@j0hanz/code-review-analyst-mcp

Code Review Analyst MCP Server

Gemini-powered MCP server for pull request analysis with structured outputs for findings, release risk, and focused patch suggestions.

Overview

This server accepts unified diffs and returns structured JSON results — findings with severity, impact categories, merge risk, test plans, and verbatim search/replace fixes. It uses Gemini Thinking models (Flash for fast tools, Flash for deep analysis) and runs over stdio transport.

Key Features

• Impact Analysis — Objective severity scoring, breaking change detection, and rollback complexity assessment.
• Review Summary — Concise PR digest with merge recommendation and change statistics.
• Deep Code Inspection — Flash model with high thinking level for context-aware analysis using full file contents.
• Search & Replace Fixes — Verbatim, copy-paste-ready code fixes tied to specific findings.
• Test Plan Generation — Systematic test case generation with priority ranking and pseudocode.
• Async Task Support — All tools support MCP task lifecycle with progress notifications.

Requirements

• Node.js >=24
• One API key: GEMINI_API_KEY or GOOGLE_API_KEY
• MCP client that supports stdio servers and tool calls

Quick Start

{
  "mcpServers": {
    "code-review-analyst": {
      "command": "npx",
      "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
      "env": {
        "GEMINI_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

Client Configuration

VS Code / VS Code Insiders

Add to .vscode/mcp.json:

{
  "servers": {
    "code-review-analyst": {
      "command": "npx",
      "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
      "env": {
        "GEMINI_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

Or via CLI:

code --add-mcp '{"name":"code-review-analyst","command":"npx","args":["-y","@j0hanz/code-review-analyst-mcp@latest"]}'

Cursor

Add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "code-review-analyst": {
      "command": "npx",
      "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
      "env": {
        "GEMINI_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

Visual Studio

For more info, see Visual Studio MCP docs.

Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "code-review-analyst": {
      "command": "npx",
      "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
      "env": {
        "GEMINI_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

For more info, see Claude Desktop MCP docs.

Claude Code

claude mcp add code-review-analyst -- npx -y @j0hanz/code-review-analyst-mcp@latest

For more info, see Claude Code MCP docs.

Windsurf

Add to MCP config:

{
  "mcpServers": {
    "code-review-analyst": {
      "command": "npx",
      "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
      "env": {
        "GEMINI_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

For more info, see Windsurf MCP docs.

Amp

amp mcp add code-review-analyst -- npx -y @j0hanz/code-review-analyst-mcp@latest

For more info, see Amp MCP docs.

Cline

Add to cline_mcp_settings.json:

{
  "mcpServers": {
    "code-review-analyst": {
      "command": "npx",
      "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
      "env": {
        "GEMINI_API_KEY": "YOUR_API_KEY"
      }
    }
  }
}

For more info, see Cline MCP docs.

Zed

Add to Zed settings.json:

{
  "context_servers": {
    "code-review-analyst": {
      "command": {
        "path": "npx",
        "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
        "env": {
          "GEMINI_API_KEY": "YOUR_API_KEY"
        }
      }
    }
  }
}

For more info, see Zed MCP docs.

Augment

Add to settings.json:

{
  "augment.advanced": {
    "mcpServers": [
      {
        "name": "code-review-analyst",
        "command": "npx",
        "args": ["-y", "@j0hanz/code-review-analyst-mcp@latest"],
        "env": {
          "GEMINI_API_KEY": "YOUR_API_KEY"
        }
      }
    ]
  }
}

Docker

{
  "mcpServers": {
    "code-review-analyst": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "GEMINI_API_KEY=YOUR_API_KEY",
        "ghcr.io/j0hanz/code-review-analyst-mcp:latest"
      ]
    }
  }
}

Or build locally:

docker build -t code-review-analyst-mcp .

Tools

[!IMPORTANT] Call generate_diff first (mode: "unstaged" or "staged"). All review tools read the cached server-side diff (diff://current) and do not accept a direct diff parameter.

generate_diff

Generate and cache the current branch diff for downstream review tools.

Parameter	Type	Required	Description
mode	string	Yes	unstaged (working tree) or staged (git index).

Returns: diffRef, stats (files, added, deleted), generatedAt, mode, message.

analyze_pr_impact

Assess the impact and risk of cached pull request changes using the Flash model.

Parameter	Type	Required	Description
repository	string	Yes	Repository identifier (e.g. org/repo).
language	string	No	Primary language hint.

Returns: severity (low/medium/high/critical), categories[], breakingChanges[], affectedAreas[], rollbackComplexity, summary.

generate_review_summary

Summarize a pull request diff and assess high-level risk using the Flash model.

Parameter	Type	Required	Description
repository	string	Yes	Repository identifier (e.g. org/repo).
language	string	No	Primary language hint.

Returns: summary, overallRisk (low/medium/high), keyChanges[], recommendation, stats (filesChanged, linesAdded, linesRemoved).

inspect_code_quality

Deep-dive code review using the Flash model with high thinking (16K token budget).

Parameter	Type	Required	Description
repository	string	Yes	Repository identifier (e.g. org/repo).
language	string	No	Primary language hint.
focusAreas	string[]	No	Areas to inspect: security, correctness, etc.
maxFindings	number	No	Maximum findings to return (1-25).

Returns: summary, overallRisk (low/medium/high/critical), findings[] (severity, file, line, title, explanation, recommendation), testsNeeded[], contextualInsights[].

[!NOTE] Diff size bounded by MAX_DIFF_CHARS (default 120,000). Expect 60-120s latency due to deep thinking.

suggest_search_replace

Generate verbatim search-and-replace blocks to fix a specific finding using the Flash model with high thinking.

Parameter	Type	Required	Description
findingTitle	string	Yes	Short title of the finding to fix.
findingDetails	string	Yes	Detailed explanation of the bug or risk.

Returns: summary, blocks[] (file, search, replace, explanation), validationChecklist[].

generate_test_plan

Create a test plan covering the changes in the diff using the Flash model with thinking (8K token budget).

Parameter	Type	Required	Description
repository	string	Yes	Repository identifier (e.g. org/repo).
language	string	No	Primary language hint.
testFramework	string	No	Test framework (e.g. jest, vitest, pytest).
maxTestCases	number	No	Maximum test cases to return (1-30).

Returns: summary, testCases[] (name, type, file, description, pseudoCode, priority), coverageSummary.

Resources

URI	Type	Description
internal://instructions	text/markdown	Server usage instructions.

Prompts

Name	Arguments	Description
get-help	—	Return the server usage instructions.
review-guide	tool, focusArea	Guided workflow for a specific tool and focus area.

Configuration

CLI Arguments

Option	Description	Env Var Equivalent
--model, -m	Override default model	GEMINI_MODEL
--max-diff-chars	Override max diff size	MAX_DIFF_CHARS

Environment Variables

Variable	Description	Default	Required
GEMINI_API_KEY	Gemini API key	—	Yes
GOOGLE_API_KEY	Alternative API key (if GEMINI_API_KEY not set)	—	No
GEMINI_MODEL	Override default model selection	—	No
GEMINI_HARM_BLOCK_THRESHOLD	Safety threshold (BLOCK_NONE, BLOCK_ONLY_HIGH, etc.)	BLOCK_NONE	No
MAX_DIFF_CHARS	Max chars for diff input	120000	No
MAX_CONCURRENT_CALLS	Max concurrent Gemini requests	10	No
MAX_CONCURRENT_BATCH_CALLS	Max concurrent inline batch requests	2	No
MAX_CONCURRENT_CALLS_WAIT_MS	Max wait time for a free Gemini slot	2000	No
MAX_SCHEMA_RETRY_ERROR_CHARS	Max chars from schema error injected into retry text	1500	No
GEMINI_BATCH_MODE	Request mode for Gemini calls (off, inline)	off	No
GEMINI_BATCH_POLL_INTERVAL_MS	Poll interval for batch job status	2000	No
GEMINI_BATCH_TIMEOUT_MS	Max wait for batch completion	120000	No

Models

Tool	Model	Thinking Level
analyze_pr_impact	gemini-3-flash-preview	minimal
generate_review_summary	gemini-3-flash-preview	minimal
inspect_code_quality	gemini-3-flash-preview	high
suggest_search_replace	gemini-3-flash-preview	high
generate_test_plan	gemini-3-flash-preview	medium

Workflows

Quick PR Triage

• Call analyze_pr_impact to get severity and category breakdown.
• If low/medium — call generate_review_summary for a quick digest.
• If high/critical — proceed to deep inspection.

Deep Code Inspection

• Call inspect_code_quality with the cached diff.
• Use focusAreas to target specific concerns (security, performance).
• Review findings and contextualInsights.

Remediation & Testing

• For each finding, call suggest_search_replace with findingTitle and findingDetails.
• Call generate_test_plan to create a verification strategy.
• Apply fixes and implement tests.

Development

npm ci            # Install dependencies
npm run dev       # TypeScript watch mode
npm run dev:run   # Run built server with .env and --watch

Script	Command	Purpose
npm run build	node scripts/tasks.mjs build	Clean, compile, validate, copy
npm test	node scripts/tasks.mjs test	Build + run all tests
npm run test:fast	node --test --import tsx/esm ...	Run tests without build
npm run lint	eslint .	Lint all files
npm run lint:fix	eslint . --fix	Lint and auto-fix
npm run format	prettier --write .	Format all files
npm run type-check	node scripts/tasks.mjs type-check	Type-check without emitting
npm run inspector	Build + launch MCP Inspector	Debug with MCP Inspector

Debugging with MCP Inspector

npx @modelcontextprotocol/inspector node dist/index.js

Build & Release

Releases are triggered via GitHub Actions workflow_dispatch with version bump selection (patch/minor/major/custom).

The pipeline runs lint, type-check, test, and build, then publishes to three targets in parallel:

• npm — @j0hanz/code-review-analyst-mcp with OIDC trusted publishing and provenance
• Docker — ghcr.io/j0hanz/code-review-analyst-mcp (linux/amd64, linux/arm64)
• MCP Registry — io.github.j0hanz/code-review-analyst

Troubleshooting

Issue	Solution
Missing GEMINI_API_KEY or GOOGLE_API_KEY	Set one of the API key env vars in your MCP client config.
E_INPUT_TOO_LARGE	Diff exceeds budget. Split into smaller diffs.
Gemini request timed out	Deep analysis tasks may take 60-120s. Increase your client timeout.
Too many concurrent Gemini calls	Reduce parallel tool calls or increase MAX_CONCURRENT_CALLS.
No tool output visible	Ensure your MCP client is not swallowing stderr — the server uses stdio transport.

License

MIT