fix(gsd): add verification gate to complete-slice tool

complete-slice had no check on the provided verification/UAT content, allowing agents to mark slices complete even when verification clearly failed. The prompt told agents to always call the tool, but the tool blindly accepted. Now rejects completion when verification or UAT content contains blocked/failed signals (status: blocked, verification_result: failed, etc.), forcing agents to address blockers before advancing. Closes #3580 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 19:02:53 -07:00 · 2026-04-06 19:02:53 -07:00 · b9baf42a47
commit b9baf42a47
parent b4c6229360
1 changed files with 9 additions and 0 deletions
--- a/src/resources/extensions/gsd/tools/complete-slice.ts
+++ b/src/resources/extensions/gsd/tools/complete-slice.ts
@ -233,6 +233,15 @@ export async function handleCompleteSlice(
    return { error: ownershipErr };
  }

+  // ── Verification content gate (#3580) ──────────────────────────────────
+  // Reject completion when the provided verification/UAT clearly indicates
+  // the slice is blocked or failed. Prevents prompt regressions from
+  // silently advancing blocked slices.
+  const BLOCKED_SIGNALS = /\b(status:\s*blocked|verification_result:\s*failed|slice is blocked|cannot complete|verification failed)\b/i;
+  if (BLOCKED_SIGNALS.test(params.verification || "") || BLOCKED_SIGNALS.test(params.uatContent || "")) {
+    return { error: `slice verification indicates blocked/failed state — do not complete a slice that has not passed verification. Address the blockers and re-verify first.` };
+  }
+
  // ── Guards + DB writes inside a single transaction (prevents TOCTOU) ───
  const completedAt = new Date().toISOString();
  let guardError: string | null = null;