29 29
30Once an admin [enables Code Review](#set-up-code-review) for your organization, reviews trigger when a PR opens, on every push, or when manually requested, depending on the repository's configured behavior. Commenting `@claude review` [starts reviews on a PR](#manually-trigger-reviews) in any mode.30Once an admin [enables Code Review](#set-up-code-review) for your organization, reviews trigger when a PR opens, on every push, or when manually requested, depending on the repository's configured behavior. Commenting `@claude review` [starts reviews on a PR](#manually-trigger-reviews) in any mode.
31 31
32When a review runs, multiple agents analyze the diff and surrounding code in parallel on Anthropic infrastructure. Each agent looks for a different class of issue, then a verification step checks candidates against actual code behavior to filter out false positives. The results are deduplicated, ranked by severity, and posted as inline comments on the specific lines where issues were found. If no issues are found, Claude posts a short confirmation comment on the PR.32When a review runs, multiple agents analyze the diff and surrounding code in parallel on Anthropic infrastructure. Each agent looks for a different class of issue, then a verification step checks candidates against actual code behavior to filter out false positives. The results are deduplicated, ranked by severity, and posted as inline comments on the specific lines where issues were found, with a summary in the review body. If no issues are found, Claude posts a short confirmation comment on the PR.
33 33
34Reviews scale in cost with PR size and complexity, completing in 20 minutes on average. Admins can monitor review activity and spend via the [analytics dashboard](#view-usage).34Reviews scale in cost with PR size and complexity, completing in 20 minutes on average. Admins can monitor review activity and spend via the [analytics dashboard](#view-usage).
35 35
141 141
142## Customize reviews142## Customize reviews
143 143
144Code Review reads two files from your repository to guide what it flags. Both are additive on top of the default correctness checks:144Code Review reads two files from your repository to guide what it flags. They differ in how strongly they influence the review:
145 145
146* **`CLAUDE.md`**: shared project instructions that Claude Code uses for all tasks, not just reviews. Use it when guidance also applies to interactive Claude Code sessions.146* **`CLAUDE.md`**: shared project instructions that Claude Code uses for all tasks, not just reviews. Code Review reads it as project context and flags newly introduced violations as nits.
147* **`REVIEW.md`**: review-only guidance, read exclusively during code reviews. Use it for rules that are strictly about what to flag or skip during review and would clutter your general `CLAUDE.md`.147* **`REVIEW.md`**: review-only instructions, injected directly into every agent in the review pipeline as highest priority. Use it to change what gets flagged, at what severity, and how findings are reported.
148 148
149### CLAUDE.md149### CLAUDE.md
150 150
151Code Review reads your repository's `CLAUDE.md` files and treats newly-introduced violations as nit-level findings. This works bidirectionally: if your PR changes code in a way that makes a `CLAUDE.md` statement outdated, Claude flags that the docs need updating too.151Code Review reads your repository's `CLAUDE.md` files and treats newly introduced violations as [nit-level](#severity-levels) findings. This works bidirectionally: if your PR changes code in a way that makes a `CLAUDE.md` statement outdated, Claude flags that the docs need updating too.
152 152
153Claude reads `CLAUDE.md` files at every level of your directory hierarchy, so rules in a subdirectory's `CLAUDE.md` apply only to files under that path. See the [memory documentation](/en/memory) for more on how `CLAUDE.md` works.153Claude reads `CLAUDE.md` files at every level of your directory hierarchy, so rules in a subdirectory's `CLAUDE.md` apply only to files under that path. See the [memory documentation](/en/memory) for more on how `CLAUDE.md` works.
154 154
156 156
157### REVIEW\.md157### REVIEW\.md
158 158
159Add a `REVIEW.md` file to your repository root for review-specific rules. Use it to encode:159`REVIEW.md` is a file at your repository root that overrides how Code Review behaves on your repo. Its contents are injected into the system prompt of every agent in the review pipeline as the highest-priority instruction block, taking precedence over the default review guidance.
160 160
161* Company or team style guidelines: "prefer early returns over nested conditionals"161Because it's pasted verbatim, `REVIEW.md` is plain instructions: [`@` import syntax](/en/memory#import-additional-files) is not expanded, and referenced files are not read into the prompt. Put the rules you want enforced directly in the file.
162* Language- or framework-specific conventions not covered by linters
163* Things Claude should always flag: "any new API route must have an integration test"
164* Things Claude should skip: "don't comment on formatting in generated code under `/gen/`"
165 162
166Example `REVIEW.md`:163#### What you can tune
164
165`REVIEW.md` is freeform markdown, so anything you can express as a review instruction is in scope. The patterns below have the most impact in practice.
166
167**Severity**: redefine what 🔴 Important means for your repo. The default calibration targets production code; a docs repo, a config repo, or a prototype might want a much narrower definition. State explicitly which classes of finding are Important and which are Nit at most. You can also escalate in the other direction, for example treating any `CLAUDE.md` violation as Important rather than the default nit.
168
169**Nit volume**: cap how many 🟡 Nit comments a single review posts. Prose and config files can be polished forever. A cap like "report at most five nits, mention the rest as a count in the summary" keeps reviews actionable.
170
171**Skip rules**: list paths, branch patterns, and finding categories where Claude should post no findings. Common candidates are generated code, lockfiles, vendored dependencies, and machine-authored branches, along with anything your CI already enforces like linting or spellcheck. For paths that warrant some review but not full scrutiny, set a higher bar instead of skipping entirely: "in `scripts/`, only report if near-certain and severe."
172
173**Repo-specific checks**: add rules you want flagged on every PR, like "new API routes must have an integration test." Because `REVIEW.md` is injected as highest priority, these land more reliably than the same rules in a long `CLAUDE.md`.
174
175**Verification bar**: require evidence before a class of finding is posted. For example, "behavior claims need a `file:line` citation in the source, not an inference from naming" cuts false positives that would otherwise cost the author a round trip.
176
177**Re-review convergence**: tell Claude how to behave when a PR has already been reviewed. A rule like "after the first review, suppress new nits and post Important findings only" stops a one-line fix from reaching round seven on style alone.
178
179**Summary shape**: ask for the review body to open with a one-line tally such as `2 factual, 4 style`, and to lead with "no factual issues" when that's the case. The author wants to know the shape of the work before the details.
180
181#### Example
182
183This `REVIEW.md` recalibrates severity for a backend service, caps nits, skips generated files, and adds repo-specific checks.
167 184
168```markdown theme={null}185```markdown theme={null}
169# Code Review Guidelines186# Review instructions
170 187
171## Always check188## What Important means here
172- New API endpoints have corresponding integration tests189
173- Database migrations are backward-compatible190Reserve Important for findings that would break behavior, leak data,
174- Error messages don't leak internal details to users191or block a rollback: incorrect logic, unscoped database queries, PII
192in logs or error messages, and migrations that aren't backward
193compatible. Style, naming, and refactoring suggestions are Nit at
194most.
195
196## Cap the nits
197
198Report at most five Nits per review. If you found more, say "plus N
199similar items" in the summary instead of posting them inline. If
200everything you found is a Nit, lead the summary with "No blocking
201issues."
202
203## Do not report
175 204
176## Style205- Anything CI already enforces: lint, formatting, type errors
177- Prefer `match` statements over chained `isinstance` checks206- Generated files under `src/gen/` and any `*.lock` file
178- Use structured logging, not f-string interpolation in log calls207- Test-only code that intentionally violates production rules
179 208
180## Skip209## Always check
181- Generated files under `src/gen/`210
182- Formatting-only changes in `*.lock` files211- New API routes have an integration test
212- Log lines don't include email addresses, user IDs, or request bodies
213- Database queries are scoped to the caller's tenant
183```214```
184 215
185Claude auto-discovers `REVIEW.md` at the repository root. No configuration needed.216#### Keep it focused
217
218Length has a cost: a long `REVIEW.md` dilutes the rules that matter most. Keep it to instructions that change review behavior, and leave general project context in `CLAUDE.md`.
186 219
187## View usage220## View usage
188 221
195| Feedback | Count of review comments that were auto-resolved because a developer addressed the issue |228| Feedback | Count of review comments that were auto-resolved because a developer addressed the issue |
196| Repository breakdown | Per-repo counts of PRs reviewed and comments resolved |229| Repository breakdown | Per-repo counts of PRs reviewed and comments resolved |
197 230
198The repositories table in admin settings also shows average cost per review for each repo.231The repositories table in admin settings also shows average cost per review for each repo. Dashboard cost figures are estimates for monitoring activity; for invoice-accurate spend, refer to your Anthropic bill.
199 232
200## Pricing233## Pricing
201 234
225 258
226The **Re-run** button in GitHub's Checks tab does not retrigger Code Review. Use the comment command or a new push instead.259The **Re-run** button in GitHub's Checks tab does not retrigger Code Review. Use the comment command or a new push instead.
227 260
261### Review didn't run and the PR shows a spend-cap message
262
263When your organization's monthly spend cap is reached, Code Review posts a single comment on the PR explaining that the review was skipped. Reviews resume automatically at the start of the next billing period, or immediately when an admin raises the cap at [claude.ai/admin-settings/usage](https://claude.ai/admin-settings/usage).
264
228### Find issues that aren't showing as inline comments265### Find issues that aren't showing as inline comments
229 266
230If the check run title says issues were found but you don't see inline review comments on the diff, look in these other locations where findings are surfaced:267If the check run title says issues were found but you don't see inline review comments on the diff, look in these other locations where findings are surfaced:
