MCP-CodeReviewer
A three-layer funnel AI code review engine that reduces LLM token consumption by 70%+ while providing deep code analysis. It integrates with GitHub PRs via MCP protocol to automate code review with static analysis, RAG, and LLM-based checks.
README
🔍 MCP-CodeReviewer
基于 MCP 协议的三层漏斗式 AI 代码审查引擎 通过确定性静态分析与动态模型路由,在保证审查深度的同时降低 70%+ 的 LLM Token 消耗。
🏗️ 架构
PR 触发 → GitHub Actions
→ git diff (宿主机) → Docker 容器
→ ci_runner.py
→ 白名单代码提取 + 正则函数提取
→ RAG 规范检索 (独立降级)
→ 影响面雷达 ripgrep (独立降级)
→ Phase3 Prompt 拼装
→ LLM 审查 (deepseek-v4-flash)
→ 三级防御 L1/L2/L3 → GitHub 行级评论 (含 Suggestion)
→ ReviewMetrics 落盘 → upload-artifact
🚀 快速开始
1. 安装
git clone <repo-url>
cd mcp-code-reviewer
pip install -r requirements.txt
2. Mock 模式(无需 API Key)
python orchestrator.py --mock
3. 真实审查
export DEEPSEEK_API_KEY=***
python orchestrator.py
4. 接入 GitHub PR
# 复制 workflow 到目标仓库
cp .github/workflows/ai-review.yml <target-repo>/.github/workflows/
# 配置 Secrets: DEEPSEEK_API_KEY
# 配置 Actions 权限: Read and write
# 创建 PR,自动触发审查
📁 项目结构
├── mcp_server.py # MCP Server (3 Tools)
├── orchestrator.py # MCP Client + Prompt 工程
├── ci_runner.py # CI/CD 桥梁 + 三级防御
├── rag_engine.py # 轻量 RAG (SQLite)
├── impact_analyzer.py # 影响面雷达 (ripgrep)
├── metrics.py # ReviewMetrics 黑匣子
├── Dockerfile # 生产级镜像
├── scripts/
│ └── aggregate_metrics.py # Metrics 聚合分析
└── test_cases/ # 测试用例
🛡️ 三级防御
| 级别 | 方法 | 防护目标 |
|---|---|---|
| L1 | unidiff 行号映射 O(1) 精确匹配 | 防 LLM 幻觉原代码 |
| L2 | 物理字符串切片提取缩进 | 防正则跨行漏洞 |
| L3 | AST 宽容预检 + 补 pass | 防破坏性提交 |
校验失败不丢弃 issue → 降级为纯文本警告评论。
🧪 测试
python test_static_analysis.py # 15 用例 ✅
python test_complexity_router.py # 9 用例 ✅
python eval_quality.py # LLM 质量评估 (30 bugs)
📊 可观测性
每次审查自动生成 review_metrics.json,包含 30+ 指标:
- 管线各阶段耗时 (RAG/雷达/LLM)
- 三级防御 L1/L2/L3 通过/失败计数
- Suggestion 成功率
- RAG 降级率
# 本地聚合分析
python scripts/aggregate_metrics.py ./downloaded_metrics/
🔧 技术栈
| 组件 | 技术 |
|---|---|
| MCP Server | Python + mcp SDK + FastAPI |
| 静态分析 | ast.NodeVisitor |
| Diff 解析 | unidiff |
| 影响面分析 | ripgrep |
| RAG | SQLite + numpy |
| LLM Gateway | litellm |
| 容器化 | Docker (python:3.11-slim) |
| CI/CD | GitHub Actions |
📝 技术债
License
MIT
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.