# Drift Checklist — 10 questions to ask after every long agent run

Agent drift is silent. The run didn't error — it just stopped being about *your* goal.
Run this list before you trust the branch.

1. **Did the final changes match the first thing I asked for?** Or did the goal morph?
2. **Is there a rename / cosmetic change** bundled into a "fix"? (Renames are classic drift camouflage.)
3. **Did it refactor something I didn't ask about?** (middleware, utils, "while I'm here"…)
4. **Did the scope grow** from "fix X" to "also improve the whole module"?
5. **Are there edits outside the files the goal implied?** (e.g. auth fix touching 14 unrelated files)
6. **Did a test start failing, then get "fixed" by relaxing the test** instead of the code?
7. **Did it push / merge / deploy** without an explicit approval step from me?
8. **Are there secrets in the diff?** (keys, tokens, `.env` — scan before commit)
9. **Did it leave TODO/FIXME/HACK** markers that mean "not actually done"?
10. **Would I ship this blind?** If the honest answer is "I'd re-read everything first" — that's drift risk.

If you answered "yes" to 2+ of these, the run drifted. Automate the check:
`npx rundown <session.json>` → Drift detector flags the exact turn the goal shifted.
