How is Acuvis different from CodeRabbit or Greptile?

CodeRabbit and Greptile leave AI comments on a GitHub diff. Acuvis is a full pull-request review IDE: a cluster canvas, an outliner, and a detail view, plus plain-English summaries at four levels (PR, cluster, file, hunk). You can still get smart inline annotations, but the unit of work is the cluster, not the line.

What does Acuvis do that GitHub's review tools don't?

GitHub gives you a flat list of changed files. Acuvis groups them into architectural clusters by what they actually do, writes a one-sentence summary for each, and draws lines showing what depends on what. You read the architecture first, then drill into individual lines only when needed.

Is Acuvis free for open-source projects?

Yes. Public repositories don't count against any quota on any plan, including the free tier. Open-source projects review free forever.

How do you handle our source code?

Code analysis runs in Firecracker microVMs on Fly Machines, one per pull request, destroyed when the analysis finishes. The review document keeps the diff so the IDE can render it back to you, scoped to your organisation. Inference goes through Fireworks AI, which commits to no training on customer prompts and zero data retention by default.

How does pricing work?

Per review, not per seat. A review is one head SHA per repository per 24 hours. You can add as many reviewers to a pull request as you want without changing the bill. Plans range from free (10 private reviews / month) to Scale ($99 / month, 500 private reviews) plus a custom Enterprise tier.

high blastrisk 75

Analytics, expiration, and rate limiting

Adds click tracking, link expiration, password protection, and IP-based rate limiting across the short-link service.

3 files+119 / −47

SCA

medium blastrisk 45

Link expiration and password protection

Adds expiration and password-gated access to short links, plus click recording on every resolve.

4 files+118 / −365

SCP

medium blastrisk 45

Click analytics service and handler

Click recording, counting, and retrieval with ownership verification on every read path.

3 files+166 / −05

PrCP

medium blastrisk 60

Link password hashing module

SHA-256 hashing for short-link passwords. Risk: unsalted SHA-256 is reversible via rainbow tables.

1 files+22 / −01

pr #2847 · cluster dependency graph

Pull request review IDE

Diffs are flat.Code isn't.

Acuvis reads the diff, groups it into clusters, and tells you what every file does in plain English. You skim the architecture first. The lines come later, only when they matter.

Start free See demo review View on GitHub

Start free See demo reviewDView on GitHub

demo · Acuvis reviewed acuvis-demo#1. Open it in the IDE to see the canvas, or read the bot's comment in the GitHub thread.

Freeon public repos

10 / moprivate reviews · free tier

4 levelsof plain-English summary

6 concernscolor-coded across every view

Cluster dependency thread · acuvis-app#2847

Token validation boundary

risk 82

Reworks token validation into an explicit service boundary and introduces rotating secret lookup with retry backoff.

3 filesS 2C 1P 1Open ›

Review worker retry path

risk 61

Adds exponential backoff and a single-flight queue in front of the review worker so transient failures stop cascading.

3 filesP 2A 1Open ›

Hash-chain audit events

risk 76

Emits signed events on every comment, resolution and reviewer change, chained to the previous event’s hash.

3 filesA 2C 1Open ›

Reviewer regression coverage

low

Backfills tests around the new validation boundary and audit-event emitter.

2 filesT 2Open ›

01Read code, not diffs

Four levels of plain English, written before you scroll a single line.

Every pull request gets a top-level briefing, a sentence per cluster, a line per file, a line per hunk. Below is the actual output Acuvis produced on a real auth refactor.

Pull request summary·two to four sentences

This PR changes the service-token validation boundary, moves retry policy into the review worker path, and adds hash-chain audit emission around review submission. The highest-risk area is the token refresh fallback, because stale secrets can still be accepted during a narrow retry window.

Cluster: token validation boundary·one sentence

Reworks token validation into an explicit service boundary, and introduces rotating secret lookup with retry backoff.

File:src/auth/token-validator.ts

Move validation to a rotating-secret boundary.

Hunk:validateServiceToken refresh fallback·lines 38 to 71

Adds retryWithBackoff around secret lookup and token verification.

02How it works

How a review goes with Acuvis.

From the moment a pull request opens to the moment you click merge, this is what happens.

CONNECT

Connect your repo

Add Acuvis to any GitHub repository, public or private. The moment a pull request opens, we read the diff and start working. Your source code never lives on our servers.

ANALYZE

Read every file

Acuvis goes through the change line by line. Quick checks catch the obvious things; the AI handles the rest. By the time you open the review, it already understands what the PR is doing.

the core — the rest is plumbing

UNDERSTAND

Tell the story

Files get grouped into clusters by what they do: auth, payments, tests, infrastructure. Each cluster, file, and hunk gets a one-line summary. The whole PR has a story you can read in thirty seconds.

REVIEW

Review at your pace

Skim the cluster map. Drill into anything worth a closer look. Comment, resolve, move on. Acuvis remembers where you've been and what you've already read.

03One PR, four resolutions

Four ways to look at the same review.

Each mode is the same review at a different zoom level. Whatever you focus on, comment on, or mark as seen carries across all four.

cluster-auth

cluster-worker

cluster-audit

⌥1· Canvas

Cluster dependency graph

Five to ten clusters, color-coded, with arrows showing what uses what.

token-validator.ts

secret-store.ts

errors.ts

⌥2· File detail

Files inside a cluster

Individual file cards, with lines showing how each one depends on the others.

▾ ● cluster-auth

▾ ● token-validator.ts

· refresh fallback

· audience claim

▸ ● secret-store.ts

▸ ● errors.ts

▾ ● cluster-worker

▸ ● retry.ts

⌥3· Outliner

Tree of clusters, files, hunks

Keyboard-driven. Skim signatures, jump to anything, mark things seen as you go.

36 async validateServiceToken(t) {

− const key = lookupSecret(t.kid)

+ const key = await retryWithBackoff(

+ () => lookupSecret(t.kid),

+ { tries: 3, base: 200 }

+ )

42 if (!key) throw new InvalidKey()

+ algorithms: ['RS256'],

45 })

⌥4· Hunk

The actual diff, when you need it

Comment on lines or hunks. Resolve threads. Audit log records every move.

04What we look for

Six concern types. Six colors. The same vocabulary at every level.

The AI tags every cluster, file, and hunk with one or more concerns. The same six colors show up on the canvas, in the outliner tree, and in the diff gutter. A glance is usually enough.

Security3 / 14

Auth boundaries, secret handling, injection surfaces, supply chain.

Privacy2 / 14

PII handling, data retention, consent, third-party sharing.

Correctness2 / 14

Logic errors, off-by-one, missing edge cases, type confusion.

Performance2 / 14

N+1 queries, hot loops, unbounded resources, retry storms.

Architecture4 / 14

Coupling, layering violations, leaky abstractions, dead code paths.

Tests1 / 14

Missing coverage, flakes, assertion gaps, brittle mocks.

Security

Auth boundaries, secret handling, injection surfaces, supply chain.

3 / 14

Privacy

PII handling, data retention, consent, third-party sharing.

2 / 14

Correctness

Logic errors, off-by-one, missing edge cases, type confusion.

2 / 14

Performance

N+1 queries, hot loops, unbounded resources, retry storms.

2 / 14

Architecture

Coupling, layering violations, leaky abstractions, dead code paths.

4 / 14

Tests

Missing coverage, flakes, assertion gaps, brittle mocks.

1 / 14

05Pricing

Pay per review. Not per seat.

A review is one head SHA per repo per day. You can have as many reviewers as you want without changing the bill. Public repositories are always free, with no quotas.

Plan

Free

$0/ mo

Starter

$10/ mo

Team

$29/ mo

Scale

$99/ mo

Enterprise

Talk to us

Private reviews / mo

150

500

custom

Public reviews

Unlimited

Overage / review

— hard cap

$0.30

$0.25

custom

Reviewers per repo

Unlimited

Dedicated support + SLA

—

✓

Free

$0/ mo

Private reviews / mo10

Public reviewsUnlimited

Overage / review— hard cap

Reviewers per repoUnlimited

Dedicated support + SLA—

Start free →

Starter

$10/ mo

Private reviews / mo50

Public reviewsUnlimited

Overage / review$0.30

Reviewers per repoUnlimited

Dedicated support + SLA—

Choose Starter

Team

$29/ mo

Private reviews / mo150

Public reviewsUnlimited

Overage / review$0.30

Reviewers per repoUnlimited

Dedicated support + SLA—

Choose Team

Scale

$99/ mo

Private reviews / mo500

Public reviewsUnlimited

Overage / review$0.25

Reviewers per repoUnlimited

Dedicated support + SLA—

Choose Scale

Enterprise

Talk to us

Private reviews / mocustom

Public reviewsUnlimited

Overage / reviewcustom

Reviewers per repoUnlimited

Dedicated support + SLA✓

Talk to sales

What counts as a review?
One unique head SHA per repository per 24 hours. Force-push inside that window and we won't double-charge. Public repositories never count against your quota.

Cancel any time.
Plans are monthly, no commitment, no haggling on seat counts. If a plan stops fitting, change it from the dashboard whenever you like.

Every plan, every pull request

Plain-English summaries at four levels

The PR, every cluster, every file, every hunk gets a sentence. Read the architecture before reading code.

Cluster dependency canvas

A visual map of what the PR changes and how the pieces connect. The view nobody else gives you.

Pre-analysis runs before the AI

Gitleaks, Semgrep, ESLint, and Ruff scan the diff first. The AI spends its attention on what actually needs thinking.

Concern taxonomy across five themes

Security, Correctness, Performance, Architecture, Tests. The same five colors from canvas to diff gutter.

Multi-resolution review

Canvas, Split, Outliner, Files. Switch zoom levels without losing focus, seen state, or your drafts.

Hash-chain audit log

Every comment, resolution, and reviewer assignment chained and signed. Verify or export any time.

Pay per review, not per seat

Add the whole team to a pull request. Bring in a guest reviewer for one PR. Your bill doesn't change.

Unlimited public repositories

Open-source projects review free forever. No quota, no card, no asterisks.

Stop scrolling diffs. Start reading what changed.

Sign in with Google or GitHub, connect a public repo, and you're reviewing on the canvas in about a minute. No card, no quota, no waiting list.

Create an account →See demo review View on GitHub

Audit chain

Every action is signed and chained.

Every comment, every resolution, every change of mind gets recorded into a per-organisation chain that can be verified after the fact. Export it to your own systems any time.

ev_19f4a8c2·seq 47,184·SHA-256 chained

Residency

EU-hosted control plane.

Your data lives in the EU. AI inference runs through US providers under standard data processing agreements, and nothing is persisted past the moment we need it. Source code never touches our disks.

Security

Every PR runs in its own microVM.

Code analysis runs in Firecracker microVMs on Fly Machines, the same isolation technology that backs AWS Lambda. Each pull request gets its own VM, destroyed when the analysis finishes. Inference goes through Fireworks AI, which doesn't train on prompts.