How we build software. Verified at every step.
Prism is Project Assistant’s internal AI development framework — 39 specialist agents coordinated by a single orchestrator, running every feature through mandatory quality gates before a line of code ships.
The Problem
The AI coding crisis no one talks about in their demos
Most AI-generated code looks fine until it fails in production. That’s not an edge case — it’s the default.
45% of AI-generated code contains OWASP Top 10 vulnerabilities. Missing input validation, hardcoded secrets, open API endpoints — introduced silently, discovered expensively.
70% of AI-generated pull requests are rejected during code review, versus ~30% for human-written code. The review burden doesn’t shrink. It grows.
40% of developers spend 2–5 working days per month debugging and refactoring AI-generated technical debt. Faster in, slower out.
A METR study found developers thought they were 20% faster. They were actually 19% slower. AI tools make work feel faster while introducing invisible rework.
95% of enterprise AI pilots fail to deliver measurable ROI. The issue isn’t the model. It’s the absence of process.
We built Prism to solve the process problem. Here’s how it works.
How It Works
The pipeline that runs under every project we build
Every feature we build for clients runs through the same structured pipeline. There are no shortcuts for ‘simple’ features. There are no skipped stages when timelines get tight. The gates exist because production failures are more expensive than the time gates save.
Pipeline stages:
- 1. Strategy: Codebase evaluation, architecture analysis, and complexity assessment before a line is written.
- 2. Requirements: Every feature is documented with explicit acceptance criteria and data-testid selectors before implementation begins.
- 3. Requirements Audit (Quality Gate): A dedicated auditor agent reviews the requirements document. No implementation starts until status is APPROVED.
- 4. Implementation: Test-driven development with Vitest. Tests are written first; implementation follows the red-green-refactor cycle.
- 5. Implementation Audit (Quality Gate): The implementation auditor reviews all code changes. Codex CLI runs automated quality analysis. Must reach 10/10 before testing.
- 6. Testing: Playwright E2E tests for every user-visible change. 100% pass rate required — partial passes are not accepted.
- 7. Pull Request: PR created via Bitbucket API after all gates pass. Pipeline checkpoint verification runs before the branch is submitted.
Codebase evaluation, architecture analysis, and complexity assessment before a line is written.
Every feature is documented with explicit acceptance criteria and data-testid selectors before implementation begins.
A dedicated auditor agent reviews the requirements document. No implementation starts until status is APPROVED.
Test-driven development with Vitest. Tests are written first; implementation follows the red-green-refactor cycle.
The implementation auditor reviews all code changes. Codex CLI runs automated quality analysis. Must reach 10/10 before testing.
Playwright E2E tests for every user-visible change. 100% pass rate required — partial passes are not accepted.
PR created via Bitbucket API after all gates pass. Pipeline checkpoint verification runs before the branch is submitted.
Quality gates are not optional. There are no flags to skip them. No ‘docs-only’ exceptions. No ‘pre-existing issue’ carve-outs. Code that fails an audit gets fixed before it ships.
The Agents
Specialists, not generalists
Each agent is purpose-built for a single responsibility. The orchestrator coordinates them into a pipeline that enforces quality at every stage.
Requirements
Requirements author
Implementation
TDD code generation
Auditor
Code review and QA
Testing
Test execution and validation
Requirements Auditor
Requirements review
Requirements Codex
Codex-optimized requirements
By the Numbers
These numbers come from actual projects, not benchmarks
Ships Anywhere
One framework. Eight deployment targets.
Ship to any infrastructure, any cloud, any stack.
Not Vibe Coding
The difference is process, not model
Generates code in one shot
Multi-phase pipeline with gate enforcement
No verification process
Requirements audited before code is written
Developer checks manually
Codex CLI validates every implementation phase
Context lost between sessions
Cross-project memory and pattern detection
Ships when “it looks right”
Ships when 100% of tests pass
No audit trail
Full audit trail at every stage
Generates code in one shot
Multi-phase pipeline with gate enforcement
No verification process
Requirements audited before code is written
Developer checks manually
Codex CLI validates every implementation phase
Context lost between sessions
Cross-project memory and pattern detection
Ships when “it looks right”
Ships when 100% of tests pass
No audit trail
Full audit trail at every stage
Every Project Gets
Transparency you can show clients. Documentation you can maintain.
Full audit trail
Every decision, every audit, every PR. Timestamped and committed.
Requirements you can review
Plain-language REQs in docs/requirements/. No black box.
Compliance-ready records
Implementation and audit reports at every stage.
Context that persists
Cross-session memory means the next feature starts informed.