Skip to content

Patchpilothub

GitHub App

Patchpilothub

GitHub App

PatchPilot — AI Code Review for Pull Requests

Automated, inline pull request reviews powered by large language models. Get structured feedback on every PR without blocking your team.

What PatchPilot Does

PatchPilot is a GitHub App that automatically reviews pull requests using AI. When a developer opens or updates a PR, PatchPilot fetches the diff, analyzes the changes, and posts inline comments directly in the GitHub review interface — the same place your team already works.

Reviews include severity-tagged feedback across categories like correctness, security, performance, and maintainability. A summary comment is posted at the top of each review with an overall risk assessment.

No CI pipeline changes required. No external dashboards to check. Reviews appear as native GitHub review comments.

Key Features

Automatic PR Reviews

PatchPilot triggers on pull_request.opened, .synchronize, and .reopened events. Every push to an open PR gets reviewed without any manual action from developers.

Structured, Actionable Feedback

Every comment includes:

  • Severity level — critical, high, medium, low, or info
  • Category — security, correctness, performance, maintainability, style, or testing
  • Suggested fix — when a concrete improvement can be proposed
  • Explanation — why the issue matters, not just what it is

Multi-Model AI Support

PatchPilot supports multiple AI providers with automatic fallback:

  • Google Gemini 2.0 Flash (default — fast and cost-effective)
  • Anthropic Claude (fallback)
  • OpenAI GPT-4 (fallback)

If the primary model is unavailable, PatchPilot retries with the next available provider automatically.

Bot Commands

Trigger reviews manually or ask for explanations by mentioning the bot in a PR comment:

@patchpilot review
@patchpilot explain

Smart Diff Filtering

PatchPilot skips files that don't benefit from AI review — lock files, auto-generated code, binary assets, and build artifacts — so feedback focuses on code your team actually wrote.

Per-Repository Configuration

Each repository can be configured independently:

  • Enable or disable auto-review on open and push
  • Set a minimum severity threshold to filter noise
  • Cap the maximum number of comments per review
  • Choose a preferred AI model

Management Dashboard

A web dashboard lets installation owners:

  • View full review history across all repositories
  • Inspect individual review comments and AI reasoning
  • Manage per-repository settings
  • Track token usage and estimated AI costs per installation

How It Works

Pull request opened or updated
          |
          v
PatchPilot receives GitHub webhook
          |
          v
Diff fetched from GitHub API
          |
          v
Irrelevant files filtered out
(lock files, generated code, binaries)
          |
          v
Large diffs chunked to fit AI context window
          |
          v
AI model analyzes each chunk
          |
          v
Structured review output validated
          |
          v
Inline comments posted as a GitHub review
          |
          v
Summary comment with risk level posted to PR

Reviews are processed asynchronously via a job queue, so webhook delivery to GitHub completes immediately. Most reviews post within 30–90 seconds depending on diff size.

Permissions Required

PatchPilot requests the minimum permissions needed to do its job:

Permission Access Reason
Pull requests Read & Write Read diffs, post review comments
Contents Read Fetch file contents for context
Issues Read & Write Read and respond to bot command comments
Metadata Read Required by GitHub for all apps

PatchPilot does not access your repository's full codebase. It only reads the diff of the specific PR being reviewed, plus referenced file content when needed for context.

Subscribes To

  • pull_request — opened, synchronize, reopened, closed
  • issue_comment — created (for bot commands)
  • installation — created, deleted (installation lifecycle)
  • installation_repositories — added, removed

Getting Started

  1. Install PatchPilot on your GitHub account or organization from the GitHub Marketplace.
  2. Select repositories — choose specific repos or grant access to all.
  3. Configure AI keys — connect your AI provider API key in the PatchPilot dashboard.
  4. Open a pull request — PatchPilot will automatically post its first review.

No code changes, no CI configuration, no webhooks to set up manually.

Configuration Options

All settings are managed through the PatchPilot dashboard after installation.

Installation-Level Settings

Setting Default Description
Default AI model Gemini 2.0 Flash Model used when no repo-level override is set
Auto-review on open Enabled Trigger review when a PR is first opened
Auto-review on push Enabled Trigger review on every new commit to an open PR

Repository-Level Settings

Setting Default Description
Auto-review on open Inherits installation default Override for this specific repo
Auto-review on push Inherits installation default Override for this specific repo
Minimum severity None (show all) Filter out comments below a severity threshold
Max comments per review 50 Cap to keep reviews focused
Preferred model Inherits installation default Use a different model for this repo

Supported Languages

PatchPilot reviews code in any language. AI feedback quality is best for widely-used languages:

  • TypeScript / JavaScript
  • Python
  • Go
  • Java / Kotlin
  • Ruby
  • Rust
  • C / C++
  • PHP
  • C# / .NET
  • Swift

Privacy and Data Handling

  • Code is never stored permanently. Diff content is held in memory during review processing only.
  • Review results (comments, severity, categories) are stored per-installation for history and dashboard access.
  • GitHub tokens are encrypted at rest using AES-256.
  • No training. Your code is never used to train AI models. API calls go directly to the AI provider under your API key.
  • PatchPilot does not share data with third parties beyond the AI provider processing the review.

Support

Developer

Patchpilothub is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

Report abuse