SPM
Diagrams

The Ultimate AI PM workflow, drawn.

Editorial diagrams — no Mermaid slop. One master loop, one per stage. Use them to align a team, hand to a client, or stick on a wall.

Master diagram

Ultimate AI PM workflow

Zero to hero, idea to prod, red to green — the full 13-stage loop.

The Ultimate AI PM Workflow — idea to prod, red to green, Vx → Vx+113 stages · TDD-shaped · every gate is binaryVisionproblem + outcomeJSXclickable mockupPRDuser outcomesSpecinterfaces + ACTestsfailing firstQA failred gateredBuild Vxagent writes codeQA passgreen gateUAThuman reviewUAT updatestriage P0/P1Security/security-reviewProdcanary → rampVx + 1 — telemetry + UAT triage feed the next visionLegendRed — tests fail, blocks buildGreen — tests pass, advanceTriage — UAT findings to next VxBrand — agent-owned stage010203040506070809101112
Open diagram
Per stage

One diagram per gate.

Each diagram zooms into a single gate of the master loop. Click for the full version + explanation.

Vision crystallisation — funnel of fuzz to focusUser interviewsGut hypothesisMarket signalTelemetry / support ticketsCompetitor movesSPM filterone problemone outcomeone userProblem statement"PMs lose 60% of the day to ceremony.No tool owns the daily loop."Outcome statement"An agent runs the project onautopilot, ships Vx → Vx+1 nightly."If it doesn't fit on a postcard, it isn't a vision yet.

Vision crystallisation

Fuzzy idea → 1-paragraph problem + 1-paragraph outcome.

JSX prototype — the cheapest UAT you'll ever runVisionproblem + outcomeSingle-file React/JSX artifactReal feedback5 users · 30 min eachKill or pivotbefore any backend codeNot pixel-perfect. Not wired to anything real. Just enough to provoke real reactions.

JSX prototype

Vision → a clickable artifact you can hand to a real user.

PRD ↔ Spec — same artifact, two voicesPRD — user voice"what it's for"Personas + JTBDUser outcomes (3–5)Acceptance scenarios (Given/When/Then)Out-of-scope listOpen questionsSpec — engineering voice"how it's built"Data model + ERDAPI contract (OpenAPI / tRPC)Acceptance tests (executable)Non-functional reqs (perf, sec, SLOs)Migration / rollback planThey live next to each other in the repo. If they disagree — spec wins for code, PRD wins for review.

PRD ↔ Spec

What it's for vs. how it's built — same artifact, two voices.

Red → green → refactor — the inner loopREDtest failsno code yetGREENsmallest codeto pass the testREFACTORclean on greentests stay greennext testWhy TDD with agents:The failing test is the contract the agent honours. Without it, agents drift; with it, every diff has a target.One test, one feature, one diff — repeat 100× per Vx.

Red → green → refactor

Tests fail, code makes them pass, refactor on green.

Build cycle — Vx, bounded by spec and testsSpeccontracts inFailing testsred gateSPM Agentbuild Vx1. read failing test2. write smallest diff3. run suite — pass?4. open PR for reviewGreen VxPR + diff + testsrollback path (always live)Agent owns the diff. Human owns the review. Rollback is a first-class state.

Build cycle — Vx

Spec + failing tests + agent → green Vx.

QA → UAT → updates triageQA — automatedevery commitpass / fail · binaryUAT — humanone round per Vxbounded · time-boxedTriageP0 · P1 · ignorebecomes Vx+1 backlogP0 — blocks shipfix in VxP1 — next Vxinto backlogIgnoreexplicit, with reasonback into Vx+1 buildUAT is binary by issue, not by Vx. "Mostly works" isn't a status — it's a triage queue.

QA → UAT → updates

Automated QA gates first, then human UAT, then a triage queue.

Security gate — /security-review as a release gateUAT signed offP0s clear/security-reviewruns in CI · blocks mergeThreat model fresh?Dependency scan clean?Secrets scan clean?AuthN / AuthZ tests pass?PII handling reviewed?Compliance docs current?→ Prodcanary → ramp↻ Blockno override w/o waiverRed light here blocks the release. No exceptions without a written waiver.

Security gate

/security-review is a release gate, not a quarterly audit.

Prod release — canary → ramp → full1% canary30 minwatch:err ratep95 latencyfunnel drop10% ramp2 hoursbudget burned?100% fullstays unless rollbackDonelognotesrollback any time — one commandTelemetry budget per ramp:Error rate < baseline + 0.5% · p95 latency < baseline + 10% · funnel drop < 2%Every ramp is reversible. Telemetry feeds the Vx+1 backlog.

Prod release

Canary → ramp → full — observed, reversible, logged.

Vx → Vx+1 — the loop closeVision (Vx+1)BuildQA + UATSecurity + ProdTelemetryUAT triageSPM Agentruns the wheelon autopilotMost products die from forgetting this loop, not from failing it.

Vx → Vx+1 iteration

What survived UAT + what prod telemetry surfaced = next vision.