Skip to main content

What You’ll Set Up

By the end of this tutorial, every pull request in your connected repositories will automatically receive AI-powered code review comments — detecting bugs, security vulnerabilities, and best-practice violations before code reaches production.
1

Navigate to Code Review Settings

Go to Settings > Code Review in your CloudThinker workspace.You’ll see options to connect GitHub or GitLab repositories.
2

Connect GitHub

Click Connect GitHub to install the CloudThinker GitHub App.
You need Organization Owner permissions to install the GitHub App. If you don’t have access, ask your org admin to approve the installation.
  1. Select the GitHub organization
  2. Choose which repositories to grant access (all or selected)
  3. Authorize the app
The GitHub App requests read access to code and pull requests, and write access to post review comments.
3

Connect GitLab (Alternative)

For GitLab, you have two authentication options:Option A: OAuth (recommended)
  • Click Connect GitLab
  • Authorize via OAuth flow
  • Select projects to monitor
Option B: Access Token
  • Generate a Project Access Token or Group Access Token in GitLab
  • Paste it in CloudThinker settings
  • Select the projects to monitor
4

Select Repositories

After connecting, you’ll see a list of available repositories. Toggle on the ones you want CloudThinker to review.For each repository, you can configure:
  • Auto-review: Automatically review every new PR (recommended)
  • Languages: Which file types to analyze
  • Severity threshold: Minimum severity to comment on
5

Open a Pull Request

Create or open a pull request in one of your connected repositories. CloudThinker will automatically:
  1. Detect the new PR
  2. Analyze the changed files
  3. Post inline review comments on specific lines
  4. Provide a summary comment with overall findings
Comments include:
  • Bug detection: Logic errors, null references, race conditions
  • Security vulnerabilities: Injection risks, hardcoded secrets, insecure patterns
  • Code quality: Naming conventions, complexity, duplication
  • Performance: Inefficient queries, unnecessary allocations, N+1 patterns
6

Review and Act on Feedback

Each review comment includes:
  • Severity level: Critical, High, Medium, Low
  • Explanation: Why this is an issue
  • Suggested fix: Code snippet with the recommended change
Address the feedback, push new commits, and CloudThinker will re-review the updated changes.

How It Works

Developer opens PR → CloudThinker detects PR → AI analyzes diff
→ Posts inline comments → Developer fixes → Re-review on new commits
The review runs automatically on every PR — no manual triggers needed. Reviews typically complete within 1-2 minutes depending on the size of the diff.

Track Team Performance with Leaderboard

Once your team has a few reviewed PRs, go to Code Review > Leaderboard to see how everyone is performing. The Leaderboard scores each developer by balancing Quality (AI review scores) and Impact (code complexity) — so it rewards engineers who ship robust code, not just those who ship the most lines. 
Leaderboard Score = (Normalized Quality + Normalized Impact) / 2
ScoreMeaning
= 1.0Exactly at team average
> 1.0Above average (top performer)
< 1.0Below team average

What to Look For

  • High Quality + High Impact: Your top performers — ideal mentors and lead reviewers
  • High Impact + Low Quality: Possible burnout signal — shipping fast but cutting corners
  • High Quality + Low Impact: May be stuck on a hard problem or under-utilized
  • Uneven Impact distribution: High “Bus Factor” risk — knowledge concentrated in one person
Use the Leaderboard as a diagnostic tool, not just a ranking. It surfaces workload imbalances and quality trends that aren’t visible from PR counts alone.

Leaderboard Scoring Details

Deep dive into the scoring formula, impact calculation, and example calculations

Tips

  • Start with a pilot repo: Connect one active repository first to see the review quality before rolling out broadly
  • Tune severity thresholds: If reviews are too noisy, increase the minimum severity to High or Critical
  • Review the Leaderboard weekly: Track quality trends and workload balance across your team

Next Step

CloudKeepers

Set up autonomous monitoring and compliance scanning