Home / Templates / Engineering
Engineering Beginner ⏱ 30 minutes

Code Review Agent Blueprint

A Claude Code agent that reviews PRs, flags issues, and posts structured review comments automatically.

What This Blueprint Does

The Code Review Agent monitors your repositories for new pull requests, reviews the diff, identifies issues (security risks, logic bugs, style violations, missing tests), and posts structured comments — all without human intervention.

Unlike a linter, this agent understands context: it reads the PR description, evaluates whether the implementation matches the stated goal, and flags discrepancies. Every action is logged through Sentrely with a full audit trail.

Architecture

  1. Trigger — Webhook fires on PR open/update
  2. Fetch — Agent pulls diff and context files via the Gateway
  3. Analyze — Claude reviews changes against your team standards
  4. Comment — Agent posts line-level review comments
  5. Notify — Summary sent to Slack

The Gateway enforces read-only access. The agent can read repos and post comments but cannot push, merge, or modify branches.

Policy Configuration

project: my-webapp
agent: code-reviewer

policies:
  - git:read on repos/my-webapp
  - git:comment on repos/my-webapp/pull-requests/*
  # No push, merge, branch modification, or access to other projects

budget:
  max_tokens_per_session: 100000
  max_sessions_per_day: 50

notifications:
  on_complete: slack:#code-reviews

Setup Steps

Step 1: Create the project and agent identity in your Sentrely dashboard. Note your GATEWAY_URL.

Step 2: Apply the policy — save the YAML above to your project configuration.

Step 3: Configure the webhook — point your git provider (GitHub, Bitbucket, GitLab) webhook at your agent trigger endpoint.

Step 4: Connect Slack — the agent posts review summaries to your designated channel on completion.

Step 5: Test — open a small PR and verify the agent reviews it correctly. Check the Gateway audit log to confirm only permitted actions were taken.

What the Agent Reviews

  • Code correctness and logic errors
  • Security patterns (injection risks, missing validation, hardcoded secrets)
  • Performance issues (N+1 queries, unnecessary loops, blocking calls)
  • Test coverage for the changed code
  • Naming, structure, and consistency with the codebase

Customization

Provide a CLAUDE.md in your repository with your team’s specific standards: naming conventions, architectural guidelines, what matters most (security, performance, readability). The agent reads this before every review and applies your standards consistently.

Example Slack Notification

Code Review Completeacme/api/feature/stripe-webhook
4 files reviewed · 3 comments posted
Summary: Solid implementation. Flagged a missing null check in authMiddleware.ts:47 and an unused import in UserProfile.tsx. No security concerns.
[View PR] [View Audit Log]

// get-started

Deploy this blueprint

Get this agent running in 30 minutes with Sentrely's managed control plane.

Get Early Access More Blueprints
newsletter

AI agent stories, every 2 weeks

Real-world lessons on running AI agents in production — RBAC patterns, audit gotchas, approval workflows. No spam.

Unsubscribe anytime · No spam, ever

// talk-to-us

Tell us what you're building

We reply within one business day.

Platforms / tools you're using or evaluating *

Or email us directly at jordan@sentrely.com

get early access

Get early access

Leave your details and we'll reach out to get you set up.

No spam. We'll only use this to set up your access.