[FEATURE] Native DIL (Decision & Intent Language) Integration for Deterministic Task Verification
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Claude Code is powerful but non-deterministic by design. When an agent says "Done!", there's no reliable way to verify whether the task actually succeeded. This makes Claude Code unsuitable for CI/CD pipelines and enterprise automation where deterministic outcomes are required.
Current state:
$ claude -p "Add JWT authentication"
> Done! I added JWT authentication.
# But did it actually work? Tests pass? No secrets leaked?
Related issues describe this same fundamental problem:
- #7962 (Super Code Intelligence) - proposes verification gates
- #4784 (Deterministic Command Chaining) - wants reliable CI/CD sequences
- #3370 (Non-deterministic output) - documents the reproducibility problem
- #4831 (OnToolError Hook) - seeks better error handling
These proposals try to solve the problem from inside Claude Code (hooks, config, settings). I propose a complementary approach: an external specification language that verifies outcomes independently of model behavior.
Proposed Solution
DIL Integration
DIL (Decision & Intent Language) is an open-source specification language I've built that adds a deterministic verification layer on top of AI agents.
Core concept: The agent executes freely, but DIL—not the LLM—decides correctness.
How it works
DIL:spec v0
system "AddJWTAuth" {
intents {
intent I1 "Add JWT authentication to API"
validations: [V1, V2, V3]
}
constraints {
constraint C1 "No hardcoded secrets"
severity: HARD
validations: [V4]
}
validations {
// Gate 1: File structure
validate V1 "auth.ts exists"
run: "test -f src/auth.ts"
// Gate 2: Functionality (requires Gate 1)
validate V2 "TypeScript compiles"
run: "npx tsc --noEmit"
validate V3 "Tests pass"
run: "npm test"
// Constraint check
validate V4 "No secrets in code"
run: "! grep -r 'secret.*=' src/"
}
}
Three deterministic exit codes
| Exit | State | Meaning |
|------|-------|---------|
| 0 | COMPLETED | All gates verified |
| 1 | FAILED | Validation failed |
| 2 | UNKNOWN | Cannot determine |
Proposed integration
# Option A: CLI flag
claude --spec auth.dil -p "Add JWT authentication"
# Option B: Auto-generate spec from prompt
claude --generate-spec -p "Add JWT authentication" > auth.dil
# Option C: Project config (.claude/specs/*.dil)
claude -p "Add JWT authentication" # auto-discovers spec
What Already Exists
I've built a working implementation: github.com/cart144/dil
Implemented:
- Complete language specification (formal EBNF grammar)
- TypeScript validator and parser
- CLI tool (
dil validate,dil verify,dil agent) - Test corpus with golden files
- 15+ specification documents
Stats: 83% TypeScript, 11% Shell, 6% JS
Already works with Claude Code today:
dil agent spec.dil -- claude -p "your task here"
Why This Matters
| Without DIL | With DIL |
|-------------|----------|
| "I think it worked" | COMPLETED (exit 0) |
| Manual verification | Automated gates |
| Can't use in CI/CD | Safe for pipelines |
| Hope-based deployment | Verified deployment |
Possible Integration Points
- CLI flag (
--spec task.dil) to run verification after agent completion - Project-level config (
.claude/specs/*.dil) for auto-discovery - Exit code propagation for CI/CD compatibility
- Optional spec generation from natural language prompts
Open to discussion on implementation approach.
Alternative Solutions
_No response_
Priority
High - Significant impact on productivity
Feature Category
CLI commands and flags
Use Case Example
Scenario: Database migration in a production codebase. The task has strict requirements that the agent might "forget" or misinterpret mid-execution.
The problem DIL solves
Claude Code already runs tests, but:
- The agent decides when it's "done" — not a specification
- No ordered gates — can't enforce "schema valid BEFORE data migration"
- No hard constraints — agent might proceed despite violations
- No deterministic exit — CI can't reliably branch on success/failure
- Self-evaluation — the LLM judges its own work
With DIL: External, declarative verification
Step 1: Define success criteria upfront (not in natural language that can be misinterpreted)
DIL:spec v0
system "DBMigration" {
intents {
intent I1 "Add user preferences table"
validations: [V1, V2, V3] # Ordered gates
}
constraints {
constraint C1 "Migration must be reversible"
severity: HARD # Blocks completion even if tests pass
validations: [V4]
constraint C2 "No data loss"
severity: HARD
validations: [V5]
}
validations {
# Gate 1: Schema valid (must pass before Gate 2 runs)
validate V1 "Migration file is valid SQL"
run: "psql --dry-run -f migrations/latest.sql"
# Gate 2: Apply works (only runs if Gate 1 passed)
validate V2 "Migration applies cleanly"
run: "npm run migrate:test"
# Gate 3: App still works
validate V3 "Integration tests pass"
run: "npm run test:integration"
# Hard constraints (checked independently)
validate V4 "Down migration exists and works"
run: "npm run migrate:down && npm run migrate:up"
validate V5 "Row counts preserved"
run: "./scripts/verify-row-counts.sh"
}
}
Step 2: Run with spec
$ claude --spec db-migration.dil -p "Add user preferences table with columns: theme, language, notifications"
# Agent generates migration...
# DIL verification (not agent self-assessment):
✓ V1 "Migration file is valid SQL" - OK
✓ V2 "Migration applies cleanly" - OK
✓ V3 "Integration tests pass" - OK
✗ V4 "Down migration exists" - FAILED
→ Agent forgot to write the rollback migration
# FAILED (exit 1) — not COMPLETED
# Agent cannot claim "done" — DIL decides
Step 3: CI pipeline trusts the exit code
- name: Run migration task
run: claude --spec .claude/specs/db-migration.dil -p "$TASK"
- name: Deploy if verified
if: ${{ success() }} # Only runs on exit 0
run: ./deploy.sh
Key difference
| Claude Code today | With DIL |
|-------------------|----------|
| Agent says "Done, I ran the tests" | DIL says "COMPLETED" or "FAILED" |
| Agent interprets requirements | Spec declares requirements formally |
| Tests run when agent decides | Gates run in defined order |
| Soft failures (agent might continue) | HARD constraints block completion |
| Exit 0 = "agent finished" | Exit 0 = "all validations passed" |
The spec is the contract. The agent's opinion is irrelevant — only the verification results matter.
Additional Context
The implementation is Apache 2.0 licensed and available for use, reference, or inspiration. Happy to answer questions, provide technical details, or collaborate on integration if there's interest.
Links:
- Repository: github.com/cart144/dil
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗