AFAdocs
GitHub App

PR Checks

How AFA analyzes pull requests and posts Check Run results.

PR Checks

When a pull request is opened or updated, AFA automatically analyzes the changed code and posts results.

Analysis flow

  1. Webhook received -- GitHub sends a pull_request event to AFA
  2. Signature verified -- HMAC-SHA256 verification of the webhook payload (mandatory, fails with 500 if webhook secret is missing)
  3. Diff fetched -- AFA retrieves the PR diff via GitHub API (paginated, up to 3 pages)
  4. Billing check -- verifies the installation has remaining quota for analysis
  5. Functions parsed -- tree-sitter extracts changed functions from the diff (diff prefix stripping applied)
  6. Analysis runs -- four agents evaluate each function: security, performance, maintainability, documentation
  7. Check Run created -- results posted as a GitHub Check Run on the PR commit
  8. Comment posted -- summary comment added to the PR with findings

Check Run output

The Check Run includes:

  • Status: success (no critical findings), failure (critical findings), or neutral (informational)
  • Summary: counts of findings by severity
  • Annotations: inline code annotations pointing to specific issues
  • Title: "AFA Gate Check -- N findings"

PR comment format

AFA posts a comment with:

  • Total functions analyzed
  • Findings grouped by category (security, performance, maintainability, documentation)
  • Per-function scores
  • Enhancement eligibility summary

If the installation's tier includes AEGIS, the comment includes an AEGIS upsell section.

Quota behavior

When the monthly analysis quota is exceeded:

  • AFA posts a comment explaining the quota limit
  • The comment includes a link to upgrade at the portal
  • No analysis is performed (no LLM cost incurred)
TierMonthly analyses
Community200
Developer2,000
Team10,000
Enterprise50,000

Error handling

If analysis fails for any reason:

  • The Check Run is updated with an error status
  • The error message is sanitized (internal details are never exposed)
  • The webhook returns a 200 to GitHub (to prevent retry storms)

Analysis only

The GitHub App performs analysis only. It does not:

  • Generate enhancement candidates
  • Modify code or create commits
  • Open pull requests
  • Merge anything

This is by design -- the GitHub App is the free funnel. Analysis uses minimal LLM tokens (no enhancement generation cost). To generate enhancements, use the CLI (afa enhance) or the REST API (POST /v1/enhance).

Installation

Install the AFA Gate Check GitHub App on your repositories.

Nine Gates

Every enhancement must pass all nine quantitative gates before AFA commits it.

On this page

PR ChecksAnalysis flowCheck Run outputPR comment formatQuota behaviorError handlingAnalysis only