Always-on AI code review governance
AI code review governance for always-on agents: receipts, scopes, and owners that answer why a file changed without replaying chat.
Pairing sessions with tech leads keep catching the same miss: verification commands that ran but never got pinned to the PR description. Always-on agents make that miss compound, which is the case for AI code review governance: when agents ship around the clock, review is either a property of the workflow or a performance. AI code review governance is the set of receipts and scopes that let reviewers verify agent work without replaying sessions. Merge-queue fatigue is what it feels like when that set is empty.
The unpinned command
Delegation without boundaries creates silent rework, and the first symptom is a verification command nobody can find. In pairing sessions with tech leads we keep catching commands that ran in chat and died there, while the PR description stayed confident and empty.
Counter-thesis: Review is no longer a stage gate; with always-on agents it is a property the workflow either has continuously or fakes continuously.
The wrong path: We believed tighter prompts could substitute for repo contracts. We watched it fail during crunch weeks, when summaries shrank to bullet vibes and the question of why the agent touched a file had no answer outside chat.
Diagnosis: Brooks's law, applied to review. Adding agent throughput to a tired review queue makes review slower, because coordination cost grows faster than the queue drains.
Thesis: Always-on agents need always-on receipts.
Receipts that survive the crunch week
Each fix here removes one reason to replay a session.
Recursive handoff blur. Chained agents return summaries that omit child-owned paths, and crunch weeks shrink those summaries further.
Named fix: Child receipt block. Every child returns paths touched, commands run, and tests proving regression guards. Parents stop green-lighting mystery diffs at midnight.
Review queue theater. CI is green and reviewers still ask why this approach, because humans optimize for checks passing when the queue is long.
Named fix: Decision stub. Three forced lines in the PR: constraints considered, rejected alternatives, verification proof. Debate happens once, in writing, instead of nightly.
Claude scope fog. .mdc language sounds precise until reviewers argue what it meant; rules compete with chat memory and split-brain coordination follows. Claude's agent docs cover the rule mechanics worth encoding.
Named fix: Scope ledger. Five lines in the parent chat: goal, allowed paths, forbidden paths, verification command, merge owner. Ledgers get checked against diffs; prompts stop getting re-debated.
Claude permission creep. On shared laptops, bash approvals become muscle memory, and always-on schedules mean nobody is watching when the muscle twitches. Claude Code's getting started guide documents the permission file that needs an owner.
Named fix: CLAUDE.md supremacy clause. The top of CLAUDE.md states which hooks win, which folders require human eyes, and where temporary overrides live. Sessions stop inventing policy mid-run.
---
description: Delegation boundary snapshot (adapt globs to your repo)
globs:
- "**/*"
alwaysApply: false
---
- Claude: keep scopes explicit in `.mdc`; forbid undeclared MCP domains.
- Claude Code: cite `CLAUDE.md` precedence before expanding bash scope.
- Codex: ensure `AGENTS.md` carries replay-friendly verification notes for CLI runs.
Connector behavior belongs in the same record; the MCP specification exists so capability is declared rather than discovered. Review is where receipts meet responsibility in our methodology, the same bar the rest of agentic coding governance holds, and the boundary-setting half of this piece is AI agent boundaries that hold.
The questions that replace chat replay
An always-on workflow is governed when these four questions have written answers.
| Gate | Question |
|---|---|
| Replay proof | Which commands prove regression guards? |
| Receipt match | Does the PR body list scopes + verification transcript? |
| Rules precedence | Which .mdc, SKILL.md, or CLAUDE.md governed behavior? |
| Connector truth | Which MCP servers fired, and were they expected? |
Review strip
- Red-folder paths received explicit human acknowledgement.
- Scopes in the PR body match folders in the diff.
- Verification command output is pasted or linked.
- MCP connectors mentioned (if any) list owners.
Synthesis: Governance, reduced to one test: answer "why did the agent touch this file?" without opening a chat log.
Boundary note
None of this replaces architecture judgement; agents accelerate execution, not ownership. When the stakes include compliance or customer data, the NIST AI Risk Management Framework is the reference that belongs in the review checklist itself.
Best ways to use this research
- Best for: engineering teams comparing Claude, Claude Code, and Codex operating habits while the merge queue runs around the clock.
- Best first artifact: a decision stub added to your PR template today; it is three lines and it ends the nightly approach debate.
- Best comparison angle: sample five recent agent PRs and count how many questions required chat replay to answer; keep the receipt format that drives the count to zero.
Common questions
-
What is AI code review governance?
AI code review governance is the set of receipts and scopes that let reviewers verify agent work without replaying sessions: child receipt blocks, decision stubs, scope ledgers, and written permission precedence. It is what makes always-on agent output reviewable at human speed.
-
How do I review agent PRs without replaying the chat?
Demand the receipts up front. The PR body carries the scope ledger and decision stub; forked work arrives with child receipt blocks listing paths touched, commands run, and tests proving regression guards. If answering a question requires the session log, a receipt was missing.
-
Why do merge queues slow down when agents ship more?
Brooks's law, applied to review: throughput rises but coordination cost rises faster, so a tired queue drains slower with every added run. Receipts cut the coordination cost, which is why governance reads as velocity once surprises stop scaling and reviewers stop doing archaeology.
Further reading
- Google Search Central on helpful, people-first content
- Google Search Central on generative AI content
- The OpenAI Skills repository
Next move
If your queue is always on and your receipts are not, our training installs this review loop with your team on a live repo.
Related training topics
Related research
AI agent guardrails: why every harness needs them
Why agent harnesses need guardrails: AI agent guardrails that turn complete-sounding summaries into receipts reviewers can actually verify.
Claude Code 2.1.142 team conventions
Claude Code 2.1.142 team conventions for parallel agent streams: a skill index, a hook budget, a CLAUDE TOC, and red-folder approvals.
AI coding agents need workflow guardrails
Workflow guardrails for AI coding agents: a precedence clause, a replay mandate, connector cards, and child receipts that keep forks explainable in review.
Continue through the research archive
Newer research
AI coding agents need workflow guardrails
Workflow guardrails for AI coding agents: a precedence clause, a replay mandate, connector cards, and child receipts that keep forks explainable in review.
Earlier research
AI agent boundaries that hold under pressure
A boundary-setting guide to AI agent boundaries: connector cards, scope ledgers, child receipts, and decision stubs that stop permission drift.