Open Code Review

Open Code Review is an open-source AI code review CLI tool built by Alibaba Group and released under the Apache 2.0 license. According to the project README, it originated as Alibaba's internal official AI code review assistant and was incubated into an open-source project after internal validation. It is written in Go, installable via npm or pre-built binaries, and works with any OpenAI- or Anthropic-compatible LLM endpoint.

What It Is

Open Code Review (ocr) is a command-line agent that reads Git diffs, sends changed files to a configurable large language model, and generates structured review comments with line-level precision. Unlike general-purpose agents used for code review, it combines deterministic engineering pipelines with an LLM agent — each handling what it does best. The tool targets developers and teams who want automated, consistent code review integrated into their local workflow or CI/CD pipeline.

Hybrid Architecture: Deterministic Pipelines + LLM Agent

The README describes the core design philosophy as "Deterministic Engineering × Agent Hybrid":

• Deterministic layer handles steps that must not go wrong: precise file selection, smart file bundling (grouping related files like i18n property pairs into a single review unit), fine-grained rule matching per file type, and external positioning and reflection modules that improve comment location accuracy.
• Agent layer handles dynamic decisions: scenario-tuned prompt templates optimized for code review, and a purpose-built toolset distilled from production tool-call trace analysis (call frequency distributions, per-tool repetition rates, and impact on the overall call chain).

Each file bundle runs as a sub-agent with isolated context, enabling a divide-and-conquer strategy that the README says stays stable on very large changesets and naturally supports concurrent review.

Built-in Rule System and Customization

OCR resolves review rules through a four-layer priority chain (CLI flag → project config → global config → system default). The system default ruleset covers common languages and file types with built-in checks for issues like NPE, thread-safety, XSS, and SQL injection. Custom rules are defined in JSON using glob path patterns with ** recursive matching and brace expansion, and can be committed to a project repository for team-wide sharing.

Integration Paths

The tool supports three integration modes beyond standalone CLI use:

• Coding agent skill: Install as a slash command skill via npx skills add alibaba/open-code-review, which teaches a coding agent how to invoke ocr, classify issues by priority, and optionally apply fixes.
• Claude Code plugin: Register the /open-code-review:review slash command directly in Claude Code via the plugin marketplace.
• CI/CD pipelines: Run ocr review --format json in GitHub Actions or GitLab CI to automate review on pull/merge requests; the examples/ directory includes ready-made workflow templates for both platforms.

Update: v1.2.3

The latest release is v1.2.3, published on June 7, 2026, according to the GitHub repository metadata. The repository was created on May 18, 2026, and has seen rapid early activity with 3,813 stars and 173 forks as of the data snapshot. The project is actively maintained with recent pushes and open issues tracked on GitHub. The primary language is Go, and the project is tagged with topics including agent, code-review, harness, and repository-level-context.