1. The intent is specific
The PR links one issue, names the exact behavior changed, and states what should be true after merge.
Public PR proof triage
Do not review the AI PR until the proof is real.
Maintainer time is the scarce resource. This checklist turns a vague AI-generated pull request into a simple review decision: proof is sufficient, proof is missing, or the PR should stop before human review.
Minimum proof before review
2. The scope is bounded
Changed files match the issue. No drive-by refactor, dependency churn, generated noise, or unrelated cleanup.
3. The commands are shown
Build, test, lint, typecheck, and relevant smoke commands are listed with pass/fail status and timestamps.
4. The risky path is exercised
The PR proves the user-visible route, API path, CLI command, migration, or workflow it claims to change.
5. The reviewer gets artifacts
Screenshots, logs, report links, CI URLs, changed-file summaries, or before/after output are attached.
6. The stop rule is explicit
If proof is missing, stale, too broad, security/legal/compliance-sensitive, or requires secrets, stop.
Proof request generator
The output is a maintainer comment that asks for evidence before review. It avoids secrets, private data, credentials, and internal-only links. If you enter a public PR URL, the audit handoff keeps that exact PR attached.
Maintainer proof request
Fast decision
Review it
All six checks pass, the diff is small enough to inspect, and the remaining judgment is product or code quality.
Send it back
Any proof gate is missing. Ask for evidence before spending maintainer review time.
Close it
The PR ignores contribution rules, looks automated at scale, touches sensitive areas, or cannot be verified safely.
Escalate it
If one public PR needs outside proof, use the fixed-price AgentProof Mini Audit and keep it async.
AgentProof Mini Audit covers one public PR, repo, app, or demo.
The deliverable is a written proof report with command results, review-risk signals, first fixes, and stop rules. No calls, credentials, private repo access, private customer data, or compliance advice.