Solo devs and small teams ship code with no second pair of eyes — and it shows. The fix is not “wait for AI to replace the reviewer,” it’s to use an agent as a pre-filter so the human reviewer (or future-you) sees a cleaner diff. This walks through the exact prompt and loop that earns its keep on every PR over 50 lines.
What this tutorial solves
Most “AI code review” advice is about reviewing AI-generated output. The reverse — having an agent review YOUR human-written code before a teammate sees it — is the higher-leverage play. A 5-minute agent pass catches the obvious stuff (missed edge cases, leaked abstractions, broken naming, missing tests) so the human reviewer can spend their time on real judgment calls.
Who this is for
Developers shipping code through PR review — especially:
- Solo devs and consultants with no teammate to bounce diffs off.
- Senior engineers whose PRs are rubber-stamped because the team trusts them (and therefore misses things).
- Small teams where review queues are slow and authors want to ship faster without skipping review.
- Open-source maintainers who want to land their own PRs without breaking maintainer norms.
When to reach for it
Before submitting any PR over ~50 lines. After big refactors. Before merging changes that touch shared interfaces, public APIs, or auth/billing code. Anywhere the cost of a missed bug is higher than 10 minutes of agent time.
When this is NOT the right tool
Hotfixes that must ship in the next 15 minutes. Trivial typo fixes. Security-critical changes that need a named human reviewer regardless. PRs where you’re learning the codebase — the agent will give you the answer instead of letting you understand the code.
Before you start
- Have a clean working commit. Agents review diffs; uncommitted noise pollutes the review.
- Be able to state the PR’s intent in one sentence. Without intent, the review is generic (“could be more modular”) instead of useful (“rate limiter accepts negative window — accept?”).
- Pick an agent with file + diff access: Claude Code, Codex, or Cursor Composer. Pure-chat agents need you to copy-paste, which loses fidelity.
Step by step
- Branch and commit. The agent will read
git diff main...HEAD, so the commit boundary matters. - Open Claude Code / Codex / Composer. Use this prompt template:
Review the diff from main...HEAD against this codebase.
Intent: <one sentence — what this PR does and why>
Focus on: missed edge cases, leaked abstractions, naming,
test coverage for the new behavior, and any place the
diff conflicts with patterns in the rest of the repo.
Do NOT rewrite. Comment only.- Read every comment. Sort into three buckets: clearly right, stylistic noise, “needs more context” (re-ask).
- For each “clearly right” comment, ask: “Show me the smallest patch — no behavior change beyond fixing this.” Apply and commit separately so the fix is visible.
- For “stylistic noise,” push back: “Why does this matter for the stated intent?” Agents back down quickly on real noise; if it stands its ground, listen.
- Re-run the review on the updated diff. Stop when the agent finds only nits.
- Send to human review with a “pre-reviewed by agent” note. The human can then focus on judgment calls.
First-run exercise
- Pick a 200-line PR you already wrote this week — ideally one that got real comments from a human.
- Run the agent review on it. Compare findings to the human comments.
- Count: how many of the human’s comments did the agent also catch? How many did it miss? What did it find that the human missed?
- That ratio is your agent’s value on this codebase. If it caught 70%+ of the human comments, it’s earning its keep.
Quality check
- Did the agent address the stated intent, or did it review the whole codebase? If the latter, the intent line wasn’t strong enough.
- Are its “concerns” verifiable by running tests or reading code, or are they vibes? Demote vibes.
- Did it suggest tests for the new behavior? If not, ask explicitly — agents under-suggest tests by default.
How to reuse this workflow
- Save the prompt template in your shell aliases or as a
.claude/commands/reviewslash command. Friction-free re-use is the whole game. - Keep a CLAUDE.md (or AGENTS.md) at the repo root with project-specific anti-patterns. Agent will respect it across reviews.
- Track which finding categories repeat across PRs. If “missing tests” shows up 8 times, the fix is a pre-commit hook, not a stronger review.
Recommended workflow
Friday PR review: branch + 200-line diff → Claude Code review prompt with intent → 5 substantive comments → 2 fixes applied, 3 dismissed with reasons → re-review → only nits remain → ship to human reviewer. Time: 8 minutes. Catches: 3 real issues you’d have missed.
Common mistakes
- Asking for review without stating intent — the agent flags non-issues because it doesn’t know what “good” looks like.
- Accepting every suggestion — agents over-engineer and will refactor your code into something abstract and worse.
- Letting the agent rewrite while reviewing — review and edit must be separate prompts, separate commits.
- Reviewing AI-generated code with the same agent that wrote it — it tends to approve its own work. Cross-check with a different model.
- Skipping the re-review step — fixes introduce new issues; one pass is rarely enough.
- Treating the agent’s “nice to refactor” as a blocker — those are post-merge tickets, not PR blockers.
Advanced tips
- Cross-check: review with one model, then ask a different one to disagree with the first review. Surfaces blind spots specific to one model’s training.
- Build a project review checklist in CLAUDE.md: project-specific anti-patterns (e.g., “never call
db.execoutside the repository layer”). The agent will respect it. - For security-sensitive code, ask explicitly: “List the inputs that could become attack vectors and trace how each is validated.” Generic security reviews miss specifics.
- Use commit-level reviews for stacked PRs — review each commit separately so feedback maps to one cohesive change, not the whole stack.
Output checklist
- Intent of the change stated in one sentence at the top of the review prompt.
- Diff scope is clear (commit range, branch, no uncommitted noise).
- Every accepted suggestion has been re-reviewed after applying.
- Human reviewer still gets the PR — agent review is a pre-filter, not a replacement.
- Dismissed comments have a one-line “why” in the PR description so reviewers see your reasoning.
FAQ
- Will this make me a worse reviewer?: Only if you accept blindly. Reading the comments and pushing back actively teaches you patterns you didn’t see before.
- How is this different from CI linting?: Linters catch syntax and known patterns. Agents catch logic, missing tests, leaked abstractions — the higher-level review humans usually do.
- Which model?: Claude (Sonnet 4.6+) and GPT-5.5-class models are both strong. Use whichever your editor integrates with — switching cost is real.
- What about cost?: A 200-line review is roughly $0.10-0.30. Cheaper than one missed bug.
- Can the agent merge for me?: No, and don’t let it. Agent review is one signal; humans + tests are the others. All three should agree.
Related
- How to review AI diffs
- Codex code review workflow
- Multi-agent coding workflow
- AI Spec-to-Code Workflow
- AI Architecture Review Workflow
- Agent vs autocomplete
- AI Changelog Generation — From Commits to a Release Note Humans Read
- AI-Assisted Database Migrations — Reversible, Backfilled, Tested
- AI for Merge Conflicts — When to Trust the Auto-Merge
- Claude Code MCP Servers — Wiring Up Real Tools
- Cursor Rules — Make .cursorrules Actually Earn Its Keep