Dr Tom Rolley

I audited 3 of my vibe-coded apps. One had an unauthenticated API route. Another had 864 PII call sites across 94 files. A third had two versions of the same core system running simultaneously. None of it was visible from the outside. https://t.co/GljacKO0KH

Deleting an old script is a small change. Retiring its authority is not. A tool can be dead (nothing runs it) and still alive (docs say it's the supported way). If you remove the code but leave the docs, you've created a path that no longer exists. https://t.co/mIxQcGXgpf

Reference documents don't enforce themselves. Citation is not the same as applied effect. A reference that was mentioned but didn't change the work wasn't used — it was acknowledged. https://t.co/gj9t0eeNBK

Making CI green ≠ restoring a trusted gate. The acceptance criterion isn't "does CI pass?" It's "does it enforce the same contract, with no new suppressions or narrowed scope?" https://t.co/3Mtujelqt2

Creating a new reference document doesn't fix authority ambiguity. It just adds another document that might be right. The real work: assign explicit domains, write a conflict-routing rule, record gaps instead of inventing policy. https://t.co/Aiq4baBtxS

A small diff is not a small change. Risk follows the *authority* a change touches, not its line count. A two-line edit to the doc everyone treats as the source of truth can outrank a thousand-line feature. https://t.co/rxukf3SEv7

Engineering standards docs can quietly become policy. Before changing CI or scripts, separate repo facts, recommendations, human decisions, deferred questions, and implementation status. Do not hide policy inside cleanup. https://t.co/WzPVub8JzD

A failed human review is not always a build defect. Sometimes it reveals the standard was never explicit. Before rebuilding, decide what failed: implementation, evidence, approval, or the contract itself. https://t.co/Pjsg2axRqB

A failed human review is not always a build defect. Sometimes it reveals the standard was never explicit. Before rebuilding, decide what failed: implementation, evidence, approval, or the contract itself. https://t.co/XzeePZgmy3

A clean diff can still break untouched consumers. When a change modifies a shared type, schema, event, or output contract, verification scope should follow the contract's blast radius, not just the edited files. https://t.co/bkvP5IGZRi

Final URL tests can pass while the product still flashes the wrong surface during the handoff. Visual continuity is a transition contract, not a side effect of navigation. https://t.co/uvZKQEj7X4

Logs are data surfaces. If runtime output can expose user-derived data, identifiers, raw records, generated content, or private context, it belongs inside privacy review. Keep the operational signal. Remove the private context. https://t.co/zpVYYrBDcY

A docs-only diff can still cross a production boundary. If the document describes live external state, prove the remote authority before reconciling the text. https://t.co/jz8fCoZQ0r

Human gates need guided continuation. Collect the decision in the guided flow. Record it through the authority surface. Resume through the legal workflow path. A prompt is not a lifecycle engine. https://t.co/acJbVirQ6Z

Architecture maps need authority labels. If a reference lists paths without saying which ones are canonical, supported, legacy, deprecated, or observational, future work can extend the wrong surface with confidence. Map current truth before cleanup. https://t.co/N0iGrRQ68j

CLI progress is not "just logging" when stdout is already a machine-readable contract. Then inject progress where the workflow truth lives. https://t.co/KlYD0HHn6U

Moving a governed artifact is rarely just a file-path change. If writers, parsers, validators, provenance, docs, and tests depend on it, the path is part of the contract. Move the artifact. Migrate the contract. https://t.co/xxeihkGB8R

Verdict labels are for people. Durable tokens are for workflows. If "accepted with risks" drives automation, it should not flatten into a clean accept. Preserve the label, normalize to an exact token, and test the route. https://t.co/bXLW87cakv

A valid verdict label can hide a missing review. If a review artifact controls advancement, the required reasoning should be visible and checkable, not just requested in the prompt. https://t.co/04lx461vUB