Validation gates for agentic workflow progression.
Checkpoints are mandatory validation stages that ensure quality and enable human oversight. Each checkpoint has entry criteria, exit criteria, and required proofs.
First step: Assess task size to determine the appropriate workflow.
| Size | Lines Changed | Files | Workflow | Example |
|---|---|---|---|---|
| Trivial | < 10 | 1 | Fast Path | Fix typo, update version |
| Small | 10-50 | 1-2 | Lite (C0+C2+C3) | Add function, fix bug |
| Medium | 50-200 | 2-5 | Full (C0-C3) | New feature, refactor |
| Large | > 200 | 5+ | Full + Extra Review | Major feature, migration |
Default to Full workflow if uncertain about size.
For trivial changes (< 10 lines, single file, no escalation triggers):
- Quick C0: One-line scope statement
- Skip C1: No planning document needed
- Quick C2: Implement + verify
- Minimal C3: Short PR description
- Change is < 10 lines
- Only 1 file modified
- No escalation triggers apply
- Documentation or bug fix only
- No new dependencies
- No architecture changes
## Summary
[One sentence]
## Fast Path Confirmation
- [x] < 10 lines, single file
- [x] No escalation triggers
- [x] Tests pass (if applicable)
## Change
[Brief description]If ANY doubt: Use standard workflow, not Fast Path.
| Checkpoint | Name | Purpose |
|---|---|---|
| C0 | Comprehension & Scope | Confirm understanding before planning |
| C1 | Plan & Risks | Validate approach before implementation |
| C2 | Implementation & Tests | Verify code quality before PR |
| C3 | PR & Proofs | Confirm deliverable completeness |
| C4 | Post-Merge | Validate production behavior (optional) |
[Issue] → C0 → C1 → C2 → C3 → [PR Merged] → C4
│ │ │ │ │
scope plan code proof monitor
Purpose: Ensure the agent understands what is being asked before starting work.
- Issue or task description received
- Access to relevant codebase
- Read and parse the task description
- Identify ambiguities or missing information
- Determine affected files and components
- Estimate scope and complexity
- Task objective stated in agent's own words
- Scope boundaries defined (what's in, what's out)
- Questions raised if clarification needed
- No blocking ambiguities remain
- Scope statement document
- List of affected components
- Escalation record (if questions raised)
Purpose: Validate the implementation approach before writing code.
- C0 completed
- Scope confirmed
- Analyze existing code in affected areas
- Design implementation approach
- Identify risks and dependencies
- Create structured plan
- Implementation plan documented
- Files to create/modify listed
- Risks identified and tagged
- Escalations raised for architecture/security decisions
- Plan approved (human or automated)
- Implementation plan document
- Risk assessment (using RISK_MODEL)
- ADR (if significant decisions made)
- Escalation records (if any)
Purpose: Ensure code quality before requesting review.
- C1 completed
- Plan approved
- Implement changes per plan
- Run local tests
- Run lint and static analysis
- Fix issues iteratively
- All planned changes implemented
- Tests pass locally
- Lint passes (no new violations)
- Static analysis passes (PHPStan level 9 or equivalent)
- No regressions in existing tests
- Diff of changes
- Test execution output
- Lint output
- Static analysis output
Purpose: Confirm the deliverable is complete and ready for merge.
- C2 completed
- All local checks pass
- Create pull request with required sections
- Attach all proof artifacts
- Self-review changes
- Request human review
- PR created with complete description
- All checkpoints documented in PR
- Proof artifacts attached
- CI pipeline passes
- Human review approved
- PR description (following template)
- CI pipeline results
- Review approval
- Checkpoint completion checklist
## Summary
[1-3 sentences describing the change]
## Checkpoints Completed
- [x] C0: Comprehension & Scope
- [x] C1: Plan & Risks
- [x] C2: Implementation & Tests
- [x] C3: PR & Proofs
## Changes
[List of files modified]
## Testing
[Test commands run + output summary]
## Risks
[Identified risks and mitigations]
## Escalations
[Any escalations raised and decisions made]Purpose: Validate behavior in production environment.
- C3 completed
- PR merged
- Deployment completed
- Monitor error rates
- Check performance metrics
- Validate feature behavior
- Confirm no regressions
- No increase in error rate
- Performance within acceptable bounds
- Feature works as specified
- Rollback not required
- Monitoring dashboard screenshot
- Error rate metrics
- Performance metrics
- User validation (if applicable)
If a checkpoint cannot be passed:
- Document the blocking issue
- Escalate if human decision needed
- Iterate up to max allowed attempts
- Rollback if iteration limit exceeded
Never skip a checkpoint. If a checkpoint seems unnecessary, escalate to discuss removing it from the workflow.
Where possible, checkpoints should be machine-verifiable:
| Check | Automation |
|---|---|
| Tests pass | CI pipeline |
| Lint clean | Pre-commit hook |
| Static analysis | CI pipeline |
| Links valid | Documentation check |
| Template complete | PR validation |
Human judgment required for:
- Scope appropriateness
- Design quality
- Risk assessment accuracy
- Code clarity and maintainability
Checkpoints exist to ensure quality, not to slow progress.