Code review that runs
inside your own CI.
An open-source agentic PR reviewer as a single GitHub Action. It runs on your runner, reviews with the model you already pay for, and posts diff-anchored findings back — no SaaS, no per-seat bill.
On the GitHub Marketplace · v0.2.0name: J-Bot Code Review on: pull_request: { types: [opened, synchronize, reopened] } permissions: contents: read pull-requests: write jobs: review: runs-on: ubuntu-latest steps: - uses: actions/checkout@v7 with: { fetch-depth: 0 } - uses: pgup-ai/jbot-review-action@v0 with: provider: ${{ vars.JBOT_REVIEW_PROVIDER || 'opencode' }} opencode-api-key: ${{ secrets.OPENCODE_API_KEY }} github-token: ${{ secrets.GITHUB_TOKEN }}
Reuse a subscription you already pay for
OpenCode gateways
CLI subscriptions
Or start at $0 — free models
See a real review
Diff-anchored findings.
Verified before they post.
A second model checks every blocking finding first — so what lands on your PR is signal, not a wall of nits.
@@ -41,7 +41,9 @@ export async function createSession(- const token = jwt.sign(payload, SECRET)+ const token = jwt.sign(payload, SECRET, {+ algorithm: req.headers['x-alg'] || 'HS256'+ })
Full base…head diff, sharded for speed · nits demoted, false positives dropped
How it works
One file of setup.
Zero servers to run.
A Docker container action. GitHub runs it on your runner, reviews your checkout read-only, and posts back. The diff goes only to the model you bring — never a third-party reviewer.
Add the workflow
Commit one YAML file to .github/workflows and add an OpenCode gateway key or CLI credential as a repo secret.
It runs in your CI
On each PR, Actions starts your selected backend in the container and reviews the full diff with least-privilege permissions.
Verified reviews post
A second model verifies each blocking finding, then diff-anchored comments and a verdict land on the PR.
Features
Enterprise-grade review.
Zero lock-in.
Your key, your runner
Bring the gateway key or CLI credential as a repo secret. The diff goes only to the model you chose, on your own account.
No added J-Bot bill
Use OpenCode Zen free models, reuse a CLI seat, or pick a provider model on your own account. J-Bot adds no per-review bill.
Native to GitHub CI
A standard container action in your own CI. No SaaS account and no third-party reviewer in the loop.
Tune depth and cost
Start with the defaults, then adjust shards, review passes, and finding verification as your repositories grow.
Reads your house rules
Discovers AGENTS.md, REVIEW.md, .coderabbit.yaml, greptile.json and Cursor rules, then reviews against them.
Checks current docs
When a PR touches an external API or SDK, Context7 verifies the change against live documentation.
Ownership & cost
A reviewer you own,
not a service you rent.
Hosted SaaS reviewers
rentedJ-Bot Review
ownedFull comparisons: CodeRabbit · Greptile · Qodo · Cubic
GitHub App · private beta
The same reviewer,
managed for you.
The Action stays the no-server way to run J-Bot Review. The GitHub App runs the same reviewer from a dashboard instead: install it on a repo, add your own model keys — encrypted at rest, shown as last-4 only — and pull requests get reviewed with no workflow file to maintain. Reviews execute on ephemeral GitHub Actions runners.
@jbot reviewReview config
Triggers
Review history
FAQ
Questions, answered.
Can I use my Claude, Codex, or Cursor subscription for automated code review?
Yes for Codex (a ChatGPT Plus/Pro seat), Cursor, Devin, Cline, Kilo, Command Code, Grok Build, and Qoder: J-Bot Review drives those coding-agent CLIs inside your own GitHub Actions, so a seat you already pay for reviews every pull request. Claude runs through your own Anthropic API key or an OpenCode gateway instead — a Claude Pro/Max seat is not a supported CI credential today. See the CLI subscription guide for per-CLI setup.
Is J-Bot Review free?
The action itself is MIT-licensed open source and adds no per-seat or per-review charge. You pay only for the model you bring — with OpenCode Zen free models or a CLI seat you already pay for, J-Bot adds $0 on top of your normal CI minutes.
Does my code get uploaded to a third-party service?
Run as the Action, there is no J-Bot server and no hosted reviewer in the loop, and the checkout never leaves your runner. What does leave is the diff, sent only to the model provider you configure, on your own key.
Is there a hosted or GitHub App version of J-Bot Review?
Currently in private beta. The GitHub App runs the same reviewer from a dashboard instead of a workflow file: add your own model keys (encrypted at rest), configure models, a severity gate, and triggers, and see review history and per-key usage meters. Reviews execute on ephemeral GitHub Actions runners. The Action remains the no-server option and is not being replaced.
How is J-Bot Review different from CodeRabbit or Greptile?
Hosted reviewers run your code through their own servers and charge per seat (about $40 per month). J-Bot Review is an open-source GitHub Action that runs in your CI with any model you choose, at $0 per seat. It also reads existing .coderabbit.yaml and greptile.json rule files, so switching keeps your house rules. Full comparisons: CodeRabbit · Greptile · Qodo · Cubic.
Which models and providers does J-Bot Review support?
30+ backends. OpenCode gateways cover OpenCode Zen free models plus Claude, OpenAI, Gemini, DeepSeek, Grok, Qwen, Kimi, MiniMax, OpenRouter, Fireworks, Cohere, Together, and more. CLI subscription backends cover Codex, Cursor, Devin, Cline, Kilo, Command Code, Grok Build, and Qoder. Switch backends with one repo variable.
Does it work with private repositories?
Yes. It is a standard container action: if your repository runs GitHub Actions, it can run J-Bot Review. Default permissions are least-privilege — contents: read, pull-requests: write — and your code never leaves the runner except to the model you configured.
Put it on your
next pull request.
One YAML file, one secret, and an agentic reviewer is reading every PR — on your runner, with $0 added by J-Bot.
- uses: pgup-ai/jbot-review-action@v0
Attacker-controlled JWT algorithm. The signing algorithm is read from a request header, so a caller can force
noneor swap to a key-confusion attack. Pin the algorithm server-side:jwt.sign(payload, SECRET, { algorithm: 'HS256' })