Skip to main content
New aislop v0.10.2: safer GitHub Action pins, reproducible init workflows, and cleaner rule docs. Read the changelog →
← Blog
Tutorial · 6 min read

How to Add a Quality Gate to Your AI Agent in 2 Minutes

Your AI agent writes code fast. Your PR review process was designed for human pace. A quality gate bridges the gap — automatically scanning every diff and blocking merges below your threshold. Here is the fastest setup on the planet.

Your AI agent writes code at machine speed. Your PR review process was designed for human pace. Something has to give — and in most teams, it is the review. PRs merge without being read. Incidents pile up. The loop accelerates.

A quality gate fixes this. It does not replace review — it replaces the manual pattern-checking that humans should not be doing at scale. The gate scans every diff, scores it 0-100, and blocks merges below your threshold. Every PR from every agent. Every time.

Here is how to set it up in 2 minutes.

Step 1: Scan your repo

npx aislop scan

This runs all 40+ deterministic rules against every file in your project. The output is a score from 0-100 with a breakdown by category — formatting, linting, code quality, AI slop, security. No installation required. No config file needed. No API calls.

Step 2: Set your threshold

Create an .aislop/config.yml file in your project root:

ci:
failBelow: 70

That is it. Any PR that scores below 70 will now fail in CI. Set it to 85 for stricter enforcement, 50 for a gentler start. The threshold applies to every PR from every agent — Claude Code, Cursor, Codex, GitHub Copilot, Windsurf, Gemini CLI, all of them.

Step 3: Add it to CI

If you use GitHub Actions, add this job to your workflow:

jobs:
quality-gate:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    - uses: scanaislop/aislop@v0.10.1
      with:
        version: latest

For GitLab CI, Jenkins, CircleCI, or any other platform, the pattern is the same: run npx --yes aislop@latest ci, check the exit code, block if it is non-zero. aislop exits with code 1 when the score is below threshold.

Step 4: Wire it to your agent

Install aislop as a hook in your agent's runtime. The hook scans every edit as your agent writes — before the code hits your repo:

npx aislop hook install --claude

Replace --claude with your agent: --cursor, --codex, --gemini, --windsurf. The hook catches issues on the turn the agent wrote them — instant feedback, instant fix, no PR required.

Step 5 (optional): Set team standards

Use .aislop/config.yml to define thresholds and quality rules that apply across your team:

ci:
failBelow: 70
quality:
maxFunctionLoc: 60
maxParams: 4
engines:
ai-slop: true
security: true

What changes

Before the gate: Agent writes code → PR is created → Reviewer skims → Merge → Incident → Debug → Repeat.

After the gate: Agent writes code → aislop scans → Score below threshold → PR blocked → Agent fixes → Merge.

The gate moves the quality check from after review to before review. That is the difference between catching issues and cleaning up incidents.

The bottom line

Two minutes. One local scan. One CI gate. Your entire team gets a quality gate that works across every language, every agent, every PR. No config file required to start. The gate enforces from day one. You can tune the threshold later.

Run npx aislop scan right now. Your score takes 10 seconds. Your gate takes two more minutes. Start before the next PR merges.

← All posts