Documentation Index
Fetch the complete documentation index at: https://docs.cline.bot/llms.txt
Use this file to discover all available pages before exploring further.
Automate code review for every Pull Request. Detailed analysis, security checks, and code suggestions provided by Cline running autonomously in GitHub Actions.
The Workflow
When a PR is opened or marked ready for review, this workflow:
- Checks out the code.
- Installs Node.js and Cline CLI.
- Configures authentication (e.g., Anthropic, OpenAI).
- Runs Cline with a comprehensive system prompt to analyze the diff, context, and related issues using GitHub CLI (
gh).
- Posts a detailed review comment with inline code suggestions.
Prerequisites
- GitHub repository with Actions enabled.
- AI Provider API Key (e.g., Anthropic, OpenRouter) added as a repository secret (e.g.,
ANTHROPIC_API_KEY).
- GitHub Token (automatically provided by Actions as
GITHUB_TOKEN).
Setup
1. Create the Workflow File
Create a file named .github/workflows/cline-pr-review.yml in your repository:
name: Cline PR Code Review
on:
pull_request:
types: [opened, ready_for_review]
workflow_dispatch:
inputs:
pr_number:
description: "PR number to review"
required: true
type: string
concurrency:
group: pr-review-${{ github.event.pull_request.number || inputs.pr_number }}
cancel-in-progress: true
jobs:
cline-pr-review:
if: |
(github.event_name == 'pull_request' && github.event.pull_request.draft == false) ||
github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
pull-requests: write
issues: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 22
cache: "npm"
- name: Install Cline CLI
run: npm install -g @cline/cli
- name: Configure Cline Authentication
# Replace 'anthropic' with your provider of choice (openai, openrouter, etc.)
# and ensure the corresponding secret is set in your repo settings.
run: |
cline auth --provider anthropic \
--apikey "${{ secrets.ANTHROPIC_API_KEY }}" \
--modelid claude-opus-4-5-20251101
- name: Get PR number
id: pr
run: |
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
echo "number=${{ inputs.pr_number }}" >> $GITHUB_OUTPUT
else
echo "number=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
fi
- name: Review PR with Cline
env:
PR_NUMBER: ${{ steps.pr.outputs.number }}
GITHUB_REPO: ${{ github.repository }}
GH_TOKEN: ${{ github.token }}
# Restrict Cline to only safe, read-only GitHub CLI commands
CLINE_COMMAND_PERMISSIONS: |
{
"allow": [
"gh pr diff *",
"gh pr view *",
"gh pr checks *",
"gh pr list *",
"gh issue list *",
"gh issue view *",
"git log *",
"gh pr comment ${{ steps.pr.outputs.number }} *",
"gh api repos/${{ github.repository }}/pulls/${{ steps.pr.outputs.number }}/comments *",
"gh api repos/${{ github.repository }}/pulls/${{ steps.pr.outputs.number }}/reviews *"
]
}
run: |
cline --auto-approve true 'You are a GitHub PR reviewer for this repository. Your goal is to give the PR author helpful feedback and give maintainers the context they need to review efficiently.
PR: #'"${PR_NUMBER}"'
## Gather context
Use `gh` commands to fetch the PR diff, details, and checks.
```bash
# Get full PR details
gh pr view '"${PR_NUMBER}"' --json number,title,body,author,createdAt,updatedAt,isDraft,labels,commits,files,additions,deletions,changedFiles,baseRefName,headRefName,mergeable,reviewDecision
# Get the diff
gh pr diff '"${PR_NUMBER}"'
# Check CI status
gh pr checks '"${PR_NUMBER}"'
Deep code review
Analyze the code changes. Look for:
- Logic errors and edge cases
- Security vulnerabilities
- Performance issues
- adherence to patterns in the codebase
Submit Review
Post a single comprehensive comment summarizing your review.
If you have specific code suggestions, use the GitHub API to post inline comments:
gh api repos/'"${GITHUB_REPO}"'/pulls/'"${PR_NUMBER}"'/reviews \
-X POST \
-f event="COMMENT" \
-f body="" \
-F comments='[{"path": "src/file.ts", "line": 10, "body": "Suggestion: ..."}]'
### 2. Configure Secrets
1. Go to your repository settings -> **Secrets and variables** -> **Actions**.
2. Add a **New repository secret**.
3. Name: `ANTHROPIC_API_KEY` (or match the key used in your workflow).
4. Value: Your actual API key.
## Key Components Explained
### Permissions
```yaml
permissions:
contents: read
pull-requests: write
issues: read
pull-requests: write so Cline can post comments and inline reviews. contents: read ensures it can analyze the code but cannot push changes directly, providing a security boundary.
Authentication
cline auth --provider anthropic --apikey "..."
auth command configures Cline in the CI environment without interactive prompts. You can switch providers (e.g., openai, openrouter) by changing the flags.
Autonomous Mode (--auto-approve true)
cline --auto-approve true '...'
--auto-approve true flag tells Cline to run autonomously, executing approved tools without waiting for interactive confirmation. Prompt runs start in Act mode by default, so CI/CD workflows can perform the requested work immediately.
Command Permissions
We explicitly restrict what commands Cline can run using CLINE_COMMAND_PERMISSIONS. This ensures Cline can only use gh and git commands relevant to reviewing, preventing any accidental or malicious system modifications.
Customizing the Reviewer
The “System Prompt” passed to Cline in the final step is fully customizable. You can modify it to:
- Enforce specific style guides.
- Focus on security vs. performance.
- Ask for specific types of feedback (e.g., “Roast my code” vs. “Be gentle”).
