We read the spec before we read the code. Here is why that changes everything.

When a repository is submitted to IntentGuard, the first thing the pipeline does is nothing that any other code analysis tool does. It does not read the code. It reads what the code was supposed to do. That single design decision — reading intent before reading implementation — is the architectural foundation everything else is built on. I want to explain why we made it, what it requires, and what it changes about the findings you get out the other side. The question nobody was asking automatically Every code analysis tool in existence — static analysers, linters, security scanners, SAST platforms — starts from the same place. It reads the code and asks: what is in here? What patterns are dangerous? What vulnerabilities exist? These are useful questions. There are excellent tools answering them. The question none of them ever asked is: does this code do what it was designed to do? Not "is this code clean?" Not "is this code secure?" But: does this implementation reflect the product tha