AI Code Review API
Scan Code for Bugs & Vulnerabilities
Scan any code snippet for security vulnerabilities, bugs, and performance issues with a single REST call. Get structured JSON findings, severity ratings, and a 0-100 quality score, with no setup and no models to host.
What it checks
Security vulnerabilities
Injection flaws, hardcoded secrets, unsafe eval, and weak crypto.
Bugs & logic errors
Null handling, off-by-one mistakes, and unhandled edge cases.
Performance issues
N+1 queries, needless loops, and blocking calls.
Best practices
Naming, structure, and maintainability suggestions.
Try it live
Click “Run review” to see the JSON response.
Quickstart
One authenticated POST request. Official JavaScript and Python SDKs available.
curl -X POST https://api.mecanik.dev/v1/client/YOUR_UUID/tools/ai-code-review \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"code":"const x = eval(input)","language":"javascript"}' const res = await fetch(
"https://api.mecanik.dev/v1/client/YOUR_UUID/tools/ai-code-review",
{
method: "POST",
headers: {
Authorization: "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
},
body: JSON.stringify({ code: source, language: "javascript" }),
},
);
const { result } = await res.json();
console.log(result.analysis.issues);import requests
r = requests.post(
"https://api.mecanik.dev/v1/client/YOUR_UUID/tools/ai-code-review",
headers={"Authorization": "Bearer YOUR_TOKEN"},
json={"code": source, "language": "python"},
)
print(r.json()["result"]["analysis"]["issues"])Common use cases
PR review bots
Post findings as comments on every pull request automatically.
CI/CD gates
Fail a build when a critical issue is detected before deploy.
IDE & editor plugins
Surface inline review feedback as developers write code.
Learning & teaching
Explain risky patterns to junior developers with concrete fixes.
Simple, pay-as-you-go pricing
Pay only for what you use, with no subscription. See full pricing.
When to use the AI Code Review API
Manual review does not scale to every commit, and traditional linters miss context-dependent risks like injection through string interpolation or a secret committed in a config file. The AI Code Review API fills that gap: it reasons about the snippet the way a senior reviewer would, flags the issues that matter with a severity you can act on, and hands back a fix you can apply, all as structured JSON your tooling can parse.
Because it is a single stateless endpoint, you can wire it into a pull-request bot, a pre-deploy CI gate, or an editor extension in an afternoon. Pair it with the SEO Analyzer and the other Mecanik API tools to cover security, quality, and performance from one API key and one credit balance.
Frequently asked questions
What languages does the AI Code Review API support?
Any language. Pass an optional language hint for better results: JavaScript, TypeScript, Python, Go, Rust, Java, C#, PHP, Ruby and more are all supported.
How much does the AI Code Review API cost?
Each call costs 10 credits. Every new account gets 100 free credits, and credit packs start at $5, so you only pay for what you use, with no subscription and credits that never expire.
Is my code stored?
No. Snippets are analyzed in-request and are not retained. See the privacy policy for full details on data handling.
What does the response look like?
Consistent JSON in the form { result, success, errors }, where result.analysis contains an array of findings (severity, category, line, description, fix) and an overall 0-100 quality score.
Can I use it in CI/CD?
Yes. It is a stateless REST endpoint with fast edge responses and a simple Bearer-token auth, so it drops cleanly into GitHub Actions, GitLab CI, or any pipeline that can make an HTTP request.
Start building in under a minute
Create a free account and get 100 credits. No card required.
Get your API key