RiskLens AI: Merge Request Risk Analyzer

RiskLens AI analyzes GitLab merge requests in real time to detect risk, assign a risk score, and generate actionable recommendations before code is merged.

Comment

🚨 RiskLens AI: Merge Request Risk Analyzer

🧠 Inspiration

Every merge request introduces risk β€” whether it’s security vulnerabilities, misconfigurations, or deployment instability.

Traditional code review is manual, time-consuming, and often inconsistent. I wanted to build a system that could automatically analyze merge requests and provide instant, structured risk insights before code is merged.

βš™οΈ What It Does

RiskLens AI is an event-driven system that analyzes GitLab merge requests and generates a structured risk report in real time.

It evaluates:

  • Merge request title and description
  • Change context
  • Potential risk indicators

And outputs:

  • 🚨 Risk level (LOW / MEDIUM / HIGH)
  • πŸ“Š Risk score
  • ⚠️ Issues detected
  • βœ… Actionable recommendations

πŸ” How It Works

  1. A merge request event is triggered
  2. A webhook sends the data to the RiskLens system
  3. The system analyzes the request using AI logic
  4. A structured risk report is generated instantly

For demo purposes, the webhook is simulated locally to demonstrate the full trigger β†’ action workflow.

🎬 Demo Highlights

  • /demo endpoint shows a full risk analysis output
  • /webhook simulates a GitLab merge request event
  • Real-time processing generates risk insights immediately

🧱 How I Built It

  • Python (Flask) for backend API
  • Webhook-based architecture for event handling
  • Structured risk analysis engine
  • Local simulation of GitLab merge request events

🚧 Challenges I Ran Into

  • Managing webhook payload structure and parsing
  • Handling environment variables securely
  • Rebuilding the project after accidental exposure of sensitive keys
  • Ensuring clean Git workflow and secure .gitignore usage

πŸ† Accomplishments

  • Built a fully working event-driven AI system
  • Successfully implemented webhook-based trigger logic
  • Designed a structured and interpretable risk scoring system
  • Recovered and rebuilt the project under pressure

πŸ“š What I Learned

  • How to design event-driven systems
  • Secure handling of environment variables and secrets
  • Git and repository management best practices
  • How to turn a prototype into a submission-ready project

πŸš€ What’s Next

  • Integrate directly with GitLab webhooks in production
  • Add real AI/LLM-based risk analysis
  • Post automated comments directly on merge requests
  • Expand into a full AI-powered DevOps assistant

πŸ’‘ Why This Matters

RiskLens transforms code review into a proactive, intelligent safety layer.

Instead of reacting to issues after deployment, teams can identify risks early β€” improving code quality, reducing failures, and accelerating development workflows.

Built With

Share this project:

Updates