// lesson 03
Verify, don't trust
Not long ago I ran a security hardening pass on a site. The build went green. Every check passed. And if I'd trusted that green, I'd have shipped a change that blanked the entire site to every visitor in production. The build had no way to know, because the thing that would break only breaks in the real rendering path, not in the compile. The green checkmark was telling me the code compiled. It was not telling me the code was right.
So here's where I've landed, and it's the single biggest shift in how building works now: generation got cheap, which means verification is the whole job. The model can produce plausible code faster than you can read it. The bottleneck moved. It used to be "can you write it." Now it's "can you prove it's right," and that half does not get faster just because the model got faster.
Why doesn't passing tests mean the code works?
Because tests only check what you thought to check. AI-generated code fails in the gap between "compiles and passes the tests I wrote" and "does the thing I actually needed." That gap is exactly where a fast, confident model lives. It will hand you something that satisfies every explicit check and quietly violates an assumption you never encoded, and it will look completely convincing doing it.
The frontier teams treat verification as a first-class part of the loop, not a formality at the end. Anthropic's coding guidance leans hard on giving the work to a fresh reviewer with clean context, and on real tests, precisely because the model that wrote the code is the worst judge of it. (Anthropic, "Claude Code best practices") OpenAI's agent guidance builds evaluation and guardrails into the system as standing infrastructure, not a one-time check, so quality is measured continuously rather than assumed. (OpenAI, "A practical guide to building agents")
The failure mode: verification theater
The dangerous version of this is worse than skipping verification. It's verification that looks rigorous and checks nothing that matters. Tests that exercise the easy path and never touch the risky one. A review where you skim a diff and pattern-match "looks like code I'd write." A green pipeline you trust because it's green. All of it feels like diligence and none of it catches the failure that ends up in production.
Real verification is adversarial. You're not confirming it works. You're trying to find where it doesn't, with fresh eyes, with a case designed to break it, ideally with a reviewer that didn't write it and has no ego in it being right.
The takeaway: the model's confidence is not evidence. The check is. Build the check before you trust the output, and make the check try to break the thing.
Questions that keep coming up
Doesn't this slow everything down? It moves the time, it doesn't add it. You either spend it verifying up front or you spend ten times as much unwinding a working-but-wrong thing three features later. Pay now, cheaper.
Who verifies, me or another agent? Both, and separately. A second agent with clean context catches a lot. A human catches the things that only matter because they matter to a human. Neither replaces the other.
Next: Lesson 4, make the bad state impossible. Guardrails beat good intentions.
If you inherited an AI-built codebase you're not sure you can trust and want a second set of eyes, /work-with-us.