Claude Code GitHub Integration

Updated May 2026 · PR reviews, Actions & automation

Claude Code integrates with GitHub in two modes: (1) locally via the gh CLI for PR workflows, and (2) in GitHub Actions for automated review and triage. This page covers both.

Local GitHub Workflows (gh CLI)

Install the gh CLI and authenticate (gh auth login). Then Claude Code can interact with GitHub directly from your terminal.

Create a PR with AI-written description

claude pr create

Claude reads your git diff, commit history, and CLAUDE.md, then writes a PR title, summary, and test plan. Reviews branches and links related issues automatically.

Review an existing PR

claude pr review 42           # review PR #42
claude pr review 42 --comment  # post review as GitHub comment

Generate commit messages

# Stage your changes, then:
claude commit --create

Claude reads your staged diff and recent git log to match your repo's commit convention.

Triage issues

gh issue list --json title,body | claude "categorize these by area and priority"

GitHub Actions Integration

Automated PR Review on Every Push

# .github/workflows/claude-review.yml
name: Claude Code Review

on:
  pull_request:
    types: [opened, synchronize, reopened]

permissions:
  contents: read
  pull-requests: write

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'

      - name: Install Claude Code
        run: npm install -g @anthropic-ai/claude-code

      - name: Run Review
        id: review
        env:
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
          CLAUDE_NO_CONFIRM: "1"
        run: |
          git diff origin/${{ github.base_ref }}...HEAD > /tmp/pr.diff
          REVIEW=$(cat /tmp/pr.diff | claude review --format markdown)
          echo "review<> $GITHUB_OUTPUT
          echo "$REVIEW" >> $GITHUB_OUTPUT
          echo "EOF" >> $GITHUB_OUTPUT

      - name: Post Review Comment
        uses: actions/github-script@v7
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: `## Claude Code Review\n\n${{ steps.review.outputs.review }}`
            })

Block Merge on Critical Issues

# Add to your review job:
      - name: Check for Critical Issues
        env:
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
          CLAUDE_NO_CONFIRM: "1"
        run: |
          git diff origin/${{ github.base_ref }}...HEAD | \
          claude review --format json | \
          jq -e '.findings | map(select(.severity == "critical")) | length == 0' || {
            echo "❌ Critical issues found. Fix before merging."
            exit 1
          }

Security Review on Auth Changes

# .github/workflows/security-review.yml
name: Security Review

on:
  pull_request:
    paths:
      - 'src/auth/**'
      - 'src/middleware/**'
      - 'src/models/user*'

jobs:
  security:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - run: npm install -g @anthropic-ai/claude-code

      - name: Security Review
        env:
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
          CLAUDE_NO_CONFIRM: "1"
        run: |
          git diff origin/${{ github.base_ref }}...HEAD | \
          claude "/security --report" > security-report.md

      - name: Upload Security Report
        uses: actions/upload-artifact@v4
        with:
          name: security-report
          path: security-report.md

Auto-generate Release Notes

# On push to main, generate release notes from commits
      - name: Generate Release Notes
        env:
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
          CLAUDE_NO_CONFIRM: "1"
        run: |
          git log --oneline $(git describe --tags --abbrev=0)..HEAD | \
          claude "Write release notes from these commits.
                  Group by: Features, Bug Fixes, Performance, Breaking Changes.
                  Use GitHub markdown with ## headers." > RELEASE_NOTES.md

GitHub App Integration

For larger teams, set up Claude Code as a GitHub App that responds to PR comments:

Create a GitHub App with pull_requests: write and issues: write permissions
Deploy a small webhook server that receives PR events and runs claude review
Trigger a review by commenting /claude review on any PR

This pattern lets reviewers pull in AI analysis on-demand without blocking the CI pipeline on every push.

Best Practices for CI Integration

Store API key safely: Add ANTHROPIC_API_KEY to GitHub Secrets (Settings → Secrets → Actions). Never hardcode it in workflow files.

Set CLAUDE_NO_CONFIRM=1 in all CI jobs — Claude should never wait for input
Use --format json for reviews you want to parse programmatically
Cache the Claude Code npm package between runs to save install time
Set --max-tokens to control cost on large diffs
Run security reviews only on paths that matter (paths: filter)
Gate blocking checks on severity == "critical" only — warning-level findings should be informational

Cost Control in CI

# Limit token usage for CI reviews
claude review --max-tokens 2000 --format json

# Only review files that changed (not the whole codebase)
git diff --name-only origin/main...HEAD | xargs claude review

→ Next: Project Setup Guide

← Back to Home