Shared GitHub Actions workflows and prompts for the Foxglove organization.
An AI-powered PR review that combines technical and product perspectives in a single pass. Acts as a CTO who is both a technical leader and product steward — evaluating code quality, architecture, performance, and security alongside user-facing consistency, terminology, documentation, and UX.
Prompt: prompts/review.md
The shared prompt stays general-purpose. To add conventions or review policies specific to a repo (or a subtree within it), commit instruction files alongside the code — no workflow changes needed:
AGENTS.md— general codebase conventions and agent guidance (an emerging standard). Used to judge idiomatic patterns.REVIEWING.md— review-specific policies and checklists (e.g. "require a linked desktop build for PRs that touchpackages/desktop").
Each file applies to its own directory and all subdirectories; a file at the repo root applies repo-wide. When multiple files apply to a path, the more deeply nested one takes precedence. The workflow discovers these files automatically (tracked files only) and the reviewer applies them on top of the general guidance, so repo-specific rules don't have to live in this shared prompt.
Add this workflow to your repository's .github/workflows/ directory:
# .github/workflows/pr-review.yml
name: PR Review
on:
pull_request: {}
jobs:
review:
if: ${{ !github.event.pull_request.head.repo.fork }}
permissions:
actions: read
contents: read
pull-requests: write
id-token: write
uses: foxglove/actions/.github/workflows/review.yml@main
secrets:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}Note: If your repository restricts the default
GITHUB_TOKENpermissions, you may also need to add a top-levelpermissionsblock to explicitly grant the required access at the workflow level.permissions: actions: read contents: read pull-requests: write id-token: write