Bug and correctness checks
The AI identifies logic errors, off-by-one mistakes, null-pointer risks, and incorrect API usage — issues that often slip through manual review.
AI Workloads
Review, fix, and ship
Kabori reviews your code before it reaches humans, fixes broken pipelines automatically, and writes the commit messages and MR descriptions that give reviewers everything they need — so merges happen faster and with more confidence.
01 · Perform a Code Review
Code review that never gets tired
Kabori performs thorough code reviews with full codebase context — catching bugs, security issues, and architectural inconsistencies before they reach your main branch.
MR !42 · AI Review
● Critical
src/auth/session.ts:42 — Session token stored in localStorage; use sessionStorage to reduce XSS exposure
● Medium
src/api/users.ts:87 — Missing input validation on userId; could accept non-UUID values
✓ Passed
Error handling, test coverage, naming conventions
Security analysis
OWASP Top 10 patterns, injection vulnerabilities, insecure deserialization, and exposure of sensitive data are flagged before code is merged.
Architectural consistency
Reviews consider your existing patterns and conventions — flagging deviations from the codebase's established architecture, not just the diff in isolation.
Actionable feedback
Every finding comes with a specific suggestion — not just a description of what's wrong, but a concrete recommendation for how to fix it.
02 · Fixing Failed CI/CD Pipelines
Fix broken pipelines in minutes
Kabori reads your CI/CD logs, identifies the root cause of the failure, and generates a targeted fix — so your pipeline is green again before the next standup.
pipeline #1842 · failed · root cause found
Scanning 4,821 log lines...
✗ FAIL src/services/payment.test.ts — TypeError: Cannot read property 'stripe' of undefined
Root cause:
Mock for PaymentService not initialised before test suite
Fix:
+ beforeEach(() => { paymentService = new MockPaymentService(); });
Intelligent log analysis
The AI parses pipeline logs to isolate the root cause — filtering noise from test runners, linters, and build tools to surface what actually broke.
Root cause in seconds
Stop scrolling through thousands of log lines. Kabori identifies the failing step, the failing assertion, and the code responsible — instantly.
Targeted patch generation
Rather than rewriting surrounding code, Kabori produces a minimal, surgical fix — reducing the review surface and the risk of regressions.
Pipeline-config aware
Kabori reads your CI/CD configuration alongside your source code — so fixes respect your environment variables, stages, and runner constraints.
03 · Write Commit Messages
Commit messages that tell the story
Kabori writes commit messages that explain the why, match your project's conventions, and make your git history a useful artefact — not an afterthought.
Before
wip
After — AI-generated
feat(auth): add PKCE flow to OAuth2 authorization Replace the implicit grant with PKCE to comply with RFC 9700. Code verifier stored in sessionStorage to reduce XSS exposure. Closes #412
Diff-aware messages
The AI reads the full diff — not just the filenames — to understand what actually changed and why, producing messages that explain the intent, not just the mechanics.
Convention-aware formatting
Kabori learns your project's commit style — Conventional Commits, gitmoji, custom prefixes — and formats messages to match without any configuration.
Task context included
When a task spec is available, commit messages reference the relevant requirement or ticket — giving future git blame readers the full picture.
History that tells a story
Good commit messages make git log useful. Kabori ensures every commit is a clear, searchable entry in your project's history.
Related features:
Customization04 · Write MR Descriptions
MR descriptions that tell the full story
Kabori writes merge request descriptions that give reviewers everything they need — context, testing evidence, and linked references — so approvals happen faster and with more confidence.
AI-generated MR description
## Summary Replace implicit OAuth2 grant with PKCE (RFC 9700) across all authentication flows. ## Changes - Added PKCE code verifier/challenge generation - Updated AuthService.startFlow() to attach challenge - Migrated session storage to sessionStorage ## Testing - [x] Unit tests for PKCE generator (100% coverage) - [x] Integration test: full OAuth round-trip - [x] Regression: existing sessions unaffected ## Related - Closes #412 (Security: OAuth2 PKCE compliance)
Comprehensive change summary
Kabori reads all commits in the branch and synthesises a coherent summary — what changed, why, and what was deliberately excluded.
Linked context
Task specs, related issues, and documentation references are woven in automatically — giving reviewers everything they need without hunting for links.
Testing and validation section
A testing checklist derived from the task's acceptance criteria and test plan — so reviewers know exactly what was validated before the MR was opened.
Your template, respected
If your project has an MR description template, Kabori fills it in — populating every section correctly rather than generating a free-form description.
Merge with confidence
Join the private beta and let Kabori review your code, fix your pipelines, and write your commit messages — so every merge is something to be proud of.