MergeGuardian AI

💡 Inspiration

AI is accelerating code generation, but teams still struggle with everything after code is written—security reviews, CI/CD risks, missing tests, and release readiness. These bottlenecks slow down delivery and introduce risk. We wanted to build an AI teammate that operates directly inside GitLab and takes action when it matters most.

🤖 What it does

MergeGuardian AI is a GitLab Duo Agent Platform flow that triggers on merge request updates. It analyzes code changes, detects risky patterns, assigns a risk score, evaluates release readiness, and posts a structured, actionable summary directly inside the merge request.

Instead of acting like a chatbot, it behaves like a real engineering teammate—reacting to events and guiding decisions inside the workflow.

🛠️ How we built it

We built a multi-agent system using the GitLab Duo Agent Platform:

Diff Analyzer → understands code and config changes Risk Sentinel → identifies security and operational risks Release Advisor → determines release readiness Action Publisher → posts structured insights back into GitLab

The system is triggered by merge request activity and orchestrated using GitLab flows, ensuring real-time, workflow-native automation.

⚔️ Challenges we ran into Balancing depth vs clarity in outputs Designing agents that produce consistent structured results Keeping the system simple enough for a 3-minute demo while still impactful Ensuring outputs are actionable, not just descriptive 🏆 Accomplishments that we’re proud of Built a true trigger → action AI system, not a chatbot Delivered a clean, demo-ready multi-agent workflow Created outputs that developers can immediately act on Aligned tightly with real-world DevSecOps pain points 📚 What we learned Specialized agents outperform general-purpose assistants Clear structure in outputs matters more than raw model intelligence Workflow-native AI is far more valuable than standalone chat interfaces Simplicity wins in hackathons 🔮 What’s next Auto-remediation merge requests for critical issues Team-specific policy enforcement CI/CD efficiency and sustainability scoring Organization-level risk dashboards Integration with broader DevSecOps toolchains 🧩 Built With GitLab Duo Agent Platform GitLab Flows Anthropic models (via GitLab) YAML-based agent orchestration

Built With

• gitlab