Agent quality gates and review

Pre-commit order

1. hatch run format
2. hatch run type-check
3. hatch run lint
4. hatch run yaml-lint
5. hatch run contract-test
6. hatch run smart-test

SpecFact code review JSON

• Treat .specfact/code-review.json as mandatory evidence before an OpenSpec change is complete.
• Re-run the review when the report is missing or stale.
• Resolve every finding at any severity unless a rare, explicit exception is documented.
• Record the review command and timestamps in TDD_EVIDENCE.md or the PR description when quality gates are part of the change.

Clean-code review gate

The repository enforces the clean-code charter through specfact code review run. Zero regressions in naming, kiss, yagni, dry, and solid are required before merge.

Module signature gate

Before PR creation, every change that affects signed module assets or manifests must pass:

hatch run ./scripts/verify-modules-signature.py --require-signature

If verification fails because module contents changed, re-sign the affected manifests and bump the module version before re-running verification.