Stop being the code review bottleneck PostHog engineers share four workflow changes to stop being a code review bottleneck when using AI-generated code, including having multiple agents review each other's code and triaging results to escalate only ambiguous issues to humans. The approach aims to offload simpler reviews to agents so developers can focus on PRs that genuinely need human attention. Stop being the code review bottleneck 4 ways to make AI code review suck less with prompts Agents are writing code faster than any human can review. The naive solution would be for developers to review code faster. The 500 IQ take is for developers to review as little code as possible. If you need to be involved in every code review, you will always be the bottleneck. Instead, put yourself outside of the code review loop by building a pipeline that delegates tasks to agents. We asked engineers at PostHog how they’ve been reviewing AI-generated code to keep shipping fast without losing quality. Here are four workflow changes you can steal with prompts included to make your life easier. 1. Make agents review code for you The number one thing to add, if you haven’t yet, is a way for agents to review code for you. The goal is to offload the simpler reviews to agents, and flag if something genuinely needs a human. The key is that the agent that wrote the code can’t be the one that reviews it. Agents are bad at checking their own work since they’re often unaware of their own blind spots. 1 footnote-1 For the same reason, it’s better to have multiple agents with different instructions and goals to cover more gaps, 2 footnote-2 as well as different models and providers for different reviewers. 3 footnote-3 Here’s how one of our engineers, Paul D’Ambra https://posthog.com/community/profiles/30173?utm source=posthog-newsletter&utm medium=post&utm campaign=code-review , makes his own custom agent review system work: First, spawns four reviewer agents, each with their own special instructions: qa-swarm https://github.com/pauldambra/dotfiles/tree/main/ai/skills/qa-swarm qa-team – spawns technical subagents that hunt for security, database, performance, etc. security-audit – probes for vulnerabilities like SQL or prompt injections paul-reviewer – uses Paul’s voice and focuses on observability, rollouts, naming xp-reviewer – applies an Extreme Programming lens to review Then, sorts those reviews to classify threads into three categories: review-triage https://github.com/pauldambra/dotfiles/blob/main/ai/skills/review-triage/SKILL.md actionable → gets fixed and pushed nits → get resolved and replied to with a comment ambiguous → escalated and sorted for Paul to work through with the agent later An outer loop iterates up to three times or until no new actionable threads appear. From there, you can connect this to another loop that shepherds the PR until it’s ready to merge – more on that in the next section. The takeaway:Save time reviewing code by making agents review each other. This knocks out easier reviews so that only the PRs that really need human attention get flagged. Steal this You can check out and copy Paul’s qa-swarm https://github.com/pauldambra/dotfiles/blob/main/ai/skills/qa-swarm/SKILL.md and review-triage https://github.com/pauldambra/dotfiles/blob/main/ai/skills/review-triage/SKILL.md skills, or use this prompt to design your own review loop based on his: Read Paul D'Ambra's qa-swarm skill, plus its sibling review-triage in the same folder, then help me design my own version: https://github.com/pauldambra/dotfiles/blob/main/ai/skills/qa-swarm/SKILL.md It should take in a single PR, spawn a reviewer panel, triage every finding and existing PR thread into actionable / nit / ambiguous, and keep going until nothing's left but the ambiguous ones flagged for me. Interview me about my stack, tooling, available models, and how autonomous it should be — what gets auto-fixed vs. only reported, and what it may post to GitHub — before writing the final SKILL.md, then install it. That said, these systems can get token expensive: “Something like 60% of my token spend is burned automating the toil of handling CI and review and I don’t regret a single dollar.” – Paul So if running multiple agents or loops isn’t an option for your team, look for single agent designs like this one https://github.com/kunchenguid/no-mistakes by Kun Chen. 2. Delegate PR babysitting to loops The context switching that comes with agentic coding is exhausting. One easy way to reduce that fatigue is by automating code review-adjacent tasks that don’t need your attention. For example, babysitting a single PR can involve tedious tasks like monitoring CI, re-running flaky tests, checking notifications for comments, and keeping the branch up to date. Why waste your most precious resource – your energy – when you can just delegate all of it to a loop https://posthog.com/newsletter/loops?utm source=posthog-newsletter&utm medium=post&utm campaign=code-review ? The takeaway:Reduce context switching and fatigue by delegating simple tasks like PR babysitting to a loop. Steal this You can implement your own PR babysitter skill, based on babysit-prs https://github.com/haacked/dotfiles/blob/main/ai/skills/babysit-prs/SKILL.md by Phil Haack https://posthog.com/community/profiles/32501?utm source=posthog-newsletter&utm medium=post&utm campaign=code-review with the prompt below. It works best if you run it after creating a review loop skill from the previous section. Read https://github.com/haacked/dotfiles/blob/main/ai/skills/babysit-prs/SKILL.md and adapt it for me: same sweep/state design, but it dispatches my own single-PR review skill via a spawned agent per unreviewed PR. Before writing SKILL.md, interview me on: which skill it dispatches and where my skills live, my stack/tooling/models, and which extra tasks to include — CI monitoring, branch freshness, flaky-test reruns, lint/format autofix, regenerating drifted artifacts, description sync. Ground the interview in facts you can discover yourself my open PRs, gh auth, clone layout rather than asking about them. 3. Add a PR auto-stamper Fast-moving teams generate a lot of small, low-risk PRs, and every one still needs approval on GitHub a.k.a., a stamp . At PostHog, we used to handle this in Slack where you drop your PR in dev-stamp-exchange and wait for someone to give it a quick approval and react with a stamp emoji. We even built a leaderboard https://stamphog.vercel.app/ for it. It worked, but each stamp required another engineer to take themselves out of their flow to approve a change they had little to no context on. Now, most of those are done by our StampHog agent instead. And in just one quarter, it gives the final stamp on roughly 1 in 3 PRs merged into our main repo. Our engineers add a stamphog label on their PR in GitHub, and it runs a few safety checks based on: PR state. No merge conflicts or changes requested Blast radius. Deny list keywords auth, secrets, billing, public APIs, etc. Diff size. Under 500 lines and 20 files A simple LLM check. For basic showstoppers If the agent approves, it’ll leave a bare GitHub approval with no line comments. Otherwise, it refuses or escalates with a 1-2 sentence reason, risk level rating, and next steps. Usually that means routing to a subject matter expert based on CODEOWNERS-soft https://github.com/PostHog/posthog/blob/master/.github/CODEOWNERS-soft and git-blame familiarity. We still use dev-stamp-exchange when the agent can’t auto-accept or route, but it’s way less active now. Last month, the StampHog agent took care of 1.6K PRs on its own – that’s 1.6K fewer Slack interruptions for our engineers. The takeaway:Let an agent can take care of low-context PR approvals and routing to reduce distractions. Use deterministic checks to route sensitive code to humans. Steal this The code for StampHog is available here https://github.com/PostHog/posthog/blob/master/tools/pr-approval-agent/ . Many of its inner workings are specific to PostHog, so instead of copying it, here's a prompt to start customizing one for your repo based on ours: Read https://github.com/PostHog/posthog/blob/master/tools/pr-approval-agent/README.md and build the equivalent for the repo at