Install
Use the Postil CLI today. The managed GitHub App opens after final review.
Docs
Install the reviewer where pull requests already happen.
Run Postil from GitHub Actions or locally while the hosted app finishes review. The default is simple: report the risky line, or say nothing.
Ask again
Mention @postil on a PR conversation, review, or inline thread.
Cut noise
Use `onClean: skip`, severity thresholds, max findings, and ignored globs.
Write less
A finding needs a risk and a line. Otherwise, leave the PR alone.
GitHub Action
name: Postil Review
on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
permissions:
contents: read
pull-requests: write
checks: write
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: postil-dev/postil-action@v1
with:
openrouter-api-key: ${{ secrets.OPENROUTER_API_KEY }}Repository config
.postil.yaml
review:
review:
onClean: skip
severityThreshold: warn
maxFindings: 12
reviewer:
focus:
- authorization-sensitive code
- billing mutations
- data deletion pathsLocal review
$ postil review --diff-file .cache/change.diff $ postil review --staged $ postil review --base origin/main
Status line
Postil uses compact SVG status marks instead of platform emoji, so the result is consistent across GitHub, browser tabs, and docs.
clean
status:
warning
status:
blocking
status:
Useful links
Configuration reference lives in docs/config.md. The CLI lives in postil-dev/postil-cli.
Benchmark direction
Public evals are coming after human review. The harness uses isolated PR fixtures, real bugs, no upstream fixes, and separate scores for hits, misses, noise, and clean silence.
Trust the merge, not the speed.
Join the hosted beta queue, or run the Postil CLI in your own CI.