Define the claim
Start with what the change is supposed to do. The verifier should be able to compare the implementation against the requested behavior, not just read code for style.
AI coding agents can move fast, but the work still needs the same engineering discipline as any other change: independent review, executable tests, explicit acceptance criteria, and a clear reason to trust the result.
A verifier report should be short enough for a human reviewer to scan and specific enough to block a weak change. It should separate what was checked from what is still unknown.
Billing settings form and API update. Expected behavior: save notification preferences, reject invalid account IDs, preserve existing settings on failed writes.
Unit tests for validation, integration test for save-and-read flow, type check, lint, and manual empty-state review.
First implementation updated the UI but did not persist the disabled state after refresh. Sent back before final review.
No production billing provider call was exercised locally. Human reviewer should inspect provider-specific error handling before merge.
Ready only if the provider boundary check is accepted or covered by a targeted follow-up before release.
A model that just wrote a change is already anchored to its own assumptions. Verification is more useful when it is performed as a separate pass with fresh attention, clear inputs, and the authority to reject or send work back.
Start with what the change is supposed to do. The verifier should be able to compare the implementation against the requested behavior, not just read code for style.
Inputs, outputs, permissions, data changes, and failure cases deserve specific attention because agents often succeed on the obvious path while missing the edge.
A review should point to tests run, files checked, assumptions made, and unresolved risk. Confidence without evidence is not a merge signal.
Automated tests do not prove a change is perfect, but they prevent a reviewer from treating a broken change as ready. The useful pattern is deterministic, independent tests that cover the normal path and the cases most likely to fail.
Confirm the requested behavior works in the simplest successful case. This catches wiring mistakes and incomplete implementations quickly.
Exercise invalid input, empty states, permission failures, pagination boundaries, retries, and other cases where plausible code often breaks.
Keep tests free of clock, network, and shared-state coupling when possible, so failures describe the code rather than the environment.
AI code verification is not a single approval prompt. It is a loop that tightens the change until the implementation, tests, and review notes line up with the original request.
State the files, interfaces, data model impact, and acceptance criteria before implementation begins.
Keep the change scoped so review can focus on behavior instead of untangling unrelated edits.
Execute relevant tests and static checks, then record what passed, failed, or could not be run.
Evaluate the diff against the request, send it back for fixes when evidence is missing, and preserve the reasoning trail.
The final handoff should make it easy for a human reviewer to decide what to trust. That means the page, pull request, or agent report needs concrete signals instead of vague confidence language.
| Signal | What it answers | Why it matters |
|---|---|---|
| Changed behavior | What user, API, or system behavior is different? | Reviewers can compare the diff to the actual request. |
| Checks run | Which tests or validations executed, and what happened? | Passing evidence is separated from unverified assumptions. |
| Review findings | What did the independent review inspect or challenge? | The reviewer can see whether edge cases and failure paths were considered. |
| Residual risk | What remains uncertain before merge? | Teams can make an explicit decision instead of inheriting hidden risk. |
It overlaps with code review, but it needs stronger process discipline because the author may be an agent. Useful verification combines executable checks, independent review, and a written account of what was validated.
No. Passing tests are necessary evidence, not a full proof. Review still needs to inspect design fit, untested paths, security-sensitive behavior, and whether the implementation matches the request.
Reject changes with unclear scope, missing tests for meaningful behavior, unexplained failures, broad unrelated edits, fragile assumptions, or review notes that do not connect to the actual diff.
Multi-agent coding is easier to trust when roles are explicit. One agent can implement, another can test or review, and the final result can include the evidence trail a human needs before merge.
Concertor is built around planned, delegated engineering work where implementation and verification are separate parts of the process.
Explore Concertor