AntFleet

GitHub App · PR code review

Two independent frontier models on every PR.

AntFleet uses agreement between independent frontier models as the trust primitive — and pins every closed finding to a public, SHA-verifiable receipt on the PR that resolved it. Unlike single-model reviewers, the audit trail isn't in our database; it's on GitHub's event log, where anyone can check it.

Install GitHub AppView Receipts

What a receipt looks like

Every closed finding becomes a public comment on the original PR. The comment lives on GitHub's event log — not ours — so the timestamp, the closing commit SHA, and the accumulation over time are all third-party-witnessed. The receipts are the artifact.

antfleet-bot·commented on PR #14automated

AntFleet · finding 83e79770-1 closed in 1ee2fd9

SecurityHigh

SQL injection in getOrder handler

apps/api/src/orders.ts:42–56

Originally flagged in the AntFleet review on PR #14. Both frontier models agreed independently. Receipt automated by the daily sweep.

Closed 2026-05-17·commit 1ee2fd9·sweeper v0.3

↳ example receipt — format is identical to what appears on your actual PRs

What it does

Two frontier models

Claude Opus 4.7 and GPT-5 review every PR independently, in parallel.

Unanimous-only posting

Only findings both models flag get posted. The agreement gate eliminates noise at the source.

#

SHA-pinned receipts

Every closed finding is pinned to the resolving commit SHA — a public, verifiable artifact.

Daily sweeper

A cron sweep reconciles open findings against main each day and posts closure receipts automatically.

Maintainer signal

Reactions on posted findings are polled at 24 h, 7 d, and 30 d — real-world RLHF for future routing.

MIT foundation

Built on clawpatch (MIT, openclaw). Permissive lineage. Full audit trail in UPSTREAM.md.

How it works

  1. 01

    Install the GitHub App

    Authorize AntFleet on any repo. No other setup — no config file, no CI yaml changes. The webhook is live on install.

    bash
    # One-click install via GitHub App
# → grants: pull_requests: read, issues: write, contents: read
  2. 02

    Open a PR — review runs automatically

    On every PR open or synchronize event, the two frontier models review changed files in parallel. Only unanimous findings become a comment. Disagreements are silently dropped.

    text
    [anthropic]  claude-opus-4-7   → 9 findings
[openai]     gpt-5             → 7 findings
[agreement]  unanimous gate    → 3 agreed
[post]       PR comment        ✓
  3. 03

    Sweeper closes the loop daily

    Every night at 06:00 UTC, the sweeper checks each open finding against main. When the code is gone, it posts a closure receipt comment on the original PR — SHA-pinned, automated, permanent.

    bash
    # vercel.json cron schedule
"crons": [{ "path": "/api/cron/sweep", "schedule": "0 6 * * *" }]

Honest numbers

Agreement-mode verdict · 6 real-repo runs

0

hallucinated findings in unanimous mode across all 6 runs

ProviderPrecisionRecall
Anthropic Opus 4.7~55%100%
OpenAI GPT-5~80%96%
Unanimous (both)~100%7–13%

Recall verdict: RED

Unanimous mode does not catch most bugs in a curated list — recall is 7–13% across Phase 0 verdicts (V2 + V3). We are transparent about this. The product promise is not "catch everything" — it is "everything we post is real." If you need coverage, AntFleet is not the right tool.

Full methodology and raw data: WEEK1-VERDICT-V3.md

Ready to start building a receipts trail?

Install the GitHub App on any repo. The first receipt appears after the first PR is reviewed and closed.

Install GitHub AppView public receipts