AI Code Review

Baz runs AI agents - coding SDLC agents and code review agents - that evaluate pull requests by considering the entire repository and its external context, not just one file at a time.

AI agents maintained by Baz.

These reviewers come with curated prompts and context we continuously update to cover general-purpose review needs.

Create a custom reviewer
698 Accepted, 8% RejectedAcross all reviewers, last 30 days
SDLC Agents

Fixer

Configure

Accelerates code review cycles by enabling instant commits of suggested fixes to a PR, eliminating manual edits and context switching.

Agent disabled, action required

SRE Agent

Configure

Detects issues from observability signals (e.g. logs, metrics, alerts) and automatically resolves them by generating targeted code fixes via PRs.

Agent disabled, action required

Merger

Configure

Evaluates pull requests to determine if they are safe to merge according to your team's guidelines.

Baz Code Review Agents

Spec reviewer

Configure

Ensures that the implemented code and design align with documented requirements, identifying gaps or deviations early in the development process.

Advanced Security

Configure

Reviews code changes to identify security vulnerabilities and insecure patterns before they reach production.

27In scope77Accepted suggestions

AI Coding Guidelines

Configure

Ensuring AI-generated code follows consistent, high-quality standards aligned with your engineering practices.

70In scope95Accepted suggestions

Type Inconsistency

Configure

Ensuring that variables and functions use the appropriate data types to prevent type-related errors.

68In scope49Accepted suggestions

Logical Bugs

Configure

Identifies logical inconsistencies, flawed conditionals, and edge cases that could lead to unexpected behavior.

517In scope230Accepted suggestions

Breaking Changes

Configure

Changes that alter or remove existing functionality, potentially breaking dependent APIs or features.

124In scope75Accepted suggestions

Code Hygiene

Configure

Ensuring code is clean, well-organized, and follows consistent style guidelines for maintainability.

11In scope

Code Dedup and Conventions

Configure

Detects duplicate code and ensures adherence to your team's existing coding patterns.

64In scope77Accepted suggestions

Conciseness

Configure

Writing clear, efficient code that avoids unnecessary complexity or redundancy while maintaining readability.

12In scope9Accepted suggestions

Naming and Typos

Configure

Mistakes in variable names or unclear identifiers that reduce code clarity and readability.

49In scope9Accepted suggestions

REST API Best Practices

Configure

Ensure APIs are written according to today's standards and follow REST best practices.

Basic Security Patterns

Configure

Identifies basic security bad practices like unsanitized inputs, PII exposure and SQL injection.

The agents that make up the surface

The codebase is split into indexable units, and embeddings with similarity measures retrieve relevant code and tests. Agents perform agentic code analysis and optional runtime inspection, yielding structured findings shared as pull request comments and CI check results.

Fixer (SDLC)

Accelerates the review cycle by letting suggested fixes be committed directly to a PR. It proposes small, safe, self-contained edits that are low risk to apply automatically, each with a short rationale reviewers can accept or tweak.

Merger (SDLC)

After CI passes and the Baz review is satisfied, Merger analyzes whether a PR touches core logic that needs careful review or can be streamlined to production. It attaches a verdict label and an optional rationale comment, governed by deterministic rules and org guidelines.

SRE Agent (SDLC)

Identifies reliability, performance, and operational risks using observability tools like Datadog, then automatically generates fixes as pull requests - correlating code with real system behavior to focus on retries, error handling, inefficient queries, and missing logs or metrics.

Spec Reviewer

Extracts explicit requirements from tickets and designs and validates whether the implementation satisfies them, producing a verdict for each requirement with evidence: met, partially met, or not met.

Advanced Security

Reviews PRs for exploitable behavior across authentication, authorization, input handling, data exposure, and cross-service assumptions - supporting each finding with the change, surrounding code, related repositories, and runtime signals via the Context Broker.

Code correctness reviewers

Logical Bugs, Breaking Changes, and Type Inconsistency reviewers trace execution paths, tie API surface changes to the consumers they would break, and flag type changes that could cause runtime or integration problems.

Memory

Every interaction with a reviewer is persisted to a reviewer-specific memory bank. When users give similar feedback more than once, the reviewer's system prompt updates - and versioned memories let you revert if you disagree.

Read more

Put specialized agents on every pull request

Connect a repository and Baz's agents start reviewing, fixing, and validating changes with full repository context from day one. Want to tune agents to your team's standards first?