Agent-Ready SDLC Checklist (Contracts, Gates, Provenance)

Use this to retrofit one high-value repo before rolling agents across the org. The goal isn’t “more AI.” The goal is reproducible, auditable change with least privilege.

1) Define contracts (versioned, reviewable)
- Interface: OpenAPI/AsyncAPI/protobuf/JSON Schema checked into the repo.
- Compatibility: add checks for backward compatibility where applicable (e.g., OpenAPI breaking-change checks, consumer contract tests).
- Data changes: document migration rules (expand/contract approach, rollback expectations).
- Operational invariants: define required logging/metrics for new endpoints and background jobs.

2) Put gates in Git hosting
- Enable branch protection on default branches (no direct pushes).
- Require status checks (tests, lint, typecheck, security scans) before merge.
- Add CODEOWNERS for sensitive paths (auth, billing, infra/IaC, crypto, PII-handling code).
- Require review from code owners for those paths.

3) Lock down agent permissions
- Use short-lived tokens for automation; avoid long-lived PATs for bots.
- Scope tokens to the minimum repo permissions (read-only unless opening PRs requires write).
- Prevent agents from merging their own PRs.
- If agents run tools (tests/builds), run them in ephemeral CI environments with restricted network egress where feasible.

4) Make agent work reproducible
- Pin toolchains (language runtime versions, formatter/linter versions, build images).
- Store an “agent run record” as a CI artifact: task description, constraints, files touched, tool calls, base SHA, resulting patch SHA.
- Ensure CI logs preserve the commands executed by the agent runner.

5) Force legible pull requests
- Require a PR template with structured fields: intent, scope, risk, rollout, rollback.
- Encourage split PRs by concern: refactors separate from behavior; dependency bumps separate from features.
- Block changes that add new dependencies unless a dependency policy check passes.

6) Add security and supply-chain basics
- Turn on secret scanning (GitHub Advanced Security if available, or equivalent tooling).
- Use dependency scanning and lockfiles; keep Dependabot (or equivalent) enabled.
- Add license policy checks if you ship commercially.
- For IaC: add policy-as-code checks (e.g., disallow public S3 buckets; require encryption; restrict security group rules).

7) Run an “agent threat drill”
- Simulate an agent that attempts to: modify auth logic, add a dependency, change IaC, and edit database migrations.
- Verify each attempt triggers the right owners, checks, and blocks.
- Document what slipped through and fix the gate.

Definition of done
You can answer, for any merged agent PR: who approved it, which checks passed, what constraints were declared, what files changed, what commands ran, and how to reproduce the run from the same base SHA.