Skip to main content
How-To6 min read

Why a second AI reviews the first AI's code

Ask most teams running AI coding agents how they catch mistakes, and the honest answer is usually: the same model that wrote the code reads it back afterward and says it looks fine. That is not review. That is a writer proofreading their own email and, unsurprisingly, feeling good about it.

Here is how we actually do it. Every non-trivial change one of our AI coding agents produces gets reviewed before it is committed, twice. Once by a reviewer agent running on the same platform as the builder, a fast first pass. And once by a reviewer running a model from a completely different family: in our setup, a GPT-family model checks the work a Claude-family agent just built. Two different sets of eyes, and more importantly, two different ways of being wrong.

Same-family review approves same-family mistakes

The problem with a model reviewing itself is not laziness, it is correlation. A model trained on a certain lineage tends to reach for the same patterns, make the same assumptions, and miss the same edge cases as the model that wrote the code in the first place. Ask it to check its own logic and it checks the logic against its own instincts, which are the exact instincts that produced the bug. It approves its own mistake because the mistake looks reasonable to the same kind of mind that made it.

A reviewer from a different model family does not share that lineage, so it fails differently. Where the builder's blind spot is invisible to a same-family reviewer, it is often exactly what a different-family reviewer notices, because it was never trained to see the world the same way. That mismatch is the whole point.

The same reason audits and second opinions work

This is not a new idea, we just applied it to AI. Companies do not let their own accounting team sign off as the sole audit of their own books, they bring in an external auditor who has no stake in the internal story being told. When a diagnosis is serious, a second opinion from a different doctor at a different hospital carries real weight precisely because that doctor was not in the room forming the first impression. Independence is the feature, not a formality.

Cross-model review is that same principle applied to code. If you are already running multiple agents on a project, this is one piece of a bigger pattern I have written about in more detail in how we run agents as a team rather than as a single model doing everything end to end.

Read only, so it needs no trust

Bringing in a second model sounds like it should raise the risk, not lower it. It does not, because of one deliberate constraint: the external reviewer is strictly read only. It reads the diff and returns its findings as text. It cannot edit a file, run a command that changes anything, or commit. The primary agent that built the change is the only one that applies fixes, and it does so itself, after deciding a finding is worth acting on.

That constraint is what makes the whole arrangement safe to run without hesitation. We are not handing a second AI the keys to the codebase, we are handing it a copy of the diff and asking what it thinks. Zero trust required, because it has zero ability to act on its own opinion.

Findings are advice, not commands

The other half of that same caution applies to us, not just the reviewer. AI reviewers hallucinate problems too. A finding from the second model is a lead, not a verdict. Every finding gets checked against the actual code before anything is applied, and when a finding is wrong, we push back on it with the reasoning for why, instead of applying it anyway to be safe.

Blindly applying whatever a review agent says is just a slower way of being wrong, now with an extra step and false confidence attached. The discipline here is the same one I described in why a claim of done is not the same as done: a claim from an AI, whether it is "this works" or "this has a bug," is a starting point for verification, not the end of it.

The gate is automation, not discipline

Good intentions do not survive a busy week. If catching a review before commit depends on someone remembering to ask for it, it will get skipped the first time a deadline is close. So we do not rely on memory: a pre-commit gate flags any non-trivial diff that has not yet gone through review and blocks the commit until a fresh review has landed. The rule is enforced by a hook, not by hoping the habit sticks.

When the stakes go up, the panel grows

Not every change carries the same risk, and the process scales with it. A typo fix in a comment does not need the same scrutiny as a change to how money moves. Anything touching authentication, payments, billing, or a database migration escalates from one external reviewer to a panel of two different external reviewers, checking the same diff independently before it can land.

We do not cheap out on the checking layer

It would be easy to save money by routing review to whichever model is cheapest. We do not do that, on purpose. Review quality is the entire point of the exercise, so the checking layer is never where we cut cost. If we want to save money, we save it on mechanical work, drafts, boilerplate, formatting, the kind of task where being merely competent is enough. The judgment call of "is this change correct and safe" is not that kind of task.

When the second opinion is not available

Rate limits and outages happen. When the external reviewer is unavailable, we do not skip the review and quietly move on, we fall back to a strong same-family reviewer and we say, loudly, that the review was degraded. The failure mode we are actively avoiding is a silently skipped review that everyone downstream assumes happened normally. A degraded review that is announced can be caught up on later. A skipped review nobody knew about cannot.

It runs in the background, so it barely costs any time

None of this is a design that trades speed for safety, which is what makes it sustainable in practice rather than something that gets quietly disabled under deadline pressure. The review happens in the background while work continues, and findings land before the commit is made, so the added latency is close to zero. The cost that matters here is attention, not clock time, and attention is cheap compared to the mistake it catches.

The bottom line

If your current setup is one model checking its own work, you already have a review process, you just do not have an independent one. The fix is not more scrutiny from the same source, it is a second opinion from somewhere that fails differently, kept safely read only, enforced by a gate instead of a habit, and escalated when the stakes call for it. If you are running AI coding agents on anything that matters and want that layer built in from the start rather than bolted on after an incident, send a brief and I will walk you through how it fits your setup.

More questions?

Easier on a call than in a blog post.

Replying within 4 hours during working hours