PR Sentinel AI

AI code reviews before bugs reach production

Comment

Inspiration

The inspiration behind PR Sentinel AI came from a common problem faced by engineering teams: pull request reviews take time, and even after manual review, important bugs, security vulnerabilities, performance issues, and missing tests can still slip through.

We wanted to build something that works like an AI-powered senior reviewer — always available, fast, consistent, and integrated directly into the developer workflow. Instead of making developers use a separate chatbot or tool, we wanted the feedback to appear where developers already work: inside GitHub pull requests.

That idea became PR Sentinel AI — AI code reviews before bugs reach production.

What it does

PR Sentinel AI is a real-time AI-powered GitHub pull request review assistant.

When a developer opens or updates a pull request, PR Sentinel AI:

  • Receives the GitHub pull request event through a GitHub App webhook
  • Fetches the real changed code from the pull request
  • Analyzes the code using Google Gemini AI
  • Detects bugs, security risks, code smells, missing validation, risky logic, and missing tests
  • Generates severity-based findings and a risk score
  • Saves the review results in Supabase
  • Shows the review in a dashboard with connected repositories and full reports
  • Posts an actionable AI-generated review comment directly on the GitHub pull request

This makes the product useful inside the actual developer workflow, not just as a standalone AI assistant.

How we built it

We built PR Sentinel AI as a production-style full-stack SaaS application.

The frontend is built with Next.js, TypeScript, Tailwind CSS, and shadcn/ui to create a clean SaaS-style dashboard. The backend uses Next.js API routes to handle GitHub webhook events, GitHub App authentication, pull request processing, and AI review workflows.

For AI analysis, we integrated Google Gemini AI, which reviews the changed code and generates structured findings. For authentication, database storage, and review persistence, we used Supabase. The app stores connected repositories, pull request reviews, findings, webhook events, and user-linked GitHub installations.

We also integrated a real GitHub App so PR Sentinel AI can receive pull request events, fetch changed files, and post review comments directly on GitHub. The entire app is deployed live on Vercel.

Tech stack used:

  • Next.js
  • TypeScript
  • Tailwind CSS
  • shadcn/ui
  • Supabase
  • GitHub App and GitHub Webhooks
  • Google Gemini AI
  • Vercel

Challenges we ran into

One major challenge was making the GitHub App work correctly end-to-end. We had to handle GitHub webhook events, installation IDs, repository permissions, private key authentication, and pull request file fetching.

Another challenge was linking GitHub App installations to the correct Supabase user so that reviews appeared properly in the dashboard. Since webhook events come from GitHub and not directly from a logged-in browser session, we had to carefully map installations, repositories, and reviews to the correct user account.

We also faced challenges with AI response formatting. Gemini needed to return structured review findings that could be validated, stored, and displayed cleanly in the UI.

Finally, we had to make sure the product worked as a real deployed app, not just a local demo. This meant connecting Vercel, Supabase, GitHub App, GitHub OAuth, webhooks, and Gemini together in a live environment.

Accomplishments that we're proud of

We are proud that PR Sentinel AI is not just a UI mockup or chatbot demo. It is a working GitHub-connected AI engineering tool.

Some accomplishments we are proud of:

  • Built a real deployed SaaS-style application
  • Connected a live GitHub App with pull request webhooks
  • Integrated Google Gemini AI for real code review analysis
  • Stored reviews, findings, repositories, and reports in Supabase
  • Posted actual AI-generated comments on GitHub pull requests
  • Built a clean dashboard to view connected repositories and review reports
  • Created a full end-to-end workflow from PR creation to AI review comment
  • Made the product feel like a real developer tool that could be used by engineering teams

The biggest achievement is that PR Sentinel AI reviews real pull request code and gives actionable feedback directly inside GitHub.

What we learned

Through this project, we learned how complex real-world developer tooling can be. Building a GitHub-integrated AI product is not just about calling an AI API — it requires authentication, permissions, webhook handling, database design, user mapping, error handling, and production deployment.

We learned how GitHub Apps work, how webhooks are delivered, how installation tokens are used, and how to connect repository events to user-facing dashboard data.

We also learned the importance of making AI outputs structured, reliable, and useful. A good AI tool should not only generate text, but also provide actionable, contextual, and trustworthy feedback.

Most importantly, we learned how to turn an AI idea into a working product that fits into a real developer workflow.

What's next for PR Sentinel AI

The next step for PR Sentinel AI is to make it even more powerful and team-ready.

Future improvements include:

  • Faster asynchronous webhook processing
  • Better inline code comments on exact changed lines
  • Team workspaces and organization-level dashboards
  • Slack or Discord alerts for high-risk pull requests
  • Support for GitLab and Bitbucket
  • More advanced security checks
  • Auto-generated test case suggestions
  • Trend analytics for code quality over time
  • Public shareable review reports
  • Merge risk prediction based on past review history

Our goal is to make PR Sentinel AI a complete AI code review layer for engineering teams — helping developers ship faster while reducing the risk of bugs and security issues reaching production.

Built With

  • github-app
  • github-rest-api
  • github-webhooks
  • google-gemini-ai
  • lucide-react
  • next.js
  • postgresql
  • shadcn/ui
  • supabase
  • supabase-auth
  • tailwind-css
  • typescript
  • vercel
  • zod
Share this project:

Updates