AI assistants speed up coding, but their output is non-deterministic and needs hard guardrails. The most reliable enforcement layer is the one your tooling applies on every run: custom PHPStan rules.

In this talk, we'll start with a coding workflow built around plan mode, voice input, and self-correcting test loops. We'll then reframe the testing pyramid for the AI era: deterministic checks first, AI-driven review with `AGENTS.md` and skills second, human review last.

The bulk of the session covers PHPStan internals: how `nikic/php-parser` turns code into an AST, how to inspect nodes with the Rector playground, and how to implement the `Rule` interface. Two worked examples anchor the talk: banning `extends ServiceEntityRepository`, and enforcing kebab-case in `#[Route]` paths whether the argument is positional or named.

By the end, you'll be ready to write your own rules and turn one-off AI corrections into team-wide invariants.