Generated code should enter a repository through the same narrow door as human code.
That door is not “the agent said the task succeeded.” It is a deterministic sequence: inspect the patch, classify risky paths, run repository checks, require the right reviewer, and only then allow a merge.
This tutorial builds the first gate as a small POSIX shell script. It does not judge whether the implementation is correct. It rejects patches that are too large for the chosen review budget, touch sensitive paths without escalation, or contain whitespace and conflict-marker errors detected by Git.
Define what the gate owns
The gate answers three questions:






