Skip to content

feat: add GitHub integration to run Kit as a collaborator/reviewer #60

Description

@ezynda3

Feature Description

Add a first-class GitHub integration that lets users set up Kit as an automated collaborator/reviewer in their GitHub repositories. Users could mention Kit in issue/PR comments (e.g. /kit fix this bug, /kit review) or have Kit automatically review pull requests and triage issues. Kit would run inside a GitHub Actions runner, read the relevant context (issue thread or PR diff), run the agent non-interactively, and respond by posting comments, pushing branches, and opening PRs.

Concretely, this would consist of three pieces:

  1. A composite GitHub Action (e.g. mark3labs/kit-action@v1) that installs the Kit binary, checks out the repo, and runs Kit in --quiet mode against the comment/PR context.
  2. A kit github install command — an interactive setup that prompts for provider/model and auto-writes .github/workflows/kit.yml.
  3. A GitHub handler that reads context, enforces permissions, posts comments/reactions, and creates branches/PRs.

This is directly inspired by how opencode implements its GitHub agent.

Motivation / Use Case

Kit already supports a non-interactive subprocess mode (kit --quiet --no-session --no-extensions --system-prompt ... --model ... "prompt"), which maps almost perfectly onto the "run an agent inside a CI runner" model. Today, however, there is no turnkey way to wire Kit into a GitHub repo as a reviewer/collaborator — users would have to hand-roll workflow YAML, auth, context extraction, and comment posting themselves.

A built-in integration would let teams:

  • Trigger Kit on demand from a comment (/kit ...) to fix bugs, answer questions, or implement small changes that land as a PR.
  • Get automatic PR reviews on pull_request events (code quality, bugs, suggestions).
  • Run scheduled issue triage (e.g. weekly cron to label/triage or surface TODOs).

This turns Kit from a local TUI tool into a collaborator that participates in the team's GitHub workflow, dramatically widening where Kit provides value.

Proposed Implementation

Based on research into how opencode structures this, with a recommendation to start simpler (no hosted backend required):

Phase 1 — Action + install command using GITHUB_TOKEN (no hosted infra):

Rather than opencode's GitHub App + OIDC token-exchange backend (which requires running a hosted service at api.opencode.ai), Kit can start with the built-in secrets.GITHUB_TOKEN for git/PR operations plus a user-provided provider secret (e.g. ANTHROPIC_API_KEY). This captures ~90% of the value with zero hosted infrastructure.

A generated .github/workflows/kit.yml:

name: kit
on:
  issue_comment:
    types: [created]
  pull_request_review_comment:
    types: [created]
jobs:
  kit:
    if: |
      startsWith(github.event.comment.body, '/kit') ||
      contains(github.event.comment.body, ' /kit')
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
      issues: write
    steps:
      - uses: actions/checkout@v4
        with:
          persist-credentials: false
      - uses: mark3labs/kit-action@v1
        with:
          model: anthropic/claude-sonnet-4
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}

A new kit github install command (interactive prompt for provider/model) that:

  • Writes the workflow file above.
  • Optionally uses the gh CLI, if available, to set the provider secret automatically (an improvement over opencode, which requires manual secret setup).
  • Prints next steps.

Phase 2 — GitHub handler logic (could be implemented as a Kit extension, fitting the extension-first architecture):

  • Detect trigger mode: comment-triggered vs pull_request auto-review vs scheduled.
  • Read context (full issue thread, or PR diff via the GitHub API / gh).
  • React with 👀 on the trigger comment while processing.
  • Run the agent; if it leaves uncommitted changes, summarize them, push a kit-agent[bot] branch, and open a PR.
  • Post the response as a comment; remove the reaction when done.

Security parity to copy from opencode regardless of approach:

  • Gate triggers on write/admin collaborator permission only.
  • Use persist-credentials: false; use short-lived, repo-scoped tokens.
  • Run only inside ephemeral Actions runners; commit as a dedicated kit-agent[bot] identity.

Phase 3 (optional, later) — GitHub App + OIDC for a no-secrets-in-repo UX, matching opencode's polished flow. This is the only piece that needs hosted infra (a token-exchange endpoint that verifies the Actions OIDC JWT and mints a 1-hour installation token), so it should be an opt-in upgrade rather than the starting point.

Resolved design decisions (mirroring opencode)

After checking how opencode handles these, we can largely just do what it does:

  • Trigger token & default events — copy opencode exactly. opencode uses /oc and /opencode, matched both at the start of a comment and after a leading space. For Kit we use /kit:

    if: |
      startsWith(github.event.comment.body, '/kit') ||
      contains(github.event.comment.body, ' /kit')

    The auto-generated workflow enables only issue_comment and pull_request_review_comment (both types: [created]), exactly like opencode. The handler can internally support more events (issues, pull_request, schedule, workflow_dispatch) but those are left out of the generated workflow for users to opt into manually.

  • Core vs. extension — lean toward a bundled extension, with one caveat. opencode implements the handler in core as a built-in CLI command (packages/opencode/src/cli/cmd/github.handler.ts). However, opencode has no extension system, so core was its only option. Kit is explicitly extension-first, so a bundled extension is the more idiomatic home and lets users customize review behavior and triggers. Either is viable; this is the one spot where copying opencode verbatim deserves a conscious decision rather than an automatic copy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions