athola/risk-classification

Table of Contents

• Overview
• When to Use
• 4-Tier Risk Model
• Hybrid Routing
• Task Metadata Extension
• Module Reference
• Integration Pattern
• Exit Criteria

Risk Classification

Overview

Provides inline risk classification for agent tasks using a 4-tier model (GREEN/YELLOW/RED/CRITICAL). Uses fast heuristic file-pattern matching for low-risk tiers and delegates to Skill(attune:war-room-checkpoint) for high-risk tiers requiring full reversibility scoring.

When To Use

• Assessing risk of tasks before agent assignment
• Determining verification requirements for task completion
• Deciding parallel execution safety between tasks
• Adding risk markers to task checklists

When NOT To Use

• Single-file trivial changes (assume GREEN)
• Strategic architecture decisions (use full Skill(attune:war-room) instead)
• Non-code tasks (documentation-only, configuration comments)

4-Tier Risk Model

| Tier | Color | Scope | Example | Verification | |------|-------|-------|---------|-------------| | GREEN | Safe | Single file, trivial revert | Test files, docs, utils | None required | | YELLOW | Caution | Module-level, user-visible | Components, routes, views | Conflict check and test pass | | RED | Danger | Cross-module, security/data | Migrations, auth, database schema | War-room RS, full test, and review | | CRITICAL | Stop | Irreversible, regulated | Data deletion, production deploy | War-room RS and human approval |

Hybrid Routing

Task received
    |
    v
Heuristic classifier (file patterns)
    |
    ├── GREEN/YELLOW → Apply tier, continue
    |
    └── RED/CRITICAL → Invoke Skill(attune:war-room-checkpoint)
                        for reversibility scoring (RS)
                        |
                        └── RS confirms or adjusts tier

Why hybrid: GREEN/YELLOW classification is fast and deterministic (file pattern matching). RED/CRITICAL tasks warrant the overhead of full reversibility analysis because the cost of getting them wrong is high.

Task Metadata Extension

Add risk tier to task metadata for downstream consumption:

{
  "id": "5",
  "subject": "Add user authentication",
  "metadata": {
    "risk_tier": "YELLOW",
    "risk_reason": "Modifies src/components/LoginForm.tsx (user-visible component)",
    "classified_at": "2026-02-07T22:00:00Z"
  }
}

Tasks without risk_tier metadata default to GREEN (backward compatible).

Readiness Levels

The 4-tier Readiness Levels system provides clear risk classification with required controls per tier:

| Level | Name | When | Required Controls | |-------|------|------|-------------------| | 0 | Routine | Low blast radius, easy rollback | Basic validation, rollback step | | 1 | Watch | User-visible changes | Review, negative test, rollback note | | 2 | Elevated | Security/compliance/data | Adversarial review, risk checklist | | 3 | Critical | Irreversible, regulated | Human confirmation, two-step verification |

See modules/readiness-levels.md for full level definitions, selection decision tree, and integration guidance.

Module Reference

• tier-definitions.md: Detailed tier criteria, boundaries, and override mechanism
• heuristic-classifier.md: File-pattern rules for automated classification
• verification-gates.md: Per-tier verification requirements and parallel safety matrix
• readiness-levels.md: 4-tier risk system with required controls per level

Integration Pattern

# In your skill's frontmatter
dependencies: [leyline:risk-classification]

For Task Generators

Append [R:TIER] marker to task format:

- [ ] T012 [P] [US1] [R:YELLOW] Create LoginForm component in src/components/LoginForm.tsx

For Orchestrators

Check risk tier before task assignment:

if task.risk_tier in ["RED", "CRITICAL"]:
    invoke Skill(attune:war-room-checkpoint) for RS scoring
    if CRITICAL: require human approval before proceeding

Exit Criteria

• Every task has a risk tier assigned (explicit or default GREEN)
• RED/CRITICAL tasks have war-room-checkpoint RS scores
• Verification gates passed for the assigned tier
• No parallel execution of prohibited tier combinations