AI-powered code review for every pull request. Security scanning. Multi-model LLM consensus. 14 languages. Zero config.
One click · All repos · No credit card
How it works
Nothing changes in your workflow. Open a PR — Guard reviews it.
Click the install button, select your repos. Takes 10 seconds. Guard creates a welcome issue to confirm.
Push code and create a PR as usual. Nothing else changes in your workflow.
Within seconds, Guard runs 9 review layers: security patterns, language rules, LLM consensus, pattern database, dependency CVE scan, cross-file analysis, duplication detection, and more.
Every issue includes a one-click fix suggestion. CWE/OWASP tags on security findings. AI-generated PR summary. Quality gates block merge if thresholds exceeded. Ask @neuronx-guard questions in comments.
Capabilities
Every PR gets a comprehensive multi-layer review — powered by the NeuronX AI platform.
19 rules: hardcoded secrets, SQL injection, eval/exec, command injection, timing attacks, pickle deserialization.
2-3 LLMs review independently. Only reports issues they agree on. Knowledge Graph enriches prompts with codebase context.
62 rules across 14 languages: JS/TS, Go, Java, Rust, C/C++, Ruby, PHP, Shell, Kotlin, Swift.
Checks requirements.txt, package.json, go.mod, Cargo.toml against OSV.dev. Shows fix versions.
Python AST for cyclomatic complexity, bare except clauses, and structural issues.
Detects broken imports, duplicate definitions, removed functions still referenced.
23K+ learned code patterns + 189K FAISS vectors. Matches your code against known vulnerabilities instantly.
Every issue includes a fix. 40+ deterministic fixes, pattern-based reference code, and LLM-generated repairs.
3,900 nodes, 38K edges. Enriches LLM reviews with codebase context — related concepts, dependencies, known patterns.
Example
Without Guard
def get_user(name):
password = "admin123"
conn = sqlite3.connect("db")
q = f"SELECT * FROM users WHERE name='{name}'"
try:
return conn.execute(q)
except:
return NoneAfter Guard Review
def get_user(name):
password = os.getenv("DB_PASSWORD")
conn = sqlite3.connect("db")
q = "SELECT * FROM users WHERE name=?"
try:
return conn.execute(q, (name,))
except Exception as e:
logger.error(f"Query failed: {e}")
return NoneGuard found: hardcoded password, SQL injection, bare except — and suggested fixes on exact lines
Review output
password = "admin123"os.getenv('DB_PASSWORD') instead of hardcoded stringscursor.execute('SELECT ... WHERE id=?', (id,))except: foundexcept: → except Exception as e:== — use strict equality== with ===unsafe_deserialization (quality=0.9) — known vulnerability pattern from 23K databaseIntelligence
Guard learns from your team and gets smarter over time.
Dismiss an issue 3 times? Guard auto-suppresses it on that repo. No more repeat noise.
React with thumbs up/down on Guard's comments. Thumbs-down lowers the issue's quality score. Auto-suppressed after enough downvotes.
Inline comments appear on the exact changed line — not line 1. Maps through diff hunks to find the precise position in the new file.
Flags empty descriptions, missing test plans, no linked issues, short titles. Encourages good PR hygiene.
Recommends human reviewers based on who contributed most to the changed files. Uses git history to find domain experts.
Guard uses GitHub's native review actions: APPROVE when clean, REQUEST_CHANGES when errors found.
Every review starts with a 3-5 bullet summary of what the PR does — a changelog of the actual changes.
Mention @neuronx-guard in any PR comment. "Why is this dangerous?" "Fix this for me." Context-aware AI answers.
Block merges if thresholds exceeded. Configure max_errors: 0 in .neuronx-guard.yml — enterprise-grade CI enforcement.
Every security finding tagged with CWE ID + OWASP 2021 category. [CWE-89] [OWASP A03:2021] — enterprise compliance ready.
PR Commands
| Command | What it does |
|---|---|
| /guard explain | Detailed explanation of each finding — why it matters, bad/good examples, OWASP/CWE references |
| /guard dismiss | Collapse Guard's review comment and record dismissed patterns for auto-suppression |
| /guard re-review | Trigger a fresh review (useful after pushing fixes) |
| /guard quality | Show code quality score (0-100, grade A-F) and trend for this repo |
| /guard leaderboard | Developer leaderboard — who writes the cleanest code, ranked by score |
| /guard report | Post a compliance-ready markdown report (for SOC2/ISO audits) |
| /guard config | Show current .neuronx-guard.yml configuration or defaults |
| /guard feedback | Collect reaction data from Guard's inline comments on this PR |
| @neuronx-guard [question] | Ask Guard anything about the PR — context-aware AI chat |
Integrations
Pick what fits your workflow. Use one or all.
Install once, reviews happen automatically on every PR. No configuration needed.
github.com/apps/neuronx-guard — select repos or all repos
Guard reviews automatically within seconds
Check Run badge, inline comments, approve/request changes
Run Guard as a CI step — no GitHub App installation needed:
name: Guard Review
on: [pull_request]
jobs:
guard:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 }
- uses: sreejagatab/neuronx-platform/.github/actions/neuronx-guard@main
with:
severity-threshold: warning
fail-on-error: trueNo API key needed for the free tier. Results appear in the GitHub Actions summary.
Real-time Guard feedback as you code. Scans on save, diagnostics on exact lines.
# Install from VSIX cd vscode-extension && npm install npx vsce package code --install-extension neuronx-guard-1.0.0.vsix
Ctrl+Shift+G to scan. Status bar shows "Guard: clean" or "Guard: N issues". Supports 16 languages.
Review code locally before pushing. Pre-commit hook support.
# Review a directory python guard_cli.py src/ # Review staged changes only python guard_cli.py --staged # Install as pre-commit hook python guard_cli.py --install-hook
Get review summaries posted to your team channel.
# .neuronx-guard.yml notifications: slack_webhook: https://hooks.slack.com/... discord_webhook: https://discord.com/api/webhooks/...
Shows: repo, PR, author, issue count (errors/warnings), review time. Color-coded: red (errors), yellow (warnings), green (clean).
Review code programmatically. Get an API key from your dashboard.
curl -X POST https://neuronx.jagatab.uk/api/guard/review \
-H "X-Guard-Key: nxg_your_key" \
-H "Content-Type: application/json" \
-d '{"diff": "...", "repo": "owner/repo"}'Rate limits: Free 20/day · Pro 200/day · Team 1,000/day
Analytics
Track your team's code quality over time.
0-100 score with letter grade (A-F). Tracks issues-per-PR trend. Shows if your team is improving, stable, or declining.
/guard quality
Ranked by cleanest code. Shows avg issues/PR, clean PR ratio, total errors. Medals for top 3.
/guard leaderboard
Full markdown report with PR metadata, findings, verdict (PASS/WARN/FAIL). Ready for SOC2/ISO audits.
/guard report
Add quality + security badges to your README:
 
Quality grade (A-F) + Security grade (A-F based on CWE findings). Updates on every review.
Pricing
Free
forever
Pro
per organization
Team
per organization
Install the free GitHub App first, then upgrade from the Guard dashboard. No credit card to start.
Payment powered by Stripe. Cancel anytime. All prices in GBP.
Comparison
| NeuronX Guard | CodeRabbit | Snyk Code | SonarQube | Copilot | |
|---|---|---|---|---|---|
| Free tier | 20 reviews/day | Limited | 100 tests/mo | Community | No review |
| Paid price | £10/org | $15/user | $25/dev | $150/yr | $19/user |
| Multi-LLM consensus | ✓ 2-3 models | ✗ | ✗ | ✗ | ✗ |
| PR summary | ✓ | ✓ | ✗ | ✗ | ✓ |
| Conversational chat | ✓ @neuronx-guard | ✓ | ✗ | ✗ | ✓ |
| One-click auto-fix | ✓ 56% coverage | ✓ | ✗ | ✗ | Partial |
| CWE/OWASP tags | ✓ | ✗ | ✓ | ✓ | ✗ |
| Quality gates | ✓ | ✗ | ✓ | ✓ | ✗ |
| CVE scanning | ✓ 6 ecosystems | ✗ | ✓ | Plugins | ✗ |
| 23K pattern database | ✓ + FAISS | ✗ | ✗ | ✗ | ✗ |
| Knowledge Graph | ✓ 4.9K nodes | ✗ | ✗ | ✗ | ✗ |
| Self-learning engine | ✓ | ✗ | ✗ | ✗ | ✗ |
| Languages | 14 | 20+ | ~10 | 30+ | Many |
| Self-hosted | £249/yr | ✗ | Enterprise | ✓ | ✗ |
Configuration
Add .neuronx-guard.yml to your repo root:
enabled: true
checks:
security: true
complexity: true
bare_except: true
patterns: true
llm_review: true
ignore_files:
- "*.md"
- "tests/*"
severity_threshold: warning
# Custom rules (Pro):
custom_rules:
- pattern: "TODO|FIXME|HACK"
message: "Resolve before merging"
severity: info
# Quality gates (block merge on violations):
quality_gate:
enabled: true
max_errors: 0
max_warnings: 10
max_cve_critical: 0
block_merge: trueRun /guard config on any PR to see your current config.
Get Started
Install on GitHub. Open a PR. Guard reviews automatically. Free forever.