> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cloudthinker.io/llms.txt
> Use this file to discover all available pages before exploring further.

# AI Code Review

> Catch bugs, security vulnerabilities, and quality issues on every pull request with context-aware AI reviews

CloudThinker reviews every pull request on your connected GitHub or GitLab repositories with full context of what the change is trying to do, not just individual lines. Findings appear as in-line comments with severity ratings and remediation guidance.

<iframe width="100%" height="400" src="https://www.youtube.com/embed/ume5mU4516M" title="CloudThinker Tutorial 2025 - How to automate code review and fix critical bugs" style={{ borderRadius: '12px', border: 'none' }} allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowFullScreen />

Rules-based scanners match syntax patterns; CloudThinker reads intent. It knows when code touches infrastructure — IAM policies, S3 permissions, database queries — and flags cloud-specific risks alongside logic bugs and vulnerabilities. Security and quality run in a single pass, so reviewers see one set of findings in the tools they already use.

## How it works

1. **Detect** — a developer opens a pull request on a connected repository. CloudThinker picks it up automatically.
2. **Gather context** — [Oliver](/guide/agents/oliver) reads the full diff, the Jira ticket linked from the branch name or PR title, and relevant Confluence documentation.
3. **Analyze** — the review runs in parallel across security, quality, and cloud-infrastructure dimensions.
4. **Post findings** — in-line comments land on the PR with exact line references, severity ratings, and remediation guidance.
5. **Track** — critical findings auto-create Jira tickets when [Atlassian](/guide/connections/atlassian) is connected. When you push a fix, the next review verifies it and updates the ticket, and every finding feeds the [Leaderboard](/guide/code-review/leaderboard).

<Frame>
  <img src="https://mintcdn.com/cloudthinker/0IKJjKZJEIROke98/images/use-cases/code-review-automation/01-security-code-review-jira-ticket.jpg?fit=max&auto=format&n=0IKJjKZJEIROke98&q=85&s=ff1892a02b0d6ba8887e9e5a1d151255" alt="Security code review creating Jira ticket with vulnerability details" width="2242" height="1060" data-path="images/use-cases/code-review-automation/01-security-code-review-jira-ticket.jpg" />
</Frame>

<p style={{textAlign: 'center', fontSize: '0.9em', color: '#666', marginTop: '8px'}}>A critical finding automatically becomes a Jira ticket with severity, remediation steps, and a link back to the PR</p>

## What you can do

| Capability             | Description                                                                                 | Learn more                                              |
| ---------------------- | ------------------------------------------------------------------------------------------- | ------------------------------------------------------- |
| Bug detection          | Catch logic errors, null-pointer exceptions, off-by-one errors, and edge cases before merge | [Setup](/guide/code-review/setup)                       |
| Security analysis      | Flag SQL injection, XSS, SSRF, hardcoded secrets, and cloud-specific IAM risks              | [Oliver](/guide/agents/oliver)                          |
| Convention enforcement | Apply the convention files already in your repository to every review                       | [Convention rules](/guide/code-review/convention-rules) |
| PR commands            | Mention `@cloudthinker-ai` in a PR comment to re-review or ask questions                    | [Mention commands](/guide/code-review/mention-commands) |
| Issue-tracker context  | Pull Jira requirements and Confluence standards into reviews; push findings back as tickets | [Extensions](/guide/code-review/extensions)             |
| Team analytics         | Track review trends, developer scores, and skill coverage over time                         | [Analytics](/guide/code-review/analytics)               |

## Get started

<CardGroup cols={2}>
  <Card title="Set up code review" icon="gear" href="/guide/code-review/setup">
    Connect your GitHub or GitLab repositories in under 5 minutes
  </Card>

  <Card title="Mention commands" icon="at" href="/guide/code-review/mention-commands">
    Interact with CloudThinker directly from PR and MR comments
  </Card>

  <Card title="Convention rules" icon="list-check" href="/guide/code-review/convention-rules">
    Teach reviews to follow your team's coding conventions
  </Card>

  <Card title="Leaderboard" icon="trophy" href="/guide/code-review/leaderboard">
    Track team review activity and code quality improvements over time
  </Card>
</CardGroup>
