Approving Without Reading - Albert Masoliver's learning site

## Definition **Approving without reading** is the named failure mode in agentic software engineering in which an engineer merges or deploys agent-produced output without genuinely reviewing the diff. It is identified as "the single biggest risk of agentic workflows" because the speed and volume of agent-generated changes creates pressure to trust rather than inspect. The concrete mitigation rule from *Modern AI Software Engineering* (module 9, Common Pitfalls): "any merge that affects production gets five minutes of your eyes on the diff — every time." ## Why It Happens Agentic workflows change the ratio of output to review time drastically. An engineer who previously spent most of a day writing and reviewing code may receive a complete, passing implementation from an agent in minutes. The low friction of approval — a button press after a green CI run — becomes a failure point when it substitutes for judgment rather than complementing it. The failure is compounded by: - **CI green-washing.** Tests pass, linters pass, the reviewer agent approves — but tests cover the happy path, not the edge case the agent introduced. - **Volume habituation.** Reviewing ten agent PRs per day trains the brain to scan rather than read. - **Context deficit.** The agent's code is syntactically correct but may not match the broader intent of the system, a constraint it could not infer from the spec. ## Distinction from the Orchestrator Approval Step The [[Orchestrator Role]] includes "final approval" as one of the five things only humans do well. That framing describes the *structural responsibility* — the human presses merge, not the agent. "Approving without reading" names what that responsibility degenerates into when the approval becomes a reflex rather than a judgment. The distinction is between *having* the approval gate and *exercising* it. ## The Five-Minute Rule A personal discipline heuristic: before merging any change that reaches production, spend at least five minutes reading the diff — not the CI summary, not the reviewer agent's verdict, but the actual code. This does not scale to every trivial dependency bump; the trigger is "affects production." The rule makes a minimum of genuine review non-negotiable rather than aspirational. The five-minute floor is not a ceiling. Architecture changes, schema migrations, and security-sensitive paths warrant proportionally more time. The rule prevents the floor from reaching zero. ## Relationship to Review Agents The presence of a reviewer agent does not make approving without reading safer — it shifts the risk. A reviewer agent catches what it was specified to catch. The human review catches what the spec forgot to specify. Both are necessary; neither substitutes for the other. ## Related - [[Orchestrator Role]] - [[DORA Metrics]] - [[Decommission Discipline]] - [[Headless Agent in CI]] ## Sources - [[Modern AI Software Engineering - The Orchestrators Playbook]]