Cold Validation Launches Open-Source Agent Review
Cold Validation is an open-source agent-verification workflow that keeps the builder and reviewer separated, with Claude Code building plans and code, Codex CLI auditing only artifacts in an isolated temp directory with no repo access, and an orchestrator enforcing phase gates, fingerprinting findings, and emitting an auditable acceptance report. The repo ships under Apache 2.0 and includes 35 mechanical tests to keep the workflow deterministic.
This is less a flashy agent framework than a governance primitive, and that is why it matters. It turns code review into a reproducible control with real separation of duties, instead of another AI second opinion with the builder's memory still attached.
- –Zero shared context is the right abstraction here: the reviewer sees only artifacts, so the audit is about evidence, not the builder's hidden rationale.
- –Fingerprints on findings are a practical antidote to review churn; resolved issues stay resolved instead of reappearing under new IDs.
- –The orchestrator overriding a naive pass verdict is important because it makes policy and blocking findings higher authority than model confidence.
- –The repo is intentionally lightweight and shell-heavy, which is a feature for a control layer. The 35 mechanical tests suggest they are trying to prove determinism, not just demo a prompt.
DISCOVERED
18d ago
2026-03-25
PUBLISHED
18d ago
2026-03-25
RELEVANCE
AUTHOR
cyberamyntas