Hey, you probably already saw that reviewing AI-generated code is a nightmare and quickly becomes a bottleneck. Everyone is using AI agents to write code fast, but the hard part is reviewing a bazillion lines.

I was thinking about building something that would guide me during development and during PR reviews. Something that would give me signals based on facts, risks, and evidence. Not just one LLM reviewing the code it generated. The initial idea was to add a deterministic review layer and combine that with LLM reasoning, and use that to find gaps in code and point me to the most important places, so I don't need to read line by line.

I ended up building a tool called vdiff, and it is working very well for me, and I'm constantly improving it. It is a CLI that analyzes your git diffs and gives you a structured report: what changed, what's risky, and what's missing. It uses tree-sitter for AST diffs and an LLM on top, so you get actual evidence for each finding, not just vibes.

Some of the output signals: - Tells you if it's safe to merge, with a risk score - Lists what's wrong, how confident it is, and shows the evidence - Dependency graph for blast radius analysis - Review memory (tracks resolved/reopened findings across sessions) - You can point it at a spec or PRD, and it checks if the changes actually match - Structural metrics (acyclicity, depth, equality, graph)

It runs locally; I didn't want the tool publishing the code to a third-party server, so your code never leaves your machine. BYOK (bring your own LLM key) - you interact directly with the provider.

If you want to give it a try:

  npm i -g @4bk/vdiff     # install globally
  pip install graphifyy   # required to generate the knowledge graph
  cd your-project         # go to a git repo
  vdiff init              # set up provider, API key, build knowledge graph
  vdiff -v                # analyze staged changes

Would love to hear if this is something helpful for you as well, and what kind of signals you'd want to see. I usually run it before each commit on a feature branch, and then on CI to verify the feature branch against main.

Any feedback is very welcome, and if it is crap, well, then just say it.

Cheers

Field vs. Google, Inc

Grok 4.3 is way cheaper and better than before

OWASP Agent Security Regression Harness

Screw You Realtek

Data theft: Teen arrested over hacking of French government website

Things I Think I Think About Data Privacy

Claude Code, Copilot and Codex got hacked. Attackers went for the credentials

24 Years Ago Today, Bethesda Changed Open World RPG Video Games Forever

sRGB profile comparison

Roll your own local AI coding agents to save money

How a dose of MDMA transformed a white supremacist

Show HN: Vdiff – CLI to help you review AI-generated code

The cruelty of teaching computing science (EWD 1036)

Internet of Agents

Interoperability for LLM Applications

The longest railway tunnel is being built under the Alps

Next Dog May Live Longer

The only schema language AI speaks is JSON Schema

Why Andromeda Is Both 2.5M Years Away and Just Around the Corner

Mini PC for local LLMs in 2026

World AI Agents–35 AI Models (Claude, GPT, Llama)via One OpenAIcompatible API

Microsoft brings a Linux-style window trick to Windows 11 via PowerToys

Touch Typing Number Keys

See what 4D shapes look like (interactive grapher)

Tripwire: An experiment in zip bombing bad actors

Self-declared 'King of Switzerland' builds empire of 117,000 square metres

How to detect paying Cloudflare customers

A Private (PQ Safe) E-Mail Provider You Can Verify End to End

Show HN: Threej games – open-source gaming portal

Sora's downfall signals broader problems with AI's creative utility

Show HN: Raw Binary Program Analysis Tool