Automated PR review

KERN-guard

Automated PR review on every commit.

A GitHub App that scans every pull request with 144 AST rules, then optionally escalates to an LLM review. Only new findings are posted — no noise from pre-existing issues.

Install on GitHub See Pricing

How it works

Static analysis is free. LLM review is a toggle you control.

Every plan includes the static pass. LLM review is opt-in — metered on Hosted, or unmetered with your own API key on BYOK.

Static pass

144 AST rules run on every push. Security, concepts, framework pitfalls, floating promises. Delta-only — if a finding already existed on the base branch, KERN-guard stays quiet.

Runs in seconds on typical diffs. No LLM. No API key. Included on Free, Pro Hosted, and Pro BYOK.

LLM pass

Structured review by your choice of LLM. Reasons about intent, flags architectural issues, suggests fixes. Runs after the static pass, on the same delta.

Hosted: we pay the provider — 100 reviews/mo, $0.20 per extra. BYOK: you supply an Anthropic or OpenAI key, unlimited reviews using your API key.

Two passes, one delta

What shows up on your PR

Your diff

// src/api/orders.ts
+ export async function getOrders(userId) {
+   const q = `SELECT * FROM orders
+              WHERE user_id = '${userId}'`
+   return db.query(q)
+ }

KERN-guard posts

KERN-guard · 2 new findings

! sql-injection [0.95]
  Template literal in SQL query
  with user input 'userId'
  src/api/orders.ts:3

~ unguarded-effect [0.92]
  db.query() without try/catch
  or auth guard
  src/api/orders.ts:5

pre-existing findings skipped
(delta-only)

Bring any model

Supports the LLMs you already trust

Pick per repo. Switch any time. No provider lock-in.

Claude

GPT-4

Gemini

Minimax

Qwen

Z.AI

Ollama

Pricing

Free for public repos. $19/mo BYOK. $29/mo Hosted.

Unlimited public repos on Free. Pro plans unlock unlimited private repos plus the LLM pass.

See full pricing Install free

Questions

FAQ

What's BYOK?

You provide your own Anthropic or OpenAI API key. Reviews run on your account — no per-review markup from us. Ideal for teams with existing AI budget or high review volume.

What does delta-only mean?

KERN-guard only posts findings that are new to the pull request. Pre-existing issues on the base branch stay quiet — you opt into reviewing legacy code, you don't drown in it.

Does the static pass need an API key?

No. The static pass runs 127 AST rules on our workers. No LLM, no provider key, no per-review cost. It is free on every plan.

Where is KERN-guard deployed?

Hosted at admin-guard.kernlang.dev. GitHub App install takes under a minute. Self-hosted is on the roadmap, not v1.

Install in under a minute.

Install the GitHub App, pick which repos to watch. Your next PR gets reviewed.

Install on GitHub See Pricing