Reviewing PRs is Hard.
We make it easier.

Stop wasting hours waiting on manual reviews. OpenRabbit is a free, open-source, self-hosted GitHub Pull Request reviewer that seamlessly replaces CodeRabbit directly in your Action workflows.

Get Workflow See Example PR Try on GitHub

The joy pain of manual code reviews

The Waiting Loop

Waste hours or days waiting for offline team members to spot easy bugs, simple typos, or formatting rule violations before you can merge.

The Silent Bug

One tiny overlooked logical error or missing verification parameter guarantees a late-night crash. Manual eyes inevitably miss these slips.

The Massive PR Subscription

Why should your organization pay thousands of dollars for central commercial review integrations, when you can run it completely serverless for free?

Manual Review Automation!!

Introducing OpenRabbit

OpenRabbit is a free, self-hosted, open-source Pull Request automation helper.

It hooks into your own repository, analyzes incoming code diffs, queries pluggable, high-speed LLMs (like Groq, OpenRouter, or other providers), and instantly returns human-friendly feedback, summaries, and exact inline file correction widgets.

Get Workflow See Example PR Star on GitHub

MANIFESTO & ETHICS

The Open
Source Fight.

OpenRabbit is a stand for Open Source Ethics.

Centralized code scanning platforms like CodeRabbit have become high-risk "blast-radius multipliers." In late 2025, a critical security vulnerability in their centralized architecture exposed over 1 million repositories to remote write-access vulnerabilities and potential Remote Code Execution (RCE). Users were forced to grant expansive third-party cloud write permissions to a single, centralized vendor database.

"OpenRabbit completely neutralizes this attack vector. By running natively client-side inside your own local GitHub Actions runner, your source code is analyzed locally. Your workflows maintain total serverless data sovereignty, eliminating external commercial dependency risk entirely."

We believe absolute developer productivity should never demand sacrificing absolute repository security. Shifting security back to client-controlled resources is the ultimate future of devtools.

Ad ... ahem ... Supporters

Thanks to the contributors, maintainers, and sponsors for making OpenRabbit possible.

Deyweaver Foundation

[c]

cubic.dev

GitHub Marketplace

▲

vercel

Become a Sponsor

Features ... refined analytics ...

Because ordinary review bots judging code in isolation is kinda dumb. Build real context, smarter loops.

CONTEXT BLINDNESS PROOF

Project-Wide Context

Most AI reviewers analyze code in single snippet isolation. OpenRabbit understands your complete architecture with Two-Stage File Fetching (pulling relevant files on-demand) and Linked Issue Awareness to verify if your branch satisfies original business logic.

EDUCATIONAL MENTOR

"Socratic Scaffold"

Instead of just dumping copy-paste answers, OpenRabbit acts like a direct mentor. It guides you with Socratic questions to help you understand the core issue yourself. It explains why code is risky, reserving raw code modifications for simple, obvious fixes.

SCALABILITY FIRST

Performance Auditor

Built for production scaling. OpenRabbit actively scans code diffs for potential memory leaks, logic race conditions, complex O(n²) loops, and redundant database operations. It evaluates code with a crucial check: "Will this survive 10x traffic?"

SECURE COGNITION

Security Auditor

It completely ignores the PR details at first to bypass confirmation bias, scanning bare diff statements for SQL injection, cross-site scripting (XSS), and authentication flaws. It immediately flags fake "improvements" where layers of validation are stripped.

ANTI-AI-SLOP

Pragmatic Senior Voice

Say goodbye to generic, useless AI comments. OpenRabbit runs Suggestion Validation internally to verify revisions align with your exact codebase before posting, writing in the voice of a direct, seasoned technology lead.

PREVENT DRIFTING

Stops "Vibe Coding"

Ensures branches stay hyper-focused. OpenRabbit features active DRIFT Detection, calling out unrelated refactorings or random file tidying. It tells you to isolate stray cleanup into a separate branch so code reviews remain simple and fast.

Quickstart in 2 minutes

Simply create a workflow file inside your repository and configure your credentials.

.github/workflows/reviewer.yml

name: OpenRabbit Reviewer

on:
  pull_request_target:
    types: [opened, reopened, edited, synchronize]

permissions:
  contents: read
  pull-requests: write

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - name: OpenRabbit
        uses: aryanbrite/openrabbit@main
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          llm_api_key: ${{ secrets.LLM_API_KEY }}
          llm_provider: openrouter # Or groq
          llm_model: openrouter/free # Use world-class models for $0
          review_mode: both
          tone_mode: balanced

STEP 1 REQUIRED

Add API Key to GitHub

Create a repository secret so OpenRabbit can securely access your chosen AI models:

1 Navigate to Settings → Secrets → Actions.

2 Click the New repository secret button.

3 Set Name as LLM_API_KEY.

4 Paste your provider's API token value and click Add secret.

🔒 SECURE VARIABLES REGISTRY GitHub Secrets

Name

LLM_API_KEY

Secret *

••••••••••••••••••••••••••••••••••••

STEP 2 FREE PROVIDERS

Get a Free LLM Key

OpenRabbit works instantly with cheap or free model endpoints. Grab your credentials directly from these popular platforms to power your automated pull request reviews:

⚡

OpenRouter Key

Rotates llama/mistral models for $0 cost reviews.

Get Key

✨

Google AI Studio

High-speed, extremely generous free-tier code reviewer.

Get Key

🚀

Groq Keys

Sub-second inference and blazing fast feedback cycles.

Get Key