Skip to main content
This example is available on GitHub: examples/03_github_workflows/02_pr_review/
Automatically review pull requests, providing feedback on code quality, security, and best practices. Reviews can be triggered in two ways:
  • Requesting openhands-agent as a reviewer
  • Adding the review-this label to the PR
The reference workflow triggers on either the “review-this” label or when the openhands-agent account is requested as a reviewer. In OpenHands organization repositories, openhands-agent has access, so this works as-is. In your own repositories, requesting openhands-agent will only work if that account is added as a collaborator or is part of a team with access. If you don’t plan to grant access, use the label trigger instead, or change the condition to a reviewer handle that exists in your repo.
examples/03_github_workflows/02_pr_review/workflow.yml
---
# To set this up:
#  1. Copy this file to .github/workflows/pr-review.yml in your repository
#  2. Add your LLM_API_KEY to the repository secrets
#  3. Commit this file to your repository
#  4. Trigger the review by either:
#     - Adding the "review-this" label to any PR, OR
#     - Requesting openhands-agent as a reviewer
name: PR Review by OpenHands

on:
    # Trigger when a label is added or a reviewer is requested
    pull_request:
        types: [labeled, review_requested]

permissions:
    contents: read
    pull-requests: write
    issues: write

jobs:
    pr-review:
        # Run when review-this label is added OR openhands-agent is requested as reviewer
        if: |
            github.event.label.name == 'review-this' ||
            github.event.requested_reviewer.login == 'openhands-agent'
        runs-on: ubuntu-latest
        env:
            # Configuration (modify these values as needed)
            LLM_MODEL: <YOUR_LLM_MODEL>
            LLM_BASE_URL: <YOUR_LLM_BASE_URL>
            # PR context will be automatically provided by the agent script
            PR_NUMBER: ${{ github.event.pull_request.number }}
            PR_TITLE: ${{ github.event.pull_request.title }}
            PR_BODY: ${{ github.event.pull_request.body }}
            PR_BASE_BRANCH: ${{ github.event.pull_request.base.ref }}
            PR_HEAD_BRANCH: ${{ github.event.pull_request.head.ref }}
            REPO_NAME: ${{ github.repository }}
        steps:
            - name: Checkout agent-sdk repository
              uses: actions/checkout@v4
              with:
                  repository: OpenHands/agent-sdk
                  path: agent-sdk

            - name: Checkout PR repository
              uses: actions/checkout@v4
              with:
                  # Fetch the full history to get the diff
                  fetch-depth: 0
                  path: pr-repo
                  # Check out the feature branch so agent can inspect the PR changes
                  ref: ${{ github.event.pull_request.head.ref }}

            - name: Set up Python
              uses: actions/setup-python@v5
              with:
                  python-version: '3.12'

            - name: Install uv
              uses: astral-sh/setup-uv@v6
              with:
                  enable-cache: true

            - name: Install GitHub CLI
              run: |
                  # Install GitHub CLI for posting review comments
                  sudo apt-get update
                  sudo apt-get install -y gh

            - name: Install OpenHands dependencies
              run: |
                  # Install OpenHands SDK and tools from git repository
                  uv pip install --system "openhands-sdk @ git+https://github.com/OpenHands/agent-sdk.git@main#subdirectory=openhands-sdk"
                  uv pip install --system "openhands-tools @ git+https://github.com/OpenHands/agent-sdk.git@main#subdirectory=openhands-tools"

            - name: Check required configuration
              env:
                  LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
              run: |
                  if [ -z "$LLM_API_KEY" ]; then
                    echo "Error: LLM_API_KEY secret is not set."
                    exit 1
                  fi

                  echo "PR Number: $PR_NUMBER"
                  echo "PR Title: $PR_TITLE"
                  echo "Repository: $REPO_NAME"
                  echo "LLM model: $LLM_MODEL"
                  if [ -n "$LLM_BASE_URL" ]; then
                    echo "LLM base URL: $LLM_BASE_URL"
                  fi

            - name: Run PR review
              env:
                  LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
              run: |
                  # Change to the PR repository directory so agent can analyze the code
                  cd pr-repo

                  # Run the PR review script from the agent-sdk checkout
                  uv run python ../agent-sdk/examples/03_github_workflows/02_pr_review/agent_script.py

            - name: Upload logs as artifact
              uses: actions/upload-artifact@v4
              if: always()
              with:
                  name: openhands-pr-review-logs
                  path: |
                      *.log
                      output/
                  retention-days: 7

Quick Start

# 1. Copy workflow to your repository
cp examples/03_github_workflows/02_pr_review/workflow.yml .github/workflows/pr-review.yml

# 2. Configure secrets in GitHub Settings → Secrets
# Add: LLM_API_KEY

# 3. (Optional) Create a "review-this" label in your repository
# Go to Issues → Labels → New label
# You can also trigger reviews by requesting "openhands-agent" as a reviewer

Features

  • Fast Reviews - Results posted on the PR in only 2 or 3 minutes
  • Comprehensive Analysis - Analyzes the changes given the repository context. Covers code quality, security, best practices
  • GitHub Integration - Posts comments directly to the PR

Security

  • Users with write access (maintainers) can trigger reviews by requesting openhands-agent as a reviewer or adding the review-this label.
  • Maintainers need to read the PR to make sure it’s safe to run.