The offer

$750 Agent PR Audit

For a small engineering team already using coding agents in one repo. Pick the recurring agent-created change that keeps slowing review.

Best buyer: founder, CTO, head of engineering, DevEx lead, or senior engineering owner who can authorize a local repo audit.

Use It When

The agent touches surprise files

Reviewers expected a product-code change and got CI, package metadata, generated files, or local config too.

Reviewers ask for command evidence

The PR needs a clearer answer to "what ran?" and "why those commands?"

Approval is implicit

Dependency, migration, auth, billing, security, or production-facing edits need a named human approval point.

Instructions disagree

README guidance, agent files, CI behavior, and reviewer expectations point in different directions.

Examples Of Returned Artifacts

Each artifact below is tied to a repo operation: what was read locally, which ContractForge file represents the work, and how a reviewer or agent would use it. They are not customer proof or measured performance claims.

node-glob

Read locally: contractforge audit records instruction sources such as AGENTS.md, CONTRIBUTING.md, and README.md.

Represented in: .contractforge/audit.md for the instruction gap and, if adopted, compiled AGENTS.md guidance.

AGENTS.md draft:
Final response must include files changed,
commands run, snapshot or benchmark notes,
skipped validation, and unresolved risks.

Review use: the agent final response is checked against this evidence list. Script or package-metadata prompts can also trigger preflight before the external agent command runs.

lambda-api

Read locally: the audit reviews AGENTS.md, .github/copilot-instructions.md, README.md, and repo signals from contractforge init.

Represented in: agent.contract.yaml path scope and final-response fields.

agent.contract.yaml:
Allowed paths: lib/**, __tests__/**,
index.js, index.d.ts.
Forbidden: secrets, release credentials,
generated artifacts.

Review use: contractforge eval uses these paths for diff-scope checks, and forbidden secret-like paths are hard-blocked before agent invocation.

jug

Read locally: contractforge audit records AGENTS.md and README.md; founder review identifies risky internals for this workflow.

Represented in: agent.contract.yaml recovery rules, compiled AGENTS.md, and the founder-reviewed memo.

AGENTS.md draft:
Run narrow pytest, make one focused repair,
stop after two failed attempts, and require
recorded approval for dependency or release changes.

Review use: dependency and release/package prompts map to known preflight patterns. Locking, hashing, and CLI internals stay as reviewer guidance unless encoded as forbidden paths or a later policy rule.

Deliverables

Map of current agent instructions and conflicting repo guidance.
Gap memo for file boundaries, approvals, commands, and reviewer expectations.
Editable agent.contract.yaml starter file for the selected agent task.
Compiled AGENTS.md draft for reviewer inspection.
Starter review tasks your team can inspect and refine.
Local check report with command output, traces, and policy notes.
Prompt-block notes for approval-required changes.
CI starter file.
Reviewed memo naming observed evidence, limitations, and recommended next edits.

Prerequisites

You can authorize local inspection of the repository.
You can name the recurring agent-created change that keeps raising review questions.
You can share expected test, lint, typecheck, build, or smoke commands when they exist.
An engineering owner will review generated files before adopting them.

Separate Work

Production sandboxing, complete policy enforcement, compliance certification, application security review, model benchmarking, reliability lift measurement, productivity lift measurement, ongoing monitoring, and multi-repo governance require separate work.

Request the audit