---
name: verification-loop
description: Run a full verification pipeline — Build, TypeCheck, Lint, Test, Security scan, and Diff review — producing a READY or NOT READY verdict.
disable-model-invocation: true
---

# Verification Loop

Run a complete quality gate pipeline on the current codebase changes.

## Context

Changed files:
!`git diff --name-only HEAD 2>/dev/null || echo "No git changes"`

Package manager:
!`[ -f pnpm-lock.yaml ] && echo "pnpm" || ([ -f yarn.lock ] && echo "yarn" || echo "npm")`

Available scripts:
!`cat package.json 2>/dev/null | jq '.scripts // {}' 2>/dev/null || echo "No package.json"`

## Pipeline

Run each phase in order. Stop on CRITICAL failure. Track results for final verdict.

### Phase 1: Build

```bash
# Detect and run build command
pnpm build || npm run build || yarn build
```

**Pass criteria**: Exit code 0, no errors in output
**On failure**: CRITICAL — stop pipeline, report errors

### Phase 2: Type Check

```bash
# TypeScript type checking
npx tsc --noEmit 2>&1
```

**Pass criteria**: Exit code 0, zero type errors
**On failure**: Report all type errors with file:line locations

### Phase 3: Lint

```bash
# Run linter (detect which one is configured)
npx biome check . 2>&1 || npx eslint . 2>&1
```

**Pass criteria**: Zero errors (warnings acceptable)
**On failure**: Report errors grouped by rule

### Phase 4: Test

```bash
# Run test suite
pnpm test || npm test || yarn test
```

**Pass criteria**: All tests pass, coverage meets threshold
**On failure**: Report failing tests with error messages

### Phase 5: Security Scan

```bash
# Check for known vulnerabilities
npm audit --audit-level=high 2>&1 || pnpm audit 2>&1
```

**Pass criteria**: No high/critical vulnerabilities
**On failure**: Report vulnerable packages with fix suggestions

### Phase 6: Diff Review

Review the actual changes for common issues:
- Secrets or credentials in diff
- TODO/FIXME/HACK markers without ticket references
- Console.log/print statements (non-test files)
- Large files (>500 lines changed)

## Verdict

After all phases complete, produce the final report:

```markdown
# Verification Report

**Verdict**: ✅ READY / ❌ NOT READY

| Phase | Status | Issues |
|-------|--------|--------|
| Build | ✅/❌ | [count or "clean"] |
| TypeCheck | ✅/❌ | [count or "clean"] |
| Lint | ✅/❌/⚠️ | [errors/warnings] |
| Test | ✅/❌ | [pass/fail/skip counts] |
| Security | ✅/❌ | [vuln count] |
| Diff Review | ✅/⚠️ | [findings] |

## Blocking Issues
[List of issues that must be fixed before merge]

## Warnings
[Non-blocking issues worth addressing]

## Recommendations
[Suggested improvements, prioritized]
```

**READY** requires: Build ✅, TypeCheck ✅, Lint ✅ (no errors), Test ✅, Security ✅ (no high/critical)

**NOT READY** if any of the above fail. List what needs to be fixed.