@deftai/directive-content 0.55.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (250) hide show
  1. package/.agents/skills/deft/SKILL.md +6 -0
  2. package/.agents/skills/deft-directive-article-review/SKILL.md +11 -0
  3. package/.agents/skills/deft-directive-build/SKILL.md +10 -0
  4. package/.agents/skills/deft-directive-cost/SKILL.md +12 -0
  5. package/.agents/skills/deft-directive-debug/SKILL.md +13 -0
  6. package/.agents/skills/deft-directive-gh-arch/SKILL.md +11 -0
  7. package/.agents/skills/deft-directive-gh-slice/SKILL.md +10 -0
  8. package/.agents/skills/deft-directive-glossary/SKILL.md +10 -0
  9. package/.agents/skills/deft-directive-interview/SKILL.md +9 -0
  10. package/.agents/skills/deft-directive-pre-pr/SKILL.md +9 -0
  11. package/.agents/skills/deft-directive-refinement/SKILL.md +10 -0
  12. package/.agents/skills/deft-directive-release/SKILL.md +12 -0
  13. package/.agents/skills/deft-directive-review-cycle/SKILL.md +10 -0
  14. package/.agents/skills/deft-directive-setup/SKILL.md +10 -0
  15. package/.agents/skills/deft-directive-swarm/SKILL.md +10 -0
  16. package/.agents/skills/deft-directive-sync/SKILL.md +9 -0
  17. package/.agents/skills/deft-directive-triage/SKILL.md +9 -0
  18. package/.agents/skills/deft-directive-write-skill/SKILL.md +9 -0
  19. package/LICENSE.md +22 -0
  20. package/QUICK-START.md +167 -0
  21. package/UPGRADING.md +517 -0
  22. package/coding/build-output.md +28 -0
  23. package/coding/coding.md +235 -0
  24. package/coding/debugging.md +110 -0
  25. package/coding/holzmann.md +96 -0
  26. package/coding/hygiene.md +127 -0
  27. package/coding/security.md +158 -0
  28. package/coding/testing.md +162 -0
  29. package/coding/toolchain.md +44 -0
  30. package/commands.md +300 -0
  31. package/context/context.md +57 -0
  32. package/context/deterministic-split.md +67 -0
  33. package/context/examples.md +26 -0
  34. package/context/fractal-summaries.md +69 -0
  35. package/context/long-horizon.md +46 -0
  36. package/context/spec-deltas.md +177 -0
  37. package/context/tool-design.md +34 -0
  38. package/context/working-memory.md +62 -0
  39. package/contracts/boundary-maps.md +65 -0
  40. package/contracts/deterministic-questions.md +59 -0
  41. package/contracts/hierarchy.md +77 -0
  42. package/conventions/content-manifest.json +399 -0
  43. package/conventions/machine-generated-banner.md +130 -0
  44. package/conventions/references.md +120 -0
  45. package/conventions/rule-ownership.json +382 -0
  46. package/conventions/task-caching.md +43 -0
  47. package/conventions/vbrief-filenames.md +70 -0
  48. package/deployments/README.md +37 -0
  49. package/deployments/agentuity/README.md +138 -0
  50. package/deployments/agentuity/via-cli.md +380 -0
  51. package/deployments/agentuity/via-cloud.md +425 -0
  52. package/deployments/agentuity/via-github-actions.md +664 -0
  53. package/deployments/agentuity/via-gravity-network.md +606 -0
  54. package/deployments/agentuity/via-vpc.md +607 -0
  55. package/deployments/aws/README.md +38 -0
  56. package/deployments/aws/via-app-runner.md +612 -0
  57. package/deployments/aws/via-ecs-fargate.md +561 -0
  58. package/deployments/aws/via-elastic-beanstalk.md +628 -0
  59. package/deployments/aws/via-lambda.md +649 -0
  60. package/deployments/azure/README.md +37 -0
  61. package/deployments/azure/via-aks.md +390 -0
  62. package/deployments/azure/via-app-service.md +564 -0
  63. package/deployments/azure/via-container-apps.md +599 -0
  64. package/deployments/azure/via-functions.md +552 -0
  65. package/deployments/cloud-gov/README.md +63 -0
  66. package/deployments/cloud-gov/agents/compliance-docs.md +154 -0
  67. package/deployments/cloud-gov/agents.md +39 -0
  68. package/deployments/cloud-gov/cicd.md +64 -0
  69. package/deployments/cloud-gov/deployment.md +150 -0
  70. package/deployments/cloud-gov/logging.md +43 -0
  71. package/deployments/cloud-gov/manifest.md +121 -0
  72. package/deployments/cloud-gov/overview.md +58 -0
  73. package/deployments/cloud-gov/security.md +46 -0
  74. package/deployments/cloud-gov/services.md +72 -0
  75. package/deployments/cloud-gov/upstream/README.md +18 -0
  76. package/deployments/cloudflare/README.md +33 -0
  77. package/deployments/cloudflare/via-dashboard.md +83 -0
  78. package/deployments/cloudflare/via-git.md +90 -0
  79. package/deployments/cloudflare/via-github-actions.md +185 -0
  80. package/deployments/cloudflare/via-terraform.md +157 -0
  81. package/deployments/cloudflare/via-wrangler.md +165 -0
  82. package/deployments/fly-io/README.md +37 -0
  83. package/deployments/fly-io/via-dockerfile.md +648 -0
  84. package/deployments/fly-io/via-flyctl.md +653 -0
  85. package/deployments/fly-io/via-github-actions.md +695 -0
  86. package/deployments/fly-io/via-multi-region.md +598 -0
  87. package/deployments/google/README.md +34 -0
  88. package/deployments/google/via-app-engine.md +42 -0
  89. package/deployments/google/via-cloud-functions.md +23 -0
  90. package/deployments/google/via-cloud-run.md +330 -0
  91. package/deployments/google/via-gke.md +23 -0
  92. package/deployments/netlify/README.md +99 -0
  93. package/deployments/netlify/via-cli.md +17 -0
  94. package/deployments/netlify/via-functions.md +19 -0
  95. package/deployments/netlify/via-git.md +25 -0
  96. package/deployments/vercel/README.md +90 -0
  97. package/deployments/vercel/via-api.md +16 -0
  98. package/deployments/vercel/via-cli.md +17 -0
  99. package/deployments/vercel/via-git.md +24 -0
  100. package/docs/BROWNFIELD.md +179 -0
  101. package/docs/getting-started.md +137 -0
  102. package/docs/good-agents-md.md +137 -0
  103. package/events/README.md +89 -0
  104. package/events/event-record.schema.json +26 -0
  105. package/events/registry.json +166 -0
  106. package/events/registry.schema.json +71 -0
  107. package/glossary.md +145 -0
  108. package/incidents/README.md +81 -0
  109. package/incidents/_template.md +38 -0
  110. package/interfaces/cli.md +104 -0
  111. package/interfaces/rest.md +212 -0
  112. package/interfaces/tui.md +242 -0
  113. package/interfaces/web.md +123 -0
  114. package/languages/6502-DASM.md +132 -0
  115. package/languages/c.md +235 -0
  116. package/languages/commands.md +23 -0
  117. package/languages/cpp.md +132 -0
  118. package/languages/csharp.md +259 -0
  119. package/languages/dart.md +183 -0
  120. package/languages/delphi.md +218 -0
  121. package/languages/elixir.md +208 -0
  122. package/languages/go.md +78 -0
  123. package/languages/java.md +278 -0
  124. package/languages/javascript.md +163 -0
  125. package/languages/julia.md +175 -0
  126. package/languages/kotlin.md +193 -0
  127. package/languages/markdown.md +168 -0
  128. package/languages/mermaid.md +146 -0
  129. package/languages/officejs.md +392 -0
  130. package/languages/python.md +209 -0
  131. package/languages/r.md +163 -0
  132. package/languages/rust.md +216 -0
  133. package/languages/sql.md +216 -0
  134. package/languages/swift.md +153 -0
  135. package/languages/typescript.md +132 -0
  136. package/languages/vba.md +279 -0
  137. package/languages/vhdl.md +180 -0
  138. package/languages/visual-basic.md +151 -0
  139. package/languages/zig.md +196 -0
  140. package/meta/SOUL.md +27 -0
  141. package/meta/code-field.md +44 -0
  142. package/meta/morals.md +40 -0
  143. package/meta/philosophy.md +39 -0
  144. package/meta/project.md +49 -0
  145. package/meta/ralph.md +223 -0
  146. package/meta/security.md +80 -0
  147. package/meta/versioning.md +326 -0
  148. package/package.json +22 -0
  149. package/packs/lessons/lessons-pack-0.1.json +553 -0
  150. package/packs/patterns/patterns-pack-0.1.json +57 -0
  151. package/packs/rules/rules-pack-0.1.json +4767 -0
  152. package/packs/skills/skills-pack-0.1.json +262 -0
  153. package/packs/strategies/strategies-pack-0.1.json +167 -0
  154. package/packs/swarm-spec/swarm-spec-pack-0.1.json +17 -0
  155. package/patterns/executor-layer-credentials.md +227 -0
  156. package/patterns/llm-app.md +156 -0
  157. package/patterns/multi-agent.md +278 -0
  158. package/patterns/prompt-assembly-layer-ordering.md +154 -0
  159. package/patterns/role-as-overlay.md +179 -0
  160. package/platforms/2600.md +137 -0
  161. package/platforms/unity.md +329 -0
  162. package/references/composer-skill-porting.md +152 -0
  163. package/references/cost-models.md +163 -0
  164. package/references/ip-risk.md +246 -0
  165. package/references/plain-english-ux.md +275 -0
  166. package/resilience/context-pruning.md +67 -0
  167. package/resilience/continue-here.md +62 -0
  168. package/scm/changelog.md +276 -0
  169. package/scm/git.md +139 -0
  170. package/scm/github.md +265 -0
  171. package/secrets/.gitkeep +0 -0
  172. package/skills/deft-build/SKILL.md +20 -0
  173. package/skills/deft-directive-article-review/SKILL.md +156 -0
  174. package/skills/deft-directive-build/SKILL.md +302 -0
  175. package/skills/deft-directive-cost/SKILL.md +201 -0
  176. package/skills/deft-directive-debug/SKILL.md +140 -0
  177. package/skills/deft-directive-decompose/SKILL.md +96 -0
  178. package/skills/deft-directive-gh-arch/SKILL.md +160 -0
  179. package/skills/deft-directive-gh-slice/SKILL.md +199 -0
  180. package/skills/deft-directive-glossary/SKILL.md +118 -0
  181. package/skills/deft-directive-interview/SKILL.md +528 -0
  182. package/skills/deft-directive-pre-pr/SKILL.md +131 -0
  183. package/skills/deft-directive-probe/SKILL.md +127 -0
  184. package/skills/deft-directive-refinement/SKILL.md +403 -0
  185. package/skills/deft-directive-release/SKILL.md +266 -0
  186. package/skills/deft-directive-review-cycle/SKILL.md +401 -0
  187. package/skills/deft-directive-setup/SKILL.md +717 -0
  188. package/skills/deft-directive-swarm/SKILL.md +989 -0
  189. package/skills/deft-directive-sync/SKILL.md +288 -0
  190. package/skills/deft-directive-triage/SKILL.md +137 -0
  191. package/skills/deft-directive-write-skill/SKILL.md +169 -0
  192. package/skills/deft-interview/SKILL.md +16 -0
  193. package/skills/deft-pre-pr/SKILL.md +16 -0
  194. package/skills/deft-review-cycle/SKILL.md +16 -0
  195. package/skills/deft-roadmap-refresh/SKILL.md +16 -0
  196. package/skills/deft-setup/SKILL.md +20 -0
  197. package/skills/deft-swarm/SKILL.md +16 -0
  198. package/skills/deft-sync/SKILL.md +16 -0
  199. package/strategies/README.md +83 -0
  200. package/strategies/artifact-guards.md +85 -0
  201. package/strategies/bdd.md +115 -0
  202. package/strategies/brownfield.md +7 -0
  203. package/strategies/discuss.md +129 -0
  204. package/strategies/emit-hints.md +69 -0
  205. package/strategies/enterprise.md +193 -0
  206. package/strategies/interview.md +551 -0
  207. package/strategies/map.md +179 -0
  208. package/strategies/probe.md +151 -0
  209. package/strategies/rapid.md +155 -0
  210. package/strategies/research.md +155 -0
  211. package/strategies/roadmap.md +9 -0
  212. package/strategies/speckit.md +437 -0
  213. package/strategies/v0-20-contract.md +134 -0
  214. package/strategies/yolo.md +169 -0
  215. package/swarm/swarm.md +300 -0
  216. package/templates/COST-ESTIMATE.md +114 -0
  217. package/templates/PULL_REQUEST_TEMPLATE.md +35 -0
  218. package/templates/agent-prompt-preamble.md +409 -0
  219. package/templates/agents-entry.md +211 -0
  220. package/templates/agents-entry.placeholders.md +75 -0
  221. package/templates/embed.go +20 -0
  222. package/templates/embed_test.go +36 -0
  223. package/templates/make-spec-example.md +9 -0
  224. package/templates/make-spec.md +246 -0
  225. package/templates/project.md.template +52 -0
  226. package/templates/specification.md +1 -0
  227. package/templates/swarm-greptile-poller-prompt.md +556 -0
  228. package/templates/user.md.template +31 -0
  229. package/tools/RWLDL.md +80 -0
  230. package/tools/greptile.md +141 -0
  231. package/tools/installer.md +23 -0
  232. package/tools/taskfile-migration.md +32 -0
  233. package/tools/taskfile.md +185 -0
  234. package/tools/telemetry.md +285 -0
  235. package/vbrief/schemas/cache-meta.schema.json +137 -0
  236. package/vbrief/schemas/candidates.schema.json +130 -0
  237. package/vbrief/schemas/codebase-map.schema.json +213 -0
  238. package/vbrief/schemas/lessons-pack.schema.json +134 -0
  239. package/vbrief/schemas/patterns-pack.schema.json +84 -0
  240. package/vbrief/schemas/rules-pack.schema.json +105 -0
  241. package/vbrief/schemas/skills-pack.schema.json +94 -0
  242. package/vbrief/schemas/slices.schema.json +87 -0
  243. package/vbrief/schemas/strategies-pack.schema.json +89 -0
  244. package/vbrief/schemas/swarm-spec-pack.schema.json +84 -0
  245. package/vbrief/schemas/vbrief-core.schema.json +1022 -0
  246. package/vbrief/vbrief.md +684 -0
  247. package/verification/integration.md +76 -0
  248. package/verification/plan-checking.md +85 -0
  249. package/verification/uat.md +60 -0
  250. package/verification/verification.md +117 -0
@@ -0,0 +1,76 @@
1
+ # Integration Checking
2
+
3
+ Verify that features work together as a system, not just individually.
4
+
5
+ Legend (from RFC2119): !=MUST, ~=SHOULD, ≉=SHOULD NOT, ⊗=MUST NOT, ?=MAY.
6
+
7
+ **⚠️ See also**: [verification/verification.md](./verification.md) | [contracts/boundary-maps.md](../contracts/boundary-maps.md) | [core/glossary.md](../glossary.md)
8
+
9
+ > Adapted from [GSD](https://github.com/gsd-build/get-shit-done) integration-checker model.
10
+
11
+ ---
12
+
13
+ ## Core Principle
14
+
15
+ Individual features can pass verification while the system is broken. A component can exist without being imported. An API can exist without being called. **Existence ≠ integration.**
16
+
17
+ ---
18
+
19
+ ## When to Check
20
+
21
+ - ! After completing 2+ features that should connect
22
+ - ! Before marking a release as done
23
+ - ~ After any feature that produces exports consumed by other features
24
+ - ? After single isolated features with no upstream/downstream
25
+
26
+ ## 4 Integration Checks
27
+
28
+ ### 1. Export → Import
29
+
30
+ - ! For each feature's declared **produces** (from boundary maps), verify downstream features import them
31
+ - ! Imports must be **used**, not just declared — an unused import is not integration
32
+ - ~ Use `rg` or `ast-grep` to verify import + usage
33
+
34
+ ```bash
35
+ # Check if feature 1's export is used by feature 2
36
+ rg "import.*generateToken" src/ --type ts
37
+ rg "generateToken" src/ --type ts | rg -v "import|export"
38
+ ```
39
+
40
+ ### 2. API → Consumer
41
+
42
+ - ! Every API route has at least one consumer (UI component, CLI command, test, or external client)
43
+ - ! Verify the consumer actually calls the route (fetch, axios, curl — not just a comment)
44
+ - ⊗ Orphaned API routes — routes that exist but nothing calls them
45
+
46
+ ### 3. Auth Protection
47
+
48
+ - ! Pages/routes requiring auth actually check auth (middleware, hooks, guards)
49
+ - ! Protected API endpoints verify tokens/sessions before processing
50
+ - ~ Check for redirect-on-no-auth behavior in protected UI routes
51
+
52
+ ### 4. E2E Flow Tracing
53
+
54
+ - ~ For each user-observable flow (from demo sentences), trace the full path:
55
+ - UI action → API call → data operation → response → UI update
56
+ - ! Each link in the chain must be real code, not a stub
57
+ - ! Use verification ladder Tier 3 (behavioral) when possible
58
+
59
+ ---
60
+
61
+ ## Integration Report
62
+
63
+ Record per-release in vBRIEF or `docs/integration/`:
64
+
65
+ - **Connected**: export + consumer confirmed
66
+ - **Orphaned**: export exists, no consumer found
67
+ - **Broken**: consumer references export that doesn't exist
68
+
69
+ ---
70
+
71
+ ## Anti-Patterns
72
+
73
+ - ⊗ Declaring integration complete because all features individually pass
74
+ - ⊗ Skipping integration checks on "simple" multi-feature releases
75
+ - ⊗ Orphaned routes/components left in codebase after feature changes
76
+ - ⊗ Trusting boundary maps without verifying actual code
@@ -0,0 +1,85 @@
1
+ # Plan Checking
2
+
3
+ Pre-execution verification — catch bad plans before they become bad code.
4
+
5
+ Legend (from RFC2119): !=MUST, ~=SHOULD, ≉=SHOULD NOT, ⊗=MUST NOT, ?=MAY.
6
+
7
+ **⚠️ See also**: [verification/verification.md](./verification.md) | [contracts/boundary-maps.md](../contracts/boundary-maps.md) | [core/glossary.md](../glossary.md)
8
+
9
+ > Adapted from [GSD](https://github.com/gsd-build/get-shit-done) plan-checker model.
10
+
11
+ ---
12
+
13
+ ## Core Principle
14
+
15
+ A bad plan caught before execution is 10x cheaper than bad code caught after. Verify plans **will** achieve goals, not just that they look complete.
16
+
17
+ ---
18
+
19
+ ## When to Check
20
+
21
+ - ! Before executing any multi-task plan
22
+ - ~ Before executing single-task plans for high-risk features
23
+ - ? Skip for trivial tasks (single file, obvious change)
24
+
25
+ ## 4 Verification Dimensions
26
+
27
+ ### 1. Coverage — Every requirement has task(s)
28
+
29
+ - ! Extract requirements from the spec/PRD
30
+ - ! Verify each requirement maps to at least one task
31
+ - ! Flag requirements with zero coverage
32
+ - ⊗ One vague task covering multiple requirements ("implement auth" for login + logout + sessions)
33
+
34
+ ### 2. Completeness — Every task has acceptance criteria + verify command
35
+
36
+ - ! Every task has observable acceptance criteria (truths, artifacts, key links)
37
+ - ! Every task producing code has a **verify command** — a specific command that proves it works
38
+ - ⊗ Tasks with only steps and no acceptance criteria
39
+ - ⊗ Tasks where "verify" is just "review the code"
40
+
41
+ **Verify command examples:**
42
+ ```
43
+ verify: pytest tests/test_auth.py -v
44
+ verify: curl -s localhost:3000/api/health | jq .status
45
+ verify: task test:coverage # must show ≥85%
46
+ ```
47
+
48
+ ### 3. Wiring — Artifacts are connected, not just created
49
+
50
+ - ! Check that planned artifacts import/consume each other
51
+ - ! Planned API routes have planned consumers (UI, CLI, tests)
52
+ - ! Planned components are imported in planned pages/routes
53
+ - ⊗ Isolated artifacts — a file that exists but nothing references it
54
+
55
+ ### 4. Scope — Plan fits in context budget
56
+
57
+ - ~ **2–3 tasks per plan** is ideal
58
+ - ! **5+ tasks** in a single plan is a blocker — split it
59
+ - ~ **5–8 files** modified per plan is ideal
60
+ - ! **15+ files** in a single plan is a blocker — split it
61
+ - ! Complex work (auth, payments, data migrations) gets its own plan, not a subtask
62
+
63
+ ---
64
+
65
+ ## Plan Check Output
66
+
67
+ Record in `./vbrief/plan.vbrief.json` as a narrative on the plan item:
68
+
69
+ ```
70
+ Coverage: 4/4 requirements covered ✓
71
+ Completeness: 3/3 tasks have verify commands ✓
72
+ Wiring: 2 key links verified ✓
73
+ Scope: 3 tasks, 7 files ✓
74
+ ```
75
+
76
+ If any dimension fails: revise plan before execution.
77
+
78
+ ---
79
+
80
+ ## Anti-Patterns
81
+
82
+ - ⊗ Executing a plan that failed any dimension
83
+ - ⊗ Plans without verify commands ("we'll test it later")
84
+ - ⊗ One mega-plan for an entire feature (split into per-feature plans)
85
+ - ⊗ Checking plans after execution (defeats the purpose)
@@ -0,0 +1,60 @@
1
+ # User Acceptance Testing (UAT)
2
+
3
+ Auto-generated, human-readable verification scripts for completed work units.
4
+
5
+ Legend (from RFC2119): !=MUST, ~=SHOULD, ≉=SHOULD NOT, ⊗=MUST NOT, ?=MAY.
6
+
7
+ **⚠️ See also**: [verification/verification.md](./verification.md) | [coding/testing.md](../coding/testing.md) | [core/glossary.md](../glossary.md)
8
+
9
+ > Adapted from [GSD](https://github.com/gsd-build/get-shit-done) UAT model.
10
+
11
+ ---
12
+
13
+ ## Core Principle
14
+
15
+ When the agent says "done," the user needs a way to **see it with their own eyes** — without reading code.
16
+
17
+ ---
18
+
19
+ ## When to Generate
20
+
21
+ - ! Generate a UAT script when a feature completes
22
+ - ~ Generate on release completion as a rollup
23
+ - ? Generate per-task for high-risk changes
24
+
25
+ ## UAT Script Format
26
+
27
+ ```markdown
28
+ ## UAT: [Feature Name]
29
+ Date: YYYY-MM-DD
30
+
31
+ ### Test 1: [Scenario Title]
32
+ **Do:**
33
+ 1. [Specific action — copy-pasteable command or UI step]
34
+ 2. [Next action]
35
+
36
+ **Expected:**
37
+ - [Exact observable outcome — specific text, URL, behavior]
38
+ - [What success looks like, not "it should work"]
39
+ ```
40
+
41
+ ## Guidelines
42
+
43
+ - ! Every step is a **specific action** — copy-pasteable command or precise UI instruction
44
+ - ! Every expected result describes **what you see** — exact text, URL, behavior
45
+ - ! Derive tests from the feature's acceptance criteria and demo sentence
46
+ - ⊗ Include implementation details the user doesn't need ("verify JWT is valid")
47
+ - ⊗ Use vague expectations ("it should work", "page loads correctly")
48
+ - ~ Cross-reference against task summaries for what was actually built
49
+
50
+ ## Workflow
51
+
52
+ - ! UAT generation is **non-blocking** — agent writes the script and moves on
53
+ - ~ User tests when convenient (between features, end of release, whenever)
54
+ - ! If UAT reveals issues, create fix tasks — don't block the pipeline
55
+ - ~ Keep UAT scripts in `docs/uat/` or alongside the feature artifacts
56
+
57
+ ## vBRIEF Integration
58
+
59
+ - ~ Reference UAT script path in the vBRIEF feature/release summary narrative
60
+ - ~ On UAT failure, create vBRIEF fix items with `blocked` status and failure narrative
@@ -0,0 +1,117 @@
1
+ # Agent Work Verification
2
+
3
+ Goal-backward verification of agent output — check outcomes, not checklists.
4
+
5
+ Legend (from RFC2119): !=MUST, ~=SHOULD, ≉=SHOULD NOT, ⊗=MUST NOT, ?=MAY.
6
+
7
+ **⚠️ See also**: [coding/testing.md](../coding/testing.md) | [verification/uat.md](./uat.md) | [core/glossary.md](../glossary.md)
8
+
9
+ > Adapted from [GSD](https://github.com/gsd-build/get-shit-done) verification model.
10
+
11
+ ---
12
+
13
+ ## Core Principle
14
+
15
+ "All steps done" is **not** verification. Checking actual outcomes is.
16
+
17
+ - ! Verify **observable results**, not process completion
18
+ - ⊗ Mark a task done because its steps were followed
19
+ - ! Every task defines **acceptance criteria** before work begins
20
+
21
+ ---
22
+
23
+ ## Acceptance Criteria
24
+
25
+ Three subcategories of verifiable outcomes:
26
+
27
+ ### Truths (Behavioral)
28
+
29
+ Observable behaviors that must be true after task completion.
30
+
31
+ - ! State as testable assertions: "User can sign up with email and password"
32
+ - ! Require running commands, checking output, or observing behavior to confirm
33
+ - ~ Persist truths in the task's vBRIEF item narrative
34
+
35
+ ### Artifacts (Files)
36
+
37
+ Files that must exist with real implementation.
38
+
39
+ - ! Specify: path, minimum substance (e.g., line count), required exports
40
+ - ⊗ Accept "file exists" alone — verify it has real content
41
+ - ! Check exports match what was promised
42
+
43
+ ### Key Links (Wiring)
44
+
45
+ Connections between artifacts that must be present.
46
+
47
+ - ! Verify imports: `route.ts` imports `generateToken` from `auth.ts`
48
+ - ! Verify exports: modules expose what downstream consumers need
49
+ - ~ Check that wiring is functional, not just syntactically present
50
+
51
+ ---
52
+
53
+ ## Stub Detection
54
+
55
+ - ! Scan for incomplete implementations before marking done:
56
+ - `TODO`, `FIXME`, `HACK`, `XXX` comments
57
+ - `return null`, `return {}`, `return []`, `return ""` placeholders
58
+ - `console.log` / `print` placeholders standing in for real logic
59
+ - `pass` (Python), `unimplemented!()` (Rust), `panic("not implemented")` (Go)
60
+ - Functions under ~8 lines that return hardcoded/empty values
61
+ - ⊗ Accept stubs as completed work
62
+
63
+ ## Legacy and Deprecated Code Detection
64
+
65
+ - ~ When reviewing or modifying any file, scan for legacy indicators and file a hygiene task if found:
66
+ - Comments: `LEGACY`, `COMPAT`, `OLD_`, `# old way`, `// deprecated`, `TODO: remove`
67
+ - Commented-out code blocks (more than 1 line)
68
+ - Feature flag branches where the flag is hardcoded to always-on or always-off
69
+ - Parallel implementations: old and new approach coexisting without a documented migration path
70
+ - ⊗ Leave legacy markers in place after a migration is complete; remove them in the same commit as the migration
71
+ - ~ See [coding/hygiene.md](../coding/hygiene.md) for the full legacy removal protocol
72
+
73
+ ---
74
+
75
+ ## Verification Ladder (4 Tiers)
76
+
77
+ Pick the **strongest tier reachable** for each task.
78
+
79
+ ### Tier 1 — Static
80
+
81
+ - Files exist, line counts met, exports present, imports wired, no stubs
82
+ - ! Always perform static verification — it is the minimum
83
+
84
+ ### Tier 2 — Command
85
+
86
+ - Tests pass, build succeeds, lint clean
87
+ - ~ Prefer this tier for any task that produces executable code
88
+
89
+ ### Tier 3 — Behavioral
90
+
91
+ - Browser flows work, API responses correct, CLI output matches spec
92
+ - ~ Use for user-facing features; run `curl`, browser checks, or CLI invocations
93
+
94
+ ### Tier 4 — Human
95
+
96
+ - User manually verifies (see [uat.md](./uat.md))
97
+ - ! Use **only** when tiers 1–3 cannot confirm the outcome
98
+ - ⊗ Ask a human to verify what a `curl` or test command can check
99
+
100
+ ---
101
+
102
+ ## vBRIEF Integration
103
+
104
+ - ~ Record acceptance criteria in `./vbrief/plan.vbrief.json` task narrative before execution
105
+ - ~ Record verification tier reached in `./vbrief/plan.vbrief.json` task status/metadata
106
+ - ~ On verification failure, set task status to `blocked` in `./vbrief/plan.vbrief.json` with failure narrative
107
+ - ? Allow stubs only if explicitly marked as intentional scope deferral in `./vbrief/plan.vbrief.json`
108
+
109
+ ---
110
+
111
+ ## Anti-Patterns
112
+
113
+ - ⊗ Marking a task done because all code was written (verify outcomes)
114
+ - ⊗ Skipping static verification
115
+ - ⊗ Accepting stubs as complete
116
+ - ⊗ Asking a human to check what the agent can verify itself
117
+ - ⊗ Verifying process ("I did steps 1–5") instead of outcomes ("user can log in")