| kill-switch-path | contract_spec | fail | warning | CDPD-§9, SOC2-CC7.5 | The MR modifies a critical hot path (`charge_invoice`) but does not include a feature flag or explicit rollback documentation. |
| auth-on-new-public-endpoints | security | pass | blocker | SOC2-CC6.1, OWASP-ASVS-V1 | The diff modifies an internal service function, not a new public endpoint. |
| contract-has-spec-link | contract_spec | pass | warning | CDPD-§3, ISO-27001-A.14.2.1 | MR description includes 'Closes #305' linking to a spec issue. |
| dependency-advisory-check | security | pass | blocker | SOC2-CC7.1, ISO-27001-A.12.6.1, NIST-SA-11 | No new dependencies are added, and no dependency versions are explicitly changed in the diff. |
| error-budget-impact-declared | operational | pass | warning | SOC2-CC4.1 | The MR description explicitly states a 'Net latency improvement target ~40% on p95,' which directly addresses performance and implicitly the error budget. |
| integration-boundaries-explicit | contract_spec | pass | warning | CDPD-§6, ISO-27001-A.14.2.5 | The change is an internal refactor of an existing Stripe integration; no new external contract documentation is required. |
| no-commented-out-code | quality | pass | info | SOC2-CC8.1 | No blocks of commented-out code (3+ consecutive lines) were added. |
| no-secrets-in-diff | security | pass | blocker | SOC2-CC6.1, ISO-27001-A.9.4.3, OWASP-ASVS-V2 | No secret patterns were detected in the diff. |
| no-skipped-tests-introduced | quality | pass | error | SOC2-CC8.1 | No test files are present in the diff, so no skipped tests were introduced. |
| observability-on-new-endpoints | operational | pass | warning | SOC2-CC7.2, ISO-27001-A.12.4.1 | The diff modifies an internal service function, not a new HTTP/gRPC endpoint. Existing logging is preserved. |
| rollback-documented-for-migrations | operational | pass | error | SOC2-CC7.5, ISO-27001-A.14.2.2 | The diff does not contain database migration files. |
| spec-implementation-match | contract_spec | pass | error | CDPD-§7 | The diff implements the described parallelization of metadata lookup and Stripe call within `charge_invoice`. |
| acceptance-criteria-testable | contract_spec | skip | warning | CDPD-§5, SOC2-CC8.1 | No test diff provided to verify acceptance criteria against the stated latency improvement target. |
| changed-method-coverage | quality | skip | error | SOC2-CC8.1, ISO-27001-A.14.2.8 | No test files provided in the diff to assess coverage of the modified `charge_invoice` method. |
| mutation-resilience-critical-paths | quality | skip | warning | SOC2-CC8.1 | Cannot access repo metadata to identify `critical_path: true` files or mutation test results. |