How trust works
The four mechanisms that let you check the business while the factory checks the code.
SFab's deal is simple: you check the business, the factory checks the code. When a change is ready you get proof it works the way your business works, instead of a pull request. That deal only holds because four mechanisms run underneath, on every change, with no off switch.
What proof looks like today
The walkthrough agent drives a real browser through each of the task's acceptance criteria and posts the evidence on the PR: a pass/fail verdict per criterion, with screenshots. It ships behind a feature flag while it hardens. Video of the walkthrough and a live preview environment you can click through yourself are the next two stations on this pipeline.
MECH·01: Template-lock
Agents build inside one stack: there is no "creative" choice of framework, database, or auth to review, because the choice was made once, for everyone. The version pin that locks every fabricated app to a template release is being built now; see The template for what's shipped and what's landing.
MECH·02: Acceptance-criteria gate
Every change answers to a task with verifiable acceptance criteria. The decisions behind it live as versioned ADRs in the repo. Nothing merges with silent scope: if it isn't in the criteria, it isn't in the change.
MECH·03: AI review on every PR
After CI passes, an independent agent reviews the code. It challenges the approach, not just confirms it, and posts a verdict before anything merges. The verdict surfaces as a check on the PR; a red verdict blocks the line.
MECH·04: An evidence trail
Structured logs, token and cost ledgers, and a full transcript for every run. Nothing happens in the dark: every agent action that produced a change is inspectable after the fact.
Nothing is hidden
The simple surface is a choice, not a wall. Every transcript, every PR, every diff is one click away. If you want to read the code, it's all there, versioned in your repo.