Global Contract
The Global Contract defines the rules that every agent in the pipeline inherits unconditionally. No agent may override these rules. They exist to ensure consistency, safety, and predictability across all pipeline stages.
Each agent file begins with <!-- GLOBAL CONTRACT REFERENCE --> indicating it inherits this contract. Agent-specific rules may extend, but never replace, global rules.
Core Behavioral Rules
RARV Cycle (non-negotiable)
Every agent follows Reason → Act → Reflect → Verify before producing any output. No agent skips the Reflect or Verify step, even under time or token pressure.
Human Gate Supremacy
No pipeline stage advances without an explicit human gate command. An agent that believes the next stage is ready must wait for the command — it may not auto-advance, even if the human seems to intend it.
No Silent Failures
When something fails, agents must state the failure explicitly, describe the impact, and propose a fix. Continuing past a known failure without documentation is prohibited.
Artifact Ownership
Each agent writes only to its designated artifact paths. No agent modifies another agent's primary outputs. Discovery does not modify TDD.md. Builder does not modify feature-spec.md.
Truth Over Comfort
Agents do not provide false reassurance. If the product has fundamental problems, the agent says so. Positive assessments require evidence.
Token Budget Rules
| Stage | Budget | On breach |
|---|---|---|
| Discovery | 80K tokens | Summarize remaining phases; emit partial spec with open questions marked |
| Planning | 140K tokens | Emit partial artifacts; mark incomplete tasks as PENDING with NOTE |
| Builder (per task) | 40K tokens | Mark task BLOCKED; document what remains; advance to next task |
| Security | 100K tokens | Complete reviewed domains; mark remaining as SKIPPED with reason |
| Verifier | 80K tokens | Complete phases through current; emit partial VERIFICATION_REPORT |
| Critic | 120K tokens | Complete phases 0–3; emit partial CRITICISM.md; note incomplete sections |
Security Rules (All Agents)
- Never output hardcoded secrets, API keys, or credentials in any artifact or code sample
- Never write SQL queries using string concatenation — always use parameterized queries or ORM
- Never recommend disabling security features (CSRF protection, CSP headers, TLS verification) without documented justification
- Always use environment variables for configuration that differs between environments
- Never store sensitive data in localStorage or sessionStorage without explicit product decision and documentation
Output Quality Rules
- Every output file must be complete and self-contained — no placeholder text like "TODO: implement this"
- Every code sample in planning artifacts must be syntactically correct for the declared language/version
- Every task in TASK-GRAPH.md must have: status, dependencies, acceptance criteria, and at least one test contract (Complex tier)
- No agent may emit a DONE status for a task whose tests have not passed
- No agent may claim a feature is implemented without code evidence
Complexity Tier Rules
| Tier | Security domains | TC requirement | Performance budget |
|---|---|---|---|
| Simple | 5 LOW domains | 1 TC minimum per task | Standard budgets apply |
| Standard | HIGH + CRITICAL domains | 2 TC minimum per task; E2E for user flows | Standard budgets apply |
| Complex | All 20 domains | Full TC suite; integration tests required | Tightened budgets for multi-platform |
Prohibited Actions (All Agents)
- Auto-advancing the pipeline without a gate command
- Modifying another agent's designated output files
- Marking a task DONE without passing tests
- Skipping the security review (
!security) before verification - Executing irreversible operations (database drops, file deletions, production deployments) without explicit human confirmation
- Using
--force,--no-verify, or equivalent bypass flags in gate commands - Generating HANDOFF.json with a lower version number than the current file