guidesCode Review

Guide: Code Review

Use Chief as a tireless first-pass reviewer on GitHub PRs. It catches obvious issues before a human spends time, and surfaces subtler concerns to focus your review.

Set Up

Connect GitHub in Dashboard → Integrations. Pick the repos you want Chief to access.

On-Demand Review

In any thread, paste a PR link:

Chief, review github.com/acme/api/pull/482. Flag:
- security issues
- missing test coverage
- breaking changes
- anything that should be in a separate PR

Chief fetches the diff, reads the changed files (and surrounding context), runs the review, and replies in-thread with a structured summary.

Auto-Review on PR Open

Set up a cron-like trigger:

Chief, whenever a PR is opened in github.com/acme/api,
review it automatically. Post the review as a PR comment,
and DM me if anything is critical.

Chief polls (or webhook-subscribes if your org allows it) for new PRs and runs reviews automatically.

What Chief Looks At

By default, Chief checks for:

  • Security — secrets in diffs, SQL injection, XSS, unsafe deserialization
  • Correctness — null checks, off-by-one, error handling
  • Tests — coverage delta, missing test cases for new branches
  • Style — adherence to your repo’s existing patterns (Chief reads CLAUDE.md or .cursorrules if present)
  • Breaking changes — public API modifications

You can customize the checklist per repo:

Chief, for the acme/billing repo, also check:
- every Stripe call has idempotency keys
- no direct SQL — must use the ORM

Chief saves these as a per-repo skill.

Tone

Chief writes reviews in a calm, direct tone. No “consider” hedging, no false praise. If something is wrong, it says so. If something is fine, it doesn’t comment on it.

You can soften this if needed:

Chief, on PR reviews, lead with what's good, then issues.
And use "what do you think about..." phrasing for anything
that's debatable rather than a bug.

What Chief Won’t Do

  • Approve PRs. Chief leaves PRs in commented state, never approved. A human always merges.
  • Push commits. Chief proposes changes as suggested edits in PR comments, never as direct commits.
  • Run tests. Chief reads diffs and reports concerns. It doesn’t execute your CI.

Pitfalls

  • Permission scope. Make sure Chief has access to the specific repos. GitHub OAuth is granular.
  • Long PRs. PRs >2000 changed lines may exceed Chief’s per-task token budget. Break them up.
  • Generated files. Chief skips files matched by your .gitignore and obvious lock/build artifacts.
Install in SlackContent Creation