Critique Welcomes Claude Code: Review Here, Execute on Claude
Critique decides what should change on a pull request. Claude Managed Agents change it. Connect them with your own Anthropic key and stop paying twice for the same thinking.
Critique × Claude
Review depth. Your agent. One PR.
critique.sh
Critique welcomes Claude Code.
Review depth from Critique. Execution in Anthropic Managed Agents with your API key, PR checkout, and scoped blueprint — the same separation Cursor BYOA already proved.
The thesis: partners, not rivals
The AI tooling discourse keeps forcing a fight that does not exist. Review bot versus coding agent. Critique versus Claude Code. Every launch thread asks which one makes the other obsolete. That framing is expensive and wrong.
Claude Code is one of the strongest execution agents shipping today. It reads repositories, runs commands, holds context across a long task, and writes real diffs. Critique is built for a different question entirely: should this pull request merge, and what exactly is wrong with it? Those are two jobs. Pretending one product should swallow both is how you end up with confident fixes built on weak evidence.
So we did the obvious thing. Critique now hands its scoped blueprint to Claude Managed Agents and lets Claude execute the fix on your PR—billed to your Anthropic account, not ours. **Review here. Execute on Claude.** No re-explaining the repo. No paying twice for the same cognitive work.
Two jobs, one pull request
Mixing these into a single agent is how you get a fast patch that misses the call site nobody changed. Separating them is how you get speed without surrendering judgment.
| Question | Critique | Claude Managed Agent |
|---|---|---|
| Primary question | Should this merge as-is? | How do we implement what Critique flagged? |
| Success metric | Fewer false positives, clear verdict, auditable findings. | Valid diff, passing validation, commits on the PR branch. |
| Context it owns | Repo graph, call sites, tests, security surface, policy. | The bounded brief Critique produced—not the whole world. |
| Billing | Critique review credits. | Your Anthropic API usage. |
| Where it runs | GitHub App checks, sandbox review, dashboard artifact. | Anthropic-hosted Managed Agent session with your repo mounted. |
| When to reach for it | Every PR that needs an independent review pass. | After you trust the findings and want them implemented. |
How the handoff actually works
When you click **Queue Claude agent** on a completed review run, Critique walks a deliberately small, auditable sequence. There is no hidden magic—just a clean contract between the review artifact and the Managed Agents API.
Step by step: on first use Critique **provisions a Managed Agent once per account**—an agent definition built on the `agent_toolset_20260401` toolset plus a cloud environment—and records their IDs on your encrypted key row so the next run reuses them. Each fix then **starts a session** with a `github_repository` resource mounted at your PR head ref (branch or exact SHA) using the **GitHub App installation token** for the clone. Critique **sends the scoped blueprint as a `user.message` event**, then **streams events until the session reports `idle` or `terminated`.** Every call carries the `managed-agents-2026-04-01` beta header.
- Repository, PR number, and exact head ref/SHA
- Allowed write files lifted from the review artifact
- Validation commands (lint, test, typecheck, build when detectable)
- Stop conditions, max fix loops, and operator instructions
- A concise review summary and the findings worth acting on
- Anthropic API key, encrypted at rest in Settings
- Managed Agent + cloud environment running under your account
- Model choice (default claude-sonnet-4-6, server-overridable)
- Commits pushed to the PR branch
- Anthropic token usage and billing
Your key is server-side encrypted, not browser-local
There are two different Claude paths in Critique, and the distinction matters. The **chat handoff** uses a device-local key to prepare a thread export—useful, lightweight, and never leaves your browser. The **review-run queue path is different**: it needs a server-held key so a background worker can run the session after you have closed the tab.
When you save an Anthropic key under Settings, Critique encrypts it at rest using `CRITIQUE_SECRETS_ENCRYPTION_KEY` and only decrypts it server-side at the moment a run is queued. The key is **never returned to the browser** after save—the UI shows a hint, not the secret. The GitHub clone uses a short-lived **GitHub App installation token**, not your personal credentials, so the agent gets exactly the repo access the installation already granted and nothing more.
Remedy vs Claude BYOA vs Fix Prompt: three contracts
Critique already ships **Remedy**—managed fix execution in isolated E2B sandboxes with guarded pushback and a strict loop limit. Remedy is right when you want one vendor to own the runtime, the validation loop, and the operational envelope, paid in Critique credits.
**Claude BYOA** is for teams that already pay Anthropic and want execution there. Same blueprint, different executor. Critique credits stay focused on review depth; Anthropic usage covers the fix. **Fix Prompt** is the escape hatch: a paste-ready brief for any agent—Claude Code in your terminal, Copilot, anything—when you do not want queueing at all.
Critique-managed execution in an E2B sandbox. Best when you want one vendor to run the sandbox, validation, and push.
POST /api/review-runs/{id}/remedyYour Anthropic Managed Agent. Best when your team lives on Claude and wants fixes on your existing API spend.
POST /api/review-runs/{id}/claude-agentThe security model, stated plainly
We will not hand-wave the security story, because BYOA lives or dies on it. Here is the actual envelope Critique operates inside when it queues a Claude agent.
- Encrypted at rest with CRITIQUE_SECRETS_ENCRYPTION_KEY
- Decrypted only server-side, only when a run is queued
- Never returned to the browser after save—UI shows a hint
- Scoped to your account’s BYOA key row, not shared
- Clone uses the GitHub App installation token, not personal creds
- Access is bounded by what the installation already granted
- Head ref/SHA is pinned to the reviewed commit
- No secret leakage into the prompt or handoff JSON
The blueprint that travels to Claude is scope-disciplined by construction: an explicit allowed-write set, ordered validation commands, a max fix loop count, and stop conditions like “do not widen scope; stop if allowed files are insufficient.” Those are the same guardrails Remedy enforces. BYOA changes the executor, not the discipline.
A developer day, end to end
Picture a staff engineer’s Tuesday afternoon. A PR opens on the billing service. Critique runs on sync and the check comes back with three findings: one auth boundary issue, one missing regression test, one footgun in a retry path. The engineer reads the lead reviewer’s synthesis, agrees with two findings, pushes back on the third in the PR thread.
For the two real issues, they add a one-line operator note—“only touch `billing/` and its tests”—and hit **Queue Claude agent.** Critique starts a Managed Agent session with the PR mounted at the head SHA, sends the blueprint, and streams. The engineer opens the session, watches Claude inspect the repo, write the patch, and run `pnpm test` and `pnpm lint` in order. Validation passes. They refresh the PR and the commits are on the branch.
They never pasted a megabyte prompt. They never re-described the repo layout. Critique stayed the source of truth for **what** to fix; Claude stayed the source of truth for **how** to edit. The whole loop cost Anthropic tokens, not Critique credits.
Turn it on in five minutes
- 11. Secrets configured?CRITIQUE_SECRETS_ENCRYPTION_KEY must be set on the server so BYOA keys can be stored encrypted.
- 22. Anthropic key with Managed Agents access?Create a key in the Anthropic console that can call Managed Agents (beta header managed-agents-2026-04-01).
- 33. Key saved in Critique?Settings → Claude Managed Agents (BYOA) → paste the key. It is encrypted server-side immediately.
- 44. Review finished?Open a completed review run → Claude section → optionally add operator instructions → Queue Claude agent.
- 55. Want a specific model?Set CRITIQUE_CLAUDE_AGENT_MODEL_ID on the server to pin a Managed Agent model id (default claude-sonnet-4-6).
Prefer to drive it yourself? `GET /api/review-runs/{reviewRunId}/byoa/claude` returns the `critique.claude_agent_handoff` JSON for your own automations—CI that launches sessions, an internal bot, or a script built on the Claude Agent SDK. Add `?download=1` for an attachment.
What we will not pretend
This integration does not make the Claude session fully observable inside Critique. You still open the Managed Agent console to watch tool calls and inspect failure modes. Critique records the agent id, session id, status, and a result summary for the dashboard—enough to audit, not a full mirror of Anthropic’s surface.
We also will not claim Critique controls Anthropic pricing, model availability, rate limits, or beta access. Your key, your account, your quotas. Critique’s job ends at a well-formed handoff, a correctly mounted PR, and an honest status line.
The bigger bet
AI code tools will keep specializing. Review will get deeper—more evidence, more policy, more graph context. Execution will get faster—better agents, better sandboxes, better managed runtimes. The winners in 2026 are not monoliths that do everything adequately. They are composable layers teams can route work through without renegotiating their entire stack every quarter.
Critique welcoming Claude Code is that bet in product form. Use Critique for the merge decision. Use Claude Managed Agents for the patch when you live on Anthropic. Use Remedy when you want Critique to run the fix. Use Fix Prompt when you want a paste-friendly escape hatch. Stop forcing one logo to carry a workflow it was never designed to carry alone.
Wire your first Claude handoff
Install Critique on your repo, complete a review, connect your Anthropic API key, and queue a Managed Agent on the PR you already have open.
Add Anthropic key