diffray - Multi-agent Code Review

83% of security alerts are false alarms. What happens next is concerning: developers stop reading them. All of them. Research identifies this behavior as "probability matching" — when a tool is 50% unreliable, engineers unconsciously ignore approximately 50% of all alerts, including the genuine ones. Take the Target breach as an example: 40 million cards were stolen, and their security system detected the attack, but the team ignored the alert due to alert fatigue from a noisy tool. In our latest deep dive, we explore: - The 50% threshold for counterproductive tooling - How alert fatigue costs enterprises $1.3 million per year - Why precision beats coverage every time Read the full research here: https://lnkd.in/dWZBUkqB

🚀 We just open-sourced our AI code review engine No account. No cloud. No cost. Today we're releasing diffray CLI - a free, open-source tool that brings multi-agent AI code review to your terminal. Here's what makes it different:  → 6 build-in specialized AI agents review your code in parallel (security, bugs, performance, architecture, quality, consistency) and you could create any number of custom agent, rules  → Runs on Claude Code or Cursor — uses your existing CLI, no extra setup  → Your code stays local — nothing is sent to our servers  → Zero telemetry — we don't track anything We built this because every developer deserves access to intelligent code review — not just teams with enterprise budgets Check out the full announcement 👇 https://lnkd.in/dNRzWN-X Star us on GitHub: https://lnkd.in/dVKJf6TN  #OpenSource #CodeReview #AI #DeveloperTools #CLI #Claude #Cursor

What if your AI reviewer learned from every correction you make? "Every mistake becomes a rule" — the principle we built diffray on. Thumbs down a comment → diffray remembers. Reply "this is legacy" → a scoped rule is created. AI code review that gets smarter with your team.  👉 https://lnkd.in/dF5ePxi3  #AI #CodeReview #DevTools

Your system prompts aren't secret. Neither is your RAG data if you're missing tenant isolation. OWASP just updated their LLM Top 10 for 2025. Two new entries. Both terrifying for anyone building AI apps. We broke down all 10 with real vulnerable code patterns and how to fix them. https://lnkd.in/d_GscZSb

AI identifies a "critical bug" in your pull request, leading to a 20-minute investigation. However, the bug turns out to be nonexistent. After experiencing this 3-5 times, trust in the tool diminishes, even when it is accurate. The data is concerning: - 29-45% of AI-generated code contains security vulnerabilities. - 19.7% of package recommendations are entirely fabricated. - Developer trust in AI accuracy has plummeted from 43% to 33% within a year. On a positive note, layered mitigations can reduce hallucinations by 96%. We explored the research on why large language models (LLMs) hallucinate and what effective solutions exist. For more insights, check out the full article here: https://lnkd.in/dmjtV8Vm

Your tests pass. Your code works. But 6 months later a one-day feature takes a week. → 200-line methods → God Objects with 40 dependencies → 6 levels of nested if-statements No build ever broke. Technical debt just quietly compounded. New: Refactoring Advisor — catches code smells in every PR before they become a rewrite project. https://lnkd.in/dE939w94

Adding more context to an AI can make it DUMBER. Sounds wrong, right? But research from Stanford, Google, and Meta proves it: → 13.9-85% accuracy drop as context grows → GPT-3.5 performed WORSE with 20 documents than with zero → 11 out of 12 models crashed below 50% at just 32K tokens The culprit? Context Dilution. LLMs don't "read" your entire prompt equally. They suffer from a U-shaped attention curve—great at beginnings and endings, terrible in the middle. Dumping your whole codebase into ChatGPT isn't smart. It's sabotage. We wrote a deep-dive with 15+ research papers explaining why—and what to do instead. 📖 https://lnkd.in/efquB64A

Your code passes tests and your build succeeds, but what happens when your page isn't indexed? You might find out weeks later through Search Console that: - Meta description is empty, leading Google to show random text. - Open Graph image returns a 404, resulting in broken links in Slack. - Canonical still points to staging. No tests failed, and no builds broke, yet you silently lose 3 weeks of organic traffic. To address this, we are excited to announce the launch of SEO Expert — diffray's 10th AI agent. This tool identifies SEO issues in every pull request, ensuring problems are caught before merging and deploying, ultimately protecting your rankings. Here’s what SEO Expert checks for: - Missing or duplicate meta tags - Broken OpenGraph images - Incorrect canonical URLs - Missing structured data (JSON-LD) - Heading hierarchy issues - Accidental noindex tags Good SEO is crucial for AI search. Tools like ChatGPT, Perplexity, and Claude rely on Google and Bing for information. If you don’t rank, AI tools won’t cite you either. One optimization can enhance your visibility across two discovery channels. Full details below. Full details 👇 https://lnkd.in/eRv3vZB5

ChatGPT's inconsistent code reviews highlight a significant issue in AI evaluation. When an entire pull request is inputted into a language model with the prompt "review this code," several problems arise: - Signal drowns in noise - Critical files get buried in the "lost middle" - False positive rates range from 60-80% The solution isn't simply larger context windows; it's about implementing structured rules. At diffray, we establish clear guidelines that instruct the AI on: - What to look for - Where to look - How to report findings With the same code and the same rules, the AI delivers consistent findings every time. This post illustrates why determinism is superior to "vibes-based" AI review. 👇 https://lnkd.in/eDBU-mJS

Why do developers ignore 78% of AI code review comments? Because most tools are one AI trying to check security, performance, bugs, and style all at once. Attention spreads thin. Critical issues get lost. We built diffray differently — 9 specialized agents, each an expert in their domain. Meet the team that reviews your PRs: https://lnkd.in/ewYab69u