shipping-artifacts
Shipping Artifacts: The Docs That Make AI-Built Code Reviewable
Purpose
AI agents write code fast, but they leave no durable record of intent — what the system is supposed to do, who is allowed to do what, where the secrets live, which rules are actually verified. Without that record, no human (and no auditing agent) can tell whether the code is safe to ship. This skill defines the small set of documents that restore reviewability.
These docs live in /documentation/ and are written for two readers: a human reviewer and the next AI coding agent. They are the intended-state half of every later audit — a security or performance review is only as good as the intent it can compare the code against.
How the set is organized
The set is not a fixed list — it is a small core plus conditional docs you add only when the capability exists.
- Core docs — every reviewable app has these surfaces, so always produce them.
- Conditional docs — include one only if the app actually has that capability. If it doesn't, write a single line in
architecture.md("No scheduled work — nocron.md.") rather than inventing an empty document. Reviewability comes from an honest map, and "we don't do X" is part of the map. - Most docs are reverse-engineered from code by
/document-app. The one exception istests.md, which is derived from the other docs by/derive-tests— it is the verification map, not a description of a subsystem.
Be brutally honest about the current state without being paranoid. The job is an accurate map, not a clean bill of health. Each doc is short, table-and-bullet heavy, and skips generic theory.