Baloo
Baloo is the code reviewer we built when our own AI agents started producing more code than humans could comfortably review. It runs as your GitHub App, reads pull-request diffs and repository context, and sends findings back through GitHub-native reviews and Checks.
Baloo is the code reviewer we built when our own AI agents started producing more code than humans could comfortably review. It runs as your GitHub App, reads pull-request diffs and repository context, and sends findings back through GitHub-native reviews and Checks.
Baloo is open source because the problem is bigger than our workflow. AI coding agents make it easier to ship large changes quickly, but they also increase the review load. Baloo gives teams a reviewer they can run themselves: you control the service, the GitHub App installation scope, the optional database, and the Claude or Gemini credentials used for review.
Click any screenshot to inspect the dashboard at full size.
What Baloo Is Good At
Baloo is not a replacement for deterministic scanners like CodeQL, Semgrep, or Ruff. Keep those tools. Baloo is useful for the review work that needs repository context: whether the implementation matches the plan, whether an edge case was missed, whether an auth path is safe, or whether the PR violated team-specific conventions.
Agentic Review
Uses tool calls to inspect files, search related code, and explore the repository instead of only summarizing the diff.
Severity Routing
Critical and high findings can request changes, while medium findings become Checks API annotations to keep the review readable.
Repo Guidance
Reads guidance files like AGENTS.md and CONTRIBUTING.md so reviews reflect the way your team actually works.
Thread Tracking
Follows existing review discussions, avoids duplicate comments, and detects when feedback was addressed in a later push.
False-Positive Checks
Can run an additional verification pass before posting findings, reducing the noisy comments that make developers mute tools.
Local Dry Runs
Developers can run the same review pipeline against a local git diff before opening a pull request.
How the Review Pipeline Works
- GitHub sends a PR event. Baloo receives opened, reopened, synchronized, and ready-for-review pull request webhooks.
- Baloo gathers context. The service reads the diff, checks out repository context when configured, and loads project guidance files.
- The review layer investigates. The agent can read files, search for related code, and produce structured findings.
- The processor layer decides what happens. Deterministic code handles duplicate detection, false-positive verification, severity routing, and GitHub output.
- GitHub gets actionable feedback. Developers see inline comments, Checks annotations, and review decisions in the workflow they already use.
This separation matters because pull requests are untrusted input. The model can identify a finding, but Baloo’s code controls how that finding turns into repository actions.
Built for Operational Control
Baloo runs as your own service. There is no Baloo-hosted backend required. The running service reads repository content through your GitHub App installation and sends review context only to the LLM provider you configure.
The optional review history dashboard gives teams a practical view of the system: review volume, failure rate, cost, status distribution, and whether developers are accepting or disputing findings. That feedback loop is what turns an AI reviewer from a novelty into something a team can tune.
Common Use Cases
- Review AI-generated pull requests before they reach a human reviewer.
- Flag security-sensitive implementation mistakes in authentication, authorization, validation, and secret-handling code.
- Enforce repository-specific rules from
AGENTS.mdandCONTRIBUTING.md. - Review Dependabot PRs with dependency-aware prompts.
- Compare implementation changes against design or plan documents.
- Run a local dry review before creating a GitHub PR.
Quick Start
Create a GitHub App with pull request read/write, contents read, and checks read/write permissions. Then clone the repository, configure your GitHub App credentials and model API keys, and run Baloo with Docker:
git clone https://github.com/bluebear-io/baloo-bear.git
cd baloo-bear
cp .env.example .env
docker compose up --build
Install the GitHub App on your repositories and open a pull request. Baloo will review new and updated PRs automatically.
The GitHub README includes the full setup guide, configuration reference, local dry-run instructions, and contributor docs.