Agentic Code Reviews

Agentic Code Reviews

Optibot — Autonomous, context-aware, and built to transform how engineering teams handle code reviews. 💡 What is Optibot? Optibot is Optimal AI’s agentic code reviewer — an autonomous assistant that reviews pull requests with the depth, precision, and consistency of a senior engineer. Unlike static linters or suggestion engines, Optibot understands your entire repository. It provides context-aware feedback, identifies performance or security issues, and even explains its reasoning directly in your PR threads. It integrates seamlessly with both GitHub and GitLab, becoming an intelligent participant in your workflow. From summarizing pull requests to suggesting fixes, Optibot helps your team move faster, with more confidence and less noise. 🚧 The Problem Code reviews are essential — but they’re often slow, inconsistent, and overloaded with minor feedback. Developers wait for reviews, PR queues pile up, and critical issues slip through. Manual reviews can vary in quality depending on who’s reviewing, while automated tools often produce noisy or irrelevant feedback. The result? Reduced velocity, frustrated teams, and inconsistent code quality. 🚀 The Solution Optibot changes the way teams approach reviews by combining LLM-based reasoning with deep repository understanding. It automatically reviews pull requests, summarizes code changes, detects regressions, and posts helpful comments in natural language — all within seconds of a PR being opened. With Optibot, you’ll: - Reduce average review times - Maintain consistent code quality - Empower engineers to focus on building, not debugging - Catch issues before they merge 🔑 Key Capabilities 🧩 Full Codebase Context Optibot reviews your PRs with a full understanding of your repository history, dependencies, and team conventions. This enables it to deliver precise, context-aware feedback that aligns with how your team actually writes code — not just how it looks syntactically. By analyzing related files, similar patterns, and previous decisions, Optibot ensures its feedback feels human, relevant, and consistent. 📝 Smart PR Summaries Writing summaries manually can be tedious. Optibot automatically creates clear, concise summaries describing what changed, why it matters, and any associated risks. These summaries include: - Changed files and functions - Dependency or logic updates - Potential regressions - Related JIRA or issue links This makes it easy for reviewers to get context instantly — even on large, multi-file PRs. ⚙️ CI Fixer Agent When a CI run fails, Optibot detects the issue, analyzes logs, and suggests possible fixes automatically. It flags: - Broken or flaky tests - Misconfigurations in pipelines - Missing environment variables - Syntax or dependency errors The CI Fixer Agent helps engineers recover from build failures faster and reduces time spent parsing logs. 🛡️ Security Checks Security shouldn’t slow development down. Optibot automatically performs AI-powered security scans on each PR — identifying risky imports, vulnerable packages, or unsafe patterns. When issues are found, it provides line-level explanations and recommendations, ensuring teams can remediate before merge. It integrates seamlessly with your workflow, offering a “shift-left” approach to code security. 💬 Automated & Contextual Comments Optibot communicates like a teammate. Every suggestion is posted as a natural-language comment in the PR thread, explaining the reasoning, context, and potential alternatives. Developers can respond, accept, or dismiss suggestions — just like human feedback — keeping collaboration simple and organic. 🧭 Get Started - GitHub Integration - GitLab Integration - Optibot Features Overview

GitLab Integration

Enable Optibot to analyze your GitLab repositories, automate code reviews, and generate contextual summaries. Setup time: ~12–15 minutes Required permissions: Maintainer or Admin on the GitLab group or repository. Sign Up and Access the Integration Page 1. Go to the Optimal AI signup page. 2. Select “Sign Up with GitLab.” 3. Complete your account details and verify your email address. 4. After verification, you’ll be redirected to the GitLab Integration Setup page. Create a GitLab Access Token Optibot requires a GitLab Access Token from a bot or service account with specific permissions to interact with your repositories. Steps: 1. In GitLab, navigate to your group or repository’s Settings → Access Tokens. (Group tokens are recommended for multi-repository installations.) 2. Click “Add new token.” 3. Enter a Token name, e.g., Optibot-code-review or Optibot Reviewer. 4. Add a short description, and set the expiration date to the maximum allowed. 5. Assign the role as Maintainer. 6. Under Scopes, select all of the following: - api — Full API access - read_repository — Clone and read repositories - write_repository — Create merge request comments - read_user — Access user information Continue your setup on Optimal 1. If you’re on a self hosted instance replace your URL from gitlab.com to your self hosted domain 2. Insert your gitlab token in the gitlab token in the field 3. Grab your Bot/User ID from the Admin page it can be found on the path gitlab.com/admin/users or on your gitlab url /admin/users 1. Click on “Connect Gitlab” 2. You will be taken to a screen to select your repos, select the repos you want Optibot installation to be on. This will create webhooks automatically in those repos 3. Your install of Optibot should be finished and you can manage it from https://agents.getoptimal.ai/dashboard/gitlab-integration Verify Installation Once setup completes: - Optibot will begin analyzing merge requests automatically. - You can confirm installation by checking your GitLab Repository → Settings → Webhooks. There should be an entry for agents.getoptimal.ai. Optibot Features on GitLab Once integrated, Optibot enables: - 🧠 Automated Code Reviews Reviews each new merge request and provides detailed feedback directly in GitLab comments. - 🧾 AI-Generated Summaries Generates structured summaries and line-by-line breakdowns of code changes for every MR. - ⚙️ Contextual Recommendations Highlights potential issues, security concerns, or missing documentation based on code patterns. - 🔗 Cross-Tool Integration Works seamlessly with Jira, Bitbucket, and other tools for compliance and reporting. For additional configuration options, visit the Advanced Configuration page. ✅ Your Optibot GitLab integration is now complete. From here, you can monitor and manage your integrations anytime at: 🔗 https://agents.getoptimal.ai/dashboard/gitlab-integration

🔧 GitHub Integration Setup Guide (Optibot)

This guide walks you through how to install and configure Optibot — Optimal AI’s secure AI code review agent — directly within your GitHub workflow. ✅ Prerequisites Before you begin, ensure you have: - Admin access to your GitHub organization or repo - A GitHub account with permission to install apps - Access to your org’s GitHub repositories 🪜 Step 1: Sign Up & Install the GitHub App 1. Visit the Sign-Up Link Begin by signing up through the unique link provided by Optimal AI. This link activates your free trial (unlimited repos, PRs, and usage during trial). 2. Authorize the GitHub App Installation During onboarding, you’ll be prompted to install the Optibot GitHub App: - Select the organization and repositories where you want Optibot active. - Grant the required read/write permissions for pull requests and metadata. 3. Select Repositories Choose either: - All Repositories (for full org coverage), or - Specific Repos where you’d like Optibot to run. 4. Wait for Context Indexing Once installed, Optibot begins indexing your codebase to build context. - For small repos: indexing completes in minutes - For large repos or monorepos: indexing can take a few hours - Very large codebases may take up to a week ⏳ During indexing, the app may appear as “Installing…” — no action is needed during this phase. 🧠 Step 2: Optibot Starts Reviewing PRs Once indexing is complete, Optibot begins functioning automatically: - 🧾 PR Summaries You’ll receive rich, contextual summaries with functional intent, not just diffs. - 🧠 Automated Code Reviews Optibot flags bugs, security issues, anti-patterns, and logic problems across the repo. - 🟢 Merge recommendations or 🛑 blocking flags will appear as part of the PR review flow. ⚙️ Step 3: Customize with .optibot file (Optional) Upon installation, Optibot opens a PR containing a default .optibot file You can customize: - ✅ Repos or folders where Optibot should/shouldn’t review code - 🧪 Enable or disable certain review features (e.g. test fixing, CI failure handling) - 🛡️ Turn on optional security enforcement or guidelines Once merged, these settings go live and will be applied on future PRs. 🧩 Optional Features to Turn On (Post-Setup) Once you're familiar with the baseline functionality, you can optionally enable: - Guidelines Enforcement: Upload a shared ruleset to enforce team practices across PRs - Dependabot Bundling: Automatically test, merge, and close PRs opened by Dependabot - SOC 2 Compliance Checks: Run #optibot compliance in PR comments for risk assessments 🛠 Troubleshooting & Support - Join a shared Slack channel with the Optimal AI team for real-time help - Installation status, indexing progress, and detailed logs are visible in your dashboard - Questions? Use @optibot inside PRs to request additional reviews or ask for clarifications 🔐 Security Notes - No code is stored — all analysis is done ephemerally during the review - Optibot supports fine-grained repo-level access - Your .optibot file config stays version-controlled inside your repo

Optibot Features

Streamline your engineering workflow with Optibot, an AI-powered GitHub agent that reviews code, generates release notes, enforces compliance, bundles dependencies, and analyzes CI failures. Most features run directly inside pull requests, so your team can focus on shipping, not manual reviews. Code Review 🤖 Optibot automatically reviews your pull requests with context-aware analysis. - Summarizes PR changes - Marks PRs as Ready to Merge or Needs Changes - Leaves inline comments on code - Ranks feedback by confidence level How to use it: #optibot review Or simply comment: Optibot, please review this PR Release Notes 📢 Turn technical updates into customer-ready release notes. - Groups updates into Features, Improvements, Bug Fixes - Clear, professional formatting for external sharing Generating notes: #optibot release notes Compliance Checks 🔒 Automated SOC2 and security compliance scans directly in your PRs. - Flags risky code (API keys, permissions, data exposure) - Maps findings to SOC2 principles - Provides recommended fixes Requesting a compliance check: #optibot compliance Dependency Bundler 📦 Stop managing dozens of noisy Dependabot PRs. - Bundles dependency updates into one clean PR - Summarizes key changes and flags breaking updates - Saves hours of manual review Enabling bundling: Activate this feature via .optibot configuration: "dependencyBundler": { "enabled": true } CI fixer Agent ⚙️ ⚡ Debug CI failures automatically. Automatically resolve failed CI builds. CI failures can block your entire release pipeline. The CI Fixer Agent detects failed workflows, analyzes logs, and automatically repairs code errors — restoring your build to green without manual intervention. 🧩 Issue When a CI run fails, Optibot instantly posts an automated comment with the error details and affected files. Example: @parcel/transformer-js: Expression expected – Multiple syntax and type errors In this case, the issue was caused by invalid syntax and type mismatches in: src/pages/Partials/Contributors.tsx src/router/paths.ts 🔧 Changes The CI Fixer Agent analyzes the failed files and applies targeted fixes automatically. - Contributors.tsx – Removed an invalid throw statement, cleaned an empty if block, and fixed type assignments. - paths.ts – Changed BUILD_TEST type from number to string. ⚙️ How It Works - Detects a failed CI run in a pull request. - Reviews the error logs and identifies affected files. - Applies targeted fixes directly to the branch. - Posts a PR comment summarizing the issue, changes, and context. Code Context, Search, and Judgment At Optimal AI, we believe great code reviews require more than speed. They need understanding. That’s why Optibot is built on three foundations: Code Context Every review is grounded in your entire repository. Instead of treating a pull request as isolated text, Optibot considers dependencies, history, and team conventions. This results in feedback that feels relevant and avoids the false alarms that waste developer time. Code Search Large codebases can slow engineers down when they’re forced to hunt for patterns or past implementations. Optibot’s built-in search surfaces relevant references instantly, making it easy to see how similar challenges were solved and reducing duplicate work. Judgment Not all suggestions are equal. Optibot applies reasoning to separate critical issues—like security risks or performance bottlenecks—from minor style concerns. Developers stay focused on what matters most, without being overwhelmed by noise. By combining context, search, and judgment, Optimal AI transforms reviews into a high-leverage process: faster merges, stronger quality, and less cognitive overhead for engineering teams. Configuration File Fine-tune Optibot using a .optibot file in your repo root. { "reviews": { "auto": true, "autoApprove": true, "excludedLabels": ["do not review"] }, "dependencyBundler": { "enabled": true }, "summary": { "auto": true, "level": "basic" }, "guidelinesUrl": "https://github.com/your-org/your-guidelines.md", "enableCIFixer": true } Key Options - Auto Reviews & Summaries → always-on reviews/summaries - Exclude Labels → skip auto-generated PRs - Guidelines URL → enforce company coding standards - Dependency Bundler → consolidate PRs - CI Fixer → debug failed builds Why Optibot? ✅ Faster reviews ✅ Cleaner releases ✅ Built-in compliance ✅ Reduced PR clutter ✅ Smarter CI debugging Optibot acts as your 24/7 AI reviewer, helping teams ship secure, reliable, and well-documented code.

VS Code Extension

A fast way to jump from an Optibot PR comment to a ready-to-fix view in your IDE. Click Solve in VS Code in GitHub, we open VS Code, prefill context, and help you apply the fix. You commit back to the same PR—no copy-pasting, no hunting for files. Overview The Optibot VS Code extension connects GitHub review comments to your IDE. When Optibot detects issues during code review, each comment includes a “Solve it in VS Code” link that: - Opens your editor instantly at the exact file and line. - Pre-loads the Optibot comment in the Chat panel. - Lets you apply, edit, or reject the suggested fix — then commit directly back to the same PR. Why it matters: Developers can fix issues where they write code, not in the browser. It cuts down friction between review and correction. Requirements - VS Code (latest stable version). - GitHub repository integrated with Optimal AI (Optibot active). - Standard Git permissions and write access to the PR branch. - (Optional) Cursor IDE — works the same once listed in its marketplace. How it Works 1. Create a new Pull Request After pushing your branch, open a PR as usual. Optibot automatically analyzes new PRs once created. 2. PR opens and waits for review Once open, you’ll see CI checks start and a Review required notice until Optibot finishes its scan. 3. Optibot runs an automated review Optibot posts a summary comment outlining issues, improvements, and review duration. 4. Inline comment identifies the issue Each flagged line includes Optibot’s reasoning and a Solve it in VS Code or Cursor action link. 5. Click “Solve it in VS Code” The link redirects you to an Optibot-hosted confirmation screen, verifying that your IDE will open with context pre-loaded. 6. Browser prompt — open VS Code Approve the launch prompt. ✅ Check **Always allow **dev.agents.getoptimal.ai to make future jumps automatic. 7. Install the Optibot AI extension (first-time only) If you don’t have it yet, VS Code will prompt you to install the extension automatically. 8. Editor opens with context loaded Your VS Code window opens to the exact file and line mentioned in the review. Optibot’s Chat panel shows the comment, explanation, and fix suggestion. 9. Review, apply, and commit You can: - Allow/Accept to apply the fix. - Edit or improve it manually. - Undo if it’s not relevant. Then commit your change back to the same PR and request another review. 10. Optional — context loading screen If your browser stays open, you may briefly see this page confirming VS Code context transfer. Set Up or Manage Manually in VS Code You can also install or remove Optibot AI directly in the VS Code Marketplace. Install 1. Open VS Code. 2. Go to Extensions (⇧⌘X / Ctrl+Shift+X). 3. Search Optibot AI. 4. Click Install. 5. Once installed, it appears under your enabled extensions. 💡 Tip: Clicking “Solve it in VS Code” from a GitHub review automatically triggers this installation flow if not yet installed. Uninstall or Disable - Open Extensions (⇧⌘X on Mac or Ctrl+Shift+X on Windows/Linux). - Search Optibot AI. - Click ⚙︎ → Uninstall (or Disable to turn it off temporarily). ✅ VS Code automatically cleans up configuration files when uninstalled. Sign-in & Org Routing If prompted, click Optibot Login inside the extension sidebar. You’ll be routed to your organization automatically — no re-registration needed. Security & Data - Runs locally inside your IDE. - Uses your existing secure GitHub authorization. - GitHub doesn’t allow tracking pixels — Optibot cannot track link clicks. Troubleshooting - VS Code doesn’t open after clicking “Solve it in VS Code” Make sure your browser allows the vscode:// protocol to open external apps. If blocked, enable it in system or browser preferences. - The “Install Optibot AI” prompt didn’t appear Open VS Code manually → go to Extensions → search Optibot AI → install manually. - Opened the wrong file or branch Verify that the PR branch is checked out locally before using Solve in VS Code. - Auth loop or login required again Click Optibot Login in VS Code. You’ll automatically reconnect to your org. - Corporate or managed devices blocking deep links Ask IT to whitelist the vscode:// protocol. Some browsers disable it by default. - Context didn’t load in VS Code Wait a few seconds or click Retry on the loading page. Make sure the Optibot extension is enabled and you’re signed in. FAQ - Does it auto-commit or create a new PR? No. You control commits. Changes are typically committed back to the same PR. - Can I use it with Cursor? Yes. Behavior is the same. Install from Cursor’s internal marketplace once available (no public URL). - Can we track engineers who clicked the link? No. GitHub blocks trackers in comment links. You’ll see impact via commits and re-reviews instead. - Will there be a VS Code UI panel (beyond Chat)? Yes—local review UI is planned. Today, the flow uses the Chat panel with rich context. - Does this replace line-by-line reviews? No. Optibot still performs PR reviews in GitHub. The extension speeds up fixing them. Pro Tips - ✅ Check Always allow once to skip the browser prompt next time. - 🧩 Batch fixes: open multiple “Solve in VS Code” links, apply all, and commit once. - 🔁 Request a re-review after addressing all comments. - 📥 Pull the latest branch before applying fixes for the most accurate context.

Optibot Config file

Customize how Optibot reviews code, generates suggestions, and produces summaries for your repository. Overview Optibot reads a .optibot file placed at the root of your repository. This file uses JSON and controls everything from review categories to summaries and dependency analysis. If the file is missing, Optibot uses default platform settings. You can also view this configuration inside the product at agents.getoptimal.ai Dashboard → Documentation → Advanced Configuration. Example Configuration { "reviews": { "auto": true, "exclude": ["bugs_prompt"], "include": ["security_prompt", "error_handling_prompt"], "autoApprove": true, "codeSuggestions": true, "codeSuggestionsSkipFiles": ["*.md", "docs/*", "vendor/*"], "excludedLabels": ["wontfix", "low-priority"], "excludedUsers": ["bot-account"] }, "summary": { "auto": true, "level": "detailed", "excludedLabels": ["wontfix", "low-priority"], "excludedUsers": ["bot-account"] }, "dependencyBundler": { "enabled": true }, "enableCIFixer": true, "guidelinesUrl": "docs/guidelines/README.md" } Configuration Options Reviews Configuration auto Controls whether Optibot automatically reviews pull requests. Default: false exclude Categories to exclude from review. Allowed values: - bugs_prompt - security_prompt - error_handling_prompt Default: [] include Categories to explicitly include. Same allowed values as above. Default: [] (includes all categories) Note: include overrides exclude. autoApprove Automatically approves PRs that pass all checks. Default: true codeSuggestions Enables AI code suggestions. Default: true codeSuggestionsSkipFiles File patterns excluded from review suggestions. Examples: ["*.md", "docs/*"] Default: [] excludedLabels Labels that prevent a PR from being reviewed. Example: ["wontfix", "low-priority"] Default: [] excludedUsers Usernames excluded from automatic review. Example: ["user1", "bot-account"] Default: [] Summary Configuration auto Controls automatic PR summary generation. Default: true level Detail level of generated summaries. Allowed values: basic, detailed, comprehensive Default: detailed - basic — high-level description - detailed — components, analysis, reasoning - comprehensive — file-by-file analysis excludedLabels Exclude PRs with specific labels from summaries. Example: ["wontfix", "low-priority"] Default: [] excludedUsers Exclude summaries for PRs authored by specific users. Example: ["user1", "bot-account"] Default: [] Dependency Management dependencyBundler.enabled Enables dependency analysis and optimization suggestions. Default: true CI Fixer Configuration enableCIFixer Allows Optibot to diagnose failed CI checks and open fix PRs. Default: false Guidelines URL Configuration guidelinesUrl Optional path or URL pointing to your engineering guidelines. Supports both relative and full GitHub URLs. Default: null Best Practices - Keep PRs small and focused — Optibot performs best on well-scoped changes. - Use labels to categorize PRs and help Optibot understand intent. - Address Optibot suggestions before merging. - Enable CI Fixer to reduce time spent debugging failing pipelines. - Use include for strict policies and codeSuggestionsSkipFiles for noisy directories.