Skip to main content

How Custom Checks Work

Custom checks run in a secure, read-only environment against your PR. The agent has access to:
  • Changed files, code snippets, and relevant git history
  • PR title, description, linked issues, and review discussion
  • Pattern and code search tools (ast-grep, ripgrep)
  • Sandboxed shell commands to inspect the repo
  • Web lookups for public documentation
  • Connected MCP tools for internal systems
Process:
1

Analyze

CodeRabbit interprets your instructions against the PR context
2

Verify

The agent gathers evidence using available tools to substantiate findings
3

Decide

Emits Passed, Failed, or Inconclusive with reasoning

Limitations

Custom checks run in a sandboxed environment. Instructions that rely on unavailable capabilities will return Inconclusive or produce unreliable results.
Custom checks cannot:
  • Run your test suite — dependencies are not installed in the sandbox
  • Access node_modules, dist, or build artifacts — build steps are not executed
  • Execute arbitrary repository code — security restriction
  • Post inline comments on specific lines — results appear in the summary table only
  • Check PR approval status or reviewer assignments — not available to the agent
  • Modify the CodeRabbit review — use Path Instructions instead

Writing Effective Instructions

Think of instructions as guidance for a smart teammate who needs explicit criteria, not subjective judgment.

Be specific and actionable

Avoid vague instructions like “Check for security issues”

Define clear pass/fail criteria

Say exactly what causes failure

One concern per check

Don’t bundle security, testing, and documentation into one instruction

Include examples for complex rules

Show what passes and what fails
Avoid these anti-patterns:

Examples

Custom checks can enforce a wide range of guardrails tailored to your team’s needs. Here are a few examples to get you started.