy workflows:

    • .github/workflows/pr-review.yml — two-job pipeline (detect-changes → prepare-review)
    • .github/workflows/ai-persona-review.yml — secret-holding workflow_run job with per-persona comment posting
    • .github/scripts/pr-review.py — Python orchestrator with API retry logic, diff sanitization, and persona routing
  • Added new unified workflow:

    • .github/workflows/claude-review.yml — single claude-code-action job with auto-review on PR open/ready and on-demand @claude mention support
    • Sticky comment mode (one consolidated review per PR, updated on re-review)
    • Concurrency control to cancel in-flight reviews on new pushes or mentions
    • Skip-review override via [skip-review] title keyword or label
  • Added orchestration protocol:

    • .github/claude-review-prompt.md — defines the review orchestrator's responsibilities: gather context, route to lenses, fan out to subagents, consolidate findings, post one sticky comment with inline comments for Important findings only
    • Specifies re-review convergence logic (reconcile against previously-reported findings)
    • Caps output at 10 findings total (max 5 nits) to keep reviews focused
  • Added specialized review agents:

    • .claude/agents/review-security.md — injection, permission bypass, SQL/DDL injection
    • .claude/agents/review-testing.md — coverage gaps, test structure, TimeProvider usage
    • .claude/agents/review-extensibility.md — public API stability, events, @NotNull/@nullable, backward compatibility
    • .claude/agents/review-gui-ux.md — inventory ergonomics, navigation, click-hints, localization
    • .claude/agents/review-server-owner.md — YAML readability, defaults, reload-safety, config-version needs

    Each agent applies its corresponding checklist from .claude/commands/review-*.md (unchanged) and returns structured findings in a consistent format for the orchestrator to consolidate.

  • Updated CodeRabbit config:

    • Changed profile from "assertive" to "quiet" (reduce noise alongside Claude reviews)
    • Enabled auto_incremental_review for incremental feedback on pushes
    • Added [skip-review] title keyword and skip-review label support to opt out of auto-review
    • Collapsed walkthrough by default
  • Updated CLAUDE.md:

    • Noted the new agent-based review architecture in the persona maintenance section

Notable Implementation Details

  • No per-push reviews: The old workflow posted a fresh top-level comment per persona on every push. The new workflow posts only one sticky comment, updated on re-review. On-demand reviews via @claude mention also use the sticky comment.
  • Concurrency control: Uses GitHub Actions concurrency groups to cancel in-flight reviews when a new push arrives or a new @claude mention is made on the same PR.
  • Subagent isolation: Each review lens (security, testing, etc.) runs as a separate Task call within a single orchestrator message, allowing parallel execution and clean separation of concerns.
  • Structured findings: Subagents return findings in a consistent SEVERITY/LENS/FILE/WHAT/WHY/FIX format, which the orchestrator parses, deduplicates, ranks, and caps before posting.
  • Inline comments for Important findings: The orchestrator posts inline review comments (via MCP) only for the most critical findings, keeping the PR comment thread focused.

https://claude.ai/code/session_017RS1pjrpm7c5AdirmmAtwX

Summary by CodeRabbit

  • New Features

    • Introduced a centralized automated pull request review workflow with specialized checks for security, testing, configuration, GUI/UX, and extensibility.
    • Added on-demand reviews through pull request comments.
    • Reviews now consolidate findings into a single tracked comment and support incremental re-reviews.
    • Added options to skip reviews using a title keyword or label.
  • Changes

    • Retired the previous pull request review automation in favor of the new workflow.

Replace the per-persona curl pipeline (pr-review.yml + ai-persona-review.yml)
with a single claude-review.yml built on anthropics/claude-code-action.

An orchestrator (.github/claude-review-prompt.md) fans out to one isolated
subagent per review lens (.claude/agents/review-*.md), then consolidates all
findings into ONE sticky comment plus inline comments for important findings
only. This ends the churn of a fresh top-level comment per persona on every
push, and gives each lens a clean, uncluttered context.

Cadence and cost controls:
- Auto-review once when a PR opens non-draft or leaves draft; re-review on
  demand via an @claude comment. No per-push reviews.
- concurrency group cancels an in-flight review when a new push/mention lands.
- [skip-review] in the PR title (or a skip-review label) opts a PR out of both
  the Claude review and CodeRabbit; @claude still works as a manual override.
- Reuses the ambient GITHUB_TOKEN and existing ANTHROPIC_API_KEY secret.

Also quiets CodeRabbit (quiet profile, collapsed walkthrough, incremental
reviews, same skip-review override) and removes the orphaned pr-review.py.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017RS1pjrpm7c5AdirmmAtwX
@coderabbitai

coderabbitai Bot commented Jul 16, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@DiamondDagger590, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 50 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: a1861fbf-d0c7-4834-b7d4-10b8f950891e

📥 Commits

Reviewing files that changed from the base of the PR and between 59fd651 and f6f5d1d.

📒 Files selected for processing (3)
  • .claude/agents/review-server-owner.md
  • .claude/agents/review-testing.md
  • .github/workflows/claude-review.yml

Walkthrough

Replaces the previous AI review workflows with a Claude-based workflow, specialized review lenses, orchestration rules, sticky-comment updates, re-review handling, and updated CodeRabbit and repository maintenance configuration.

Changes

Claude Review Migration

Layer / File(s) Summary
Specialized review lenses
.claude/agents/review-*.md
Adds extensibility, GUI/UX, security, server-owner, and testing review lenses with scoped checklists, verification rules, and structured findings output.
Review orchestration protocol
.github/claude-review-prompt.md
Defines PR context gathering, lens routing, concurrent execution, finding consolidation, deduplication, limits, sticky comments, and re-review reconciliation.
Workflow triggers and execution
.github/workflows/claude-review.yml, .github/workflows/ai-persona-review.yml, .github/workflows/pr-review.yml
Adds automatic and on-demand Claude reviews with eligibility checks, concurrency cancellation, fork protection, and removes the previous persona-review workflows.
Review configuration and maintenance contract
.coderabbit.yaml, CLAUDE.md
Adjusts CodeRabbit review behavior and documents the new Claude review routing and configuration references.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant PullRequest
  participant ClaudeReviewWorkflow
  participant ClaudeCodeAction
  participant ReviewOrchestrator
  participant ReviewLenses
  participant StickyComment
  PullRequest->>ClaudeReviewWorkflow: open or update eligible PR
  ClaudeReviewWorkflow->>ClaudeCodeAction: start review
  ClaudeCodeAction->>ReviewOrchestrator: load orchestration protocol
  ReviewOrchestrator->>ReviewLenses: route changed paths
  ReviewLenses-->>ReviewOrchestrator: return verified findings
  ReviewOrchestrator->>StickyComment: post consolidated results
Loading

Possibly related PRs

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly matches the main change: replacing the persona-based PR review system with a unified Claude orchestrator.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude/review-workflow-cleanup-g4z1dp

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jul 16, 2026

Copy link
Copy Markdown

Claude finished @DiamondDagger590's task in 5m 22s —— View job


Review: 2 important, 1 nit

This PR touches only workflow/config/doc files (.github/workflows/*.yml, .github/claude-review-prompt.md, .claude/agents/*.md, .coderabbit.yaml, CLAUDE.md) — none of the 5 defined review lenses (review-security, review-testing, review-extensibility, review-gui-ux, review-server-owner) route to any of these per .github/claude-review-prompt.md §2's file-pattern table, since that table only matches src//resources/ code paths. Per §2 that would normally mean "no reviewable code changes" — but since this PR is the review system's own configuration, I read it directly instead of skipping straight to a one-liner.

  • Gather context (PR diff vs. actual committed content on origin/recode)
  • Route to lenses — none match by file pattern (workflow/doc-only diff)
  • Direct read of the new workflow, prompt, and agent files (no lens applicable)
  • Consolidate findings
  • Post review

Important findings

1. .github/workflows/claude-review.yml:45-64 — orchestrator instructions are read from the PR's own (attacker-modifiable) checkout, reversing the deleted workflow's explicit security model.
The deleted ai-persona-review.yml stated its security model in its own header: "this workflow always executes on the DEFAULT BRANCH and never checks out PR-head code, so secrets are safe," enforced via a sparse checkout of only .claude/commands/ from github.event.repository.default_branch. auto-review in the new workflow does the opposite: it checks out the PR's own head and then tells Claude to "Read .github/claude-review-prompt.md in this checkout and execute the orchestrated review protocol it defines." Both that file and .claude/agents/review-*.md are part of the PR diff — so a PR that edits them rewrites its own reviewer's instructions before they run, with ANTHROPIC_API_KEY and a pull-requests: write, issues: write token in scope. This PR is a live example: it modifies exactly those files, and this review run read and executed them from this PR's own head commit. The head.repo.full_name == github.repository guard only excludes forks — it does nothing against a same-repo branch (any contributor/bot with push access) shipping a poisoned orchestrator prompt.
Fix: restore the old split — fetch orchestrator/prompt/agent files from the default branch, and only the diff/code-under-review from the PR head — or explicitly accept this tradeoff and say so, rather than silently dropping the prior mitigation.

2. .github/claude-review-prompt.md:27-35 — the "one subagent per lens" design is unverified in an actual PR-triggered run.
§3 assumes .claude/agents/review-*.md register as Task subagent types (subagent_type: review-security, etc). In the session executing this exact review, only the built-in types were available (claude, claude-code-guide, Explore, general-purpose, Plan, statusline-setup) — none of the five new lens names — and the five new agent files were also absent from the local working tree at session start despite being part of the commit. This could be a checkout artifact, or it could be the platform deliberately stripping PR-introduced agent definitions before granting them subagent-type status (plausible given finding #1). Either way: please confirm on a real pull_request: opened run that Task(subagent_type: "review-security") actually resolves to the specialized agent rather than silently falling back to a generic one — that failure mode wouldn't error, it would just quietly collapse "isolated per-lens context" into "one generic pass" with nobody noticing.

Nit

.github/workflows/claude-review.yml:90-94 — the on-demand job's allowedTools is read-only (Task,Read,Grep,Glob,Bash(gh pr diff:*),Bash(gh pr view:*),mcp__github_inline_comment__create_inline_comment) with no Edit/Write/Bash(git ...). That's a reasonable scope limit for a review bot, but the appended system prompt's "Otherwise answer the request directly" branch (and the generic claude-code-action capability description) implies @claude can act on non-review requests too — a maintainer asking @claude to push a small fix would get told it's being handled but nothing could actually be committed. Worth either narrowing the system prompt to "review only" or intentionally granting write tools if on-demand implementation should work.

Inline comments posted for both Important findings above.

Comment on lines +45 to +64
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: anthropics/claude-code-action@v1
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
# Reuse the ambient token (as the old pipeline did); comments post as
# github-actions[bot]. No Claude GitHub App install required.
github_token: ${{ secrets.GITHUB_TOKEN }}
# REQUIRED alongside a custom prompt, or the sticky comment silently
# never posts (anthropics/claude-code-action#1108).
track_progress: true
use_sticky_comment: true
prompt: |
REPO: ${{ github.repository }}
PR NUMBER: ${{ github.event.pull_request.number }}

This is the initial automated review of this PR. Read
.github/claude-review-prompt.md in this checkout and execute the
orchestrated review protocol it defines.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security regression vs. the deleted ai-persona-review.yml: that workflow's own header comment stated its entire security model — "this workflow always executes on the DEFAULT BRANCH and never checks out PR-head code, so secrets are safe" — and it enforced this by sparse-checking-out only .claude/commands/ from github.event.repository.default_branch, specifically because a PR could otherwise modify the persona prompt files and have malicious instructions executed with secrets in scope.

auto-review here does the opposite: it checks out the PR's own head (fetch-depth: 0, default pull_request ref) and then instructs Claude to "Read .github/claude-review-prompt.md in this checkout and execute the orchestrated review protocol it defines." Both that file and .claude/agents/review-*.md are themselves part of the PR diff — so a PR that edits them rewrites its own reviewer's instructions before they run, with ANTHROPIC_API_KEY and a pull-requests: write, issues: write token in scope. This very PR is a live example: it modifies exactly those files, and this run read and executed them from this PR's own checkout.

The head.repo.full_name == github.repository guard only rules out forks — it doesn't protect against a same-repo branch (e.g. any contributor/bot with push access) shipping a poisoned orchestrator prompt. Worth either restoring the old "read prompt/agent files from the default branch, diff/code from the PR" split, or explicitly deciding this tradeoff is acceptable and dropping the now-stale security rationale from history without a replacement mitigation.

Comment on lines +27 to +35
## 3. Fan out (one subagent per lens, in parallel)

Spawn every applicable lens **in a single message with multiple Task calls** so they run concurrently. For each, use the matching `subagent_type` (e.g. `review-security`) and pass in the prompt:

- The PR diff (or, if very large, the changed-file list plus the diff hunks relevant to that lens).
- A one-line instruction to follow its own agent definition.
- On a re-review only: the list of findings previously reported for that lens, labeled "PREVIOUSLY REPORTED — re-verify each: still open, or resolved?".

Each subagent returns either `CLEAN` or a list of `SEVERITY/LENS/FILE/WHAT/WHY/FIX` blocks. Collect them all.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unverified in this live run: §3 assumes .claude/agents/review-*.md register as Task subagent types reachable via subagent_type: review-security etc. In the session executing this exact review, only the default built-in types were available (claude, claude-code-guide, Explore, general-purpose, Plan, statusline-setup) — none of the five new lens names. The five new agent files were also absent from the working tree at session start (present in the commit, but deleted/uncommitted locally), which is consistent with whatever produced this either being a genuine checkout gap or a deliberate stripping of PR-introduced agent definitions before granting them subagent-type status (plausible given the security concern on the checkout step above).

Either way, please confirm end-to-end (a real pull_request: opened trigger, not a local dry run) that Task(subagent_type: "review-security") actually resolves to the specialized agent and doesn't silently fall back to a generic one — that failure mode wouldn't error, it would just quietly collapse "isolated per-lens context" into "one generic pass," undermining the stated benefit of this design without anyone noticing.

claude added 3 commits July 16, 2026 15:16
Gate the on-demand @claude job to OWNER/MEMBER/COLLABORATOR only,
preventing untrusted commenters from triggering reviews on fork PRs.
Change skip label from skip-review to skip-claude-review for more
targeted control (CodeRabbit keeps its own skip-review label).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017RS1pjrpm7c5AdirmmAtwX
- Add fork-check pre-step to on-demand job that rejects @claude
  mentions on fork PRs (prevents attacker-controlled checkout with
  secrets in scope)
- SHA-pin actions/checkout to 11bd7190 (v4.2.2), matching McCore
- SHA-pin anthropics/claude-code-action to fffa3483 (v1) in both jobs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017RS1pjrpm7c5AdirmmAtwX

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.claude/agents/review-server-owner.md:
- Around line 15-16: Update the review scope statement in the server-owner
instructions to include src/**/configuration/** alongside configuration/**,
matching the orchestrator’s routing patterns. Preserve the restriction to
reviewing only changed lines in the covered configuration files.

In @.claude/agents/review-testing.md:
- Line 4: Remove Bash from the tools list in the testing agent configuration,
leaving only Read, Grep, and Glob. Keep the workflow’s restricted --allowedTools
behavior unchanged and ensure the testing lens does not request or rely on shell
execution.

In @.github/workflows/claude-review.yml:
- Around line 83-85: Update the actions/checkout step in the issue_comment
workflow to explicitly check out the pull request’s head ref rather than the
default branch. Use the event’s PR head repository and ref values while
preserving the existing full fetch-depth configuration, so on-demand reviews
analyze the submitted PR code.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 46e97165-937f-4b31-bfc0-51e916c8fe5c

📥 Commits

Reviewing files that changed from the base of the PR and between b3ea7da and 59fd651.

📒 Files selected for processing (12)
  • .claude/agents/review-extensibility.md
  • .claude/agents/review-gui-ux.md
  • .claude/agents/review-security.md
  • .claude/agents/review-server-owner.md
  • .claude/agents/review-testing.md
  • .coderabbit.yaml
  • .github/claude-review-prompt.md
  • .github/scripts/pr-review.py
  • .github/workflows/ai-persona-review.yml
  • .github/workflows/claude-review.yml
  • .github/workflows/pr-review.yml
  • CLAUDE.md
💤 Files with no reviewable changes (3)
  • .github/workflows/ai-persona-review.yml
  • .github/workflows/pr-review.yml
  • .github/scripts/pr-review.py

Comment thread .claude/agents/review-server-owner.md Outdated
Comment thread .claude/agents/review-testing.md Outdated
Comment thread .github/workflows/claude-review.yml Outdated
- Checkout PR head ref for on-demand reviews so Read/Grep/Glob see the
  PR code instead of the default branch (issue_comment events default
  to the base branch checkout)
- Remove Bash from testing agent tools (only needs Read/Grep/Glob)
- Fix server-owner scope to match routing table (src/**/configuration/**)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017RS1pjrpm7c5AdirmmAtwX
@DiamondDagger590
DiamondDagger590 merged commit a1a1a8e into recode Jul 16, 2026
1 check passed
@DiamondDagger590
DiamondDagger590 deleted the claude/review-workflow-cleanup-g4z1dp branch July 16, 2026 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants