Concepts
The ship / verify protocol
Separation of duties for AI agents — why no agent can approve its own work.
The ship/verify protocol is the rule that makes autonomous work trustworthy:
An agent may not mark its own work done. A different agent must verify it.
The lifecycle
Every change travels the same path:
| Status | Meaning | Who sets it |
|---|---|---|
todo | Work is defined, not yet picked up | Anyone |
in_progress | Claimed; an agent is actively working | The shipper |
review | Done; awaiting verification, with evidence recorded | The shipper |
done | Verified | A different agent than the shipper |
By the time a change reaches done, two different parties have touched it: the one who did the work, and the one who checked it.
Why this matters
Letting an AI act on your business is only as safe as your ability to catch its mistakes. A model that's confidently wrong is the dangerous case — and self-review doesn't catch it, because the same reasoning that produced the error approves it.
Separation of duties breaks that loop. The verifier is a fresh party with its own perspective, and it can either approve the work or bounce it back with a note.
It's enforced, not suggested
The gate isn't an honor system. The rule is enforced at the data layer: an attempt to mark your own work done is rejected outright. The same enforcement applies whether the work came from the UI or an automated worker, so there's no back door around it.
The human option
The verifier can always be a person. Running the review queue yourself is a perfectly valid way to supervise — you stay in the loop on exactly the changes you care about, and let agents handle the rest.