DEV.co
AI Coding Agents · imbue-ai

vet

Vet is an AI-powered code review tool that automatically checks code changes and agent behavior for correctness and goal adherence. It runs standalone via CLI, integrates with CI/CD pipelines, and supports multiple LLM providers with your own API keys.

Source: GitHub — github.com/imbue-ai/vet
653
GitHub stars
17
Forks
Python
Primary language
AGPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryimbue-ai/vet
Ownerimbue-ai
Primary languagePython
LicenseAGPL-3.0 — OSI-approved
Stars653
Forks17
Open issues2
Latest releasev0.2.15 (2026-06-10)
Last updated2026-06-10
Sourcehttps://github.com/imbue-ai/vet

What vet is

Vet snapshots diffs, optionally adds conversation context, runs LLM-based checks for logic errors and security issues, then deduplicates findings. Built in Python, licensed AGPL-3.0, with CLI, GitHub Actions, and agent skill integrations; supports OpenAI, Anthropic, Gemini, and custom OpenAI-compatible endpoints.

Quickstart

Get the vet source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/imbue-ai/vet.gitcd vet# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

AI Agent Code Review at Scale

Integrate as an agent skill to automatically verify code generated by Claude Code, Codex, or OpenCode—catching misaligned changes and intent gaps before commit.

CI/CD Pull Request Verification

Deploy via GitHub Actions to systematically review PRs for logic errors, security issues, and compliance gaps without manual intervention.

Local Development Quality Gate

Run from the terminal with goal context (e.g., `vet "Refactor storage layer" --base-commit main`) to catch issues before pushing code.

Implementation considerations

  • Install via pip/pipx/uv; requires Python runtime and API keys (ANTHROPIC_API_KEY, OPENAI_API_KEY, etc.) in environment or `.vet/` config.
  • Configure model via `.vet/models.json` (repo) or `~/.config/vet/models.json` (user); remote registry available via `--update-models`.
  • Use `--history-loader` option to inject agent conversation—note: this executes shell commands as the current user; validate before sharing config presets.
  • Exit codes: 0 (no issues), 1 (runtime error), 2 (usage error), 10 (issues found); integrate with CI workflows accordingly.
  • Output formats (text, json, github) support different downstream consumers; JSON output recommended for programmatic CI integration.

When to avoid it — and what to weigh

  • Proprietary Codebase with AGPL Concerns — AGPL-3.0 requires source code disclosure for derivative works in network services. Review licensing constraints before embedding in commercial products.
  • Air-Gapped Environments — Vet requires direct API calls to external LLM providers (Anthropic, OpenAI, etc.). Not suitable for fully offline or isolated network deployments.
  • Enterprise Compliance with Data Residency — Code and conversation history are sent to external inference providers. Unsuitable if code must never leave corporate infrastructure.
  • Need for 24/7 Commercial SLA Support — This is a community-driven open-source project. No commercial SLA, dedicated support, or guaranteed response times are provided.

License & commercial use

AGPL-3.0 (GNU Affero General Public License v3.0). This is a copyleft license requiring source code disclosure for derivative works or network services that expose its functionality to external users. Permits non-commercial and internal use; commercial use requires careful review.

AGPL-3.0 is not a standard permissive license (unlike MIT, Apache 2.0). Commercial deployment or integration into closed-source products triggers disclosure obligations. If you modify Vet or use it as a backend service accessible to customers, you likely must release source code. Consult legal counsel before commercial deployment. Internal or tool-only use within a company may be safer, but networked exposure complicates this.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityNeeds review
Deployment complexityLow
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Code and conversation history are transmitted to external LLM providers; ensure API keys are restricted and rotated. The `--history-loader` option executes arbitrary shell commands—validate before sharing config presets or using untrusted loaders. AGPL licensing means modification and network distribution create compliance obligations. No hardening guidance provided for sensitive code environments.

Alternatives to consider

GitHub Copilot for code review

Integrated into GitHub, no CLI setup, but less flexible model choice and no agent skill support; proprietary, not open-source.

Coderabbit / Review agents (permissive license)

Commercial SaaS alternatives with PR integration; avoid AGPL licensing but require vendor lock-in and data handling trade-offs.

Local llama.cpp / open model review tools

Air-gapped, self-hosted models avoid external API calls and licensing concerns, but require local hardware and accept less capable review quality.

Software development agency

Build on vet with DEV.co software developers

Install Vet via pip, configure your LLM provider, and start catching issues automatically. Free, open-source, and no vendor lock-in.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

vet FAQ

Can I use Vet in a commercial product?
Not without caution. AGPL-3.0 requires source disclosure for networked derivative works. Internal use or tool-only deployment may be acceptable; consult legal counsel before shipping.
Does Vet store my code or conversations?
No. Code and history are sent directly to your configured LLM provider (Anthropic, OpenAI, etc.). Vet itself does not persist data; your contract with the LLM provider governs retention.
Can I use Vet offline?
No. Vet requires live API calls to external LLM providers. Air-gapped environments would need a self-hosted compatible inference endpoint (e.g., via `--model` custom config).
What models does Vet support?
Builtin: Anthropic (Claude 3.x), OpenAI (GPT-4o, etc.), Google Gemini. Custom: any OpenAI-compatible endpoint via `models.json`. Remote registry allows community contributions.

Software developers & web developers for hire

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If vet is part of your ai coding agents roadmap, our team can implement, customize, migrate, and maintain it.

Integrate AI Code Review Into Your Workflow

Install Vet via pip, configure your LLM provider, and start catching issues automatically. Free, open-source, and no vendor lock-in.