Scaling AI-Powered Code Review: Cloudflare's Multi-Agent Architecture

Introduction

Code review is a cornerstone of software quality, catching bugs and spreading knowledge. Yet it often becomes a bottleneck: merge requests languish in queues, reviewers context-switch to parse diffs, and cycles of nitpicks and responses stretch wait times to hours. At Cloudflare, the median first-review wait across internal projects was measured in hours—a serious drag on velocity. To address this, we built an AI-driven orchestration system that deploys multiple specialized agents to review changes automatically, dramatically reducing latency and improving accuracy.

The Challenge of Traditional Code Review

Traditional code review depends on human availability and focus. A developer opens a merge request; it enters a queue. Eventually, a reviewer context-switches, reads the diff, and leaves comments—often about variable naming or minor style issues. The author responds, and the cycle repeats. This overhead not only slows down delivery but also frustrates engineers who want to ship code quickly. At scale, across thousands of repositories, the problem multiplies. We needed a solution that could handle volume without sacrificing quality.

Early AI Experiments

Like many teams, we first experimented with off-the-shelf AI code review tools. They worked well in isolated cases, offering customization and good results. But for an organization of Cloudflare's size, they lacked the flexibility needed to enforce internal standards across diverse codebases. Our next attempt was simpler: feed a git diff into a generic prompt for a large language model (LLM) and ask it to find bugs. The output was noisy—vague suggestions, hallucinated syntax errors, and advice like “consider adding error handling” on functions that already had it. This naive summarization approach failed on complex codebases.

The Architecture: Specialized Reviewers and a Coordinator

Instead of building a monolithic AI reviewer, we created a CI-native orchestration system around OpenCode, an open-source coding agent. When an engineer opens a merge request, it triggers a coordinated set of up to seven specialized AI agents, each focusing on a specific domain: security, performance, code quality, documentation, release management, and compliance with our internal Engineering Codex. These specialists run independently, then report their findings to a coordinator agent that deduplicates issues, judges severity, and posts a single, structured review comment. This modular approach avoids the pitfalls of a monolithic prompt and allows each agent to be fine-tuned for its domain.

Orchestration Details

The system integrates directly into our CI/CD pipeline. On every merge request, it launches the agents in parallel, each analyzing the diff from its perspective. The coordinator collects results, merges similar findings, and assigns a severity rating (e.g., blocker, critical, minor). Only genuine, serious bugs or security vulnerabilities block merges; clean code is automatically approved. This reduces false positives and keeps the review focused.

Results and Impact

We've been running this system internally across tens of thousands of merge requests. The results are impressive: it catches real bugs with high accuracy, flags security vulnerabilities, and actively blocks merges when necessary. At the same time, it approves clean code instantly, eliminating waiting times for low-risk changes. This is one pillar of our broader Code Orange: Fail Small initiative, aimed at improving engineering resiliency. The system not only speeds up development but also frees human reviewers to focus on architectural and design discussions rather than syntax checks.

Conclusion

Building a multi-agent orchestration system for code review required moving beyond naive LLM prompts. By deploying specialized reviewers and a coordinator that deduplicates and judges severity, we achieved scalable, accurate AI code review. This architecture reduced median review wait times from hours to seconds, improved bug detection, and integrated smoothly into our CI/CD pipeline. For any team facing similar bottlenecks, this modular, CI-native approach offers a practical path to scaling code review without losing quality.