AI-Powered Code Reviews with OpenRouter - Complete PR-Agent Setup Guide

openai/gpt-5 # Latest model (2025 release) openai/gpt-4o # Balanced performance anthropic/claude-3-opus-20240229 # High-quality analysis google/gemini-pro # Google's model meta-llama/llama-2-70b-chat # Open source 

Name: OPENROUTER_API_KEY Value: or-xxxxxxxx (your OpenRouter API key) 

name: Code Review(OpenRouter) on: pull_request: pull_request_review_comment: types: [created] # Concurrency control concurrency: group: ${{ github.repository }}-${{ github.event.number || github.head_ref || github.sha }}-${{ github.workflow }}-${{ github.event_name == 'pull_request_review_comment' && 'pr_comment' || 'pr' }} cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }} jobs: pr_agent_job: if: | github.event.sender.type != 'Bot' && github.event_name == 'pull_request' && github.event.pull_request.changed_files < 50 runs-on: ubuntu-latest permissions: issues: write pull-requests: write contents: write id-token: write name: Run pr agent on every pull request steps: - name: PR Agent action step with OpenRouter id: pragent uses: qodo-ai/pr-agent@main env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} OPENROUTER.KEY: ${{ secrets.OPENROUTER_API_KEY }} # OpenRouter API認証 github_action_config.auto_review: "true" # enable\disable auto review github_action_config.auto_describe: "true" # enable\disable auto describe github_action_config.auto_improve: "true" # enable\disable auto improve 

[config] model = "openai/gpt-5" # I specified gpt-5, but an error occurred. The correct setting is "openai/gpt-5". fallback_models = ["openai/gpt-4o", "anthropic/claude-opus-4.1"] ai_timeout = 300 custom_model_max_tokens = 200000 # Critical! Errors without this response_language = "en-US" ignore_pr_title = ["^\\[Auto\\]", "^Auto"] ignore_pr_labels = ['invalid'] [ignore] glob = ['dist/**'] [github_action_config] # set as env var in .github/workflows/pr-agent.yaml #auto_review = true #auto_improve = true #auto_describe = true [pr_reviewer] extra_instructions = """\ (1) Act as a highly experienced software engineer (2) Provide thorough review of code, documents, and articles (3) Suggest concrete code snippets for improvement (4) **Never** comment on indentation, whitespace, blank lines, or other purely stylistic issues unless they change program semantics. (5) **Priority Review Areas - Check systematically:** - **Security**: Plaintext passwords, SQL injection, input validation, exception leaks - **Error Handling**: Bare except clauses, missing try-catch, silent error suppression - **Resource Management**: Missing context managers (with statements), unclosed connections/files - **Type Safety**: Missing type hints, incorrect type usage, unjustified Any types - **Performance**: Inefficient algorithms (O(n²) or worse), unnecessary loops, memory leaks - **Code Quality**: Magic numbers, unclear variable names, unused imports/variables - **API Design**: Missing input validation, no error responses, required field checks - **Architecture**: Single responsibility violations, tight coupling, global state usage (6) Focus on concrete, actionable issues with specific code examples and fix recommendations. """ num_code_suggestions = 5 inline_code_comments = true ask_and_reflect = true [pr_description] extra_instructions = "Generate clear and comprehensive descriptions" generate_ai_title = true add_original_user_description = false publish_description_as_comment = true [pr_code_suggestions] extra_instructions = "Provide actionable code suggestions with examples" commitable_code_suggestions = true demand_code_suggestions_self_review=true 

# Missing type hints def fizz_buzz(n): for i in range(1, n): if i % 15 == 0: print("FizzBuzz") elif i % 3 == 0: print("Fizz") elif i % 5 == 0: print("Buzz") else: printo(i) # Intentional bug  # Security issue def add_user(name, password): users = [] user = {"name": name, "password": password} # Plaintext password  users.append(user) 

[config] model = "openai/gpt-4o-mini" # For lightweight tasks model_turbo = "openai/gpt-5" # For complex analysis fallback_models = ["anthropic/claude-3.7-sonnet", "google/gemini-2.5-pro"] 

[pr_reviewer] extra_instructions = """\ (1) Company-specific checks: - Use structured logging for all log outputs - External API calls must have timeout settings - Database access must use transactions - Never hardcode secrets (API keys, passwords, etc.) """ 

[ignore] glob = ['dist/**', '*.min.js', 'node_modules/**', '__pycache__/**'] [config] ignore_pr_title = ["^\\[Auto\\]", "^WIP:", "^Draft:"] ignore_pr_labels = ['work-in-progress', 'do-not-review'] 

Error: Model openai/gpt-5 is not defined in MAX_TOKENS Solution: Add custom_model_max_tokens = 200000 to config 

[config] response_language = "en-US" # Be specific [pr_reviewer] extra_instructions = "Always respond in English and explain technical terms clearly" 

permissions: issues: write pull-requests: write contents: write # Add this line id-token: write 

[config] ai_timeout = 600 # Extend to 10 minutes large_patch_policy = "clip" # Split large PRs 

if: github.event.pull_request.changed_files < 50 # Limit file count 

[config] ignore_pr_labels = ['draft', 'wip', 'skip-ai-review'] ignore_pr_title = ["^\\[WIP\\]", "^Draft:", "^Auto"] 

Before: Average review time 2 hours/PR After: Average review time 45 minutes/PR (62% reduction) Security issue detection: - Before: 2 issues/month average - After: 8 issues/month average (4x increase)