While I am skeptical of the results here, I am very excited for this new trend of making models faster. Running capable models at 1k TPS is more valuable for me than running better models at 30 TPS. I can only imagine the trend continues to move from "let's only make models smarter" to just incremental intelligence gains but with step improvements in speed.
The thing that makes this work is where in the loop the review happens.
CodeRabbit, Greptile, etc review at the PR level after the agent is done.
The findings go to a human who has to interpret them. The agent that wrote
the code never sees the critique. We find that most people just spin up a new agent and ask "Are these review findings correct?" anyways.
Saguaro reviews during the agent's session and sends findings back to the same
agent. Because the agent still has its full context window, it knows why
it made each decision, it can evaluate the findings intelligently. "I made
this choice for X reason, but this review shows a gap in my thinking, let me
fix that." Or "This finding isn't relevant because of Y." The agent has the
context to make that judgment call. That's why false positives are lower.
The daemon is completely invisible to the user. It self-spawns from the
Claude Code stop hook, runs a SQLite-backed job queue on localhost, and
auto-shuts down after 30 minutes idle. The review happens in the background
while the user keeps working. We feed context from the original programming
session into the review process. The findings surface on the next stop hook,
your agent just starts fixing things.
For teams that want more precision, there's a rules engine: markdown files
with YAML frontmatter that enforce specific patterns (architectural boundaries,
security invariants, etc). But the daemon works with zero rules out of the box.
The rules engine works great for teams with well-defined rules.
Some technical decisions:
- SQLite (via better-sqlite3) as job queue, right amount of infrastructure
for a local dev tool.
- The daemon reviewer gets the original agent's summary ("the developer
described their work as...") for context
- Agent gets read-only tools (Read, Glob, Grep) with up to 15 tool calls
per review, it can inspect the full codebase for context but can't edit.
Limitations:
- The daemon review is async. Findings arrive on the next stop hook,
not the current one. Fast iterations may miss a cycle.
- Review quality depends on the model. We default to your configured
model but you can override for daemon specifically.
- Cost is your normal AI provider usage. `sag stats` tracks it.
Happy to answer technical questions about the architecture.
Unfortunately I'm not sure anybody will solve the issue of "quantization of the confidence level", a senior reviewer in a PR doesn't even do this. We believe that when agents are writing 10x more code than humans, the bottleneck is review throughput, not review precision. The measurable metric isn't "confidence level", we think it's "how many issues reached production that a 10-second rule check would have caught." That number is going up a ton as code volume scales.
We designed our integration with Claude code to reject edits before it's written if it violates a rule via an exit 2 code. Also don't think any system will be 100% on rule enforcement, senior reviewers included. We can't be perfect but we can raise the floor.
Actually our approach is the opposite. Writing rules forces teams to articulate what their standards are. Mesa makes you write them down, version control them, and review them as code, similar to a linter. This specificity is why this system works much better than a standard AI code reviewer that checks for general issues.
We aren't trying to replace tests or humans. The goal is to make them more effective by filtering out the noise before it reaches them.
I do work at Mesa and I'm upfront about that in the article. But I cover cURL's bug bounty shutdown, Zig leaving GitHub, the Kai Gritun incident, jujutsu, Atomic Software, and maintainer burnout among other items.
Those problems are real independent of Mesa. I do shoutout an open source project we have called AgentBlame but don't talk about anything related to proprietary software or why Mesa is the end-all-be-all.
Thanks for your feedback, definitely did not mean for this to come across as an ad.