Install in minutes. Tune forever.
PR Quorum is a GitHub App that reviews pull requests with configurable AI reviewers through OpenRouter. Start with the default panel, then tighten noise, model routing, BYOK, team controls, and self-deploy settings as your repos get serious.
Quick Start
Use GitHub OAuth. Your workspace is created automatically.
Choose the organization and repos. PR Quorum syncs them into your dashboard.
PR Quorum reviews opened, synchronized, reopened, and ready_for_review pull requests. Drafts are skipped by default.
Use dashboard controls, per-repo reviewer overrides, or .ai-review.yml when a repo needs stricter taste.
GitHub App
PR Quorum verifies GitHub webhook signatures before queueing work. Installation and repository webhooks keep the dashboard in sync, and pull-request webhooks queue review runs through Inngest.
Contents: read, Metadata: read, Pull requests: read/write, Checks: read/write, Issues: read/write.
installation, installation_repositories, pull_request, issue_comment (for the @prquorum comment command).
PR Quorum creates GitHub check runs named PR Quorum when Checks write permission is installed. Review comments still post without checks.
Reviews are advisory by design. PR Quorum posts review comments and status checks for visibility while humans keep merge control.
Comment @prquorum review to queue a fresh review on demand, @prquorum pause to mute reviews on a PR (it applies your skip label), and @prquorum resume to unmute. Repo owners, members, and collaborators only — PR Quorum acks with an emoji reaction.
On new pushes, only the files changed since the last completed review are re-reviewed (the summary says so). Force-pushes and other uncertain comparisons fall back to a full review. Disable with rules.incremental: false.
When a finding’s fix is exact replacement code, the inline comment carries a GitHub suggestion block — the author applies it with one click. Prose advice stays in a plain code block.
The status check is named Review panel, so the checks list shows PR Quorum / Review panel. If a repo enforces branch protection on an older check name (quorum / review, or PR Quorum / PR Quorum), edit the rule to require Review panel instead — GitHub treats renamed checks as separate checks.
Reviewer Panel
The default panel is Correctness, Security, and Architecture. The catalog also includes Tests, Performance, Frontend UX, Migrations, and Accessibility reviewers. You can save a custom account-level panel and per-repo overrides.
Name, model, focus list, system prompt, paused state, min confidence, max findings, inline posting, duplicate handling, and learnings preference.
Reviewers run in parallel. A failed reviewer is recorded, and the run only fails when every reviewer fails.
Findings are filtered, deduped, sorted by severity and confidence, then capped before inline posting.
Models And BYOK
The default model is deepseek/deepseek-v4-flash. The model picker is backed by the live OpenRouter catalog, so any valid OpenRouter model slug can be selected.
Bring your own key from the dashboard. Keys are AES-256-GCM encrypted at rest and used at review runtime when platform-key routing is disabled.
Accounts without BYOK use the platform OpenRouter key.
Usage events record model, tokens, reviewer timing, failures, and estimated cost, surfaced on the cost dashboard.
Noise Controls
Balanced is the default. Switch to quiet (only high-certainty findings) or paranoid (strictest sweep) per repo from the dashboard Policy tab, or via mode: in .ai-review.yml.
The default min_confidence is 0.75. Findings below the effective threshold are dropped before posting.
Up to 10 inline comments per review by default. Editable per repo on the Policy tab; the cap is enforced server-side.
Draft PRs, skip labels, and skip path globs — editable on the repo Policy tab or in YAML — are enforced before a review is queued where possible.
A reviewer can be paused, capped by max_findings, or set to summary-only with post_inline=false.
Findings your team repeatedly dismisses are fed back into reviewer prompts so they stop coming up, and surface as patterns on the Learnings page. Opt a reviewer out with use_learnings: false.
Policy YAML
Commit .ai-review.yml at the repository root to override dashboard policy for that repo. It is loaded from the PR head SHA and merged into the active policy.
review:
enabled: true
language: en
mode: balanced
trigger:
- opened
- synchronize
- reopened
- ready_for_review
skip:
draft_prs: true
labels:
- skip-ai-review
paths:
- dist/**
- build/**
- yarn.lock
- package-lock.json
rules:
min_confidence: 0.75
max_inline_comments: 10
incremental: true
post_summary_when_clean: true
human_approval_required: true
paths:
- glob: "src/auth/**"
min_confidence: 0.85
max_inline_comments: 5
reviewers:
- id: correctness
name: Correctness Reviewer
model: deepseek/deepseek-v4-flash
focus:
- likely bugs
- regressions
- edge cases
- id: security
name: Security Reviewer
model: deepseek/deepseek-v4-flash
focus:
- auth bypasses
- injection risks
- unsafe data handlingBilling And Quotas
One review is one full panel run on a pull request. Quotas reset each calendar month.
When a workspace reaches its quota, PR Quorum stops before running more model calls. Upgrades lift the cap immediately. Reviews on your own OpenRouter key (BYOK) are not counted against the cap.
Pro and higher plans can route reviews through your own OpenRouter key so model spend stays visible in your account — and those reviews bypass the monthly cap.
Usage events record model, tokens, duration, and estimated cost so noisy policies can be tuned before spend drifts.
Feedback And Learning
Review findings can be marked open, accepted, dismissed, or suppressed. Triage does real work: titles your team dismisses repeatedly are injected into reviewer prompts so they stop being reported, and the Learnings page surfaces dismissal patterns with suggested policy tweaks.
README Badge
Show that your pull requests get a panel review. Paste this into your README:
[](https://prquorum.com?utm_source=github&utm_medium=readme_badge)
Renders as and links to prquorum.com.
Availability
GitHub review workflow, agents, BYOK, cost dashboard, and team controls are part of the product today.
Finding states are stored and surfaced in metrics; reviewer memory uses that signal as the dataset grows.
The programmatic REST API is in preview and not yet generally available — workspace API key management and the authenticated API endpoints are not live yet. Scoped, server-side keys (reads for reviews, repos, and usage plus a learning-write scope) are planned for when it ships. Health is available at GET /api/health.