ENGINEERING

AI-triage GitLab MR risk and pick the reviewer pool

An agent reads each new merge request's diff, title, and changed paths, reasons about its security risk.

CategoryEngineering

Enginepaperclip

Difficultyadvanced

Triggerwebhook

Steps5

Setup~25 min

How it runs

The automated pipeline, trigger to output.

TriggerGitLab merge request openedGitLab
ActionFetch diff, description, and changed pathsGitLab
LogicAgent reasons over the change and classifies riskOpenAI
ActionAssign reviewer pool and apply risk labelGitLab
OutputPost risk rationale as an MR commentGitLab

What it does

Goes beyond path matching by having an agent actually read the change. For each new merge request it reviews the diff, title, description, and touched files, then reasons about real security risk — auth logic changes, new external calls, dependency bumps, permission edits — and assigns the reviewer pool that fits. It posts a short written rationale to the MR so the routing decision is transparent.

When to use it

Use it when static path rules miss too much: risky changes hide in 'safe' directories and trivial edits land in 'risky' ones. Best for teams that want judgment-based routing and are comfortable with an agent making a recommendation a human can override.

How it works

1A GitLab webhook fires on merge request open.
2The agent fetches the diff, description, and changed paths via the GitLab API.
3It reasons over the change and classifies risk with an explicit rationale.
4It assigns the chosen reviewer pool and applies the matching label through the GitLab API.
5It posts its risk summary and pool choice as an MR comment for reviewer context.

Set it up

What you configure once, before turning it on.

1
Connect GitLabRepos, MRs, pipelines, registry.
2
Connect OpenAIModels, embeddings, files.
3
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
4
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
5
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More Engineering workflows

Upgrade Impact Router to Module Code Owners

Maps a dependency-bump PR's affected modules to their CODEOWNERS, then DMs each owner on Slack with only the changelog slice that touches code they own.

Re-Voice IVR Prompts on Phone-Tree Config Merge

When a phone-tree config change merges in GitHub, regenerates the ElevenLabs audio for any prompt whose script changed in the diff and opens a follow-up PR adding the new audio…

Agent reviews model-license fit and suggests compliant swaps on the PR

When a PR adds a Hugging Face model, an agent reads the model card and license, judges fit against your commercial-use policy.

Scan for deprecated endpoints and email consumers a weekly sunset countdown

On a weekly schedule, scans the OpenAPI spec for endpoints marked deprecated with a sunset date, and emails each consuming team a countdown of how many days remain before removal.

Publish a versioned API changelog to Confluence on each release tag

On a new semver release tag, gathers the contract changes since the last release and writes a clean.

Gate breaking API PRs behind downstream consumer acknowledgement

When a PR introduces a breaking contract change, comments the impact summary back on the PR, applies a blocking label.

Browse all Engineering →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

Software

AI Tools Startup

Ship an AI tool, distribute on every channel, watch the unit economics.

Software

Agent Hive runs Agent Hive

The team that built Agent Hive, exactly as it runs today.

Marketing

Content Marketing Agency

SEO, blogs, social, and reporting on autopilot.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →