Kiro CLI 2.1: Headless Mode Brings AI Code Review to Every CI/CD Pipeline

AI coding assistants have always had one blind spot: the CI/CD pipeline. You could run Kiro interactively to review a PR, generate tests, or audit dependencies — but the moment you needed that to happen automatically on every push, you were stuck. The tool expected a browser, a terminal, a human. Kiro CLI 2.1 closes that gap with headless mode. Set one environment variable, run one command, and Kiro operates fully unattended inside GitHub Actions, GitLab CI, CircleCI, or any other pipeline you already run.

The same release adds skills as slash commands — skills stored in .kiro/skills/ are now directly invokable as /skill-name in interactive sessions — plus real-time shell streaming and on-demand MCP tool loading. It is the most consequential CLI release since Kiro launched.

What shipped in CLI 2.1

Kiro CLI 2.1.1 shipped on April 24, 2026, three weeks after headless mode landed in its own blog post on April 13. The changelog is short but the surface area is large.

Headless mode: the mechanics

Headless mode works by replacing browser-based OAuth with an API key. You generate a key from the Kiro dashboard, set it as KIRO_API_KEY in your CI secrets, and Kiro automatically enters headless operation when it sees the variable. No flags, no config files, no agent picker screen.

# install once
npm install -g kiro-cli

# run headlessly — KIRO_API_KEY in env is all that's needed
KIRO_API_KEY=${{ secrets.KIRO_API_KEY }} \
  kiro --no-interactive "Review this PR for security issues and correctness bugs"

The --no-interactive flag is the other half. Without it, Kiro waits for input. With it, Kiro prints the response to stdout and exits — the right shape for a CI step that captures output, annotates a PR, or writes to a file.

The tool access model also changes in headless mode. Kiro defaults to read-only tools — no writes, no shell execution — unless your agent definition explicitly allows them. This is the right default for automated pipelines: you almost never want an AI agent to push code or delete files without human review.

Wiring Kiro into GitHub Actions

The reference workflow is a code-review-on-push that runs Kiro against every diff and posts findings as a PR comment. This is the pattern from Kiro's own blog post, which is worth stealing directly.

name: Kiro Code Review

on:
  pull_request:
    types: [opened, synchronize]

jobs:
  review:
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
      contents: read
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Install Kiro CLI
        run: npm install -g kiro-cli

      - name: Run Kiro review
        id: kiro
        env:
          KIRO_API_KEY: ${{ secrets.KIRO_API_KEY }}
        run: |
          DIFF=$(git diff origin/main...HEAD)
          OUTPUT=$(kiro --no-interactive \
            --agent .kiro/agents/code-reviewer.json \
            "Review this diff. Report findings by severity: CRITICAL, HIGH, MEDIUM, LOW.

          $DIFF")
          echo "review<<EOF" >> $GITHUB_OUTPUT
          echo "$OUTPUT" >> $GITHUB_OUTPUT
          echo "EOF" >> $GITHUB_OUTPUT

      - name: Post review comment
        uses: actions/github-script@v7
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: `## Kiro Code Review\n\n${{ steps.kiro.outputs.review }}`
            })

This works as-is for most repos. The key design choices: passing the diff rather than the full codebase (keeps the prompt small and fast), using a custom agent definition (next section), and writing output to GITHUB_OUTPUT so the comment step can consume it cleanly.

Custom agent definitions

The --agent flag accepts a JSON file that overrides Kiro's default behavior. You define a persona, a system prompt, and a tool allowlist. The file lives in .kiro/agents/ by convention.

{
  "name": "code-reviewer",
  "description": "Automated PR reviewer focused on security and correctness",
  "systemPrompt": "You are a senior engineer reviewing code changes for a production service. Be specific and concise. Categorize every finding as CRITICAL, HIGH, MEDIUM, or LOW. Skip style issues — focus on bugs, security vulnerabilities, and correctness. If there is nothing to flag, say so explicitly. Never be vague.",
  "tools": ["read_file", "list_directory"],
  "maxTokens": 4096
}

The tools array is the security boundary. In this case the reviewer can read files but cannot write them, run shell commands, or call external APIs. For a documentation generator you might add write_file. For a dependency auditor you might add run_command with a specific allowlist.

Skills as slash commands

In interactive mode, CLI 2.1 adds one feature that's surprisingly ergonomic: every SKILL.md file in .kiro/skills/ becomes a slash command. Type / and the skill name, and Kiro loads and runs it immediately.

# Before CLI 2.1: you had to paste skill instructions manually
# or switch to the skills browser and apply from there

# After CLI 2.1: install a skill and call it by name
npx @skills-hub-ai/cli install kiro-headless-ci
# installs to .kiro/skills/kiro-headless-ci.md

# then in a Kiro interactive session:
/kiro-headless-ci

This bridges the gap between the skills registry and the interactive workflow. Previously, skills lived in files you'd have to find and paste. Now they're first-class CLI commands, discoverable with / and immediately invokable. The mental model shifts from "I have a skills library" to "I have custom commands."

For teams that have built a library of project-specific skills — test patterns, deployment checklists, architecture review rubrics — slash commands make the library useful in the flow of actual work rather than something you consult separately.

Real-time shell streaming

One smaller but high-impact change: shell output now streams line by line as commands run instead of buffering until completion. This sounds like a minor UX tweak, but it matters for long-running operations.

When Kiro runs a 90-second build to verify a change, you previously stared at a spinner for 90 seconds and then got a wall of output. Streaming means you see compilation errors and test failures the moment they happen. For CI logs, it means the GitHub Actions log view shows live progress rather than a delayed dump.

Kiro skills on skills-hub.ai

The Kiro skills catalog on skills-hub.ai/kiro-skills covers the full Kiro workflow: spec writing, steering docs, agent definitions, and now headless CI integration. All skills install via the CLI and land directly in the right .kiro/ subdirectory.

# install the headless CI skill (wires .kiro/agents/ and .kiro/skills/)
npx @skills-hub-ai/cli install kiro-headless-ci

# browse all Kiro-compatible skills
npx @skills-hub-ai/cli search --platform KIRO

The integration category on skills-hub.ai covers the full range of CI/CD automation skills across all platforms — if you want the same automated code review pattern for Claude Code or Cursor, the structure is identical, only the agent file format differs.

Headless mode is the feature that moves Kiro from a developer tool to an engineering platform. The moment your AI agent can run reliably in a pipeline — without a human in the loop, without browser auth, with predictable tool access — it stops being something you consult and starts being something that ships alongside your code.

The five agent personas (reviewer, doc generator, dep auditor, migration helper, PR summarizer) cover most of what teams actually want from AI in CI. Start with the reviewer, get it green on a few PRs, then add the others one by one. The workflow is incremental by design.

# start here — one workflow, one agent, one task
npx @skills-hub-ai/cli install kiro-headless-ci