Feature request
Description
Currently, pr-agent requires a platform-specific token (GitHub PAT/App, GitLab token, etc.) because it relies on interacting with the hosting platform's API to fetch PR data and publish comments.
In highly secure or restricted enterprise environments, developers often prefer using SSH keys with passphrases to handle all repository operations (such as fetching PR refs locally via git fetch origin pull/XYZ/head). In these setups, generating, storing, or passing HTTP access tokens is actively discouraged or restricted to mitigate token leakage risks.
We would love to see a purely local, stateless CLI mode where pr-agent can analyze raw git diff inputs without requiring any platform API tokens.
Proposed Solution
Introduce a flag or command (e.g., --stdin or --diff-file) that allows pr-agent to accept a standard unified diff.
Instead of calling the GitHub/GitLab API, the agent would:
- Parse the local diff.
- Send the prompt to the configured LLM.
- Output the generated review, improvements, and tables directly to the terminal (
stdout) or save it to a local markdown file.
Example Usage
Option A: Piping git diff directly via stdin
git diff main...feature-branch | pr-agent review --stdin
Option B: Passing a local diff file
git diff main...feature-branch > changes.diff
pr-agent review --diff-file changes.diff --output review.md
Benefits
- Enhanced Security: Zero risk of token exposure, as no platform access tokens are used or required.
- Local Workflow Integration: Allows developers to seamlessly integrate
pr-agent into local pre-commit or pre-push Git hooks.
- Network Flexibility: Enables the tool to be used in strict air-gapped environments where only the LLM endpoint is reachable, but the code hosting platform's API is restricted.
Motivation
The most secure token is the one that doesn't exist.
In security-first environments, every additional API token represents an expanded attack surface and a potential vector for credential leakage. By utilizing an SSH-and-passphrase workflow to manage code locally, we completely eliminate the need for static HTTP tokens. Bringing a tokenless, local diff mode to pr-agent would allow developers to leverage the power of AI code reviews while maintaining a strict, zero-trust local security posture.
Feature request
Description
Currently,
pr-agentrequires a platform-specific token (GitHub PAT/App, GitLab token, etc.) because it relies on interacting with the hosting platform's API to fetch PR data and publish comments.In highly secure or restricted enterprise environments, developers often prefer using SSH keys with passphrases to handle all repository operations (such as fetching PR refs locally via
git fetch origin pull/XYZ/head). In these setups, generating, storing, or passing HTTP access tokens is actively discouraged or restricted to mitigate token leakage risks.We would love to see a purely local, stateless CLI mode where
pr-agentcan analyze rawgit diffinputs without requiring any platform API tokens.Proposed Solution
Introduce a flag or command (e.g.,
--stdinor--diff-file) that allowspr-agentto accept a standard unified diff.Instead of calling the GitHub/GitLab API, the agent would:
stdout) or save it to a local markdown file.Example Usage
Option A: Piping git diff directly via
stdingit diff main...feature-branch | pr-agent review --stdinOption B: Passing a local diff file
git diff main...feature-branch > changes.diff pr-agent review --diff-file changes.diff --output review.mdBenefits
pr-agentinto localpre-commitorpre-pushGit hooks.Motivation
The most secure token is the one that doesn't exist.
In security-first environments, every additional API token represents an expanded attack surface and a potential vector for credential leakage. By utilizing an SSH-and-passphrase workflow to manage code locally, we completely eliminate the need for static HTTP tokens. Bringing a tokenless, local diff mode to
pr-agentwould allow developers to leverage the power of AI code reviews while maintaining a strict, zero-trust local security posture.