Internal skill. Use cc10x-router for all development tasks.
Claiming work is complete without verification is dishonesty, not efficiency.
Core principle: Evidence before claims, always.
Violating the letter of this rule is violating the spirit of this rule.
NO COMPLETION CLAIMS WITHOUT FRESH VERIFICATION EVIDENCE
If you haven't run the verification command in this message, you cannot claim it passes.
BEFORE claiming any status or expressing satisfaction:
1. IDENTIFY: What command proves this claim?
2. RUN: Execute the FULL command (fresh, complete)
3. READ: Full output, check exit code, count failures
4. VERIFY: Does output confirm the claim?
- If NO: State actual status with evidence
- If YES: State claim WITH evidence
5. REFLECT: Pause to consider tool results before next action
6. ONLY THEN: Make the claim
Skip any step = lying, not verifying
| Claim | Requires | Not Sufficient |
|---|---|---|
| Tests pass | Test command output: 0 failures | Previous run, "should pass" |
| Linter clean | Linter output: 0 errors | Partial check, extrapolation |
| Build succeeds | Build command: exit 0 | Linter passing, logs look good |
| Bug fixed | Test original symptom: passes | Code changed, assumed fixed |
| Regression test works | Red-green cycle verified | Test passes once |
| Agent completed | VCS diff shows changes | Agent reports "success" |
| Requirements met | Line-by-line checklist | Tests passing |
If you find yourself:
STOP. Run verification. Get evidence. THEN speak.
| Excuse | Reality |
|---|---|
| "Should work now" | RUN the verification |
| "I'm confident" | Confidence ≠ evidence |
| "Just this once" | No exceptions |
| "Linter passed" | Linter ≠ compiler |
| "Agent said success" | Verify independently |
| "I'm tired" | Exhaustion ≠ excuse |
| "Partial check is enough" | Partial proves nothing |
| "Different words so rule doesn't apply" | Spirit over letter |
| "I already tested it manually" | Manual ≠ automated evidence |
| "The code looks correct" | Looking ≠ running |
Tests:
✅ [Run test command] [See: 34/34 pass] "All tests pass"
❌ "Should pass now" / "Looks correct"
Regression tests (TDD Red-Green):
✅ Write → Run (pass) → Revert fix → Run (MUST FAIL) → Restore → Run (pass)
❌ "I've written a regression test" (without red-green verification)
Build:
✅ [Run build] [See: exit 0] "Build passes"
❌ "Linter passed" (linter doesn't check compilation)
Requirements:
✅ Re-read plan → Create checklist → Verify each → Report gaps or completion
❌ "Tests pass, phase complete"
Agent delegation:
✅ Agent reports success → Check VCS diff → Verify changes → Report actual state
❌ Trust agent report
False completion destroys trust, ships broken code, and creates rework. Verification exists to stop that. No fresh evidence, no completion claim.
ALWAYS before:
Rule applies to:
MANDATORY: Check these BEFORE running verification commands:
PROCEED: [YES/NO] CONFIDENCE: [High/Medium/Low]
Match validation depth to task complexity:
| Level | Name | Commands | When to Use |
|---|---|---|---|
| 1 | Syntax & Style | npm run lint, tsc --noEmit |
Every task |
| 2 | Unit Tests | npm test |
Low-Medium risk tasks |
| 3 | Integration Tests | npm run test:integration |
Medium-High risk tasks |
| 4 | Manual Validation | User flow walkthrough | High-Critical risk tasks |
Include the appropriate validation level for each verification step.
If the accepted plan or current task requires real, seeded, production-like verification, read references/live-production-testing.md before claiming completion.
Use the live harness when the task depends on:
Do not treat replay fixtures, unit tests, or manual spot-checks as equivalent proof when the plan requires live-system evidence.
Before marking work complete:
## Verification Summary
### Scope
[What was completed]
### Criteria
[What was verified]
### Evidence
| Check | Command | Exit Code | Result |
|-------|---------|-----------|--------|
| Tests | `npm test` | 0 | PASS (34/34) |
| Build | `npm run build` | 0 | PASS |
| Feature | `npm test -- --grep "feature"` | 0 | PASS (3/3) |
### Deviations from Plan (if any)
| Planned | Actual | Reason |
|---------|--------|--------|
| [Original design] | [What changed] | [Why] |
### Status
COMPLETE - All verifications passed with fresh evidence
Every claim in verification output MUST have a corresponding evidence entry.
Format: [command] → exit [code]: [result summary]
Rules:
EVIDENCE:
tests: ["CI=true npm test → exit 0: 34/34 passed"]
build: ["npm run build → exit 0: compiled in 2.3s"]
feature: ["curl localhost:3000/api/health → exit 0: {status: ok}"]
regression: ["npm test -- auth.test.ts → exit 0: regression case passes"]
Verification Summary must include this EVIDENCE block before the Status line.
Anti-pattern: Status: COMPLETE - All verifications passed without EVIDENCE block = INVALID.
After standard verification passes, apply this additional check:
A component can:
Use this distinction when verification gets expensive:
Never skip phase-exit proof. If extended audit is not run, say so explicitly instead of implying it happened.
Goal-backward asks: "Does the GOAL work?" not "Did the TASK complete?"
GOAL: [What user wants to achieve]
TRUTHS (observable):
- [ ] [User-facing behavior 1]
- [ ] [User-facing behavior 2]
ARTIFACTS (exist):
- [ ] [Required file/endpoint 1]
- [ ] [Required file/endpoint 2]
WIRING (connected):
- [ ] [Component] → [calls] → [API]
- [ ] [API] → [queries] → [Database]
Standard verification: exit code 0 ✓
Goal check: All boxes checked?
Iron Law unchanged: Exit code 0 still required. This is an additional verification lens, not a replacement.
After Goal-Backward Lens passes, scan for these stub indicators:
# Check for TODO/placeholder markers
grep -rE "TODO|FIXME|placeholder|not implemented|coming soon" --include="*.ts" --include="*.tsx" --include="*.js"
# Check for empty returns
grep -rE "return null|return undefined|return \{\}|return \[\]" --include="*.ts" --include="*.tsx"
| Pattern | Why It's a Stub |
|---|---|
return <div>Placeholder</div> |
Renders nothing useful |
onClick={() => {}} |
Click does nothing |
onSubmit={(e) => e.preventDefault()} |
Only prevents default, no action |
useState with no setter calls |
State never changes |
| Pattern | Why It's a Stub |
|---|---|
return Response.json({ message: "Not implemented" }) |
Explicit stub |
return Response.json([]) without DB query |
Returns empty, no real data |
return NextResponse.json({}) with no logic |
Empty response |
| Pattern | Why It's a Stub |
|---|---|
throw new Error("Not implemented") |
Will crash at runtime |
console.log("TODO") |
Debug artifact |
// TODO: implement |
Marked incomplete |
# Run before claiming completion
grep -rE "(TODO|FIXME|placeholder|not implemented)" src/
grep -rE "onClick=\{?\(\) => \{\}\}?" src/
grep -rE "return (null|undefined|\{\}|\[\])" src/
If any stub patterns found: DO NOT claim completion. Fix or document why it's intentional.
Artifacts can exist, pass lint, and have tests but NOT be wired to the system.
Component → API Check:
# Does component actually call the API?
grep -E "fetch\(['\"].*api|axios\.(get|post)" src/components/
# Is response actually used?
grep -A 5 "fetch\|axios" src/components/ | grep -E "await|\.then|setData|setState"
API → Database Check:
# Does API actually query database?
grep -E "prisma\.|db\.|mongoose\." src/app/api/
# Is result actually returned?
grep -E "return.*json.*data|Response\.json" src/app/api/
Red Flags:
| Pattern | Problem |
|---|---|
fetch('/api/x') with no await |
Call ignored |
await prisma.findMany() → return { ok: true } |
Query result discarded |
Handler only has e.preventDefault() |
Form does nothing |
Line Count Minimums:
| File Type | Minimum Lines | Below = Likely Stub |
|---|---|---|
| Component | 15 | Too thin |
| API route | 10 | Too thin |
| Hook/util | 10 | Too thin |
Exports can exist but never be consumed. Check that key exports are actually used:
# Check if export is imported AND used (not just imported)
check_export_used() {
local export_name="$1"
grep -r "import.*$export_name" src/ --include="*.ts" --include="*.tsx" | wc -l
grep -r "$export_name" src/ --include="*.ts" --include="*.tsx" | grep -v "import\|export" | wc -l
}
# Example: Check auth exports are consumed
check_export_used "getCurrentUser"
check_export_used "useAuth"
Export Status:
| Status | Meaning | Action |
|---|---|---|
| CONNECTED | Imported AND used | ✓ Good |
| IMPORTED_NOT_USED | Import exists but never called | Remove dead import or implement |
| ORPHANED | Export exists, never imported | Dead code or missing integration |
Sensitive routes must check authentication:
# Find routes that should be protected
protected_patterns="dashboard|settings|profile|account|admin"
grep -r -l "$protected_patterns" src/app/ --include="*.tsx"
# For each, verify auth usage
check_auth_protection() {
local file="$1"
grep -E "useAuth|useSession|getCurrentUser|isAuthenticated" "$file"
grep -E "redirect.*login|router.push.*login" "$file"
}
If sensitive route lacks auth check: Add protection before claiming completion.
No shortcuts for verification.
Run the command. Read the output. THEN claim the result.
This is non-negotiable.
IMMEDIATELY before writing ### Router Contract (MACHINE-READABLE), verify ALL:
[command] → exit [code] entry from THIS sessionIf ANY check fails: Fix it FIRST, then re-run Completion Guard. Do NOT emit Router Contract with STATUS:PASS/FIXED/APPROVE until all 4 pass.
This is the LAST gate. No exceptions. No "close enough."
