deep-dive

How the RPI Workflow Prevents AI Hallucinations in HVE Core

March 9, 2026 microsoft/hve-core ↗

The RPI (Research → Plan → Implement → Review) workflow in HVE Core eliminates AI hallucinations by structuring every AI-driven step as a separate, tightly scoped agent that never mixes research with code generation.

The microsoft/hve-core repository implements a rigorous agent orchestration pattern that stops large language models from generating plausible but incorrect code. By enforcing strict phase separation and verifiable citations, the RPI workflow prevents AI hallucinations in HVE Core through architectural constraints rather than prompting alone.

Explicit Phase Constraints

The RPI workflow divides AI work into four isolated phases, with each agent explicitly prohibited from performing the next phase's responsibilities. This separation stops the model from "inventing" code while still researching or planning.

Task Researcher

The Task Researcher agent is forced to only gather evidence. According to docs/rpi/task-researcher.md lines 36-38, it cannot produce implementation code. It searches the repository and external sources, cites exact file and line numbers, and records findings in a research document. This constraint prevents the common hallucination scenario where a model writes code before confirming that required APIs or dependencies actually exist.

Task Planner

The Task Planner receives verified research and builds a concrete checklist. As documented in docs/rpi/task-planner.md lines 34-36, because it cannot edit code, it focuses exclusively on sequencing, dependencies, and success criteria. The planner creates *.instructions.md and *.details.md files that reference the research document, establishing a contractual boundary between planning and execution.

Task Implementor

The Task Implementor reads the plan line-by-line and applies only the patterns documented in the research phase. Per docs/rpi/task-implementor.md lines 36-38, this agent logs every change while respecting stop controls like phaseStop=true. By restricting the implementor to executing pre-approved patterns, the workflow prevents the generation of plausible-looking but incorrect code based on hallucinated assumptions.

Task Reviewer

Finally, the Task Reviewer validates the implementation against the original specifications. As noted in docs/rpi/why-rpi.md lines 58-60, this agent catches any divergence between the research, plan, and final code before anything is merged. This verification step acts as a hallucination detection mechanism that rejects changes lacking proper citations.

Context Clearing Between Phases

Before moving to the next phase, the workflow mandates a clear-context command (/clear) or a new chat session. According to docs/rpi/task-implementor.md lines 53-57, this removes any lingering token history that could bias the model toward previous (potentially incorrect) assumptions. By starting each phase with a clean slate, the AI cannot carry over hallucinated details from earlier steps, ensuring that the Task Planner works only from the research document and the Task Implementor works only from the approved plan.

Traceability and Citations

Research documents in the RPI workflow contain line-referenced evidence (e.g., "variables.tf#L47"). The plan and implementation files embed these references, creating a verifiable chain from statement → source → code as documented in docs/rpi/task-researcher.md lines 30-33. If a hallucination occurs, reviewers can instantly locate the missing citation and reject the change. This traceability requirement forces the AI to ground every claim in actual repository content rather than training data memories.

Threat Model Acknowledgment

The HVE Core security documentation explicitly treats hallucination as a security risk. The threat model in docs/security/threat-model.md lines 58-60 lists LLM hallucination as a known risk and records the mitigations implemented by the RPI workflow. By treating hallucination as a security concern rather than merely an accuracy issue, the project enforces engineering controls—including phase separation, mandatory citations, and independent review—that are continuously audited.

Automation with Hand-Off Buttons

When using the rpi-agent autonomous orchestrator, the same constraints are enforced automatically. The agent calls each sub-agent via runSubagent, ensuring that the research → plan → implement → review order is never violated, as implemented in docs/rpi/why-rpi.md lines 56-66. This automation prevents human operators from accidentally skipping phases or allowing agents to mix concerns, maintaining the architectural safeguards that keep AI-generated code trustworthy.

Practical Implementation Examples

The following examples demonstrate the strict phase boundaries that prevent AI hallucinations in HVE Core workflows.

Start the research phase with no code generation allowed:

/task-research Add Azure Blob Storage support to the Python pipeline

The Task Researcher returns a markdown file with citations such as src/pipeline/writers/azure_blob.py#L12-L27, grounding all subsequent work in verified facts.

Clear the context before planning to prevent bias from the research conversation:

/clear
/task-plan

The planner creates instruction files referencing the research document, establishing the implementation contract.

Implement the plan with stop-points to enforce incremental verification:

/clear
/task-implement phaseStop=true taskStop=false

The implementor follows the checklist exactly, logging each change in .copilot-tracking/changes/…-changes.md.

Run the reviewer to catch any missed hallucination:

/clear
/task-review

The reviewer compares the final code against the original research and plan, flagging any mismatches before merge.

Summary

Phase isolation prevents agents from mixing research, planning, implementation, and review responsibilities, eliminating the scenario where models write code before verifying facts.
Context clearing via /clear commands removes token history that could propagate hallucinated assumptions between workflow stages.
Line-referenced citations create a verifiable chain from evidence to implementation, allowing reviewers to instantly detect missing sources.
Security threat modeling treats hallucination as a formal risk, enforcing continuous auditing of the RPI workflow's protective controls.
Automated orchestration via runSubagent ensures hand-off order is never violated, even in autonomous mode.

Frequently Asked Questions

How does the RPI workflow stop AI from generating fake API signatures?

The Task Researcher agent is architecturally constrained to only search and cite existing code, as defined in docs/rpi/task-researcher.md. It cannot generate implementation code, so it must find actual API definitions and record their exact file paths and line numbers. The Task Implementor is then restricted to using only those documented patterns, preventing the invention of non-existent signatures.

What happens if an AI agent hallucinates during the planning phase?

If the Task Planner introduces hallucinated requirements, the Task Reviewer detects the divergence during final validation. Because the plan must reference specific research citations (per docs/rpi/task-researcher.md lines 30-33), any plan item lacking a corresponding research citation is flagged. The review process in docs/rpi/why-rpi.md lines 58-60 explicitly validates implementation against the original specifications.

Why is the `/clear` command necessary between phases?

The /clear command removes the conversation's token history, which might contain subtle biases or incorrect assumptions from previous phases. According to docs/rpi/task-implementor.md lines 53-57, starting each phase with a clean slate prevents the model from carrying over hallucinated details, ensuring that the Task Implementor works exclusively from the approved plan rather than remembered but unverified context.

Can the RPI workflow run autonomously without human supervision?

Yes, the rpi-agent orchestrator automates the workflow using runSubagent calls, as documented in docs/rpi/why-rpi.md lines 56-66. This automation enforces the same phase constraints and hand-off order programmatically, ensuring that the Task Researcher, Task Planner, Task Implementor, and Task Reviewer execute sequentially without mixing concerns, even without manual /clear commands.

Have a question about this repo?

These articles cover the highlights, but your codebase questions are specific. Give your agent direct access to the source. Share this with your agent to get started:

Share the following with your agent to get started:

curl -s "https://instagit.com/install.md"

Add to your MCP client configuration:

{
  "mcpServers": {
    "instagit": {
      "command": "npx",
      "args": ["-y", "instagit@latest"]
    }
  }
}

Ask your agent:

"Use Instagit MCP to understand how microsoft/hve-core works."

Works with

Claude Codex Cursor VS Code OpenClaw Any MCP Client

Maintain an open-source project? Get it listed too →