In our previous posts, we explored the three stages of AI-powered development and defined what makes development truly “agentic.” But one question keeps surfacing in leadership conversations:
“This sounds powerful—but can I trust it?”
The answer is yes—but not because of hope, hype, or “vibes.” Trust comes from contracts, evidence, and gates—infrastructure that makes agent outputs verifiable, reviewable, and auditable.
This post introduces the three pillars of safe adoption and explains why organizations that build trust infrastructure first capture the benefits of agentic delivery while maintaining the governance their stakeholders require.
The Trust Problem: Why Vibes Aren’t Enough
Agentic software development can create files, modify code, run commands, and merge pull requests. The blast radius is no longer a few lines; it’s multi-file implementations and infrastructure changes.
How do you verify outputs you didn’t write and may not fully understand?
The playbook’s answer: you don’t trust the agent’s intent; you verify its artifacts.
This approach transforms AI from a black box into a transparent, auditable process. Every output can be traced, every claim can be verified, and every action can be reversed.
Pillar 1: Contracts – Structured Data Replaces Prose
The first pillar is contracts, formal schemas that define what valid agent output looks like.
Instead of asking an agent to “write a migration plan” (prose, ambiguous, unverifiable), you ask it to produce a schema-valid artifact: structured JSON with required fields, defined types, and clear relationships.
Key concepts:
- Schema-driven development: Converting vague requirements into reviewable, diffable contracts that CI validates automatically
- Golden and anti-examples: Teaching agents through validated good examples and rejected bad ones
- Automated validation gates: Using JSON Schema to reject malformed outputs before human review
Why this matters for business
Your team reviews structured data, not prose. Every artifact is versioned, traceable, and consumable by downstream systems. Reviewers verify contracts, not hunt for bugs.
Real-world impact
A VP needs technical debt data for board reporting. Without contracts, someone spends days manually compiling spreadsheets. With contracts, agents produce weekly validated reports with severity, affected files, and evidence. The answer is always current.
Pillar 2: Evidence – Citation Discipline Prevents Hallucination
The second pillar is evidence; a requirement that every claim in an agent artifact must cite its source.
Consider a discovery artifact that claims: “The UserService class has 47 methods and depends on 12 external packages.”
Without evidence, this is an assertion. With evidence, it becomes verifiable: the claim includes the source file, analysis method, timestamp, and commit hash. A reviewer can verify the claim in seconds instead of re-researching from scratch.
Key concepts:
- Citation-based claims: Every AI assertion backed by file paths, line numbers, and commit SHAs
- Stop/Ask triggers: Agents halt and request clarification rather than hallucinate or guess
- Evidence quality rubrics: Measurable standards (GOLD/SILVER/BRONZE) for traceability
The Stop/Ask Protocol: When an agent encounters missing data, ambiguous requirements, or uncertain risk, it doesn’t guess. It stops and asks for human input through workflow failures, GitHub Issues, or PR comments.
Why this matters for business
This eliminates confident hallucination, the most dangerous AI failure mode. The agent can still be wrong, but it cannot be silently wrong. Compliance teams can trace any claim back to its origin.
Real-world impact
An API team produces changelog documentation. Without evidence, product managers don’t trust the output and manually verify each entry. With evidence, every change cites the actual code commit. PMs trust the changelog because they can spot-check any claim in seconds.
Pillar 3: Gates – Permissions Earned, Not Assumed
The third pillar is gates; policy-enforced checkpoints that control what agents can do based on verified conditions.
The playbook defines three human-involvement levels:
Key insight: agents don’t start at HOOTL. They earn autonomy through progressively validated gates.
Key concepts:
- Risk classification: Low/medium/high/critical determines what approval is required
- Separation of concerns: The verifier agent is never the same agent that created the artifact
- Executable rollback plans: Every change includes automated recovery as a prerequisite
Here’s an example of a typical gate policy by risk class:
- Low: Auto-merge after CI passes (or 1 approval)
- Medium: Requires verification pass + 1 human approval
- High/Critical: Requires explicit sign-off + protected environment validation
Why this matters for business
Gates are enforced by infrastructure, not intention. Agents operate read-only until proven safe. Every gate includes a rollback escape hatch. This makes compliance straightforward: the audit trail shows exactly what was approved and why.
Real-world impact
An infrastructure team manages dependency upgrades. Low-risk patches (minor versions, full test coverage) auto-merge after CI. Medium-risk upgrades require security review. Result: Common Vulnerabilities and Exposures (CVE) remediation time dropped from 14 days to 3 days – with zero regressions in 6 months.
The Governance Advantage
Organizations often assume that agentic delivery means less control. The opposite is true. Traditional development has gaps:
- Code reviews depend on a reviewer’s attention and expertise
- Documentation gets out of sync with implementation
- Audit trails are reconstructed after the fact
- Rollback plans are often informal or missing
Contract-driven agentic delivery closes these gaps:
- Every output is validated against a schema before review
- Every claim includes evidence that can be verified
- Every action is logged with full context
- Every change includes tested rollback instructions
The result: More visibility, not less. Faster delivery with stronger governance.
Getting Started: Three Questions
- Can you validate it? Define schemas for your most common agent outputs. If the output doesn’t match the schema, CI fails before any human reviews it.
- Can you verify the claims? Require evidence arrays in every artifact. If a claim lacks a citation, the agent must Stop/Ask.
- Can you reverse it? Ensure every implementation includes a rollback plan. If health checks fail, automated recovery kicks in.
Organizations that build this infrastructure first, before scaling AI usage, capture the benefits of agentic delivery while maintaining the control their stakeholders require.
The Bottom Line
The question isn’t whether agentic software development will transform software delivery; it already is. The question is whether your organization will adopt it with trust infrastructure or stumble into it with hope and anxiety.
Contracts, evidence, and gates aren’t bureaucracy—they’re the foundation that makes speed safe.
The path is methodical. The infrastructure is clear. Your time to build is now.
