Route a task before implementation into a deterministic lane (`fast`, `standard`, `critical`, or `blocked`) and emit required hard-gate outputs for this repository.
Use this skill before implementation to choose exactly one lane and one classification for the task. This is a hard gate for non-trivial work.
Sources of truth:
AGENTS.mddocs/ai/cto-lane-contract.mddocs/ai/verification-matrix.mddocs/ai/high-risk-paths.mdAlways emit both:
classification: low-risk autonomous | high-risk human-reviewed | blocked pending clarificationlane: fast | standard | critical | blockedChoose exactly one:
fast + low-risk autonomousstandard + low-risk autonomouscritical + high-risk human-reviewedblocked + blocked pending clarificationfast (low-risk autonomous)Use when the task is docs/process only or a small low-risk UI/content change and does not touch high-risk paths or protected behaviors.
For docs-only work, reviewer and verify-change are not required.
For small code/config updates in this lane, still require both reviewer and verify-change.
Required output:
fast in this reporequired agents:
specification-engineer -> implementation-engineer -> code-review-engineerreviewer required: yes for any non-doc code/config work; no for docs/process onlyverify-change required: yes for any non-doc code/config work; no for docs/process onlymandatory checks from docs/ai/verification-matrix.mdstandard (low-risk autonomous)Use for non-trivial code/config work outside protected paths. This lane is never docs-only.
Required output:
standard in this reporequired agents:
specification-engineer -> implementation-engineer -> code-review-engineer -> test-engineersecurity-engineer when auth/input/secrets/integration risk existsperformance-engineer when query/runtime performance risk existsreviewer required: yesverify-change required: yesmandatory checks from docs/ai/verification-matrix.mdcritical (high-risk human-reviewed)Use when any high-risk path is touched or behavior affects auth, runtime config, server/API boundaries, tenant isolation, RLS, grants, RPC exposure, secrets, CI policy, or deploy routing.
Trigger paths include:
supabase/migrations/**supabase/functions/**src/server/**src/lib/auth*src/lib/runtimeConfig*scripts/ci/**.github/workflows/**netlify.tomlRequired output:
critical in this reporequired agents:
specification-engineer -> software-architect -> implementation-engineer -> code-review-engineer -> test-engineer -> security-engineerperformance-engineer for query/runtime performance riskreviewer required: yesverify-change required: yesmandatory checks from docs/ai/verification-matrix.mdlinear required: yes (must be linked before PR-ready state)blocked (blocked pending clarification)Use when the task cannot be routed safely because scope, target files, expected behavior, or environment assumptions are unclear enough that implementation would be unsafe.
Examples:
Required output:
lane: blockedclassification: blocked pending clarificationreviewer required: not yet; required once the task is unblocked if it resolves to high-risk workverify-change required: not yetmandatory checks: none until clarifiedclassification: exactly one supported valuelane: exactly one supported valuewhy: short repo-specific reasontriggering paths: explicit files or globsrequired agents: ordered listreviewer required: yes or noverify-change required: yes or nomandatory checks: exact commands or none until clarifiedblocking conditions: list of what must be true before implementation or handoff can proceedlinear required: yes or nosrc/components/** UI tweaklow-risk autonomousstandardsrc/components/**specification-engineerimplementation-engineercode-review-engineertest-engineernpm run ci:check-focusednpm run lintnpm run typechecknpm run test:cinpm run buildnpm run test:routes:tier0 and npm run ci:playwright when route/auth/session flows are affectedverify-changereviewer completionsrc/lib/auth* changehigh-risk human-reviewedcriticalsrc/lib/auth*specification-engineersoftware-architectimplementation-engineercode-review-engineertest-engineersecurity-engineernpm run ci:check-focusednpm run lintnpm run typechecknpm run test:cinpm run test:routes:tier0npm run buildnpm run ci:playwright when secrets are available or in CInpm run verify:local when local environment supports required checkssupabase/migrations/** changehigh-risk human-reviewedcriticalsupabase/migrations/**specification-engineersoftware-architectimplementation-engineercode-review-engineertest-engineersecurity-engineernpm run ci:check-focusednpm run test:cinpm run validate:tenantnpm run buildnpm run verify:local when local environment supports required checks.github/workflows/** changehigh-risk human-reviewedcritical.github/workflows/**specification-engineersoftware-architectimplementation-engineercode-review-engineertest-engineersecurity-engineernpm run ci:check-focusednpm run lintnpm run typechecknpm run test:ci and npm run build if the workflow affects app verification behaviornpm run verify:local when local environment supports required checkslow-risk autonomousfastdocs/**fast or standard and later touches a high-risk path, re-route to critical immediately.blocked.docs/ai/cto-lane-contract.md as the lane source of truth.