Integration

ContextRail Code Review Agent

Run standards-aware PR reviews with @contextrail/code-review-agent and output machine-readable artifacts for CI.

Official references

Use these as your source of truth during implementation.

NPM package page

Install commands, published versions, and quick-start usage.

Install and run

Start with npx, then move to project-level installation if needed.

No install (recommended to start)
npx -y @contextrail/code-review-agent review --help
Project dependency
npm i -D @contextrail/code-review-agent
npx code-review-agent review --help

Required configuration

Use environment variables for sensitive settings. Avoid passing secrets as CLI flags.

  • CONTEXTRAIL_MCP_SERVER_URL
  • CONTEXTRAIL_MCP_JWT_TOKEN
  • OPENROUTER_API_KEY

Review a PR diff

Run against base/head SHAs and emit machine-readable output for automation.

git fetch origin
BASE_SHA="$(git merge-base origin/main HEAD)"
HEAD_SHA="$(git rev-parse HEAD)"

npx -y @contextrail/code-review-agent review \
  --repo . \
  --from "$BASE_SHA" \
  --to "$HEAD_SHA" \
  --output ./.review

Input modes

Choose diff-based review for PRs or file-based review for local iteration.

Review explicit files
npx -y @contextrail/code-review-agent review \
  --repo . \
  --files "src/a.ts,src/b.ts" \
  --output ./.review
Repeatable file flags
npx -y @contextrail/code-review-agent review \
  --repo . \
  --file src/a.ts \
  --file src/b.ts \
  --output ./.review

CLI flags developers use most

These map directly to the package CLI parser and help output.

--repo

Repository path to review.

--from / --to

Commit range for PR or branch diff review.

--files

Comma-separated file list for targeted review.

--file (repeatable)

Repeat for explicit file paths when scripting.

--output

Output directory for result artifacts (defaults to ./review).

--domains

Scope review domains (for example: security,architecture).

--pr-description

Extra PR context to improve reviewer grounding.

--mcp-server-url

Override MCP endpoint without changing environment config.

--orchestrator-model / --reviewer-model / --critic-model

Model overrides per role for cost/quality tuning.

--max-steps / --max-iterations / --aggregation-max-steps

Control LLM pass limits and convergence behavior.

--max-tokens-per-file / --context-lines

Control surrounding-context budget per changed file.

--log-level

debug|info|warn|error|silent for local troubleshooting and CI signal.

CI implementation pattern

Use exit code + artifacts to gate merges in automation.

# 1) Run review
npx -y @contextrail/code-review-agent review \
  --repo . \
  --from "$BASE_SHA" \
  --to "$HEAD_SHA" \
  --domains "security,architecture" \
  --output ./.review

# 2) Parse artifacts / upload result.json
# 3) Fail workflow on exit code 1
Outputs and exit codes
  • .review/result.json
  • .review/orchestrator/*
  • .review/reviewers/*
  • .review/token-budget.json
  • Exit 0 = approve, exit 1 = request changes.
Security and secrets
  • Keep credentials in environment variables, not CLI flags, to avoid shell history leaks.
  • Treat CONTEXTRAIL_MCP_JWT_TOKEN and OPENROUTER_API_KEY as secrets.
Back to integrations →