⚙️ Gitea Token Setup for AI Code Reviewer

🔑 Required Token Permissions

Permission	Level	Reason
repository	Read and Write	Read PR details, branches, diff; post review comments
issue	Read and Write	Create and delete progress comments on PRs (Gitea treats PR comments as issues internally)
user	Read	Fetch current bot user info to verify reviewer assignment

All other permissions (activitypub, misc, notification, organization, package) should be set to No Access.

Log in to Gitea as the bot account that will be assigned as a reviewer
Go to Settings → Applications (top right avatar → Settings → Applications)
Under Manage Access Tokens click Generate Token
Fill in:
- Token Name: ai-code-reviewer (or any descriptive name)
- Expiration: set according to your security policy
Set permissions as described in the table above
Click Generate Token
Copy the token immediately — it will not be shown again

The token must belong to the account that is assigned as a reviewer on pull requests — this is how the reviewer verification check works
Treat the token as a password — never commit it to the repository