Pullfrog
Console
GitHub

Bring your favorite agents into GitHub.

Auto respond to reviews

Leverage the power of coding agents inside GitHub. Review PRs, make plans, triage issues, or iterate on code — without leaving GitHub. Open source, powered by GitHub Actions, works with any LLM provider.

Pullfrog

Pullfrog is an integration layer between GitHub and your LLM provider of choice. Based on incoming webhook events, it triggers agent runs inside your repo's GitHub Actions. The agent — armed with a set of MCP tools from Pullfrog — can write code, review PRs, make plans, create issues, answer questions, and more.

Bring your own model

Bring your own model

Works with any LLM provider: Anthropic, OpenAI, Google, Mistral, DeepSeek, OpenRouter, and more. Switch models with a config change to stay state-of-the-art. All API keys are stored as GitHub secrets.

Powered by GitHub Actions

Powered by GitHub Actions

Once you've added the .github/workflows/pullfrog.yml workflow, Pullfrog can trigger workflow runs programmatically in response to incoming webhook events. The pullfrog/pullfrog GitHub Action installs and spawns your configured agent with appropriate permissions and instructions.

Your keys, your way

Your keys, your way

All API keys are stored using GitHub's secret management system. The action auto-masks all keys and passes the minimum necessary environment variables through to the agent. All GitHub-related actions are performed using a short-lived installation token that is auto-revoked when the run completes.

Tag for agent

Tag for agent

No new UI to learn. Trigger agent runs with an at-mention anywhere in your repo. It pulls in the relevant context from where it was tagged and figures out what to do.

Configurable automations

Configurable automations

Configure automated agentic responses to common events, like new issues or pull requests. Use custom prompts to customize the agent's behavior.

Iterate via PR reviews

Iterate via PR reviews

Pullfrog automatically addresses reviews on PRs it creates. Just leave review comments as you would for a human colleague. Pullfrog will handle it and keep you posted as it works.

Auto-fix CI failures

Auto-fix CI failures

Like a good human colleague, Pullfrog detects CI failures on its own PRs and attempts a fix. It can be configured to attempt CI fixes on human-created PRs too.

Built for teams

Built for teams

Designed for team collaboration with organization-wide permissions, shared configuration, and async workflows. GitHub remains the single source of truth for access control — team members only see repos they have access to on GitHub. Perfect for distributed teams working asynchronously.

Free for open source

Free for open source

The Pullfrog GitHub action is open-source and free for any open source projects, forever. Inspect every line of code, contribute improvements, and keep complete control over your development workflow.

FAQs

Everything you need to know about Pullfrog.

Is Pullfrog an agent?
No, Pullfrog is not an agent itself. Pullfrog is an "agent harness" that orchestrates agent runs by cross-referencing incoming webhook events against your configured trigger rules. It provides a set of MCP tools to each agent to perform common git- and GitHub-related tasks, along with a standard configuration system for triggers, modes, and permissions. Think of it as the infrastructure layer that makes AI agents effective collaborators on your GitHub repos.
How is Pullfrog different from other AI coding tools?
Pullfrog is model-agnostic — it uses a secure agent harness that works with any LLM provider (Anthropic, OpenAI, Google, and more) rather than locking you into a specific vendor. It's also GitHub-first, with no new UI to learn, and designed for team-based asynchronous development workflows.
What models does Pullfrog support?
Pullfrog supports any LLM provider including Anthropic, OpenAI, Google, Mistral, DeepSeek, and OpenRouter. Add your provider's API key as a GitHub secret and you're ready to go.
How do I trigger Pullfrog workflows?
You can trigger workflows by tagging @pullfrog anywhere, or configuring it to run automatically in response to certain events.
How does Pullfrog handle security and permissions?

All API keys are stored as GitHub secrets, following the principle of least privilege. Only the minimum set of environment variables necessary for the agent to function are passed through to each run. GitHub automatically masks all secrets in logs to prevent accidental exposure.

All Git- and GitHub-related actions are performed using a short-lived GitHub App installation token that is automatically revoked at the end of each workflow run. This ensures that tokens never persist beyond their intended use and minimizes the risk of unauthorized access.

Best practices around secrets management and data security are automatically appended to all agent prompts, ensuring that agents are consistently reminded to handle sensitive information appropriately throughout their execution.

How does Pullfrog handle permissions and access control?

GitHub remains the single source of truth for organization and repo-based permissions. In an organization context, users can only see the repos that are visible to them on GitHub, ensuring that access control is consistent with your existing GitHub permissions. Only organization admins can change Pullfrog settings.

Pullfrog relies on GitHub itself to enforce these permissions. Each user's dashboard is populated with live data from the GitHub API using a user-scoped token. In this way, Pullfrog always reflect the current state of your GitHub organization, without requiring separate permission management in Pullfrog.

How does Pullfrog support asynchronous development?
Pullfrog enables asynchronous development by letting you kick off agentic runs and let them work while you focus on other tasks. It's perfect for CI/CD integration and maintains context across multiple agent executions.

Stay updated

Pullfrog is now in early access. Join the waitlist below and we'll send you an invite soon.

Join with email