SkillsMay 12, 2026·2 min read

Danger — Automate PR Review Rules in CI

Danger runs scripted PR checks and posts review comments, turning team style rules into repeatable CI feedback instead of manual nitpicks.

Agent ready

Safe staging for this asset

This asset is staged first. The copied prompt tells the agent to inspect the staged files and ask before activating scripts, MCP config, or global config.

Stage only · 29/100Policy: stage
Agent surface
Any MCP/CLI agent
Kind
Skill
Install
Stage only
Trust
Trust: Established
Entrypoint
Asset
Safe staging command
npx -y tokrepo@latest install b32230ce-23a6-47cb-a4d8-2739397ff1c7 --target codex

Stages files first; activation requires review of the staged README and plan.

Intro

Danger runs scripted PR checks and posts review comments, turning team style rules into repeatable CI feedback instead of manual nitpicks.

  • Best for: teams who want consistent PR hygiene (changelog, labels, links) enforced automatically
  • Works with: GitHub/GitLab PR pipelines, Ruby + Bundler, a CI token (e.g. GitHub API token)
  • Setup time: 20–40 minutes

Practical Notes

  • Quant: start with 1–3 rules and expand after a week of signal/noise review.
  • Quant: use --verbose for the first 3 CI runs to diagnose token/PR context issues.

Pattern: make PR policy explicit (and reviewable)

Treat your Dangerfile like any other engineering policy:

  • keep the first sentence of each message actionable (what to change),
  • link to the team standard (CONTRIBUTING / style guide),
  • and version it with code review.

Pattern: split “hard fail” vs “soft warn”

Start with warnings (comments) to build trust, then promote the most stable checks into strict merge gates.

Troubleshooting checklist

  • Confirm the CI job runs only on PRs/MRs.
  • Confirm the correct token env var exists in that job.
  • Run bundle exec danger --verbose locally (in a PR checkout) to reproduce.

FAQ

Q: Is Danger free? A: Yes. It’s open-source under the MIT license; you host and run it in your own CI.

Q: Do I need Ruby in my repo? A: Typically yes. Most teams run Danger via Bundler so versions are pinned per repo.

Q: How do I keep it from being noisy? A: Start with a few high-signal checks, and distinguish warnings from failures.

🙏

Source & Thanks

Source: https://github.com/danger/danger > License: MIT > GitHub stars: 5,666 · forks: 488

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets