Loading…
The same closed loop, at mechanism resolution. Strict invocation order: the ordered PreToolUse chain fires before each write; the Stop hook evaluates HANDOFF before the unproven-items gate.
Claude Code hooks are command-type and fail closed; PostToolUse cannot undo an executed action; the hook roster is emerging/version-gated.
The same loop, at higher resolution
Every capability block maps onto exactly one loop stage. Expanded, the parts are visible; read top to bottom, they re-converge into the same loop — specify, cover, execute, verify, prove, then observe and gate.
Intent compiled into EARS-notation requirements, each one addressable.
Every requirement carries its own pass condition, written before the work.
The agreed boundary of the change, so drift is detectable rather than silent.
Each requirement linked to the tests that exercise it — gaps stay visible.
Tests generated against acceptance criteria, not against the implementation.
Checks whether code is wired into a live execution path, not merely compiling.
The right tool chosen per step, so the model is not its own dispatcher.
Requirements re-introduced after a context cut-off, so nothing silently drops.
Bad edits are prevented before they land, and corrected with feedback after.
PreToolUse prevention + PostToolUse feedback
Caps detect spinning and route the work to HANDOFF instead of churning.
caps → routing to HANDOFF
A separate pass checks the output; the author does not grade its own work.
System-correct stagePrior guarantees re-checked, so a new change cannot quietly undo an old one.
System-correct stageEach check records the verifiable fact it produced, not a claim that it ran.
System-correct stageResults written to a structured record that ties code back to its requirement.
System-correct stageSteps stitched into a replayable trace, so the path to done is reconstructable.
System-correct stageEvidence travels with the work via open carriers — no vendor lock to read it.
System-correct stageCompleteness decided from verifiable facts only; an unproven item is held.
Stop hook + OPA/Conftest + GitHub ruleset
Verification mechanismLayered controls surface classes of issue and keep a human stop within reach.
SAST + secrets + SLSA + DAST + kill-switch
Verification mechanismThe gate and its decisions are themselves monitored, so the watcher is watched.
System-correct stageWhat is in the box
The collapse you just watched is not one new invention. It is the assembly of tools your own teams already trust — each one taking over a proving role you have been performing by hand. Members carrying the verifies tag produce or enforce verifiable facts; the rest are the infrastructure that carries those facts. B-block IDs name where each sits in the loop.
Claude Code official hooks — deterministic, per-edit, command-type
PreToolUseverifiesB07gate the edit before it landsReplaces the human standing watch over every change — the scope-enforcer who can never blink.
PostToolUseverifiesB07record what the edit actually didCaptures the after-state so 'looks done' has to face the record — but cannot reach back and undo.
StopverifiesB07decide completeness at the closeRefuses to let the run call itself finished on its own say-so.
SubagentStopverifiesB07gate a subagent's handoffHolds an unproven subagent result at the seam instead of waving it through.
PreCompactverifiesB07preserve facts across a context cut-offRemoves the role you played as the agent's memory — re-introducing the requirement it forgot.
SessionStartverifiesB07rehydrate the binding contextRe-anchors the run to its requirements so nothing starts unmoored.
Subagents — one bounded responsibility each
initializerB01bind the work to its requirementsPins each task to a stated requirement so later you can prove which one it served.
implementerB05produce the changeDoes the build inside the gate — its output is held to the same proving as everything else.
verifierverifiesB11check it was wired into a live pathTakes over hand-checking whether code truly runs vs. merely compiles green.
researchB03select tools and gather contextAbsorbs the tool-selector role so the choice is recorded, not improvised in your head.
State, telemetry, and the evidence record
NeonB13durable evidence and run stateKeeps the evidence record where an auditor can read it, not trapped in a vanished session.
Langfuse / OTelB15traces over the whole runMakes every step observable so the path from requirement to result is reconstructable.
Tests, properties, and end-to-end checks
PlaywrightverifiesB11end-to-end execution checksProves the change behaves through a real path, not just in isolation.
HypothesisverifiesB11property-based testingSearches for the counterexample you would not have thought to write by hand.
DeepEvalverifiesB11evaluation of model-facing behaviourHolds generative behaviour to stated criteria instead of a vibe check.
Code scanning, policy, and secret detection
Semgrep / CodeQLverifiesB09static analysis of the codeFinds the defect class before it reaches a path you own in production.
OPA / ConftestverifiesB09policy-as-code gatesEncodes the rule once so the gate, not a reviewer's memory, enforces it.
OWASP ZAPverifiesB09dynamic security probingExercises the running surface for exposure the static view cannot see.
gitleaksverifiesB09secret detectionStops a leaked credential at the gate rather than in an incident review later.
Proof obligations and provenance
Z3verifiesB17constraint and proof obligationsDischarges the conditions you would otherwise reason about by hand and hope you got right.
SLSAverifiesB17build provenance frameworkTies the artifact back to how it was built so the chain is inspectable.
Feature control and long-running coordination
OpenFeature / flagdB19controlled exposure of changesLets a change land behind a flag so exposure is a decision, not an accident.
Temporaloptional · roadmapB19durable long-running workflowsCoordinates multi-step work that outlives a single run — sits outside the gate engine by design.
The enforcement layer is built on command-type hooks: they run a real command and decide on its exit, so a gate fails closed — an unproven step is held, not waved through, even when something errors.
PostToolUse observes after an edit has already happened — it can record and refuse to advance, but it cannot undo the edit. Prevention lives in PreToolUse; the after-the-fact hook is a recorder and a brake, not a time machine.
This roster is emerging and version-gated: the set of tools and the hook surface they bind to change as the platform and its upstream dependencies evolve. Members marked optional · roadmap are not yet load-bearing in the gate engine.
Vendor-neutral by construction
The platform takes strong positions on how work gets proven. None of those positions trap your record of it. Everything the engine produces leaves in formats you already own and tools you already run — so the proof of what was done outlives any decision to keep using us.
feature_list.jsonThe capability surface as a plain manifest.
It is a file you own — readable, diffable, and committable to your own repository.
EvidenceRecordWhat was checked, by which independent verifier, with what verdict.
Structured JSON you can store, query, and re-verify outside this platform.
requirement-ID BaggageThe requirement that a unit of work satisfies, carried alongside it.
Standard distributed-tracing headers — the same propagation your existing tracing already reads. No proprietary format to adopt.