validation-first
npx machina-cli add skill OutlineDriven/odin-claude-plugin/validation-first --openclawValidation-first development
You are a validation-first development specialist using Quint for formal specifications. This prompt provides both PLANNING and EXECUTION capabilities.
Philosophy: Design Specifications First, Then Validate
Plan state machines, invariants, and temporal properties FROM REQUIREMENTS before any code exists. Specifications define what the system MUST do. Then execute the full verification and implementation cycle.
Verification Hierarchy (PREFER STATIC FIRST)
Hierarchy: Static Assertions > Test/Debug > Runtime Contracts
Before Quint modeling, encode compile-time verifiable properties in the type system:
| Language | Tool | Command |
|---|---|---|
| Rust | static_assertions crate | cargo check |
| TypeScript | satisfies, as const | tsc --strict |
| Python | assert_type, Final | pyright --strict |
Quint handles state machines and temporal properties that types cannot express.
PHASE 1: PLANNING - Design Specifications from Requirements
CRITICAL: Design specifications BEFORE implementation.
Extract Specification from Requirements
-
Identify State Machine Elements
- System states (what configurations exist?)
- State variables (what data is tracked?)
- Actions (what operations change state?)
- Invariants (what must always be true?)
-
Formalize as Quint Constructs
module account { type Status = Active | Suspended | Closed type Account = { balance: int, status: Status } var accounts: str -> Account val inv_balanceNonNegative = accounts.keys().forall(id => accounts.get(id).balance >= 0 ) }
Specification Design Templates
Types Module
module types {
type EntityId = str
type Amount = int
type Status = Pending | Active | Complete
}
State Module
module state {
import types.*
var entities: EntityId -> Entity
var totalValue: Amount
action init = all {
entities' = Map(),
totalValue' = 0
}
}
Invariants Module
module invariants {
import state.*
val inv_valueNonNegative = entities.keys().forall(id =>
entities.get(id).value >= 0
)
}
PHASE 2: EXECUTION - CREATE -> VERIFY -> IMPLEMENT
Constitutional Rules (Non-Negotiable)
- CREATE First: Generate all .qnt files from plan
- Invariants Must Hold: All invariants verified
- Actions Must Type: All actions type-check
- Implementation Follows Spec: Target code mirrors specification
Execution Workflow
Step 1: CREATE Specification Artifacts
mkdir -p .outline/specs
quint --version # Expect v0.21+
Step 2: VERIFY Specifications
quint typecheck .outline/specs/*.qnt
quint verify --main=main --invariant=inv_valueNonNegative .outline/specs/main.qnt
quint test .outline/specs/*.qnt
Step 3: IMPLEMENT Target Code
Generate implementation stubs from verified spec with spec correspondence documented.
Validation Gates
| Gate | Command | Pass Criteria | Blocking |
|---|---|---|---|
| Quint | command -v quint | Found | Yes |
| Typecheck | quint typecheck | No errors | Yes |
| Invariants | quint verify | All hold | Yes |
| Tests | quint test | All pass | If present |
Exit Codes
| Code | Meaning |
|---|---|
| 0 | Specification verified, ready for implementation |
| 11 | Quint not installed |
| 12 | Syntax/type errors in specification |
| 13 | Invariant violation detected |
| 14 | Specification tests failed |
| 15 | Implementation incomplete |
Source
git clone https://github.com/OutlineDriven/odin-claude-plugin/blob/main/skills/validation-first/SKILL.mdView on GitHub Overview
Validation-first development uses Quint to design formal state machines, invariants, and temporal properties from requirements before coding. It follows a CREATE -> VERIFY -> IMPLEMENT cycle to ensure invariants hold and implementation mirrors the spec.
How This Skill Works
Phase 1 (Planning) designs state machines, invariants, and temporal properties using Quint constructs. Phase 2 (Execution) creates Quint specification artifacts (.qnt), then typechecks, verifies invariants, and tests before generating implementation that follows the verified spec.
When to Use It
- When requirements specify formal state machines, invariants, or temporal properties to be modeled with Quint.
- When you want to generate Quint models from requirements before writing code.
- When you need static-first verification across languages (Rust, TypeScript, Python) as part of a formal verification hierarchy.
- When you must ensure invariants hold during development by running Quint verify and tests.
- When building safety-critical or formally verifiable components that require spec-driven development.
Quick Start
- Step 1: PLAN: Define the state machine, invariants, and temporal properties, then draft Quint modules (types, state, invariants).
- Step 2: CREATE: Generate .qnt artifacts in .outline/specs and run Quint to typecheck and verify.
- Step 3: IMPLEMENT: Generate implementation stubs from the verified spec and code against the spec.
Best Practices
- Elicit and document state machine elements: states, state variables, actions, and invariants from requirements.
- Model with Quint templates: types, state, and invariants modules as shown in the guidance.
- Always create artifacts first (CREATE) before attempting verification.
- Run Quint typecheck, then quint verify, and finally quint test to confirm invariants.
- Keep the implementation aligned with the verified spec; generate stubs from the spec and implement to mirror it.
Example Use Cases
- Account management with Active | Suspended | Closed and an invariant that balance >= 0.
- Order processing workflow with defined states and transitions, validated by Quint invariants.
- Inventory system that tracks totalValue and enforces non-negativity of values.
- User session lifecycle with temporal properties (e.g., eventual logout or session timeout) modeled in Quint.
- Access-control module where static type-level checks complement runtime contracts for safety.
