MR Debt Sentinel

An AI agent that eliminates merge request review debt using GitLab Orbit's knowledge graph to triage stale MRs and file automated weekly debt reports.

Comment

Inspiration

Every engineering team I've observed has the same silent problem: merge requests that sit unreviewed for days, lose context, accumulate conflicts, and eventually cost 3× the original effort to resurrect. Nobody lets MRs rot on purpose — it happens in the gap between the tools teams have and the process they can realistically maintain. I built MR Debt Sentinel to close that gap permanently.

What I Learned

Building on the GitLab Duo Agent Platform taught me how powerful constrained, purpose-built agents are compared to general-purpose assistants. The most important insight was how GitLab Orbit's knowledge graph changes the quality of decisions an agent can make — knowing who actually committed to a file in the last 90 days is fundamentally more useful than who's listed in CODEOWNERS. I also learned the importance of guardrails in agentic systems: an agent that can act on your repository needs hard limits that developers can trust unconditionally.

How I Built It

MR Debt Sentinel is a five-component bundle built entirely on the GitLab Duo Agent Platform:

  • Custom Agent (mr-debt-sentinel) — interactive on-demand triage via GitLab Duo Chat, applying a four-tier severity rubric (🔴 CRITICAL / 🟠 HIGH / 🟡 MEDIUM / 🟢 LOW) and using Orbit context for reviewer recommendations
  • Multi-agent Flow (mr-debt-weekly-report-flow) — a scheduled three-agent pipeline (Scanner → Triage Actor → Report Writer) that runs every Monday at 08:00 UTC
  • Three Skills/mr-health-check for single-MR assessment, /orbit-context-fetch for Orbit-powered reviewer ranking, and /stale-mr-closer for safe auditable MR closure

The agent uses 12 GitLab Duo tools including get_merge_request, create_merge_request_note, update_merge_request, run_glql_query, and get_pipeline_failing_jobs. Reviewer recommendations are ranked by a composite score: (commit_count × 2) + last_modified_bonus - current_review_load.

Challenges

The biggest challenge was designing guardrails that make the agent genuinely trustworthy. An agent that can label, comment on, and close merge requests autonomously is dangerous without hard limits. I spent significant time on the exclusion logic — skipping Draft MRs, respecting do-not-triage labels, protecting security branches, capping reviewer assignments at 5 open reviews, and requiring explicit human confirmation before any destructive action. Getting that balance right — powerful enough to be useful, constrained enough to be safe — was the core design challenge of this project.

Built With

  • gitlab-duo-agent-platform
  • gitlab-duo-chat
  • gitlab-graphql-api
  • gitlab-orbit
  • gitlab-rest-api
  • glql
  • markdown
  • yaml
Share this project:

Updates