Process

Good AI-built software is a process, not a prompt. WORKFLOW.md is the operating doctrine: how the work gets run so the wheels stay on. An honest scope note first — the multi-model loops below run on your own machine through your own CLIs. They are a documented procedure, not something that executes itself from a chat.

Separation of duties. Three roles, three separate instances, never the same context. The builder writes code against the spec and the standard; it is optimistic. The reviewer reads diffs only, is permanently suspicious (Law 19), assumes the builder is wrong and the input is hostile, and goes beyond the checklist. The tester writes the failing test first, proves the dangerous path is closed for a normal user, then proves the fix. One instance never builds and blesses its own work. The reviewer's job is to be in a bad mood.

Privileged-domain review passes. Auth, payments, RLS, service keys, and env vars each get a dedicated, isolated review pass — not one sweep. Each pass answers a single question: how does an attacker abuse exactly this? Sign-off is per domain in the pull request, a separate ticked line each, or a written exception. A green build is necessary, never sufficient.

The multi-model review loop. Layers, none of which does all the work: project instructions define the contract; static rules catch known-bad before commit; tests prove the dangerous path fails; a second model — a codex- or GLM-class reviewer — reads the diff for novel risk. The reviewer can be wrong too, so the builder then audits the reviewer's findings, triaging false positives and confirming real ones. A single BACKLOG.md is the agents' shared memory: every run starts by reading it and ends by updating it with findings, decisions, and open threads. WORKFLOW.md marks this loop candidate, unverified — third-party tools are code execution and must be vetted for existence, maintainer, and supply chain before they enter the approved set (Law 17).

Parallelism and hygiene. Use git worktrees and sub-agents for genuinely independent problems — separate branches, no shared mutable state, merged through the normal gate. Don't parallelize things that share a file or a decision; you just manufacture merge pain. Curate allowed tools up front but scope them tight (least privilege, Law 5). Run /clear between unrelated tasks — a focused context beats a long one, and stale context is how a model starts contradicting the standard. Load pointer files only when working that area.

Discipline. TDD: failing test, then code, then green, then refactor — the test encodes the threat. Commit frequently with real conventional-commit messages, each a reviewable unit, never wip. Protect main and production: pull request plus review required, no direct push.

Frontend is staged too — four passes in order, not one magic prompt: structure (layout and components, no styling), then the design system (spacing scale, typography, tokens), then polish (alignment, whitespace, hierarchy), then UX details (hover, loading, empty, and error states). Adopt an existing component base rather than hand-rolling one on the first pass (Law 11).

And the documentation bar (Law 22): every shipped feature carries what it does, how to reproduce it, the alternatives considered, and why this one — plus its inversion entry in ANTIPATTERNS.md. Undocumented is unfinished.