Home / Guides / CLI subscriptions

Automated PR review with a CLI subscription you already pay for

Updated July 11, 2026 · applies to pgup-ai/jbot-review-action v0

Yes — the coding-agent seat you already pay for can review your pull requests. If you subscribe to Codex (ChatGPT Plus/Pro), Cursor, Devin, Cline, Kilo, Command Code, Grok Build, or Qoder, J-Bot Review — an open-source (MIT) GitHub Action — runs that CLI inside your own GitHub Actions and posts diff-anchored, verified review comments on every PR. One workflow file, one repo secret, $0 added by J-Bot.

Hosted AI reviewers (CodeRabbit, Greptile, and similar) charge roughly $40 per seat per month and run your code through their own servers. None of them can reuse a CLI subscription; as far as we know, J-Bot Review is the only PR reviewer that can.

The base workflow (one file)

Commit this as .github/workflows/jbot-review.yml. The provider line and one secret change per CLI — the table below has every combination.

.github/workflows/jbot-review.yml
name: J-Bot Code Review
on:
  pull_request: { types: [opened, reopened, ready_for_review, synchronize] }

concurrency:
  group: jbot-review-${{ github.event.pull_request.number }}
  cancel-in-progress: true

permissions:
  contents: read
  pull-requests: write
  issues: write        # PR reactions use the issues API
  checks: read

jobs:
  review:
    if: github.event.pull_request.draft == false
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v7
        with: { fetch-depth: 0 }
      - uses: pgup-ai/jbot-review-action@v0
        with:
          provider: codex                              # ← pick yours from the table
          codex-auth: ${{ secrets.CODEX_AUTH_JSON }}  # ← and its matching secret
          github-token: ${{ secrets.GITHUB_TOKEN }}

Per-CLI setup: provider, secret, and where the credential comes from

Each subscription maps to a provider value plus one action input, fed from a repository secret (Settings → Secrets and variables → Actions). Use the credential from the same account or local CLI setup you already use.

CLI seatprovider:Action inputCredential source
Codex (ChatGPT Plus/Pro)codexcodex-authcontents of ~/.codex/auth.json after codex login
Cursorcursorcursor-api-keyAPI key (crsr_…) from the Cursor dashboard → Integrations
Cline — subscriptioncline-passcline-authcontents of ~/.cline/data/settings/providers.json after cline auth
Cline — pay-as-you-goclinecline-authsame file as above
Devindevindevin-windsurf-api-keywindsurf_api_key value from ~/.local/share/devin/credentials.toml after devin auth login
Command Codecommandcodecommandcode-access-keyapiKey value (user_…) from ~/.commandcode/auth.json
Kilokilokilo-authcontents of ~/.local/share/kilo/auth.json after kilo auth login
Grok Buildgrokgrok-authcontents of ~/.grok/auth.json after grok login --device-auth (or xai-api-key as fallback)
Qoderqoderqoder-tokenPersonal Access Token from Qoder Integrations

Notes that save you a debugging session

What about Claude?

Claude models are fully supported — through your own Anthropic API key (provider: anthropic) or an OpenCode gateway. A Claude Pro/Max subscription seat is not a supported CI credential today. Setup: Claude code review in GitHub Actions →

What you get on every PR

Cost & privacy

FAQ

Which CLI subscriptions can review my pull requests?

Codex (a ChatGPT Plus or Pro seat, via codex login), Cursor, Devin, Cline (subscription or pay-as-you-go), Kilo, Command Code, Grok Build (grok login account auth, with an xAI API key as fallback), and Qoder (Personal Access Token). Each maps to a provider value and one repo secret in the J-Bot Review action. Claude is supported through your own Anthropic API key or an OpenCode gateway instead — a Claude Pro/Max seat is not a supported CI credential today.

Does J-Bot Review add any cost on top of my subscription?

No. The action is MIT-licensed open source and adds no per-seat or per-review charge. Reviews run on your own GitHub Actions runner against the seat you already pay for, so the only added cost is normal CI minutes.

Is my code sent anywhere new?

No new party is involved. The action reads your checkout read-only on your runner, and the diff goes only to the CLI's own backend under your account — the same vendor your editor already sends code to. There is no third-party reviewer service in the loop.

Can the verification pass run on a different provider than the main review?

Yes. Set aux-provider and aux-model to run auxiliary sessions (finding verification, guideline compliance) on a second backend — for example, review on your CLI seat and verify on a free OpenCode Zen model. CLI backends and OpenCode-backed providers use separate credentials, so pass both keys.

Related