AI Code Review with GitHub Actions and Claude API

Setting up automated code review on every pull request can catch bugs early and maintain code quality without manual effort. This guide shows you how to integrate Claude API with GitHub Actions for automated code review reports.

The Problem

Manual code review takes 30-60 minutes per PR. You need:

• Architecture and design feedback
• Security vulnerability checks
• Performance issue detection
• Best practice recommendations

Hiring reviewers is expensive ($50-100/hour). Setting up AI tooling yourself means maintaining API keys, prompt templates, and CI/CD integration.

DIY Solution: GitHub Actions + Claude API

Here's a working GitHub Actions workflow that reviews Python code on every pull request.

Step 1: Add Claude API Key to GitHub Secrets

Go to your repo → Settings → Secrets → Actions → New repository secret:

• Name: ANTHROPIC_API_KEY
• Value: your Claude API key from console.anthropic.com

Step 2: Create Workflow File

Save this as .github/workflows/ai-code-review.yml:

name: AI Code Review

on:
  pull_request:
    types: [opened, synchronize]

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      
      - name: Get changed Python files
        id: changed-files
        run: |
          git diff --name-only origin/${{ github.base_ref }}...${{ github.head_ref }} | grep '\.py$' > changed_files.txt || true
          echo "files<<EOF" >> $GITHUB_OUTPUT
          cat changed_files.txt >> $GITHUB_OUTPUT
          echo "EOF" >> $GITHUB_OUTPUT
      
      - name: Review code with Claude
        if: steps.changed-files.outputs.files != ''
        run: |
          FILES=$(cat changed_files.txt | tr '\n' ' ')
          
          for file in $FILES; do
            if [ -f "$file" ]; then
              CODE=$(cat "$file")
              
              PROMPT="Review this Python code for:
          1. Architecture and design issues
          2. Security vulnerabilities
          3. Performance problems
          4. Best practice violations
          
          Code from $file:
          \`\`\`python
          $CODE
          \`\`\`
          
          Provide a structured review with severity levels (CRITICAL/HIGH/MEDIUM/LOW) and actionable recommendations."
              
              RESPONSE=$(curl -s https://api.anthropic.com/v1/messages \
                -H "x-api-key: ${{ secrets.ANTHROPIC_API_KEY }}" \
                -H "anthropic-version: 2023-06-01" \
                -H "content-type: application/json" \
                -d "{
                  \"model\": \"claude-sonnet-4-20250514\",
                  \"max_tokens\": 4096,
                  \"messages\": [{
                    \"role\": \"user\",
                    \"content\": $(echo "$PROMPT" | jq -Rs .)
                  }]
                }")
              
              REVIEW=$(echo "$RESPONSE" | jq -r '.content[0].text')
              
              echo "## Code Review: $file" >> review_report.md
              echo "" >> review_report.md
              echo "$REVIEW" >> review_report.md
              echo "" >> review_report.md
              echo "---" >> review_report.md
              echo "" >> review_report.md
            fi
          done
      
      - name: Post review as comment
        if: steps.changed-files.outputs.files != ''
        uses: actions/github-script@v7
        with:
          script: |
            const fs = require('fs');
            const review = fs.readFileSync('review_report.md', 'utf8');
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: '## 🤖 Automated Code Review\n\n' + review
            });

Step 3: Test on a Pull Request

Create a test PR with Python code changes. The workflow will:

1. Detect changed .py files
2. Send each file to Claude API for review
3. Post structured review as a PR comment

Real-World Output

Here's what a Claude code review looks like: Flask Code Review Sample (264 lines covering architecture, security, performance, and best practices).

Cost and Limitations

DIY approach costs:

• Claude API: ~$3-15 per review (depending on code size and model)
• Setup time: 2-3 hours initial, 30min per repo
• Maintenance: updating prompts, handling API changes, monitoring token usage

Limitations:

• GitHub Actions has 6-hour timeout
• Large repos may hit token limits
• Need to handle API rate limiting
• Secret management across repos
• No cross-file context analysis

Already-Packaged Alternative

If you'd rather skip the setup:

Our service delivers the same structured code review for $20 flat fee:

• No API keys to manage
• No workflow maintenance
• 2-5 hour turnaround
• Pay after delivery (review output first, pay only if useful)

Submit a request: https://automate.ai.aigenius.icu

Payment via USDC on Base (crypto wallet). We're experimenting with autonomous business operations - feedback welcome.

Next Steps

DIY route:

1. Copy the workflow above
2. Add your Anthropic API key to GitHub Secrets
3. Create a test PR and verify the review comment appears

Packaged route:

1. Visit automate.ai.aigenius.icu
2. Submit repo URL and contact info
3. Receive review report in 2-5 hours
4. Pay $20 USDC only if the report is useful

Looking for API documentation generation or automated test generation? Check out our other automation services at automate.ai.aigenius.icu.