diff --git a/docs/IMPLEMENTATION_MASTERPLAN.md b/docs/IMPLEMENTATION_MASTERPLAN.md
index 9154f40e..176e97c4 100644
--- a/docs/IMPLEMENTATION_MASTERPLAN.md
+++ b/docs/IMPLEMENTATION_MASTERPLAN.md
@@ -1,1299 +1,1294 @@
-# Taskdeck Implementation Masterplan
-
-Last Updated: 2026-04-09
-<br>
-Planning Horizon: Next 8 to 12 weeks  
-Companion Active Docs:
-- `docs/STATUS.md`
-- `docs/IMPLEMENTATION_MASTERPLAN.md`
-- `docs/TESTING_GUIDE.md`
-- `docs/MANUAL_TEST_CHECKLIST.md`
-- `docs/GOLDEN_PRINCIPLES.md`
-
-## Purpose
-
-This is the active execution guide for sequencing past, current, and future implementation.
-`docs/STATUS.md` is authoritative for current shipped reality; this document tracks delivery history, planned work, roadmap sequencing, and strategic intentions.
-Update this file at the end of each meaningful delivery cycle or when new work is seeded.
-
-## Planning Principles
-
-- `docs/STATUS.md` is authoritative for current shipped reality.
-- Product north star: make capture nearly free and keep automation safe through review-first proposals.
-- Product legibility is now the immediate product focus: the app should explain its core loop from inside the UI, not mainly through docs and demo scripts.
-- For near-horizon demo work, prefer packaging the shipped capture/review/board substrate into stakeholder-legible business workflows instead of reopening broad architecture.
-- Prefer finishing cross-cutting consistency work before adding new surface area.
-- Security and identity convergence remains the highest-priority engineering track.
-- Cross-user existence policy is fixed: return `403` for authenticated-but-unauthorized access and `404` for true missing resources.
-- Automation remains proposal-first and review-first by default.
-- Do not claim or ship silent/destructive autonomy by default; trust posture takes precedence over convenience.
-- MVP should include a dogfooding workflow: paste structured plan text in chat and bootstrap a board/project from approved proposals.
-- UX investments should be modular and reusable (keyboard-first, discoverable selectors, shared input-assist patterns).
-- Use `docs/InReview/MVP_EXPANSION/MINIMAL/` as the near-horizon execution filter and `docs/InReview/MVP_EXPANSION/EXPANDED/` as the staged roadmap reference.
-- Do not add major new surface breadth ahead of `Home` / `Today` / `Review` productization unless the work closes a real trust, safety, or operability gap.
-- Agent, knowledge, and integrations expansion stay sequenced behind novice-first productization even though their longer-term architecture is now clearer.
-- Every issue must carry exactly one priority label (`Priority I` through `Priority V`).
-- Out-of-code and configuration work (containerization, deployment, security posture, observability, DR) must be tracked as first-class backlog items.
-
-## Current Cycle Outcome (Completed)
-
-Delivered in the latest cycle:
-1. Backend advanced slices completed: automation proposals/executor, archive recovery, chat, ops/logs, workers/health.
-2. Frontend advanced views integrated: automations/chat/ops/archive and supporting APIs/types.
-3. Maintainability refactor delivered (PR #23):
-   - backend shared error contracts/mapping and authenticated-user controller base
-   - frontend shared query-string and error-message utilities
-4. CI hardening follow-up delivered:
-   - workflow concurrency cancellation
-   - frontend typecheck/build parity in CI
-   - NuGet/Playwright caching and richer failure artifacts (TRX/JUnit uploads)
-5. Mechanical invariants delivered:
-   - docs governance CI checks (`scripts/check-docs-governance.mjs`, `scripts/check-github-ops-governance.mjs`)
-   - architecture boundary test project (`Taskdeck.Architecture.Tests`)
-6. Security/observability slice delivered:
-   - boards controller family retrofitted to claims-first authz
-   - API authz harness helpers for 401/403/cross-user assertions
-   - request correlation middleware + Ops CLI correlation propagation
-   - timing/result diagnostics for log query and automation execution paths
-7. Test surface expanded and verified:
-   - Backend: 1975+ passing (property-based and fuzz tests added via FsCheck)
-   - Frontend unit: 1491+ passing (134+ test files; batch triage, search, accessibility tests added)
-   - Default Playwright regression lane: 24+ passing (accessibility axe-core E2E added; `stakeholder-demo.spec.ts` remains opt-in/skipped by default)
-8. Documentation consolidation retained:
-   - active docs remain focused at `docs/` root
-   - detail packs/audits archived under `docs/archive/2026-02-13_phase4-doc-consolidation/`
-9. Wave P docs/help follow-through delivered:
-   - `docs/START_HERE.md` now matches the shipped `Home` / `Today` / `Inbox` / `Review` / `Boards` shell
-   - `docs/USER_MANUAL.md` now acts as the shipped-product manual index for the novice-first shell
-   - `docs/manual/README.md`, `docs/manual/*`, and the new product help guides now carry the chaptered workflow, FAQ, troubleshooting, and help-center follow-through without pretending later `Agents` / `Integrations` breadth is already shipped
-   - `docs/INDEX.md` and `docs/product/README.md` now make the root-doc, manual-chapter, and product-help split explicit
-10. Stage 0 governance follow-through:
-   - active docs cross-link/date-stamp freeze completed for canonical docs
-   - project safety view standardized as `No Status` (`no:status`)
-   - weekly backlog seeding cadence and RC hard-gate policy documented in active ops docs
-11. Security convergence progress:
-   - `[Authorize]` enforced across remaining legacy controller families
-   - claims-first identity retrofit delivered for columns/cards/labels/export/queue/board-access
-   - caller-supplied actor query/body IDs removed from those controller families
-   - API integration suite expanded for legacy unauthorized/forbidden/cross-user regression checks
-   - API integration suite expanded for legacy unauthorized-path regression checks
-12. Frontend runtime alignment:
-   - added a lightweight static UI mock at `frontend/taskdeck-web/public/mock/` so the current product shell and key surfaces can be previewed from local example data without backend/runtime setup
-   - added a dedicated GitHub Pages Actions workflow that publishes `frontend/taskdeck-web/public/mock/` directly as the Pages site root, replacing the earlier branch-based `main` + `/docs` publish path
-   - CI and local developer baseline pinned to Node 24.13.1 (LTS) to match Vite 7 engine constraints
-13. Security convergence completion for remaining legacy families:
-   - audit controller now derives actor identity from claims for user-history and board-history access checks
-   - users controller now enforces self-scope for read/update/activate/deactivate profile actions
-   - audit frontend flow moved from user-id route calls to `/audit/users/me`
-14. SEC-03 regression matrix delivery:
-   - added explicit API integration matrix assertions for protected legacy + advanced routes
-   - expanded policy coverage for `401` unauthenticated, `403` cross-user unauthorized, and `404` true missing resources
-15. SEC-04 API error-contract assertions delivery:
-   - middleware-level JWT challenge/forbidden responses now emit stable `ApiErrorResponse` payloads
-   - API integration assertions now explicitly enforce auth and validation error-contract shape stability
-16. UX-01 archive lifecycle coherence delivery:
-   - board settings archive action now reflects soft-delete semantics (reversible archive, not permanent deletion)
-   - archive workspace now surfaces archived boards and supports restore via board lifecycle API flow
-   - API integration roundtrip coverage added for archive-to-restore board lifecycle behavior
-17. UX-02 drag/edit interaction safety guardrails delivery:
-   - card and column drag now requires explicit drag handles
-   - non-handle drag gestures are ignored to prevent accidental movement during adjacent edit interactions
-   - frontend unit + E2E coverage added for handle-only drag behavior and conflict paths
-18. UX-03 command palette keyboard model delivery:
-   - command palette now supports keyboard-first filtering, item selection, and activation
-   - shell interactions preserve deterministic close behavior (`Escape`) and focus handling
-   - frontend unit + E2E coverage added for command palette keyboard navigation and activation
-19. UX-04 activity selector discoverability delivery:
-   - activity workflows now prioritize selector-first board/entity/user discovery instead of raw ID-first entry
-   - board/entity selection now includes discoverable context and ID reveal/copy affordance
-   - frontend unit + E2E coverage added for selector-based activity navigation and fetch flows
-20. UX-04 shared input-assist scaffolding delivery:
-   - shared input-assist combobox/listbox component added for reusable suggestion and keyboard-selection behavior
-   - ops CLI template selection now uses input-assist with discoverable template metadata
-   - automation chat board targeting now uses input-assist board suggestions with keyboard-first interactions
-21. UX-05 escape behavior contract delivery:
-   - workspace and board escape handling now follows a top-surface-first contract via shared escape-stack handling
-   - board routes now exit to `/workspace/boards` when no transient surface is open
-   - unit + E2E regression coverage validates escape ordering and board-exit behavior
-22. AUTO-01 real-provider strategy delivery:
-   - `ILlmProvider` selection now follows deterministic environment-aware policy evaluation (`Mock` vs `OpenAI`)
-   - live provider usage is explicitly gated by config (`EnableLiveProviders`, provider mode, development override guard)
-   - OpenAI provider path and policy constraints are test-backed while preserving proposal-first chat flow semantics
-23. AUTO-02 planner/executor hardening delivery:
-   - planner instruction coverage now includes deterministic board/column intents (rename/archive/unarchive/reorder) with explicit board/position validation
-   - executor operation parameter parsing now fails with deterministic validation errors instead of exception-driven fallbacks
-   - partial-failure behavior is test-backed as transactional rollback + proposal failure status update with actionable operation-sequenced reasoning and improved audit entity attribution
-24. MVP-01 chat-to-project bootstrap delivery:
-   - chat now supports canonical Markdown checklist ingestion and proposal-first bootstrap operation generation for board-scoped sessions
-   - proposal review remains mandatory, with chat exposing one-click approve + execute action for generated checklist bootstrap proposals
-   - backend + API + frontend tests cover canonical happy path and key checklist parse/validation failures
-25. PACK-01 starter-pack manifest foundation delivery:
-   - added a versioned starter-pack manifest contract (`schemaVersion` `1.0`) for labels, columns, templates, and seed cards
-   - added deterministic backend parsing/validation service with explicit compatibility and cross-reference constraints
-   - added dedicated application tests covering canonical success + key parse/validation failure paths
-26. PACK-01 null-collection hardening follow-up:
-   - manifest validation now handles explicit JSON `null` collections deterministically (array-shape errors instead of null-reference exceptions)
-   - nested collection paths (`compatibility.requiredFeatures`, template checklists, seed-card labels) are now null-safe and regression-tested
-27. PACK-02 starter-pack apply backend delivery:
-   - added authenticated board-scoped apply endpoint: `POST /api/boards/{boardId}/starter-packs/apply`
-   - delivered idempotent apply semantics with dry-run actionable conflict reporting for labels/columns/seed-card references
-   - added API integration coverage for apply success, re-apply idempotency, dry-run conflict report, and non-dry-run conflict response
-28. PACK-03 starter-pack frontend catalog delivery:
-   - added board-level starter pack catalog UI with search/filter and manifest preview details
-   - integrated dry-run preview and one-click apply flow against the backend apply endpoint
-   - added frontend API + component interaction tests for preview/apply/conflict/empty states
-29. PACK-04 first-party starter packs v1 delivery:
-   - added API-backed first-party starter-pack catalog endpoint: `GET /api/boards/{boardId}/starter-packs/catalog`
-   - shipped first-party pack coverage for common labels, common column flow, and 3 board blueprints
-   - added backend/frontend tests for catalog availability, pack-category coverage, and manifest validity
-30. PACK-05 deterministic fixture packs delivery:
-   - added Playwright starter-pack fixture bootstrap helper flow for manifest-backed deterministic board-state setup
-   - shipped deterministic fixture manifests for `small`, `medium`, and `edge` scenarios
-   - added dedicated E2E coverage for fixture bootstrap success and conflict dry-run paths
-31. DEBT-01 nullability reduction delivery:
-   - eliminated current domain `CS8618` warnings by applying EF-safe non-null default initialization patterns
-   - validated no behavior regressions via full backend solution test pass
-32. DEBT-02 log-query scalability pass delivery:
-   - replaced broad in-memory log composition with repository-filtered query paths
-   - removed command-run log query N+1 pattern by introducing direct filtered log querying with run correlation/user projection
-   - validated logs API contract behavior and full backend regression suite pass
-33. DEBT-03 database export/import delivery:
-   - added authenticated database export/import API routes (`GET /api/export/database`, `POST /api/import/database`)
-   - implemented minimal-safe SQLite file export/import with Development-sandbox gating, payload signature/size validation, and backup-restore fallback on file replacement failure
-   - added application and API integration coverage for auth, sandbox gating, and import validation paths
-34. COL-01 realtime board updates delivery:
-   - added SignalR `BoardsHub` with claims-derived board subscription authz checks and board-scoped group subscriptions
-   - added application-layer board mutation notifications for board/card/column/label writes and wired hub fan-out notifier in API composition root
-   - integrated frontend board realtime lifecycle (join/switch/leave/reconnect) with websocket-unavailable polling fallback and expanded API/unit/E2E regression coverage
-35. OBS-01 observability baseline delivery:
-   - added OpenTelemetry startup wiring for ASP.NET + HttpClient instrumentation with Taskdeck custom activity source and meter registration
-   - added worker/queue/heartbeat telemetry emission with stable metric names and dimension keys
-   - added correlation ID propagation into trace tags plus a versioned observability baseline runbook with dashboard/alert/smoke-verification guidance
-36. OPS-07 containerized deployment baseline delivery:
-   - added production-oriented backend/frontend Dockerfiles and compose profile with reverse-proxy entrypoint
-   - added proxy compression + forwarded-header/security-header posture and staging/local deployment runbook
-   - added CI container image build/export artifacts with reproducible compose render checksums
-37. Developer MCP tooling posture expansion:
-   - enabled a broader Docker Marketplace MCP server bundle (SQLite, JetBrains, Postman candidate, OpenAPI, filesystem, terraform, time, etc.)
-   - stabilized default Docker gateway server set for Codex project config to avoid secret-gated startup failures while preserving optional integrations
-   - documented setup/credential expectations in `docs/MCP_TOOLING_GUIDE.md`
-38. MCP operations workflow integration:
-   - added operator runbook (`docs/tooling/MCP_OPERATIONS_RUNBOOK.md`) covering credential setup, validation, troubleshooting, and recurring checklists
-   - added helper scripts to wire credential-gated Docker MCP servers and verify baseline/optional MCP dry-run paths
-   - integrated MCP operations checks into active testing guidance
-39. TST-07 MCP smoke/regression harness delivery:
-   - enhanced MCP profile validation script with optional-server prerequisite diagnostics (missing secret/config classification)
-   - codified strict/warning/skip behavior for optional integrations and documented CI-friendly command patterns
-   - added deterministic CI status output contract (`PASS`, `PASS_WITH_WARNINGS`, `FAIL`) for MCP profile validation flows
-40. OPS-19 CI topology first-pass delivery:
-   - migrated required CI entrypoint from `.github/workflows/ci.yml` to `.github/workflows/ci-required.yml` with equivalent gate behavior
-   - extracted docs governance lane into reusable workflow `.github/workflows/reusable-docs-governance.yml` as baseline for incremental workflow decomposition
-41. OPS-19 CI topology second-pass delivery:
-   - extracted backend architecture lane into reusable workflow `.github/workflows/reusable-backend-architecture.yml` and routed `ci-required.yml` through it
-   - extracted frontend unit lane into reusable workflow `.github/workflows/reusable-frontend-unit.yml` (preserving Ubuntu/Windows matrix behavior) and routed `ci-required.yml` through it
-42. OPS-19 CI topology API-integration extraction delivery:
-   - extracted API integration lane into reusable workflow `.github/workflows/reusable-api-integration.yml` and routed `ci-required.yml` through it (preserving Ubuntu/Windows matrix behavior)
-43. OPS-19 CI topology third-pass delivery:
-   - added `merge_group` trigger parity to `.github/workflows/ci-required.yml` to align merge-queue required-check execution with PR/push paths
-44. OPS-19 CI topology fourth-pass delivery:
-   - extracted backend unit lane into reusable workflow `.github/workflows/reusable-backend-unit.yml` (preserving Ubuntu/Windows matrix behavior and domain/application/CLI split coverage)
-   - routed `.github/workflows/ci-required.yml` through the reusable backend unit lane
-45. OPS-19 CI topology fifth-pass delivery:
-   - extracted container image lane into reusable workflow `.github/workflows/reusable-container-images.yml` and routed `ci-required.yml` through it
-   - extracted E2E smoke lane into reusable workflow `.github/workflows/reusable-e2e-smoke.yml` and routed `ci-required.yml` through it while preserving required-gate dependency ordering and artifact upload behavior
-45. SEC-11 cross-user convergence progress (`#152`):
-   - automation proposal lifecycle endpoints now enforce proposal-scope authorization (`get/approve/reject/execute/diff`) via board read/write permission or requester-only fallback for user-scoped proposals
-   - API integration authz matrix expanded for additional protected automation/logs/starter-pack routes with `401` assertions, plus focused `403` and `404` regression tests for proposal, logs correlation, and starter-pack apply paths
-46. AUTH-06 register/login hardening progress (`#174`):
-   - login flow now avoids inactive-candidate short-circuit lockout in identifier-collision paths by preferring active password matches before returning inactive-account errors
-   - duplicate registration now returns actionable conflict guidance to steer users toward existing-account sign-in
-   - regression coverage added for duplicate-register-then-login success sequence and explicit invalid-credentials (`401`) vs inactive-account (`403`) API contract behavior, with frontend session-flow regression for non-poisoned post-error login
-47. SEC-11 archive authorization follow-through (`#152`):
-   - archive list/detail/entity-lookup read paths now require caller board-read permission and return deterministic `Forbidden` payloads for cross-user unauthorized access
-   - board-filtered archive queries now fail fast with `403` when caller cannot read the target board, while preserving `404` for true missing archive resources
-   - regression coverage expanded in application and API integration suites for archive authorization enforcement and board cross-user policy behavior
-48. SEC-11 audit entity-history authorization follow-through (`#152`):
-   - `GET /api/audit/entities/{entityType}/{entityId}` now resolves board-scoped entities (`Board`, `Column`, `Card`, `Label`) before querying history and enforces caller board-read permissions
-   - endpoint semantics now align to policy for entity history requests (`403` for authenticated cross-user unauthorized access, `404` for true missing board-scoped entities)
-   - API integration coverage expanded in `AuditApiTests` and `AuthzRegressionMatrixApiTests` to lock unauthorized/cross-user/missing-resource behavior
-49. OPS-19 CI topology sixth-pass progress (`#168`):
-   - added non-blocking CI orchestrator (`.github/workflows/ci-extended.yml`) with actionlint + dependency-review lanes and opt-in (`testing` label/manual) backend/E2E regression jobs
-   - added scheduled/manual nightly orchestrator (`.github/workflows/ci-nightly.yml`) for backend solution regression, E2E regression, and container-image regression
-   - added release/security orchestrator (`.github/workflows/release-security.yml`) with dependency inventory/vulnerability reporting artifacts and explicit SBOM/provenance follow-through mapping to `#103`
-   - added reusable full backend regression lane (`.github/workflows/reusable-backend-solution.yml`) to avoid orchestration-layer command duplication
-50. OPS-19 CI topology completion (`#168`):
-   - added `ci-release.yml` release build-verification lane with SBOM/provenance placeholder, container image artifact lane
-   - added comprehensive workflow topology documentation to `ci-required.yml` header comment mapping all orchestrators and reusable workflows
-   - added topology reference comments to `ci-extended.yml`, `ci-nightly.yml`, `nightly-quality.yml`, and `release-security.yml`
-   - added `CODEOWNERS` file for `.github/workflows/`, issue templates, PR template, and governance scripts
-   - updated CI Status section in `docs/STATUS.md` to reflect the complete topology including `ci-release.yml` and `nightly-quality.yml`
-51. SEC-11 LLM queue board-scope authorization follow-through (`#152`):
-   - `POST /api/llm-queue` now enforces board-read authorization when `boardId` is supplied
-   - queue creation now aligns to policy (`403` for authenticated cross-user unauthorized board access, `404` for true missing boards)
-   - regression coverage expanded in `LlmQueueServiceTests`, `LlmQueueApiTests`, and `AuthzRegressionMatrixApiTests`
-52. SEC-11 API regression coverage final sweep (`#152`):
-   - expanded cross-user `403` coverage for board update and board-access management (`list/grant/update/revoke`)
-   - expanded chat authorization coverage for cross-user forbidden access and true-missing session `404` branches (`get session`, `send message`)
-   - API integration suite increased to 185 passing tests with explicit `403/404` branch locking for remaining protected route gaps
-53. API-06 centralized exception/fallback error-contract hardening (`#153`):
-   - added global unhandled-exception middleware in the API pipeline to return deterministic `ApiErrorResponse` payloads for unexpected server failures
-   - standardized unknown-result fallback `500` mapping to `ApiErrorResponse` (`UnexpectedError`) instead of `ProblemDetails` to keep fallback payload shape contract-uniform
-   - added fault-injection API integration coverage validating unhandled-failure contract shape, non-leakage message behavior, and correlation-header continuity under `500` responses
-54. TST-14 architecture-guard expansion (`#157`):
-   - expanded architecture tests beyond csproj references with source-layer purity invariants for Domain/Application forbidden namespace imports
-   - added API controller boundary invariants to restrict direct `ControllerBase` inheritance to auth/health controllers and enforce `[Authorize]` declaration on protected controllers
-   - architecture guard suite now emits deterministic file-scoped diagnostics for quick remediation in CI and local runs
-55. TST-01 load/concurrency harness delivery (`#70`):
-   - added k6 board-heavy API regression profile (`tests/load/k6/board-heavy-load.js`) with seeded-auth setup, read/write traffic mix, thresholds, and failure diagnostics
-   - added multi-session Playwright concurrency harness coverage (`frontend/taskdeck-web/tests/e2e/concurrency.spec.ts`) for conflicting edits and realtime cross-session propagation
-   - added reusable CI lane (`.github/workflows/reusable-load-concurrency-harness.yml`) and wired it into `ci-extended` (testing label/manual) plus `ci-nightly` with persisted k6/Playwright artifacts
-56. ARCH-01 multi-tenancy strategy ADR delivery (`#71`):
-   - added accepted ADR at `docs/analysis/2026-02-22_multi-tenancy-strategy-adr.md` comparing `database-per-tenant`, `schema-per-tenant`, and `shared-schema + TenantId`
-   - selected `shared-schema + TenantId` as immediate rollout model with explicit promotion path to `database-per-tenant` for high-isolation tiers
-   - defined phased migration/enforcement plan plus tenant-isolation readiness checklist and cross-tenant `403` test strategy expectations
-57. FE-11 frontend lint baseline + CI enforcement (`#154`):
-   - added pragmatic Vue 3 + TypeScript ESLint baseline (`.eslintrc.cjs`) with focused rule suppressions to avoid style-churn while catching correctness issues
-   - added `npm run lint` script with zero-warning enforcement and integrated lint into reusable frontend CI lane (`reusable-frontend-unit.yml`)
-   - documented frontend lint execution and suppression guidance in active testing docs to keep lint policy explicit for contributors
-58. FE-12 frontend coverage threshold gate (`#155`):
-   - codified global and critical-surface Vitest coverage thresholds (`src/api`, `src/store`, `src/composables`, `src/utils`, `src/components/board`) in frontend test configuration
-   - switched reusable frontend CI lane to threshold-enforced coverage execution and standardized machine-readable triage artifacts (JUnit + coverage JSON/HTML)
-   - documented explicit ratchet policy (thresholds can remain or increase, never decrease) and local threshold-breach verification command
-59. COL-02 notifications framework delivery (`#72`):
-   - added notification persistence model (`Notifications`, `NotificationPreferences`) with user-scoped preference toggles for event-family cadence controls and in-app channel enablement
-   - shipped authenticated notification APIs (`GET /api/notifications`, `POST /api/notifications/{id}/read`, `GET/PUT /api/notifications/preferences`) with board-filter authorization guardrails and deduplication-aware publish semantics
-   - integrated frontend notification inbox/preferences routes + Pinia store/api clients and added regression coverage for backend event publication, API auth/filter behavior, and frontend inbox/preferences interactions
-60. COL-03 collaborative presence/conflict policy delivery (`#73`):
-   - added SignalR-backed board/card presence snapshots with active viewer/editor state publication on join/leave/disconnect and card editing focus changes
-   - added optimistic card update conflict policy via `ExpectedUpdatedAt` with deterministic `409 Conflict` user feedback and stale-write conflict audit logging (actor + expected/actual timestamps)
-   - expanded backend/frontend regression coverage, including multi-session Playwright conflict scenario validation and realtime presence broadcast assertions
-61. COL-04 threaded card comments and mentions workflow delivery (`#74`):
-   - added authenticated board/card comment APIs for create/list/reply/update/delete with reply-depth guardrails and moderation constraints (author or board owner/admin)
-   - added mention parsing + actor-linking for card comment bodies with board-read permission checks before mention notification publication
-   - added card-comment audit entries and frontend card-modal comment UI flow (thread list, reply, edit, delete), with backend/frontend test coverage for mention parsing and authorization boundaries
-62. Capture realignment backlog seeding delivery (`#199` to `#213`):
-   - reconciled in-review capture/security/performance planning packs into dependency-mapped GitHub issues
-   - seeded a dedicated capture wave tracker (`#199`) with execution issues (`#200` to `#211`) plus linked security/performance follow-through (`#212`, `#213`)
-63. UX-15 review-first routing and selector cleanup delivery (`#322`):
-   - `/workspace/review` is now the canonical normal-user automation route, with legacy proposals URLs redirected compatibly and shell/home/inbox/card links pointed at Review
-   - queue, chat, ops, and access surfaces now explain their advanced/operator purpose in plain language and expose action-oriented next steps instead of orphan empty states
-   - board access now uses a board picker, automation chat accepts selector-safe board context instead of raw-ID happy paths, and frontend unit + Playwright coverage now locks selector flow, route defaults, and representative empty-state branches
-   - linked follow-through status is now split: `#212` delivered the logging/telemetry redaction policy and runtime guardrails; `#213` delivered frontend list virtualization (inbox + activity views) using `@tanstack/vue-virtual`
-   - updated existing SEC-06 rate-limiting issue (`#81`) and wave index (`#107`) to integrate capture-specific scope without duplicate issue creation
-64. InReview extraction coverage expansion (`#216` to `#220`):
-   - seeded go-to-market and user-research execution issues from HUMAN playbooks (`#216`, `#217`)
-   - seeded deferred capture follow-ons from the original realignment pack (`#218`, `#219`, `#220`)
-   - updated capture wave tracker (`#199`) and wave index (`#107`) to keep extraction coverage explicit
-65. CAP-01 capture model/domain contract delivery (`#200`):
-   - accepted queue-wrapper MVP model (`LlmRequest` + `inbox.capture.v1`) with explicit migration path to dedicated capture entities
-   - added canonical capture source/status contracts plus transition policy mapping from queue lifecycle states
-   - added capture payload schema/invariant enforcement (schema version, raw text bounds, actor-field rejection) and provenance linkage representation for capture item -> triage run -> proposal
-66. CAP-03 queue provenance fix delivery (`#202`):
-   - extended planner contract to support explicit source metadata (`sourceType`, `sourceReferenceId`, `correlationId`) with manual-safe defaults
-   - queue worker now stamps queue-origin proposals as `ProposalSourceType.Queue` instead of `Manual`
-   - queue item id is now forwarded as source-reference and correlation metadata for deterministic provenance traceability
-66. CAP-02 capture API slice delivery (`#201`):
-   - added authenticated `/api/capture/items` API surface for create/list/detail/ignore/cancel actions with claims-derived user scoping
-   - create endpoint now returns `201 Created` and persists capture payloads via queue-wrapper model (`LlmRequest` + `inbox.capture.v1`)
-   - list/detail contracts now enforce excerpt-only list payloads and detail-only full text visibility, with idempotent ignore/cancel action behavior and cross-user `403` vs true-missing `404` policy coverage
-67. CAP-04 triage enqueue + state transition delivery (`#203`):
-   - added authenticated triage enqueue endpoint: `POST /api/capture/items/{id}/triage` returning `202 Accepted`
-   - capture triage enqueue now returns deterministic triage state (`Triaging`) with explicit idempotent replay signaling (`AlreadyTriaging`)
-   - invalid-state transitions now return stable `Conflict` error-contract payloads, including ignored/cancelled capture items
-   - queue processing guardrails now skip pending capture request types (`inbox.capture.v1`) to preserve explicit triage-trigger semantics ahead of CAP-05 worker routing
-68. CAP-05 triage worker routing and proposal generation delivery (`#204`):
-   - queue worker now routes triaging capture items (`inbox.capture.*` + `Processing`) through a dedicated capture-triage pipeline rather than generic planner parsing
-   - deterministic extraction baseline now converts checklist/bullet/numbered capture content into proposal operations with stable idempotency keys
-   - triage pipeline now persists provenance linkage (`capture item -> triage run -> proposal`) on capture payloads and exposes `ProposalCreated` capture status once linked
-   - capture triage failure paths now return deterministic non-mutating outcomes (no direct board writes), with bounded retry behavior retained under worker policy
-69. CAP-06 strict triage contract + prompt versioning delivery (`#205`):
-   - added strict triage output contract (`capture-triage-output.v1`) with version + prompt invariants and explicit machine-readable schema file under `Taskdeck.Application/Schemas`
-   - triage proposal generation now validates structured output against schema constraints before creating proposals, with deterministic `ValidationError` outcomes on contract violations
-   - triage provenance persistence now includes `promptVersion` (`triage.v1`) for each successful triage run (`capture item -> triage run -> proposal`)
-   - added deterministic fixture-backed validation coverage (golden + negative cases for missing tasks, wrong prompt version, unknown properties)
-70. CAP-07 inbox frontend route/list/detail delivery (`#206`):
-   - added workspace inbox surface (`/workspace/inbox`) with shell navigation and router integration
-   - inbox list now renders excerpt-first capture summaries, while full raw capture text is fetched only on detail open
-   - inbox detail now supports deterministic ignore/cancel actions with refreshed capture state after mutation calls
-   - keyboard-first inbox navigation (`ArrowUp`/`ArrowDown`/`Enter`) plus escape-stack compliant detail close behavior is now covered by frontend regression tests
-71. CAP-08 capture modal + command palette/hotkey delivery (`#207`):
-   - added quick capture modal with keyboard-first submit (`Ctrl+Enter`) and deterministic close behavior
-   - command palette now includes explicit capture action command while preserving inbox navigation command access
-   - global quick capture hotkey (`Ctrl+Shift+C`) now opens capture modal from workspace shell contexts
-   - successful capture submission now routes directly to inbox and surfaces the new item in list state for immediate follow-through
-72. CAP-09 inbox triage trigger + proposal-linking UX delivery (`#208`):
-   - inbox detail now includes explicit triage enqueue action with deterministic in-progress/completion state handling
-   - capture detail contract now surfaces provenance linkage metadata (`capture item -> triage run -> proposal`) for UI consumers
-   - inbox detail now renders direct proposal review navigation when triage yields a linked proposal id
-   - frontend regression suite now covers triage action success/failure and proposal-link rendering paths
-73. CAP-10 card/proposal provenance UX delivery (`#209`):
-   - added card provenance API contract for capture-created cards (`GET /api/boards/{boardId}/cards/{cardId}/provenance`) with board-scope authz guardrails (`403` cross-user)
-   - capture triage create-card operations now persist deterministic card target ids so provenance lookup remains stable after proposal execution
-   - card modal now surfaces capture-origin marker, capture/proposal deep-links, proposal status, and triage-run metadata when provenance exists
-   - automations proposal surface now exposes capture-linked context (capture artifact link + triage-run reference), with frontend/backend regression coverage
-74. CAP-11 capture loop end-to-end regression delivery (`#210`):
-   - added dedicated Playwright regression (`tests/e2e/capture-loop.spec.ts`) for capture create -> triage -> proposal approve/execute -> card provenance verification
-   - end-to-end flow now validates proposal-first trust posture by asserting board mutation only after explicit proposal approval and execute action
-   - regression asserts resulting card provenance links (`Open Capture`, `Open Proposal`) and triage-run metadata visibility in card modal
-   - full Playwright suite now exercises capture-loop path by default to guard against cross-surface regressions
-75. CAP-12 canonical docs promotion delivery (`#211`):
-   - updated canonical docs (`docs/STATUS.md`, `docs/IMPLEMENTATION_MASTERPLAN.md`, `docs/TESTING_GUIDE.md`, `docs/MANUAL_TEST_CHECKLIST.md`) to represent capture MVP as shipped behavior
-   - moved capture validation language from planned-only posture to active regression posture in testing and manual guides
-   - marked original in-review capture pack READMEs as historical/stale after canonical promotion
-76. TST-17 drag/drop persistence regression coverage delivery (`#256`):
-   - `tests/e2e/smoke.spec.ts` now asserts card drag/move persistence after a full page reload by validating target-column presence and source-column absence post-refresh
-   - `tests/e2e/smoke.spec.ts` now asserts column reorder persistence after a full page reload using explicit ordered heading checks
-   - drag-handle safety coverage in smoke was hardened to use stable add-card control coordinates for non-handle drag attempts, reducing intermittent setup flake while preserving behavior assertions
-77. AUTO-03 provider-agnostic runtime delivery (`#232`):
-   - expanded runtime provider support to `OpenAI` + `Gemini` behind deterministic environment/config gates with explicit `Mock` fallback on invalid live-provider configuration
-   - added Gemini provider adapter (`generateContent`) and parity fallback behavior across success/failure/invalid-response/cancellation branches
-   - capture triage provenance now persists provider/model metadata (`provider`, `model`) alongside `promptVersion` for linked triage/proposal flows
-   - expanded regression coverage across selection policy, provider adapters, capture provenance surfaces, and API chat integration with non-mock provider stubs
-   - follow-on managed-key identity attribution baseline (`#236`) now threads server-derived attribution (`userId`, correlation ID, source surface, board/session scope) through chat/provider boundaries, persists attribution in capture provenance, and adds spoofing/propagation regression coverage
-78. INT-01 external import adapters foundation delivery (`#75`):
-   - added provider-registry external import orchestration (`IExternalImportAdapter`, `IExternalImportService`) so new providers can be added without core import-service rewrite
-   - shipped CSV adapter baseline with outreach-contact profile mapping and deterministic dedupe key ordering (`linkedin_url` -> `email` -> normalized `display_name+company`)
-   - added board-scoped authenticated import endpoint (`POST /api/boards/{boardId}/imports/external`) with dry-run/apply result contracts (`create/update/skip/conflicts`) and rollback-safe apply behavior
-   - added backend regression coverage for malformed CSV, duplicate input handling, deterministic upsert behavior, rollback safety, archived-board rejection behavior, and CSV payload/row guardrails, plus operator-facing mapping guidance in `docs/platform/IMPORT_ADAPTERS_GUIDE.md`
-79. INT-02 webhook integration security model delivery (`#76`):
-   - added board-scoped outbound webhook subscription and delivery contracts (`POST/GET/PATCH/DELETE /api/boards/{boardId}/webhooks`) with authz-safe ownership and revocation handling
-   - added mutation-event queueing and signed webhook dispatch (`X-Taskdeck-Webhook-*` headers) with HTTPS/default host safety checks and localhost gating controls
-   - added worker/runtime hardening for atomic claim/reload flow, non-success response retry scheduling, dead-letter terminal handling, and stale-processing recovery
-   - added backend regression coverage across domain/application/API/worker/repository webhook paths, including non-success dispatch retry/dead-letter branches
-80. API CORS development-origin configurability delivery:
-   - API CORS composition now keeps default localhost origins (`http://localhost:5173`, `http://localhost:5174`) as baseline behavior
-   - development fallback localhost origins (`http://localhost:4173`, `http://localhost:5001`) are now included so restricted local frontend-port runs remain preflight-safe
-   - development runtime now accepts additive allowed origins from configuration key `Cors:DevelopmentAllowedOrigins`
-   - API integration coverage now verifies both default-origin allowance and development-configured alternate-origin allowance via deterministic in-memory config overrides
-81. OPS-16 deployment/container hardening verification matrix delivery (`#142`):
-   - added deployment verification script (`scripts/deploy/Verify-TaskdeckDeploymentHardening.ps1`) covering secret-enforcement validation, reverse-proxy header checks, unauthorized-path checks, and startup/restart/shutdown reliability checks for the compose baseline
-   - added explicit pass/fail matrix doc (`docs/ops/DEPLOYMENT_HARDENING_MATRIX.md`) and linked it from deployment/testing docs for deterministic operator execution
-   - expanded manual checklist coverage for non-automatable deployment controls (backend exposure posture, edge TLS termination posture, host restart rehearsal expectations)
-82. PACK-07 warning-first starter-pack apply UX delivery (`#176`):
-   - starter-pack apply conflict contract now includes severity (`blocking`/`warning`) and controller conflict responses now hard-stop only on blocking conflicts
-   - starter-pack apply service now marks non-blocking seed-card skip paths as warnings and preserves apply success when only warnings exist
-   - starter-pack modal now shows explicit applied/skipped/blocked/warnings outcome summaries with warning-first messaging, and backend/frontend regression coverage now locks warning-vs-blocking behavior
-83. TST-18 Playwright frontend port-resolution hardening delivery:
-   - frontend E2E config now resolves fallback ports deterministically across Playwright runner and worker imports
-   - local runs (server reuse enabled) prefer identity-verified running Taskdeck frontend listeners before bind probes to prevent runner/worker drift (`4173` to `5001`)
-   - CI runs (server reuse disabled) prefer bindable ports first so stale listeners do not trigger `url is already used` startup failures
-   - fallback port selection now persists first resolution in-process (`TASKDECK_E2E_RESOLVED_FRONTEND_PORT`) so worker config imports do not diverge from runner webServer startup port
-   - local Windows E2E gate now re-verifies with `npx playwright test --reporter=line` using fallback path (`5173` -> `4173` -> `5001`)
-84. FE-13 local dev server startup hardening delivery:
-   - `npm run dev` now launches through a small Vite wrapper that auto-resolves restricted/unavailable local ports with fallback order `5173` -> `4173` -> `5001`
-   - wrapper now selects the first bindable candidate port and skips occupied candidates for new Vite processes, preventing strict-port startup failures on stale listeners
-   - wrapper now sets strict-port startup semantics by default, avoiding implicit Vite auto-increment drift when a requested port is occupied
-   - explicit local overrides remain supported (`--host`, `--port`, `TASKDECK_DEV_PORT`) for reproducible manual debugging
-   - manual local flows no longer require one-off fallback command rewrites when `localhost:5173` is blocked with `listen EACCES`
-85. OPS-19 container-image frontend dependency-policy unblock follow-through:
-   - frontend npm dependency graph now keeps `@microsoft/signalr` on its supported `ws@7.5.10` major line via a vendored local tarball dependency (`ws: file:vendor/ws-7.5.10.tgz`) so container `npm ci` no longer fetches blocked registry tarballs for that version
-   - frontend npm dependency graph now uses `p-limit@3.0.2` override (compatible with `p-locate@5`) to remove blocked `yocto-queue-0.1.0` fetches without cross-major override drift
-   - refreshed lockfile keeps container `npm ci` deterministic and unblocks `.github/workflows/reusable-container-images.yml` frontend build stage
-   - local Docker validation confirms `deploy/docker/frontend.Dockerfile` build-stage `npm ci` and `npm run build` both complete successfully with the override
-   - [Superseded by `#761` (dependency-overrides audit): vendor tarball `vendor/ws-7.5.10.tgz` removed; `ws` now declared as `^7.5.10` from the npm registry; `p-limit` override removed — npm naturally resolves `p-limit@3.1.0` (highest in the `^3.0.2` range required by `p-locate@5`); orphaned `COPY vendor/` Dockerfile step removed]
-86. OPS-20 role discoverability and permission-guidance delivery (`#179`):
-   - ops command permission failures now include current-role context, runnable-template fallback lists, and explicit next-step guidance to verify/request elevated access
-   - ops console now surfaces current role and runnable-template discoverability context up front, and restricted template selection now shows explicit role-based warnings before run attempts
-   - settings profile surface now includes role and ops-capability summaries, and operator/manual docs now codify the role-assignment workflow used for access elevation requests
-87. UX-11 archive lifecycle control refinement (`#177`):
-   - board settings lifecycle controls now use one explicit archive/restore action with deterministic confirmation messaging, replacing duplicate archive semantics in the same surface
-   - archive workspace now supports hiding archived boards from the default list, explicit hidden-board reveal (`Show Hidden Boards`), and reversible unhide actions for clearer long-tail archive management
-   - archive/frontend regression coverage now locks hidden-board visibility filtering behavior while API integration coverage locks archive/restore lifecycle transitions via board update contracts
-88. SEC-05 OWASP baseline hardening (`#80`, delivered):
-   - added API security-header middleware with explicit baseline headers (`Content-Security-Policy`, `X-Frame-Options`, `X-Content-Type-Options`, `Referrer-Policy`)
-   - added environment-aware HSTS behavior (enabled for HTTPS, disabled by default in development unless explicitly configured)
-   - added API integration coverage for header presence on success and auth-failure paths, plus HTTPS HSTS emission behavior in non-development hosting
-   - published `docs/security/SECURITY_OWASP_BASELINE.md` with CSRF posture, OWASP checklist, and tracked follow-up security gaps
-89. SEC-06 API rate-limiting and abuse-protection hardening (`#81`, delivered):
-   - added partitioned fixed-window rate limiter policies for auth (`AuthPerIp`), capture create/triage (`CaptureWritePerUser`), and hot/costly paths (`HotPathPerUser`)
-   - applied endpoint-level rate-limit policies across auth, capture, chat, and llm-queue write/stream surfaces
-   - standardized throttle response contract (`429` + `ApiErrorResponse`) with deterministic retry diagnostics headers (`Retry-After`, `X-RateLimit-Policy`)
-   - published operator tuning guidance and safe defaults in `docs/security/RATE_LIMITING_POLICY.md` with regression coverage for burst, reset-window recovery, and cross-user boundary behavior
-   - follow-through hardening now supports trusted forwarded-header processing via explicit proxy/network allowlists and configurable forwarded-hop depth (`ForwardedHeaders:ForwardLimit`), while preserving no-trust defaults when allowlists are unset and documenting emergency/rollback plus proxy-topology smoke checks
-90. TST-CODEX-01 to TST-CODEX-15 unit test coverage wave (`#415`–`#429`, PRs `#436`–`#448`):
-   - added frontend API/composable/store tests and backend domain entity/application service/API tests across 13 PRs
-   - adversarial review fixes for tautological assertions, missing guard branches, modifier-key coverage, and edge-case gaps
-91. Hotspot refactor and maintenance wave (PRs `#453`–`#456`):
-   - AGT-01 follow-up: `AgentRunRepository` now uses pure LINQ (removed `FromSqlInterpolated` raw-SQL SQLite branch)
-   - KNOW-01 follow-up: `KnowledgeChunkRepository` uses `ExecuteDeleteAsync`; FTS service uses uppercase GUID comparison, `int?` source-type, application-managed FTS sync via `UpdateFtsIndexAsync`/`DeleteFtsIndexAsync`, and `SanitizeFtsQuery` helper
-   - UI-01 follow-up: `design-tokens.css` accent colors DRY-refactored to `--_td-light-accent` variables
-   - TST-26 knowledge service test coverage: 32 new backend tests across chunk content, FTS sanitize, authorization, and API integration suites; EF Core migration with proper Designer snapshot; SQLite DateTimeOffset ORDER BY fix; FTS5 trigger-removal migration
-92. Security hardening wave (PRs `#457`–`#460`, `#466`):
-   - UI-03 primitive stack decision spike: `docs/analysis/ui-primitive-stack-decision-spike.md` selecting shadcn-vue (Reka UI base, copy-paste ownership, WAI-ARIA foundation)
-   - DOC-05 / SEC-17 managed-key usage policy: `docs/security/MANAGED_KEY_USAGE_POLICY.md` with fair-use limits, prohibited patterns, and enforcement ladder
-   - SEC-10 secrets/config management baseline: `docs/security/SECRETS_MANAGEMENT_BASELINE.md` with secret inventory + rotation runbooks; `deploy/docker-compose.yml` wired with LLM provider env vars
-   - SEC-19 incident response runbook + drills: `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` + `scripts/drills/` (5 failure-injection scripts + orchestrator); corrected identity-scope quarantine accuracy in self-review
-   - SEC-12 session-token storage hardening: centralized `utils/tokenStorage.ts` abstraction with `isValidJwtStructure` JSON-payload validation; tokenStorage migration across router/sessionStore; CSP `unsafe-inline` removed from `script-src`; session-token ADR at `docs/analysis/session-token-storage-adr.md`
-93. Frontend foundations wave (PRs `#461`–`#464`):
-   - ActivityView decomposition: ~735 → ~117 lines via `useActivityQuery` + `ActivitySelector` + `ActivityResults`
-   - PERF-08 latency budgets: `usePerformanceMark` composable; 16 lazy route imports; `docs/PERFORMANCE_BUDGETS.md` with 7 thresholds
-   - BoardView decomposition: ~771 → ~270 lines via `useBoardDragDrop` + `useBoardKeyboardNav` + 4 extracted components; `usePerformanceMark` integrated for board-load instrumentation
-   - UI-02 shared primitives foundation: 15 TdButton/TdInput/TdDialog/TdDropdown/TdTooltip/TdBadge/etc. components built on shadcn-vue/Reka UI with WAI-ARIA baseline
-94. Feature and security follow-through wave (PRs `#465`–`#471`):
-   - OUT-01 JSON manifest import tab: `StarterPackCatalogModal` gains JSON paste/file-upload with validate→dry-run→apply flow
-   - StarterPack service decomposition: `StarterPackManifestValidator` split into 4 focused validators/checkers
-   - SEC-18 abuse detection operator tooling + domain groundwork: `AbuseActor`/`AbuseEvent` entities, `AbuseDetectionService` with 4-state model; operator evaluation/quarantine API; live-traffic wiring is a follow-up slice
-   - ArchiveRecovery decomposition: `ArchiveRecoveryService` → `ArchiveConflictDetector` + `RestorePlanner` + `RestoreExecutor`
-   - AutomationExecutor decomposition: `AutomationExecutorService` → `OperationParameterParser` + `ExecutionAuditRecorder` + `OperationHandlerRegistry`
-   - Deploy/MCP failure injection drills: 5 shell drill scripts + `run-all-drills.sh` orchestrator in `scripts/drills/`
-95. OPS-18 dependency update automation and security triage workflow (`#148`):
-   - added `.github/dependabot.yml` with weekly update schedules for NuGet (`/backend`), npm (`/frontend/taskdeck-web`), and GitHub Actions (`/`) ecosystems
-   - minor/patch updates grouped per ecosystem; major NuGet/npm updates arrive as individual PRs; GitHub Actions updates fully grouped
-   - added `docs/ops/DEPENDENCY_UPDATE_POLICY.md` with update categories, PR verification expectations, severity-based triage SLAs, escalation procedures, and policy boundaries
-   - security triage workflow aligns with existing `docs/security/SECURITY_DEPENDENCY_VULNERABILITY_POLICY.md` severity policy; no auto-merge enabled
-96. OPS Windows Git resolution hardening (`#121`):
-   - added `scripts/check-git-env.sh` diagnostic script validating Git for Windows resolution (not Cygwin/MSYS2) and stale `.git/index.lock` detection with worktree awareness
-   - updated `CLAUDE.md` and `AGENTS.md` Windows Notes to reference the script and PATH remediation guidance
-97. TST-08 testing and hardening strategy analysis (`#143`):
-   - delivered `docs/analysis/2026-03-29_testing-hardening-strategy.md` with gap analysis across backend/frontend tests, CI, MCP, deployment, ops reliability, and security
-   - proposed 15 follow-up issues across 4 priority tiers with acceptance criteria and execution sequencing
-98. TST-25 headed manual-audit Playwright pack (`#369`):
-   - added `frontend/taskdeck-web/tests/e2e/manual-audit.spec.ts` covering core `Home -> Inbox/Capture -> Review -> Board` audit loop with 18 screenshots
-   - live LLM probes gated behind `TASKDECK_RUN_LIVE_LLM_TESTS` env var; CI exclusion via `TASKDECK_RUN_AUDIT` env var gate
-   - added `docs/testing/MANUAL_AUDIT_PACK.md` documenting usage vs stakeholder demo recorder vs default smoke
-99. TST-07 manual validation slice A — workspace shell, board lifecycle, and keyboard UX (`#130`):
-   - added `docs/testing/manual-validation-a-workspace-board-ux.md` with 22 step-indexed scenarios (A-01 to A-22)
-   - covers auth flows, shell navigation, board lifecycle, column/card/label operations, keyboard UX, escape behavior stack, and Today view
-100. TST-08 manual validation slice B — authz policy, cross-user isolation, and API error contracts (`#131`):
-    - added `docs/testing/manual-validation-b-authz-contracts.md` with 175 step-indexed checks (B-01 to B-175) covering all 28 controllers
-    - two-user fixture setup with curl-based bootstrap script; covers unauthenticated denial, cross-user board isolation, error payload contract verification
-101. AppShell premium reskin delivery (PR `#499`):
-    - shell sidebar, topbar, command palette, and keyboard help components reskinned from hardcoded Tailwind/rgba values to `--td-*` design token system
-    - added focus-visible accessibility rings throughout shell layer and glass morphism effects for visual coherence
-    - no behavior changes; purely CSS/token-based styling refactor
-102. Board/card surface polish delivery (PR `#501`):
-    - board canvas, toolbar, action rail, column lanes, and card components reskinned to design token system
-    - standardized card visual states (hover, focus, selected, disabled, dragging) with token-based styling
-    - fixed combined selected+focus-visible keyboard nav specificity conflict; replaced hardcoded font sizes with token references
-103. AGT-02 tool registry, policy evaluator, and first bounded template delivery (`#337`, PR `#502`):
-    - added domain primitives: `ToolScope`/`ToolRiskLevel` enums, `ITaskdeckTool`/`ITaskdeckToolRegistry` interfaces, `PolicyDecision` value object (AllowDirect/AllowWithReview/Deny factories)
-    - added `TaskdeckToolRegistry` (thread-safe ConcurrentDictionary, duplicate rejection, scope filtering) and `AgentPolicyEvaluator` (allowlist enforcement, risk-level gating with review-first defaults)
-    - added `InboxTriageAssistant` bounded template: gathers pending inbox items, routes through policy evaluator, creates proposals (never direct board mutations)
-    - DI registration: singleton tool registry with `inbox.triage` pre-registered, scoped policy evaluator and triage assistant
-    - 42 backend tests across registry, policy evaluation, and inbox triage assistant suites
-104. Demo director reporting, assertions, presets, and soak mode delivery (`#331`, PR `#500`):
-    - added named preset system (`demo-director-presets.mjs`) for common demo modes with override merging and runtime registration
-    - added trace assertion utilities (`demo-trace-assertions.mjs`) for exact/structural comparison plus step ordering validation
-    - added HTML report generator (`demo-report-html.mjs`) with inline styles, trace tables, pass/fail badges, and embedded base64 screenshots
-    - added soak mode (`demo-soak.mjs`) for long-run director scenario loops with configurable iteration counts, cooldown, and cumulative metrics
-    - 63 frontend tests covering presets, assertions, reports, soak mode, and integration pipeline
-105. Incident rehearsal and recovery program delivery (`#150`, PR `#503`):
-    - added `docs/ops/INCIDENT_REHEARSAL_CADENCE.md` with monthly lightweight + quarterly deep drill schedule and rotation model
-    - added `docs/ops/EVIDENCE_TEMPLATE.md` for standardized rehearsal outcome format with ISO 8601 timeline and bidirectional issue linking
-    - added `docs/ops/REHEARSAL_BACKOFF_RULES.md` with finding-to-issue workflow, severity labels (P1–P4), and SLA expectations
-    - added 4 rehearsal scenario templates (degraded-api-health, missing-telemetry-signal, mcp-server-startup-regression, deployment-readiness-failure)
-    - added first execution evidence at `docs/ops/rehearsals/2026-03-29_degraded-api-health.md`
-    - cross-linked from `TESTING_GUIDE.md` and `MANUAL_TEST_CHECKLIST.md`
-106. Chat-to-proposal NLP gap fix delivery (`#570`, PR `#602`):
-    - added `NaturalLanguageInstructionExtractor` to bridge intent classification-to-parsing gap (translates natural language into structured instructions the regex parser can consume)
-    - all three LLM providers (Mock, OpenAI, Gemini) now use the extractor as fallback when structured JSON extraction fails
-    - 38 unit tests for the extractor covering extraction patterns and edge cases
-107. Multi-instruction batch parsing delivery (`#574`, PR `#591`):
-    - added `ParseBatchInstructionAsync` to `IAutomationPlannerService` for splitting multiple natural-language instructions into individual planner calls
-    - `ChatService` now routes multi-instruction messages through batch parsing to generate multiple proposals from a single chat message
-    - backend + frontend tests for batch instruction parsing and ChatService integration
-108. Board-context LLM prompting delivery (`#575`, PR `#589`):
-    - added `BoardContextBuilder` to construct bounded board context (columns, card titles, labels) for LLM system prompts
-    - added `LlmSystemPromptBuilder` for centralized system prompt composition across providers
-    - OpenAI and Gemini providers now append board context via the builder; backend tests for builder and ChatService integration
-109. Board keyboard card movement delivery (`#248`, PR `#590`):
-    - added Alt+Arrow keyboard shortcuts for card movement within and across columns via `useBoardKeyboardNav` composable
-    - added move-to action menu on CardItem for click-based column moves with Escape handling and focus restoration
-    - extracted adjacent-column and reorder helpers from composable; added Card Movement section to keyboard help dialog
-    - frontend unit tests for keyboard movement, ColumnLane test prop fix, and coverage expansion
-110. Transcript capture source delivery (`#218`, PR `#592`):
-    - added `TranscriptFile` capture source with transcript-specific size limits to backend domain
-    - added transcript paste/file capture mode to CaptureModal frontend
-    - backend validation tests and frontend interaction tests
-111. Contact card YAML parser delivery (`#264`, PR `#588`):
-    - added `ContactCardYamlParser` with parse/serialize and field validation for card-first outreach CRM
-    - added `ContactCardFrontMatter` model with `YamlDotNet` dependency; static serializer/deserializer caching
-    - backend unit tests for parser
-112. Global search and quick-action launcher delivery (`#93`, PR `#603`):
-    - added `SearchService` and `GET /api/search?q=` endpoint for cross-board search respecting authorization boundaries
-    - enhanced `ShellCommandPalette` (Ctrl+K) with live search results (boards + cards) alongside command navigation
-    - added `searchApi` client, `useGlobalSearch` composable with 200ms debounce and abort-on-supersede
-    - frontend tests for composable and command palette search integration
-113. Developer portal and OpenAPI delivery (`#99`, PR `#605`):
-    - added OpenAPI annotations to 7 controllers (Boards, Cards, Columns, Capture, Chat, Auth, Webhooks) with `[ProducesResponseType]` and XML doc summaries
-    - enhanced Swagger configuration with API metadata, JWT Bearer security definition, and XML comment inclusion
-    - added developer portal docs (`docs/api/`): `QUICKSTART.md`, `AUTHENTICATION.md`, `BOARDS.md`, `CAPTURE.md`, `CHAT.md`, `WEBHOOKS.md`, `ERROR_CONTRACTS.md`
-    - added developer portal CI workflow and local OpenAPI export script
-114. SBOM and release provenance delivery (`#103`, PR `#606`):
-    - added reusable workflow for CycloneDX JSON SBOMs (backend + frontend) and SLSA v1-style build provenance manifest with SHA-256 checksums
-    - wired into `ci-release.yml` (replacing placeholder) and `release-security.yml`
-    - added documentation at `docs/ops/SBOM_RELEASE_PROVENANCE.md`; updated dependency vulnerability policy
-115. Batch triage and suggestion editing delivery (`#220`, PR `#607`):
-    - added `POST /api/capture/items/batch-triage` with per-item actions (triage/ignore/cancel), 200/207/422 response semantics, batch size limit (50), and duplicate ID rejection
-    - added `PUT /api/capture/items/{id}/suggestion` for editing capture text before triage with state-transition guards
-    - added multi-select checkboxes, select-all toggle, batch action bar, and inline suggestion editing in InboxView
-    - backend + frontend tests for batch triage and suggestion editing
-116. Property-based and fuzz testing pilot delivery (`#89`, PR `#601`):
-    - added FsCheck property-based testing packages to Domain and Application test projects
-    - added property-based tests for Board, Card, Column, Label entity invariants and AutomationProposal state machine invariants
-    - added fuzz tests for StarterPackManifestValidator input parsing, LlmIntentClassifier regex safety, and export/import DTO serialization roundtrip contracts
-117. Accessibility audit and WCAG remediation delivery (`#92`, PR `#604`):
-    - added accessibility foundation: skip-to-content link, `sr-only` utility class, `eslint-plugin-vuejs-accessibility` with tuned gradual-rollout rules
-    - WCAG improvements across BoardView, HomeView, TodayView, ReviewView, InboxView, CaptureModal, and ToastContainer (ARIA landmarks, roles, labels)
-    - added Playwright axe-core E2E tests for 6 core views (Home, Today, Inbox, Review, Boards, Login) plus skip-link verification
-    - `role=presentation` on virtual scroller wrappers for axe-core compliance
-118. Dependency update wave (PRs `#593`–`#600`):
-    - `@eslint/js` 9.39.4 → 10.0.1 (with ESLint v10 rule violation fixes)
-    - `@types/node` 24.10.1 → 25.5.0
-    - GitHub Actions group bump (5 updates)
-    - `Microsoft.NET.Test.Sdk` 17.14.1 → 18.3.0
-    - `Swashbuckle.AspNetCore` 6.9.0 → 10.1.7 (with OpenApi v2.x compatibility fix)
-    - `Microsoft.IdentityModel.Tokens` and `System.IdentityModel.Tokens.Jwt` upgraded to 8.17.0
-    - `xunit.runner.visualstudio` 2.8.2 → 3.1.5
-119. LLM tool-calling spike completion (`#618`, 2026-04-01):
-    - completed architecture document at `docs/spikes/SPIKE_618_COMPLETED.md` (1,014 lines, 13 sections)
-    - decided: custom implementation over Semantic Kernel (~800 LOC, zero new dependencies); SK's Gemini connector is alpha-quality with known function-calling bugs, and SK auto-invokes functions conflicting with GP-06
-    - decided: extend `ILlmProvider` with `CompleteWithToolsAsync()` — incremental, no breaking changes to existing non-tool-calling flow
-    - decided: 11 tools total (5 read + 6 write); reads execute directly, writes always produce proposals via `propose_*` prefix
-    - decided: new `ToolCallingChatOrchestrator` wraps `ChatService` with multi-turn loop (max 5 rounds, 60s total timeout, SignalR intermediate states)
-    - decided: Mock provider uses pattern-matching dispatch table for deterministic tool-call simulation
-    - cost model: ~$0.00088 per 3-round conversation on GPT-4o-mini (2-3x static context but unlocks dynamic board querying)
-    - implementation tracker: `#647`; phase issues: `#649` (read tools + orchestrator), `#650` (write tools + proposals), `#651` (refinements)
-120. MCP server spike completion (`#619`, 2026-04-01):
-    - completed architecture document at `docs/spikes/SPIKE_619_COMPLETED.md` (1,374 lines, 16 sections + 2 appendices)
-    - decided: official MCP C# SDK (`ModelContextProtocol` v1.2.0, co-maintained by Microsoft, 4.2k stars, .NET 8 native)
-    - decided: embedded in API process with `--mcp` startup flag for stdio mode; HTTP alongside REST on same Kestrel instance
-    - decided: stdio transport first (Claude Code/Cursor local dev), Streamable HTTP added in Phase 3 for cloud/remote
-    - decided: 9 resources under `taskdeck://` URI scheme, 9 tools (2 read + 5 write + 2 proposal management); `approve_proposal` intentionally excluded (GP-06)
-    - decided: API key auth (`tdsk_` prefix, SHA-256 hashed, user-bound) for HTTP transport; OAuth 2.1 deferred to Phase 4
-    - decided: write tools return proposal IDs immediately; users approve in web UI; agents poll via `get_proposal_status`
-    - implementation tracker: `#648`; phase issues: `#652` (minimal prototype), `#653` (full inventory), `#654` (HTTP + auth), `#655` (production hardening, deferred)
-121. SQL-level board metrics filtering delivery (`#675`/`#724`, 2026-04-03):
-    - added dedicated repository methods (`GetForMetricsAsync`, `CountCardsByColumnAsync`, `GetBlockedByBoardIdAsync`) for SQL-level filtering instead of in-memory post-fetch filtering
-    - `BoardMetricsService` now delegates filtering to SQL queries for scalability on large boards
-    - frontend `Math.max(...spread)` replaced with `reduce` for empty-array safety
-122. Double LLM call elimination delivery (`#672`/`#727`, 2026-04-03):
-    - `ChatService` now reuses the orchestrator's text response when no tools are called instead of making a second LLM completion request
-    - halves latency for non-tool chat messages with no behavior change for tool-calling flows
-123. JWT invalidation hardening delivery (`#671`/`#728`, 2026-04-03):
-    - added `ActiveUserValidationMiddleware` that checks user active status on every authenticated request with 30-second in-memory cache
-    - cache invalidated on user deletion/deactivation so stale JWTs are rejected within seconds
-    - complements the `TokenValidationMiddleware` (PR `#698`) with runtime active-user enforcement
-124. Expired proposal review UX delivery (`#678`+`#690`/`#729`, 2026-04-03):
-    - added `IsExpired` flag on `ProposalDto` and domain `CanBeDismissed` method
-    - expired proposals in Review now show distinct "Expired" status badge with dismiss action and explanatory notice
-    - Apply/Approve buttons disabled for expired proposals; 60-second reactive clock covers proposals expiring while page is open
-125. Infrastructure repository integration tests delivery (`#699`/`#730`, 2026-04-03):
-    - added 77 integration tests across 7 repository classes running against real SQLite
-    - found and fixed a real `LlmQueueRepository` ordering bug during test development
-    - first delivery from the rigorous test expansion wave (`#721`)
-126. LLM write tools and proposal integration delivery (`#650`/`#731`, 2026-04-03):
-    - added 6 write tool executors (`propose_create`, `propose_move`, `propose_archive`, `propose_update`, `propose_bulk_move`, `propose_create_column`) in Application layer
-    - added EF migration for `ToolCallMetadataJson` field on proposals for tool-call provenance
-    - orchestrator now serves 11 tools (5 read + 6 write); writes always produce proposals per GP-06
-    - frontend tool-status indicators show write-tool progress via SignalR `ToolStatusEvent`
-127. Rigorous test expansion wave 2 delivery (PRs `#740`–`#755`, 2026-04-04):
-    - 8 issues from `#721` tracker, ~586 new tests with two rounds of adversarial review (47 review-fix commits)
-    - domain entity state machine exhaustive tests (`#701`/`#740`): 174 tests across 7 entities (CommandRun, ArchiveItem, ChatSession, UserPreference, NotificationPreference, CardLabel, CardCommentMention)
-    - SignalR hub and realtime integration tests (`#706`/`#751`): 19 tests covering auth, presence, multi-user, authorization, edge cases; review fixed false-positive auth tests and resource leaks
-    - LLM provider and tool-calling edge cases (`#709`/`#747`): 101 tests across orchestrator, provider, classifier, registry; review added loop detection and registry edge cases
-    - data export/import round-trip integrity tests (`#713`/`#752`): 64 tests covering JSON, CSV, GDPR, database, cross-format validation
-    - API error contract regression tests (`#714`/`#753`): 57 tests across 7 endpoint families with GP-03 contract enforcement; review fixed 12 weak 404 assertions and 2 false-positive contract tests
-    - archive and restore lifecycle tests (`#715`/`#755`): 74 tests (45 domain + 29 API) covering state machine, cross-user isolation, conflict detection, audit trail
-    - board metrics accuracy verification tests (`#718`/`#749`): 61 tests (51 service + 10 controller) for throughput, cycle time, WIP, blocked cards, done-column heuristic
-    - notification delivery integration tests (`#719`/`#746`): 36 tests covering all 5 notification types, deduplication, preference filtering, cross-user isolation, batch operations
-    - wave progress: 15 of 22 `#721` issues now delivered (~886 new tests total); 7 issues remain open
-128. Post-adversarial-review hardening and test expansion (PRs `#741`–`#756`, 2026-04-04):
-    - 9 issues from `#721` tracker plus product telemetry taxonomy, two bug fixes, and six frontend regression test additions
-    - product telemetry taxonomy delivered (`#341`/`#741`): `docs/product/TELEMETRY_TAXONOMY.md` with 35+ named events, privacy-first bucketing, and R1/R2/R3 launch gate anchors; opt-in, not yet implemented
-    - board header presence label bug fixed (`#683`/`#744`): username/email flip resolved with `normalizePresenceMembers()` in `BoardView.vue`; adversarial review confirmed no edge cases; 3 new tests
-    - manual card provenance empty state fixed (`#680`/`#754`): 3 bugs caught and fixed by adversarial review (overly broad 404 swallow, global Axios log regression, empty-state flash); `CardModal.vue` now shows "No capture provenance available." correctly; 4 new tests
-    - WIP-limit toast dedup regression tests (`#686`/`#745`): 7 tests in `boardStore.wipLimit.spec.ts` for `createCard` and `moveCard`
-    - auth-flow toast lifecycle tests (`#685`/`#742`): 20 tests in `sessionStore.authToast.spec.ts`; adversarial review fixed timer leak, mock isolation, inverted assertion
-    - router auth guard + workspace stability tests (`#687`/`#748`): `authGuard.spec.ts` and `workspaceRouteStability.spec.ts` with 16-case exhaustive guard table; pre-existing `AuthControllerEdgeCaseTests.cs` compile error fixed
-    - inbox triage action visibility tests (`#688`/`#743`): 21 new tests in `InboxView.spec.ts` for single-item triage and bulk action bar visibility
-    - webhook HMAC verification tests (`#726`/`#750`): 11 tests in `OutboundWebhookHmacDeliveryTests.cs` for header format, round-trip, wrong-key, secret rotation, timing-safe comparison
-    - webhook delivery reliability + SSRF boundary tests (`#710`/`#756`): 78 total webhook tests across 9 files; SSRF coverage via `OutboundWebhookEndpointGuardTests` for private IP ranges; retry/backoff/dead-letter reliability; `HttpClient` resource leak fixed in tests
-    - TST-32–TST-57 wave progress updated: 17 of 25 issues now delivered; remaining open: `#705`, `#711`, `#712`, `#716`, `#717`, `#720`, `#723`, `#725`; frontend suite at 1592 passing (up from 1496)
-129. Dependency hygiene, accessibility, tool-calling refinements, streaming, and test coverage wave (PRs `#771`–`#779`, 2026-04-04):
-    - vendored dependency cleanup (`#761`/`#771`): removed `vendor/ws-7.5.10.tgz` and orphaned Dockerfile `COPY vendor/` line; `ws` resolves from registry as `^7.5.10`; no-op `p-limit` override removed; adversarial review updated stale STATUS.md/MASTERPLAN docs references
-    - accessibility lint remediation (`#762`/`#779`): 105 warnings → 0; form label associations, keyboard event companions, ARIA modal/backdrop attributes, `--max-warnings 20` CI threshold; adversarial review fixed 2 CI regressions (TdTooltip Fragment, role="option" tabindex violation); 2 non-blocking ARIA follow-up items filed
-    - tool-calling Phase 3 refinements (`#651`/`#773`): `LlmToolCallingSettings` with `Enabled`/`MaxToolResultBytes` config keys; `ChatService` bypasses orchestrator when disabled; `TruncateToolResult` binary-search UTF-8 byte budget; cost tracking DI wiring completed; 17 new tests (2 added by adversarial review fixing byte-budget contract bug and replacing O(n) loop)
-    - export streaming (`#670`/`#774`): `GET /api/account/export/stream` streams via `Utf8JsonWriter`; `CountBySessionIdsAsync` GROUP BY fixes N+1; 500-session batch respects SQLite 999-param limit; 15 tests; adversarial review fixed `ToErrorActionResult()` crash after `Response.HasStarted`
-    - frontend view vitest coverage (`#716`/`#775`): 83 tests across 6 views (LoginView, RegisterView, BoardsListView, ExportImportView, SavedViewsView, DevToolsView); adversarial review fixed 3 ESLint errors (CI blocker) and added 3 OAuth callback path tests
-    - Pinia store integration tests (`#711`/`#777`): 91 tests across 6 stores mocking HTTP layer; covers #508/#509 regressions; adversarial review fixed timer leak, microtask drain, and 4 type-bypass casts
-    - resilience/degraded-mode tests (`#720`/`#778`): 34 tests (18 backend + 16 frontend); adversarial review fixed CI blocker (unused import), double-invocation anti-pattern, and timing race
-    - E2E error state expansion (`#712`/`#772`): 25 Playwright scenarios across 3 spec files using `page.route()` interception; adversarial review fixed CI blocker (unused import), route glob, and 3 vacuous assertions
-    - TST-32–TST-57 wave: 23 of 25 issues now delivered (added `#723`/`#769` and `#725`/`#765` from parallel wave); remaining open: `#705`, `#717`; frontend suite ~1734 passing
+# Taskdeck Implementation Masterplan
+
+Last Updated: 2026-04-09
+<br>
+Planning Horizon: Next 8 to 12 weeks
+Companion Active Docs:
+- `docs/STATUS.md`
+- `docs/IMPLEMENTATION_MASTERPLAN.md`
+- `docs/TESTING_GUIDE.md`
+- `docs/MANUAL_TEST_CHECKLIST.md`
+- `docs/GOLDEN_PRINCIPLES.md`
+
+## Purpose
+
+This is the active execution guide for sequencing past, current, and future implementation.
+`docs/STATUS.md` is authoritative for current shipped reality; this document tracks delivery history, planned work, roadmap sequencing, and strategic intentions.
+Update this file at the end of each meaningful delivery cycle or when new work is seeded.
+
+## Planning Principles
+
+- `docs/STATUS.md` is authoritative for current shipped reality.
+- Product north star: make capture nearly free and keep automation safe through review-first proposals.
+- Product legibility is now the immediate product focus: the app should explain its core loop from inside the UI, not mainly through docs and demo scripts.
+- For near-horizon demo work, prefer packaging the shipped capture/review/board substrate into stakeholder-legible business workflows instead of reopening broad architecture.
+- Prefer finishing cross-cutting consistency work before adding new surface area.
+- Security and identity convergence remains the highest-priority engineering track.
+- Cross-user existence policy is fixed: return `403` for authenticated-but-unauthorized access and `404` for true missing resources.
+- Automation remains proposal-first and review-first by default.
+- Do not claim or ship silent/destructive autonomy by default; trust posture takes precedence over convenience.
+- MVP should include a dogfooding workflow: paste structured plan text in chat and bootstrap a board/project from approved proposals.
+- UX investments should be modular and reusable (keyboard-first, discoverable selectors, shared input-assist patterns).
+- Use `docs/InReview/MVP_EXPANSION/MINIMAL/` as the near-horizon execution filter and `docs/InReview/MVP_EXPANSION/EXPANDED/` as the staged roadmap reference.
+- Do not add major new surface breadth ahead of `Home` / `Today` / `Review` productization unless the work closes a real trust, safety, or operability gap.
+- Agent, knowledge, and integrations expansion stay sequenced behind novice-first productization even though their longer-term architecture is now clearer.
+- Every issue must carry exactly one priority label (`Priority I` through `Priority V`).
+- Out-of-code and configuration work (containerization, deployment, security posture, observability, DR) must be tracked as first-class backlog items.
+
+## Current Cycle Outcome (Completed)
+
+Delivered in the latest cycle:
+1. Backend advanced slices completed: automation proposals/executor, archive recovery, chat, ops/logs, workers/health.
+2. Frontend advanced views integrated: automations/chat/ops/archive and supporting APIs/types.
+3. Maintainability refactor delivered (PR #23):
+   - backend shared error contracts/mapping and authenticated-user controller base
+   - frontend shared query-string and error-message utilities
+4. CI hardening follow-up delivered:
+   - workflow concurrency cancellation
+   - frontend typecheck/build parity in CI
+   - NuGet/Playwright caching and richer failure artifacts (TRX/JUnit uploads)
+5. Mechanical invariants delivered:
+   - docs governance CI checks (`scripts/check-docs-governance.mjs`, `scripts/check-github-ops-governance.mjs`)
+   - architecture boundary test project (`Taskdeck.Architecture.Tests`)
+6. Security/observability slice delivered:
+   - boards controller family retrofitted to claims-first authz
+   - API authz harness helpers for 401/403/cross-user assertions
+   - request correlation middleware + Ops CLI correlation propagation
+   - timing/result diagnostics for log query and automation execution paths
+7. Test surface expanded and verified:
+   - Backend: 1975+ passing (property-based and fuzz tests added via FsCheck)
+   - Frontend unit: 1491+ passing (134+ test files; batch triage, search, accessibility tests added)
+   - Default Playwright regression lane: 24+ passing (accessibility axe-core E2E added; `stakeholder-demo.spec.ts` remains opt-in/skipped by default)
+8. Documentation consolidation retained:
+   - active docs remain focused at `docs/` root
+   - detail packs/audits archived under `docs/archive/2026-02-13_phase4-doc-consolidation/`
+9. Wave P docs/help follow-through delivered:
+   - `docs/START_HERE.md` now matches the shipped `Home` / `Today` / `Inbox` / `Review` / `Boards` shell
+   - `docs/USER_MANUAL.md` now acts as the shipped-product manual index for the novice-first shell
+   - `docs/manual/README.md`, `docs/manual/*`, and the new product help guides now carry the chaptered workflow, FAQ, troubleshooting, and help-center follow-through without pretending later `Agents` / `Integrations` breadth is already shipped
+   - `docs/INDEX.md` and `docs/product/README.md` now make the root-doc, manual-chapter, and product-help split explicit
+10. Stage 0 governance follow-through:
+   - active docs cross-link/date-stamp freeze completed for canonical docs
+   - project safety view standardized as `No Status` (`no:status`)
+   - weekly backlog seeding cadence and RC hard-gate policy documented in active ops docs
+11. Security convergence progress:
+   - `[Authorize]` enforced across remaining legacy controller families
+   - claims-first identity retrofit delivered for columns/cards/labels/export/queue/board-access
+   - caller-supplied actor query/body IDs removed from those controller families
+   - API integration suite expanded for legacy unauthorized/forbidden/cross-user regression checks
+   - API integration suite expanded for legacy unauthorized-path regression checks
+12. Frontend runtime alignment:
+   - added a lightweight static UI mock at `frontend/taskdeck-web/public/mock/` so the current product shell and key surfaces can be previewed from local example data without backend/runtime setup
+   - added a dedicated GitHub Pages Actions workflow that publishes `frontend/taskdeck-web/public/mock/` directly as the Pages site root, replacing the earlier branch-based `main` + `/docs` publish path
+   - CI and local developer baseline pinned to Node 24.13.1 (LTS) to match Vite 7 engine constraints
+13. Security convergence completion for remaining legacy families:
+   - audit controller now derives actor identity from claims for user-history and board-history access checks
+   - users controller now enforces self-scope for read/update/activate/deactivate profile actions
+   - audit frontend flow moved from user-id route calls to `/audit/users/me`
+14. SEC-03 regression matrix delivery:
+   - added explicit API integration matrix assertions for protected legacy + advanced routes
+   - expanded policy coverage for `401` unauthenticated, `403` cross-user unauthorized, and `404` true missing resources
+15. SEC-04 API error-contract assertions delivery:
+   - middleware-level JWT challenge/forbidden responses now emit stable `ApiErrorResponse` payloads
+   - API integration assertions now explicitly enforce auth and validation error-contract shape stability
+16. UX-01 archive lifecycle coherence delivery:
+   - board settings archive action now reflects soft-delete semantics (reversible archive, not permanent deletion)
+   - archive workspace now surfaces archived boards and supports restore via board lifecycle API flow
+   - API integration roundtrip coverage added for archive-to-restore board lifecycle behavior
+17. UX-02 drag/edit interaction safety guardrails delivery:
+   - card and column drag now requires explicit drag handles
+   - non-handle drag gestures are ignored to prevent accidental movement during adjacent edit interactions
+   - frontend unit + E2E coverage added for handle-only drag behavior and conflict paths
+18. UX-03 command palette keyboard model delivery:
+   - command palette now supports keyboard-first filtering, item selection, and activation
+   - shell interactions preserve deterministic close behavior (`Escape`) and focus handling
+   - frontend unit + E2E coverage added for command palette keyboard navigation and activation
+19. UX-04 activity selector discoverability delivery:
+   - activity workflows now prioritize selector-first board/entity/user discovery instead of raw ID-first entry
+   - board/entity selection now includes discoverable context and ID reveal/copy affordance
+   - frontend unit + E2E coverage added for selector-based activity navigation and fetch flows
+20. UX-04 shared input-assist scaffolding delivery:
+   - shared input-assist combobox/listbox component added for reusable suggestion and keyboard-selection behavior
+   - ops CLI template selection now uses input-assist with discoverable template metadata
+   - automation chat board targeting now uses input-assist board suggestions with keyboard-first interactions
+21. UX-05 escape behavior contract delivery:
+   - workspace and board escape handling now follows a top-surface-first contract via shared escape-stack handling
+   - board routes now exit to `/workspace/boards` when no transient surface is open
+   - unit + E2E regression coverage validates escape ordering and board-exit behavior
+22. AUTO-01 real-provider strategy delivery:
+   - `ILlmProvider` selection now follows deterministic environment-aware policy evaluation (`Mock` vs `OpenAI`)
+   - live provider usage is explicitly gated by config (`EnableLiveProviders`, provider mode, development override guard)
+   - OpenAI provider path and policy constraints are test-backed while preserving proposal-first chat flow semantics
+23. AUTO-02 planner/executor hardening delivery:
+   - planner instruction coverage now includes deterministic board/column intents (rename/archive/unarchive/reorder) with explicit board/position validation
+   - executor operation parameter parsing now fails with deterministic validation errors instead of exception-driven fallbacks
+   - partial-failure behavior is test-backed as transactional rollback + proposal failure status update with actionable operation-sequenced reasoning and improved audit entity attribution
+24. MVP-01 chat-to-project bootstrap delivery:
+   - chat now supports canonical Markdown checklist ingestion and proposal-first bootstrap operation generation for board-scoped sessions
+   - proposal review remains mandatory, with chat exposing one-click approve + execute action for generated checklist bootstrap proposals
+   - backend + API + frontend tests cover canonical happy path and key checklist parse/validation failures
+25. PACK-01 starter-pack manifest foundation delivery:
+   - added a versioned starter-pack manifest contract (`schemaVersion` `1.0`) for labels, columns, templates, and seed cards
+   - added deterministic backend parsing/validation service with explicit compatibility and cross-reference constraints
+   - added dedicated application tests covering canonical success + key parse/validation failure paths
+26. PACK-01 null-collection hardening follow-up:
+   - manifest validation now handles explicit JSON `null` collections deterministically (array-shape errors instead of null-reference exceptions)
+   - nested collection paths (`compatibility.requiredFeatures`, template checklists, seed-card labels) are now null-safe and regression-tested
+27. PACK-02 starter-pack apply backend delivery:
+   - added authenticated board-scoped apply endpoint: `POST /api/boards/{boardId}/starter-packs/apply`
+   - delivered idempotent apply semantics with dry-run actionable conflict reporting for labels/columns/seed-card references
+   - added API integration coverage for apply success, re-apply idempotency, dry-run conflict report, and non-dry-run conflict response
+28. PACK-03 starter-pack frontend catalog delivery:
+   - added board-level starter pack catalog UI with search/filter and manifest preview details
+   - integrated dry-run preview and one-click apply flow against the backend apply endpoint
+   - added frontend API + component interaction tests for preview/apply/conflict/empty states
+29. PACK-04 first-party starter packs v1 delivery:
+   - added API-backed first-party starter-pack catalog endpoint: `GET /api/boards/{boardId}/starter-packs/catalog`
+   - shipped first-party pack coverage for common labels, common column flow, and 3 board blueprints
+   - added backend/frontend tests for catalog availability, pack-category coverage, and manifest validity
+30. PACK-05 deterministic fixture packs delivery:
+   - added Playwright starter-pack fixture bootstrap helper flow for manifest-backed deterministic board-state setup
+   - shipped deterministic fixture manifests for `small`, `medium`, and `edge` scenarios
+   - added dedicated E2E coverage for fixture bootstrap success and conflict dry-run paths
+31. DEBT-01 nullability reduction delivery:
+   - eliminated current domain `CS8618` warnings by applying EF-safe non-null default initialization patterns
+   - validated no behavior regressions via full backend solution test pass
+32. DEBT-02 log-query scalability pass delivery:
+   - replaced broad in-memory log composition with repository-filtered query paths
+   - removed command-run log query N+1 pattern by introducing direct filtered log querying with run correlation/user projection
+   - validated logs API contract behavior and full backend regression suite pass
+33. DEBT-03 database export/import delivery:
+   - added authenticated database export/import API routes (`GET /api/export/database`, `POST /api/import/database`)
+   - implemented minimal-safe SQLite file export/import with Development-sandbox gating, payload signature/size validation, and backup-restore fallback on file replacement failure
+   - added application and API integration coverage for auth, sandbox gating, and import validation paths
+34. COL-01 realtime board updates delivery:
+   - added SignalR `BoardsHub` with claims-derived board subscription authz checks and board-scoped group subscriptions
+   - added application-layer board mutation notifications for board/card/column/label writes and wired hub fan-out notifier in API composition root
+   - integrated frontend board realtime lifecycle (join/switch/leave/reconnect) with websocket-unavailable polling fallback and expanded API/unit/E2E regression coverage
+35. OBS-01 observability baseline delivery:
+   - added OpenTelemetry startup wiring for ASP.NET + HttpClient instrumentation with Taskdeck custom activity source and meter registration
+   - added worker/queue/heartbeat telemetry emission with stable metric names and dimension keys
+   - added correlation ID propagation into trace tags plus a versioned observability baseline runbook with dashboard/alert/smoke-verification guidance
+36. OPS-07 containerized deployment baseline delivery:
+   - added production-oriented backend/frontend Dockerfiles and compose profile with reverse-proxy entrypoint
+   - added proxy compression + forwarded-header/security-header posture and staging/local deployment runbook
+   - added CI container image build/export artifacts with reproducible compose render checksums
+37. Developer MCP tooling posture expansion:
+   - enabled a broader Docker Marketplace MCP server bundle (SQLite, JetBrains, Postman candidate, OpenAPI, filesystem, terraform, time, etc.)
+   - stabilized default Docker gateway server set for Codex project config to avoid secret-gated startup failures while preserving optional integrations
+   - documented setup/credential expectations in `docs/MCP_TOOLING_GUIDE.md`
+38. MCP operations workflow integration:
+   - added operator runbook (`docs/tooling/MCP_OPERATIONS_RUNBOOK.md`) covering credential setup, validation, troubleshooting, and recurring checklists
+   - added helper scripts to wire credential-gated Docker MCP servers and verify baseline/optional MCP dry-run paths
+   - integrated MCP operations checks into active testing guidance
+39. TST-07 MCP smoke/regression harness delivery:
+   - enhanced MCP profile validation script with optional-server prerequisite diagnostics (missing secret/config classification)
+   - codified strict/warning/skip behavior for optional integrations and documented CI-friendly command patterns
+   - added deterministic CI status output contract (`PASS`, `PASS_WITH_WARNINGS`, `FAIL`) for MCP profile validation flows
+40. OPS-19 CI topology first-pass delivery:
+   - migrated required CI entrypoint from `.github/workflows/ci.yml` to `.github/workflows/ci-required.yml` with equivalent gate behavior
+   - extracted docs governance lane into reusable workflow `.github/workflows/reusable-docs-governance.yml` as baseline for incremental workflow decomposition
+41. OPS-19 CI topology second-pass delivery:
+   - extracted backend architecture lane into reusable workflow `.github/workflows/reusable-backend-architecture.yml` and routed `ci-required.yml` through it
+   - extracted frontend unit lane into reusable workflow `.github/workflows/reusable-frontend-unit.yml` (preserving Ubuntu/Windows matrix behavior) and routed `ci-required.yml` through it
+42. OPS-19 CI topology API-integration extraction delivery:
+   - extracted API integration lane into reusable workflow `.github/workflows/reusable-api-integration.yml` and routed `ci-required.yml` through it (preserving Ubuntu/Windows matrix behavior)
+43. OPS-19 CI topology third-pass delivery:
+   - added `merge_group` trigger parity to `.github/workflows/ci-required.yml` to align merge-queue required-check execution with PR/push paths
+44. OPS-19 CI topology fourth-pass delivery:
+   - extracted backend unit lane into reusable workflow `.github/workflows/reusable-backend-unit.yml` (preserving Ubuntu/Windows matrix behavior and domain/application/CLI split coverage)
+   - routed `.github/workflows/ci-required.yml` through the reusable backend unit lane
+45. OPS-19 CI topology fifth-pass delivery:
+   - extracted container image lane into reusable workflow `.github/workflows/reusable-container-images.yml` and routed `ci-required.yml` through it
+   - extracted E2E smoke lane into reusable workflow `.github/workflows/reusable-e2e-smoke.yml` and routed `ci-required.yml` through it while preserving required-gate dependency ordering and artifact upload behavior
+45. SEC-11 cross-user convergence progress (`#152`):
+   - automation proposal lifecycle endpoints now enforce proposal-scope authorization (`get/approve/reject/execute/diff`) via board read/write permission or requester-only fallback for user-scoped proposals
+   - API integration authz matrix expanded for additional protected automation/logs/starter-pack routes with `401` assertions, plus focused `403` and `404` regression tests for proposal, logs correlation, and starter-pack apply paths
+46. AUTH-06 register/login hardening progress (`#174`):
+   - login flow now avoids inactive-candidate short-circuit lockout in identifier-collision paths by preferring active password matches before returning inactive-account errors
+   - duplicate registration now returns actionable conflict guidance to steer users toward existing-account sign-in
+   - regression coverage added for duplicate-register-then-login success sequence and explicit invalid-credentials (`401`) vs inactive-account (`403`) API contract behavior, with frontend session-flow regression for non-poisoned post-error login
+47. SEC-11 archive authorization follow-through (`#152`):
+   - archive list/detail/entity-lookup read paths now require caller board-read permission and return deterministic `Forbidden` payloads for cross-user unauthorized access
+   - board-filtered archive queries now fail fast with `403` when caller cannot read the target board, while preserving `404` for true missing archive resources
+   - regression coverage expanded in application and API integration suites for archive authorization enforcement and board cross-user policy behavior
+48. SEC-11 audit entity-history authorization follow-through (`#152`):
+   - `GET /api/audit/entities/{entityType}/{entityId}` now resolves board-scoped entities (`Board`, `Column`, `Card`, `Label`) before querying history and enforces caller board-read permissions
+   - endpoint semantics now align to policy for entity history requests (`403` for authenticated cross-user unauthorized access, `404` for true missing board-scoped entities)
+   - API integration coverage expanded in `AuditApiTests` and `AuthzRegressionMatrixApiTests` to lock unauthorized/cross-user/missing-resource behavior
+49. OPS-19 CI topology sixth-pass progress (`#168`):
+   - added non-blocking CI orchestrator (`.github/workflows/ci-extended.yml`) with actionlint + dependency-review lanes and opt-in (`testing` label/manual) backend/E2E regression jobs
+   - added scheduled/manual nightly orchestrator (`.github/workflows/ci-nightly.yml`) for backend solution regression, E2E regression, and container-image regression
+   - added release/security orchestrator (`.github/workflows/release-security.yml`) with dependency inventory/vulnerability reporting artifacts and explicit SBOM/provenance follow-through mapping to `#103`
+   - added reusable full backend regression lane (`.github/workflows/reusable-backend-solution.yml`) to avoid orchestration-layer command duplication
+50. OPS-19 CI topology completion (`#168`):
+   - added `ci-release.yml` release build-verification lane with SBOM/provenance placeholder, container image artifact lane
+   - added comprehensive workflow topology documentation to `ci-required.yml` header comment mapping all orchestrators and reusable workflows
+   - added topology reference comments to `ci-extended.yml`, `ci-nightly.yml`, `nightly-quality.yml`, and `release-security.yml`
+   - added `CODEOWNERS` file for `.github/workflows/`, issue templates, PR template, and governance scripts
+   - updated CI Status section in `docs/STATUS.md` to reflect the complete topology including `ci-release.yml` and `nightly-quality.yml`
+51. SEC-11 LLM queue board-scope authorization follow-through (`#152`):
+   - `POST /api/llm-queue` now enforces board-read authorization when `boardId` is supplied
+   - queue creation now aligns to policy (`403` for authenticated cross-user unauthorized board access, `404` for true missing boards)
+   - regression coverage expanded in `LlmQueueServiceTests`, `LlmQueueApiTests`, and `AuthzRegressionMatrixApiTests`
+52. SEC-11 API regression coverage final sweep (`#152`):
+   - expanded cross-user `403` coverage for board update and board-access management (`list/grant/update/revoke`)
+   - expanded chat authorization coverage for cross-user forbidden access and true-missing session `404` branches (`get session`, `send message`)
+   - API integration suite increased to 185 passing tests with explicit `403/404` branch locking for remaining protected route gaps
+53. API-06 centralized exception/fallback error-contract hardening (`#153`):
+   - added global unhandled-exception middleware in the API pipeline to return deterministic `ApiErrorResponse` payloads for unexpected server failures
+   - standardized unknown-result fallback `500` mapping to `ApiErrorResponse` (`UnexpectedError`) instead of `ProblemDetails` to keep fallback payload shape contract-uniform
+   - added fault-injection API integration coverage validating unhandled-failure contract shape, non-leakage message behavior, and correlation-header continuity under `500` responses
+54. TST-14 architecture-guard expansion (`#157`):
+   - expanded architecture tests beyond csproj references with source-layer purity invariants for Domain/Application forbidden namespace imports
+   - added API controller boundary invariants to restrict direct `ControllerBase` inheritance to auth/health controllers and enforce `[Authorize]` declaration on protected controllers
+   - architecture guard suite now emits deterministic file-scoped diagnostics for quick remediation in CI and local runs
+55. TST-01 load/concurrency harness delivery (`#70`):
+   - added k6 board-heavy API regression profile (`tests/load/k6/board-heavy-load.js`) with seeded-auth setup, read/write traffic mix, thresholds, and failure diagnostics
+   - added multi-session Playwright concurrency harness coverage (`frontend/taskdeck-web/tests/e2e/concurrency.spec.ts`) for conflicting edits and realtime cross-session propagation
+   - added reusable CI lane (`.github/workflows/reusable-load-concurrency-harness.yml`) and wired it into `ci-extended` (testing label/manual) plus `ci-nightly` with persisted k6/Playwright artifacts
+56. ARCH-01 multi-tenancy strategy ADR delivery (`#71`):
+   - added accepted ADR at `docs/analysis/2026-02-22_multi-tenancy-strategy-adr.md` comparing `database-per-tenant`, `schema-per-tenant`, and `shared-schema + TenantId`
+   - selected `shared-schema + TenantId` as immediate rollout model with explicit promotion path to `database-per-tenant` for high-isolation tiers
+   - defined phased migration/enforcement plan plus tenant-isolation readiness checklist and cross-tenant `403` test strategy expectations
+57. FE-11 frontend lint baseline + CI enforcement (`#154`):
+   - added pragmatic Vue 3 + TypeScript ESLint baseline (`.eslintrc.cjs`) with focused rule suppressions to avoid style-churn while catching correctness issues
+   - added `npm run lint` script with zero-warning enforcement and integrated lint into reusable frontend CI lane (`reusable-frontend-unit.yml`)
+   - documented frontend lint execution and suppression guidance in active testing docs to keep lint policy explicit for contributors
+58. FE-12 frontend coverage threshold gate (`#155`):
+   - codified global and critical-surface Vitest coverage thresholds (`src/api`, `src/store`, `src/composables`, `src/utils`, `src/components/board`) in frontend test configuration
+   - switched reusable frontend CI lane to threshold-enforced coverage execution and standardized machine-readable triage artifacts (JUnit + coverage JSON/HTML)
+   - documented explicit ratchet policy (thresholds can remain or increase, never decrease) and local threshold-breach verification command
+59. COL-02 notifications framework delivery (`#72`):
+   - added notification persistence model (`Notifications`, `NotificationPreferences`) with user-scoped preference toggles for event-family cadence controls and in-app channel enablement
+   - shipped authenticated notification APIs (`GET /api/notifications`, `POST /api/notifications/{id}/read`, `GET/PUT /api/notifications/preferences`) with board-filter authorization guardrails and deduplication-aware publish semantics
+   - integrated frontend notification inbox/preferences routes + Pinia store/api clients and added regression coverage for backend event publication, API auth/filter behavior, and frontend inbox/preferences interactions
+60. COL-03 collaborative presence/conflict policy delivery (`#73`):
+   - added SignalR-backed board/card presence snapshots with active viewer/editor state publication on join/leave/disconnect and card editing focus changes
+   - added optimistic card update conflict policy via `ExpectedUpdatedAt` with deterministic `409 Conflict` user feedback and stale-write conflict audit logging (actor + expected/actual timestamps)
+   - expanded backend/frontend regression coverage, including multi-session Playwright conflict scenario validation and realtime presence broadcast assertions
+61. COL-04 threaded card comments and mentions workflow delivery (`#74`):
+   - added authenticated board/card comment APIs for create/list/reply/update/delete with reply-depth guardrails and moderation constraints (author or board owner/admin)
+   - added mention parsing + actor-linking for card comment bodies with board-read permission checks before mention notification publication
+   - added card-comment audit entries and frontend card-modal comment UI flow (thread list, reply, edit, delete), with backend/frontend test coverage for mention parsing and authorization boundaries
+62. Capture realignment backlog seeding delivery (`#199` to `#213`):
+   - reconciled in-review capture/security/performance planning packs into dependency-mapped GitHub issues
+   - seeded a dedicated capture wave tracker (`#199`) with execution issues (`#200` to `#211`) plus linked security/performance follow-through (`#212`, `#213`)
+63. UX-15 review-first routing and selector cleanup delivery (`#322`):
+   - `/workspace/review` is now the canonical normal-user automation route, with legacy proposals URLs redirected compatibly and shell/home/inbox/card links pointed at Review
+   - queue, chat, ops, and access surfaces now explain their advanced/operator purpose in plain language and expose action-oriented next steps instead of orphan empty states
+   - board access now uses a board picker, automation chat accepts selector-safe board context instead of raw-ID happy paths, and frontend unit + Playwright coverage now locks selector flow, route defaults, and representative empty-state branches
+   - linked follow-through status is now split: `#212` delivered the logging/telemetry redaction policy and runtime guardrails; `#213` delivered frontend list virtualization (inbox + activity views) using `@tanstack/vue-virtual`
+   - updated existing SEC-06 rate-limiting issue (`#81`) and wave index (`#107`) to integrate capture-specific scope without duplicate issue creation
+64. InReview extraction coverage expansion (`#216` to `#220`):
+   - seeded go-to-market and user-research execution issues from HUMAN playbooks (`#216`, `#217`)
+   - seeded deferred capture follow-ons from the original realignment pack (`#218`, `#219`, `#220`)
+   - updated capture wave tracker (`#199`) and wave index (`#107`) to keep extraction coverage explicit
+65. CAP-01 capture model/domain contract delivery (`#200`):
+   - accepted queue-wrapper MVP model (`LlmRequest` + `inbox.capture.v1`) with explicit migration path to dedicated capture entities
+   - added canonical capture source/status contracts plus transition policy mapping from queue lifecycle states
+   - added capture payload schema/invariant enforcement (schema version, raw text bounds, actor-field rejection) and provenance linkage representation for capture item -> triage run -> proposal
+66. CAP-03 queue provenance fix delivery (`#202`):
+   - extended planner contract to support explicit source metadata (`sourceType`, `sourceReferenceId`, `correlationId`) with manual-safe defaults
+   - queue worker now stamps queue-origin proposals as `ProposalSourceType.Queue` instead of `Manual`
+   - queue item id is now forwarded as source-reference and correlation metadata for deterministic provenance traceability
+66. CAP-02 capture API slice delivery (`#201`):
+   - added authenticated `/api/capture/items` API surface for create/list/detail/ignore/cancel actions with claims-derived user scoping
+   - create endpoint now returns `201 Created` and persists capture payloads via queue-wrapper model (`LlmRequest` + `inbox.capture.v1`)
+   - list/detail contracts now enforce excerpt-only list payloads and detail-only full text visibility, with idempotent ignore/cancel action behavior and cross-user `403` vs true-missing `404` policy coverage
+67. CAP-04 triage enqueue + state transition delivery (`#203`):
+   - added authenticated triage enqueue endpoint: `POST /api/capture/items/{id}/triage` returning `202 Accepted`
+   - capture triage enqueue now returns deterministic triage state (`Triaging`) with explicit idempotent replay signaling (`AlreadyTriaging`)
+   - invalid-state transitions now return stable `Conflict` error-contract payloads, including ignored/cancelled capture items
+   - queue processing guardrails now skip pending capture request types (`inbox.capture.v1`) to preserve explicit triage-trigger semantics ahead of CAP-05 worker routing
+68. CAP-05 triage worker routing and proposal generation delivery (`#204`):
+   - queue worker now routes triaging capture items (`inbox.capture.*` + `Processing`) through a dedicated capture-triage pipeline rather than generic planner parsing
+   - deterministic extraction baseline now converts checklist/bullet/numbered capture content into proposal operations with stable idempotency keys
+   - triage pipeline now persists provenance linkage (`capture item -> triage run -> proposal`) on capture payloads and exposes `ProposalCreated` capture status once linked
+   - capture triage failure paths now return deterministic non-mutating outcomes (no direct board writes), with bounded retry behavior retained under worker policy
+69. CAP-06 strict triage contract + prompt versioning delivery (`#205`):
+   - added strict triage output contract (`capture-triage-output.v1`) with version + prompt invariants and explicit machine-readable schema file under `Taskdeck.Application/Schemas`
+   - triage proposal generation now validates structured output against schema constraints before creating proposals, with deterministic `ValidationError` outcomes on contract violations
+   - triage provenance persistence now includes `promptVersion` (`triage.v1`) for each successful triage run (`capture item -> triage run -> proposal`)
+   - added deterministic fixture-backed validation coverage (golden + negative cases for missing tasks, wrong prompt version, unknown properties)
+70. CAP-07 inbox frontend route/list/detail delivery (`#206`):
+   - added workspace inbox surface (`/workspace/inbox`) with shell navigation and router integration
+   - inbox list now renders excerpt-first capture summaries, while full raw capture text is fetched only on detail open
+   - inbox detail now supports deterministic ignore/cancel actions with refreshed capture state after mutation calls
+   - keyboard-first inbox navigation (`ArrowUp`/`ArrowDown`/`Enter`) plus escape-stack compliant detail close behavior is now covered by frontend regression tests
+71. CAP-08 capture modal + command palette/hotkey delivery (`#207`):
+   - added quick capture modal with keyboard-first submit (`Ctrl+Enter`) and deterministic close behavior
+   - command palette now includes explicit capture action command while preserving inbox navigation command access
+   - global quick capture hotkey (`Ctrl+Shift+C`) now opens capture modal from workspace shell contexts
+   - successful capture submission now routes directly to inbox and surfaces the new item in list state for immediate follow-through
+72. CAP-09 inbox triage trigger + proposal-linking UX delivery (`#208`):
+   - inbox detail now includes explicit triage enqueue action with deterministic in-progress/completion state handling
+   - capture detail contract now surfaces provenance linkage metadata (`capture item -> triage run -> proposal`) for UI consumers
+   - inbox detail now renders direct proposal review navigation when triage yields a linked proposal id
+   - frontend regression suite now covers triage action success/failure and proposal-link rendering paths
+73. CAP-10 card/proposal provenance UX delivery (`#209`):
+   - added card provenance API contract for capture-created cards (`GET /api/boards/{boardId}/cards/{cardId}/provenance`) with board-scope authz guardrails (`403` cross-user)
+   - capture triage create-card operations now persist deterministic card target ids so provenance lookup remains stable after proposal execution
+   - card modal now surfaces capture-origin marker, capture/proposal deep-links, proposal status, and triage-run metadata when provenance exists
+   - automations proposal surface now exposes capture-linked context (capture artifact link + triage-run reference), with frontend/backend regression coverage
+74. CAP-11 capture loop end-to-end regression delivery (`#210`):
+   - added dedicated Playwright regression (`tests/e2e/capture-loop.spec.ts`) for capture create -> triage -> proposal approve/execute -> card provenance verification
+   - end-to-end flow now validates proposal-first trust posture by asserting board mutation only after explicit proposal approval and execute action
+   - regression asserts resulting card provenance links (`Open Capture`, `Open Proposal`) and triage-run metadata visibility in card modal
+   - full Playwright suite now exercises capture-loop path by default to guard against cross-surface regressions
+75. CAP-12 canonical docs promotion delivery (`#211`):
+   - updated canonical docs (`docs/STATUS.md`, `docs/IMPLEMENTATION_MASTERPLAN.md`, `docs/TESTING_GUIDE.md`, `docs/MANUAL_TEST_CHECKLIST.md`) to represent capture MVP as shipped behavior
+   - moved capture validation language from planned-only posture to active regression posture in testing and manual guides
+   - marked original in-review capture pack READMEs as historical/stale after canonical promotion
+76. TST-17 drag/drop persistence regression coverage delivery (`#256`):
+   - `tests/e2e/smoke.spec.ts` now asserts card drag/move persistence after a full page reload by validating target-column presence and source-column absence post-refresh
+   - `tests/e2e/smoke.spec.ts` now asserts column reorder persistence after a full page reload using explicit ordered heading checks
+   - drag-handle safety coverage in smoke was hardened to use stable add-card control coordinates for non-handle drag attempts, reducing intermittent setup flake while preserving behavior assertions
+77. AUTO-03 provider-agnostic runtime delivery (`#232`):
+   - expanded runtime provider support to `OpenAI` + `Gemini` behind deterministic environment/config gates with explicit `Mock` fallback on invalid live-provider configuration
+   - added Gemini provider adapter (`generateContent`) and parity fallback behavior across success/failure/invalid-response/cancellation branches
+   - capture triage provenance now persists provider/model metadata (`provider`, `model`) alongside `promptVersion` for linked triage/proposal flows
+   - expanded regression coverage across selection policy, provider adapters, capture provenance surfaces, and API chat integration with non-mock provider stubs
+   - follow-on managed-key identity attribution baseline (`#236`) now threads server-derived attribution (`userId`, correlation ID, source surface, board/session scope) through chat/provider boundaries, persists attribution in capture provenance, and adds spoofing/propagation regression coverage
+78. INT-01 external import adapters foundation delivery (`#75`):
+   - added provider-registry external import orchestration (`IExternalImportAdapter`, `IExternalImportService`) so new providers can be added without core import-service rewrite
+   - shipped CSV adapter baseline with outreach-contact profile mapping and deterministic dedupe key ordering (`linkedin_url` -> `email` -> normalized `display_name+company`)
+   - added board-scoped authenticated import endpoint (`POST /api/boards/{boardId}/imports/external`) with dry-run/apply result contracts (`create/update/skip/conflicts`) and rollback-safe apply behavior
+   - added backend regression coverage for malformed CSV, duplicate input handling, deterministic upsert behavior, rollback safety, archived-board rejection behavior, and CSV payload/row guardrails, plus operator-facing mapping guidance in `docs/platform/IMPORT_ADAPTERS_GUIDE.md`
+79. INT-02 webhook integration security model delivery (`#76`):
+   - added board-scoped outbound webhook subscription and delivery contracts (`POST/GET/PATCH/DELETE /api/boards/{boardId}/webhooks`) with authz-safe ownership and revocation handling
+   - added mutation-event queueing and signed webhook dispatch (`X-Taskdeck-Webhook-*` headers) with HTTPS/default host safety checks and localhost gating controls
+   - added worker/runtime hardening for atomic claim/reload flow, non-success response retry scheduling, dead-letter terminal handling, and stale-processing recovery
+   - added backend regression coverage across domain/application/API/worker/repository webhook paths, including non-success dispatch retry/dead-letter branches
+80. API CORS development-origin configurability delivery:
+   - API CORS composition now keeps default localhost origins (`http://localhost:5173`, `http://localhost:5174`) as baseline behavior
+   - development fallback localhost origins (`http://localhost:4173`, `http://localhost:5001`) are now included so restricted local frontend-port runs remain preflight-safe
+   - development runtime now accepts additive allowed origins from configuration key `Cors:DevelopmentAllowedOrigins`
+   - API integration coverage now verifies both default-origin allowance and development-configured alternate-origin allowance via deterministic in-memory config overrides
+81. OPS-16 deployment/container hardening verification matrix delivery (`#142`):
+   - added deployment verification script (`scripts/deploy/Verify-TaskdeckDeploymentHardening.ps1`) covering secret-enforcement validation, reverse-proxy header checks, unauthorized-path checks, and startup/restart/shutdown reliability checks for the compose baseline
+   - added explicit pass/fail matrix doc (`docs/ops/DEPLOYMENT_HARDENING_MATRIX.md`) and linked it from deployment/testing docs for deterministic operator execution
+   - expanded manual checklist coverage for non-automatable deployment controls (backend exposure posture, edge TLS termination posture, host restart rehearsal expectations)
+82. PACK-07 warning-first starter-pack apply UX delivery (`#176`):
+   - starter-pack apply conflict contract now includes severity (`blocking`/`warning`) and controller conflict responses now hard-stop only on blocking conflicts
+   - starter-pack apply service now marks non-blocking seed-card skip paths as warnings and preserves apply success when only warnings exist
+   - starter-pack modal now shows explicit applied/skipped/blocked/warnings outcome summaries with warning-first messaging, and backend/frontend regression coverage now locks warning-vs-blocking behavior
+83. TST-18 Playwright frontend port-resolution hardening delivery:
+   - frontend E2E config now resolves fallback ports deterministically across Playwright runner and worker imports
+   - local runs (server reuse enabled) prefer identity-verified running Taskdeck frontend listeners before bind probes to prevent runner/worker drift (`4173` to `5001`)
+   - CI runs (server reuse disabled) prefer bindable ports first so stale listeners do not trigger `url is already used` startup failures
+   - fallback port selection now persists first resolution in-process (`TASKDECK_E2E_RESOLVED_FRONTEND_PORT`) so worker config imports do not diverge from runner webServer startup port
+   - local Windows E2E gate now re-verifies with `npx playwright test --reporter=line` using fallback path (`5173` -> `4173` -> `5001`)
+84. FE-13 local dev server startup hardening delivery:
+   - `npm run dev` now launches through a small Vite wrapper that auto-resolves restricted/unavailable local ports with fallback order `5173` -> `4173` -> `5001`
+   - wrapper now selects the first bindable candidate port and skips occupied candidates for new Vite processes, preventing strict-port startup failures on stale listeners
+   - wrapper now sets strict-port startup semantics by default, avoiding implicit Vite auto-increment drift when a requested port is occupied
+   - explicit local overrides remain supported (`--host`, `--port`, `TASKDECK_DEV_PORT`) for reproducible manual debugging
+   - manual local flows no longer require one-off fallback command rewrites when `localhost:5173` is blocked with `listen EACCES`
+85. OPS-19 container-image frontend dependency-policy unblock follow-through:
+   - frontend npm dependency graph now keeps `@microsoft/signalr` on its supported `ws@7.5.10` major line via a vendored local tarball dependency (`ws: file:vendor/ws-7.5.10.tgz`) so container `npm ci` no longer fetches blocked registry tarballs for that version
+   - frontend npm dependency graph now uses `p-limit@3.0.2` override (compatible with `p-locate@5`) to remove blocked `yocto-queue-0.1.0` fetches without cross-major override drift
+   - refreshed lockfile keeps container `npm ci` deterministic and unblocks `.github/workflows/reusable-container-images.yml` frontend build stage
+   - local Docker validation confirms `deploy/docker/frontend.Dockerfile` build-stage `npm ci` and `npm run build` both complete successfully with the override
+   - [Superseded by `#761` (dependency-overrides audit): vendor tarball `vendor/ws-7.5.10.tgz` removed; `ws` now declared as `^7.5.10` from the npm registry; `p-limit` override removed — npm naturally resolves `p-limit@3.1.0` (highest in the `^3.0.2` range required by `p-locate@5`); orphaned `COPY vendor/` Dockerfile step removed]
+86. OPS-20 role discoverability and permission-guidance delivery (`#179`):
+   - ops command permission failures now include current-role context, runnable-template fallback lists, and explicit next-step guidance to verify/request elevated access
+   - ops console now surfaces current role and runnable-template discoverability context up front, and restricted template selection now shows explicit role-based warnings before run attempts
+   - settings profile surface now includes role and ops-capability summaries, and operator/manual docs now codify the role-assignment workflow used for access elevation requests
+87. UX-11 archive lifecycle control refinement (`#177`):
+   - board settings lifecycle controls now use one explicit archive/restore action with deterministic confirmation messaging, replacing duplicate archive semantics in the same surface
+   - archive workspace now supports hiding archived boards from the default list, explicit hidden-board reveal (`Show Hidden Boards`), and reversible unhide actions for clearer long-tail archive management
+   - archive/frontend regression coverage now locks hidden-board visibility filtering behavior while API integration coverage locks archive/restore lifecycle transitions via board update contracts
+88. SEC-05 OWASP baseline hardening (`#80`, delivered):
+   - added API security-header middleware with explicit baseline headers (`Content-Security-Policy`, `X-Frame-Options`, `X-Content-Type-Options`, `Referrer-Policy`)
+   - added environment-aware HSTS behavior (enabled for HTTPS, disabled by default in development unless explicitly configured)
+   - added API integration coverage for header presence on success and auth-failure paths, plus HTTPS HSTS emission behavior in non-development hosting
+   - published `docs/security/SECURITY_OWASP_BASELINE.md` with CSRF posture, OWASP checklist, and tracked follow-up security gaps
+89. SEC-06 API rate-limiting and abuse-protection hardening (`#81`, delivered):
+   - added partitioned fixed-window rate limiter policies for auth (`AuthPerIp`), capture create/triage (`CaptureWritePerUser`), and hot/costly paths (`HotPathPerUser`)
+   - applied endpoint-level rate-limit policies across auth, capture, chat, and llm-queue write/stream surfaces
+   - standardized throttle response contract (`429` + `ApiErrorResponse`) with deterministic retry diagnostics headers (`Retry-After`, `X-RateLimit-Policy`)
+   - published operator tuning guidance and safe defaults in `docs/security/RATE_LIMITING_POLICY.md` with regression coverage for burst, reset-window recovery, and cross-user boundary behavior
+   - follow-through hardening now supports trusted forwarded-header processing via explicit proxy/network allowlists and configurable forwarded-hop depth (`ForwardedHeaders:ForwardLimit`), while preserving no-trust defaults when allowlists are unset and documenting emergency/rollback plus proxy-topology smoke checks
+90. TST-CODEX-01 to TST-CODEX-15 unit test coverage wave (`#415`–`#429`, PRs `#436`–`#448`):
+   - added frontend API/composable/store tests and backend domain entity/application service/API tests across 13 PRs
+   - adversarial review fixes for tautological assertions, missing guard branches, modifier-key coverage, and edge-case gaps
+91. Hotspot refactor and maintenance wave (PRs `#453`–`#456`):
+   - AGT-01 follow-up: `AgentRunRepository` now uses pure LINQ (removed `FromSqlInterpolated` raw-SQL SQLite branch)
+   - KNOW-01 follow-up: `KnowledgeChunkRepository` uses `ExecuteDeleteAsync`; FTS service uses uppercase GUID comparison, `int?` source-type, application-managed FTS sync via `UpdateFtsIndexAsync`/`DeleteFtsIndexAsync`, and `SanitizeFtsQuery` helper
+   - UI-01 follow-up: `design-tokens.css` accent colors DRY-refactored to `--_td-light-accent` variables
+   - TST-26 knowledge service test coverage: 32 new backend tests across chunk content, FTS sanitize, authorization, and API integration suites; EF Core migration with proper Designer snapshot; SQLite DateTimeOffset ORDER BY fix; FTS5 trigger-removal migration
+92. Security hardening wave (PRs `#457`–`#460`, `#466`):
+   - UI-03 primitive stack decision spike: `docs/analysis/ui-primitive-stack-decision-spike.md` selecting shadcn-vue (Reka UI base, copy-paste ownership, WAI-ARIA foundation)
+   - DOC-05 / SEC-17 managed-key usage policy: `docs/security/MANAGED_KEY_USAGE_POLICY.md` with fair-use limits, prohibited patterns, and enforcement ladder
+   - SEC-10 secrets/config management baseline: `docs/security/SECRETS_MANAGEMENT_BASELINE.md` with secret inventory + rotation runbooks; `deploy/docker-compose.yml` wired with LLM provider env vars
+   - SEC-19 incident response runbook + drills: `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` + `scripts/drills/` (5 failure-injection scripts + orchestrator); corrected identity-scope quarantine accuracy in self-review
+   - SEC-12 session-token storage hardening: centralized `utils/tokenStorage.ts` abstraction with `isValidJwtStructure` JSON-payload validation; tokenStorage migration across router/sessionStore; CSP `unsafe-inline` removed from `script-src`; session-token ADR at `docs/analysis/session-token-storage-adr.md`
+93. Frontend foundations wave (PRs `#461`–`#464`):
+   - ActivityView decomposition: ~735 → ~117 lines via `useActivityQuery` + `ActivitySelector` + `ActivityResults`
+   - PERF-08 latency budgets: `usePerformanceMark` composable; 16 lazy route imports; `docs/PERFORMANCE_BUDGETS.md` with 7 thresholds
+   - BoardView decomposition: ~771 → ~270 lines via `useBoardDragDrop` + `useBoardKeyboardNav` + 4 extracted components; `usePerformanceMark` integrated for board-load instrumentation
+   - UI-02 shared primitives foundation: 15 TdButton/TdInput/TdDialog/TdDropdown/TdTooltip/TdBadge/etc. components built on shadcn-vue/Reka UI with WAI-ARIA baseline
+94. Feature and security follow-through wave (PRs `#465`–`#471`):
+   - OUT-01 JSON manifest import tab: `StarterPackCatalogModal` gains JSON paste/file-upload with validate→dry-run→apply flow
+   - StarterPack service decomposition: `StarterPackManifestValidator` split into 4 focused validators/checkers
+   - SEC-18 abuse detection operator tooling + domain groundwork: `AbuseActor`/`AbuseEvent` entities, `AbuseDetectionService` with 4-state model; operator evaluation/quarantine API; live-traffic wiring is a follow-up slice
+   - ArchiveRecovery decomposition: `ArchiveRecoveryService` → `ArchiveConflictDetector` + `RestorePlanner` + `RestoreExecutor`
+   - AutomationExecutor decomposition: `AutomationExecutorService` → `OperationParameterParser` + `ExecutionAuditRecorder` + `OperationHandlerRegistry`
+   - Deploy/MCP failure injection drills: 5 shell drill scripts + `run-all-drills.sh` orchestrator in `scripts/drills/`
+95. OPS-18 dependency update automation and security triage workflow (`#148`):
+   - added `.github/dependabot.yml` with weekly update schedules for NuGet (`/backend`), npm (`/frontend/taskdeck-web`), and GitHub Actions (`/`) ecosystems
+   - minor/patch updates grouped per ecosystem; major NuGet/npm updates arrive as individual PRs; GitHub Actions updates fully grouped
+   - added `docs/ops/DEPENDENCY_UPDATE_POLICY.md` with update categories, PR verification expectations, severity-based triage SLAs, escalation procedures, and policy boundaries
+   - security triage workflow aligns with existing `docs/security/SECURITY_DEPENDENCY_VULNERABILITY_POLICY.md` severity policy; no auto-merge enabled
+96. OPS Windows Git resolution hardening (`#121`):
+   - added `scripts/check-git-env.sh` diagnostic script validating Git for Windows resolution (not Cygwin/MSYS2) and stale `.git/index.lock` detection with worktree awareness
+   - updated `CLAUDE.md` and `AGENTS.md` Windows Notes to reference the script and PATH remediation guidance
+97. TST-08 testing and hardening strategy analysis (`#143`):
+   - delivered `docs/analysis/2026-03-29_testing-hardening-strategy.md` with gap analysis across backend/frontend tests, CI, MCP, deployment, ops reliability, and security
+   - proposed 15 follow-up issues across 4 priority tiers with acceptance criteria and execution sequencing
+98. TST-25 headed manual-audit Playwright pack (`#369`):
+   - added `frontend/taskdeck-web/tests/e2e/manual-audit.spec.ts` covering core `Home -> Inbox/Capture -> Review -> Board` audit loop with 18 screenshots
+   - live LLM probes gated behind `TASKDECK_RUN_LIVE_LLM_TESTS` env var; CI exclusion via `TASKDECK_RUN_AUDIT` env var gate
+   - added `docs/testing/MANUAL_AUDIT_PACK.md` documenting usage vs stakeholder demo recorder vs default smoke
+99. TST-07 manual validation slice A — workspace shell, board lifecycle, and keyboard UX (`#130`):
+   - added `docs/testing/manual-validation-a-workspace-board-ux.md` with 22 step-indexed scenarios (A-01 to A-22)
+   - covers auth flows, shell navigation, board lifecycle, column/card/label operations, keyboard UX, escape behavior stack, and Today view
+100. TST-08 manual validation slice B — authz policy, cross-user isolation, and API error contracts (`#131`):
+    - added `docs/testing/manual-validation-b-authz-contracts.md` with 175 step-indexed checks (B-01 to B-175) covering all 28 controllers
+    - two-user fixture setup with curl-based bootstrap script; covers unauthenticated denial, cross-user board isolation, error payload contract verification
+101. AppShell premium reskin delivery (PR `#499`):
+    - shell sidebar, topbar, command palette, and keyboard help components reskinned from hardcoded Tailwind/rgba values to `--td-*` design token system
+    - added focus-visible accessibility rings throughout shell layer and glass morphism effects for visual coherence
+    - no behavior changes; purely CSS/token-based styling refactor
+102. Board/card surface polish delivery (PR `#501`):
+    - board canvas, toolbar, action rail, column lanes, and card components reskinned to design token system
+    - standardized card visual states (hover, focus, selected, disabled, dragging) with token-based styling
+    - fixed combined selected+focus-visible keyboard nav specificity conflict; replaced hardcoded font sizes with token references
+103. AGT-02 tool registry, policy evaluator, and first bounded template delivery (`#337`, PR `#502`):
+    - added domain primitives: `ToolScope`/`ToolRiskLevel` enums, `ITaskdeckTool`/`ITaskdeckToolRegistry` interfaces, `PolicyDecision` value object (AllowDirect/AllowWithReview/Deny factories)
+    - added `TaskdeckToolRegistry` (thread-safe ConcurrentDictionary, duplicate rejection, scope filtering) and `AgentPolicyEvaluator` (allowlist enforcement, risk-level gating with review-first defaults)
+    - added `InboxTriageAssistant` bounded template: gathers pending inbox items, routes through policy evaluator, creates proposals (never direct board mutations)
+    - DI registration: singleton tool registry with `inbox.triage` pre-registered, scoped policy evaluator and triage assistant
+    - 42 backend tests across registry, policy evaluation, and inbox triage assistant suites
+104. Demo director reporting, assertions, presets, and soak mode delivery (`#331`, PR `#500`):
+    - added named preset system (`demo-director-presets.mjs`) for common demo modes with override merging and runtime registration
+    - added trace assertion utilities (`demo-trace-assertions.mjs`) for exact/structural comparison plus step ordering validation
+    - added HTML report generator (`demo-report-html.mjs`) with inline styles, trace tables, pass/fail badges, and embedded base64 screenshots
+    - added soak mode (`demo-soak.mjs`) for long-run director scenario loops with configurable iteration counts, cooldown, and cumulative metrics
+    - 63 frontend tests covering presets, assertions, reports, soak mode, and integration pipeline
+105. Incident rehearsal and recovery program delivery (`#150`, PR `#503`):
+    - added `docs/ops/INCIDENT_REHEARSAL_CADENCE.md` with monthly lightweight + quarterly deep drill schedule and rotation model
+    - added `docs/ops/EVIDENCE_TEMPLATE.md` for standardized rehearsal outcome format with ISO 8601 timeline and bidirectional issue linking
+    - added `docs/ops/REHEARSAL_BACKOFF_RULES.md` with finding-to-issue workflow, severity labels (P1–P4), and SLA expectations
+    - added 4 rehearsal scenario templates (degraded-api-health, missing-telemetry-signal, mcp-server-startup-regression, deployment-readiness-failure)
+    - added first execution evidence at `docs/ops/rehearsals/2026-03-29_degraded-api-health.md`
+    - cross-linked from `TESTING_GUIDE.md` and `MANUAL_TEST_CHECKLIST.md`
+106. Chat-to-proposal NLP gap fix delivery (`#570`, PR `#602`):
+    - added `NaturalLanguageInstructionExtractor` to bridge intent classification-to-parsing gap (translates natural language into structured instructions the regex parser can consume)
+    - all three LLM providers (Mock, OpenAI, Gemini) now use the extractor as fallback when structured JSON extraction fails
+    - 38 unit tests for the extractor covering extraction patterns and edge cases
+107. Multi-instruction batch parsing delivery (`#574`, PR `#591`):
+    - added `ParseBatchInstructionAsync` to `IAutomationPlannerService` for splitting multiple natural-language instructions into individual planner calls
+    - `ChatService` now routes multi-instruction messages through batch parsing to generate multiple proposals from a single chat message
+    - backend + frontend tests for batch instruction parsing and ChatService integration
+108. Board-context LLM prompting delivery (`#575`, PR `#589`):
+    - added `BoardContextBuilder` to construct bounded board context (columns, card titles, labels) for LLM system prompts
+    - added `LlmSystemPromptBuilder` for centralized system prompt composition across providers
+    - OpenAI and Gemini providers now append board context via the builder; backend tests for builder and ChatService integration
+109. Board keyboard card movement delivery (`#248`, PR `#590`):
+    - added Alt+Arrow keyboard shortcuts for card movement within and across columns via `useBoardKeyboardNav` composable
+    - added move-to action menu on CardItem for click-based column moves with Escape handling and focus restoration
+    - extracted adjacent-column and reorder helpers from composable; added Card Movement section to keyboard help dialog
+    - frontend unit tests for keyboard movement, ColumnLane test prop fix, and coverage expansion
+110. Transcript capture source delivery (`#218`, PR `#592`):
+    - added `TranscriptFile` capture source with transcript-specific size limits to backend domain
+    - added transcript paste/file capture mode to CaptureModal frontend
+    - backend validation tests and frontend interaction tests
+111. Contact card YAML parser delivery (`#264`, PR `#588`):
+    - added `ContactCardYamlParser` with parse/serialize and field validation for card-first outreach CRM
+    - added `ContactCardFrontMatter` model with `YamlDotNet` dependency; static serializer/deserializer caching
+    - backend unit tests for parser
+112. Global search and quick-action launcher delivery (`#93`, PR `#603`):
+    - added `SearchService` and `GET /api/search?q=` endpoint for cross-board search respecting authorization boundaries
+    - enhanced `ShellCommandPalette` (Ctrl+K) with live search results (boards + cards) alongside command navigation
+    - added `searchApi` client, `useGlobalSearch` composable with 200ms debounce and abort-on-supersede
+    - frontend tests for composable and command palette search integration
+113. Developer portal and OpenAPI delivery (`#99`, PR `#605`):
+    - added OpenAPI annotations to 7 controllers (Boards, Cards, Columns, Capture, Chat, Auth, Webhooks) with `[ProducesResponseType]` and XML doc summaries
+    - enhanced Swagger configuration with API metadata, JWT Bearer security definition, and XML comment inclusion
+    - added developer portal docs (`docs/api/`): `QUICKSTART.md`, `AUTHENTICATION.md`, `BOARDS.md`, `CAPTURE.md`, `CHAT.md`, `WEBHOOKS.md`, `ERROR_CONTRACTS.md`
+    - added developer portal CI workflow and local OpenAPI export script
+114. SBOM and release provenance delivery (`#103`, PR `#606`):
+    - added reusable workflow for CycloneDX JSON SBOMs (backend + frontend) and SLSA v1-style build provenance manifest with SHA-256 checksums
+    - wired into `ci-release.yml` (replacing placeholder) and `release-security.yml`
+    - added documentation at `docs/ops/SBOM_RELEASE_PROVENANCE.md`; updated dependency vulnerability policy
+115. Batch triage and suggestion editing delivery (`#220`, PR `#607`):
+    - added `POST /api/capture/items/batch-triage` with per-item actions (triage/ignore/cancel), 200/207/422 response semantics, batch size limit (50), and duplicate ID rejection
+    - added `PUT /api/capture/items/{id}/suggestion` for editing capture text before triage with state-transition guards
+    - added multi-select checkboxes, select-all toggle, batch action bar, and inline suggestion editing in InboxView
+    - backend + frontend tests for batch triage and suggestion editing
+116. Property-based and fuzz testing pilot delivery (`#89`, PR `#601`):
+    - added FsCheck property-based testing packages to Domain and Application test projects
+    - added property-based tests for Board, Card, Column, Label entity invariants and AutomationProposal state machine invariants
+    - added fuzz tests for StarterPackManifestValidator input parsing, LlmIntentClassifier regex safety, and export/import DTO serialization roundtrip contracts
+117. Accessibility audit and WCAG remediation delivery (`#92`, PR `#604`):
+    - added accessibility foundation: skip-to-content link, `sr-only` utility class, `eslint-plugin-vuejs-accessibility` with tuned gradual-rollout rules
+    - WCAG improvements across BoardView, HomeView, TodayView, ReviewView, InboxView, CaptureModal, and ToastContainer (ARIA landmarks, roles, labels)
+    - added Playwright axe-core E2E tests for 6 core views (Home, Today, Inbox, Review, Boards, Login) plus skip-link verification
+    - `role=presentation` on virtual scroller wrappers for axe-core compliance
+118. Dependency update wave (PRs `#593`–`#600`):
+    - `@eslint/js` 9.39.4 → 10.0.1 (with ESLint v10 rule violation fixes)
+    - `@types/node` 24.10.1 → 25.5.0
+    - GitHub Actions group bump (5 updates)
+    - `Microsoft.NET.Test.Sdk` 17.14.1 → 18.3.0
+    - `Swashbuckle.AspNetCore` 6.9.0 → 10.1.7 (with OpenApi v2.x compatibility fix)
+    - `Microsoft.IdentityModel.Tokens` and `System.IdentityModel.Tokens.Jwt` upgraded to 8.17.0
+    - `xunit.runner.visualstudio` 2.8.2 → 3.1.5
+119. LLM tool-calling spike completion (`#618`, 2026-04-01):
+    - completed architecture document at `docs/spikes/SPIKE_618_COMPLETED.md` (1,014 lines, 13 sections)
+    - decided: custom implementation over Semantic Kernel (~800 LOC, zero new dependencies); SK's Gemini connector is alpha-quality with known function-calling bugs, and SK auto-invokes functions conflicting with GP-06
+    - decided: extend `ILlmProvider` with `CompleteWithToolsAsync()` — incremental, no breaking changes to existing non-tool-calling flow
+    - decided: 11 tools total (5 read + 6 write); reads execute directly, writes always produce proposals via `propose_*` prefix
+    - decided: new `ToolCallingChatOrchestrator` wraps `ChatService` with multi-turn loop (max 5 rounds, 60s total timeout, SignalR intermediate states)
+    - decided: Mock provider uses pattern-matching dispatch table for deterministic tool-call simulation
+    - cost model: ~$0.00088 per 3-round conversation on GPT-4o-mini (2-3x static context but unlocks dynamic board querying)
+    - implementation tracker: `#647`; phase issues: `#649` (read tools + orchestrator), `#650` (write tools + proposals), `#651` (refinements)
+120. MCP server spike completion (`#619`, 2026-04-01):
+    - completed architecture document at `docs/spikes/SPIKE_619_COMPLETED.md` (1,374 lines, 16 sections + 2 appendices)
+    - decided: official MCP C# SDK (`ModelContextProtocol` v1.2.0, co-maintained by Microsoft, 4.2k stars, .NET 8 native)
+    - decided: embedded in API process with `--mcp` startup flag for stdio mode; HTTP alongside REST on same Kestrel instance
+    - decided: stdio transport first (Claude Code/Cursor local dev), Streamable HTTP added in Phase 3 for cloud/remote
+    - decided: 9 resources under `taskdeck://` URI scheme, 9 tools (2 read + 5 write + 2 proposal management); `approve_proposal` intentionally excluded (GP-06)
+    - decided: API key auth (`tdsk_` prefix, SHA-256 hashed, user-bound) for HTTP transport; OAuth 2.1 deferred to Phase 4
+    - decided: write tools return proposal IDs immediately; users approve in web UI; agents poll via `get_proposal_status`
+    - implementation tracker: `#648`; phase issues: `#652` (minimal prototype), `#653` (full inventory), `#654` (HTTP + auth), `#655` (production hardening, deferred)
+121. SQL-level board metrics filtering delivery (`#675`/`#724`, 2026-04-03):
+    - added dedicated repository methods (`GetForMetricsAsync`, `CountCardsByColumnAsync`, `GetBlockedByBoardIdAsync`) for SQL-level filtering instead of in-memory post-fetch filtering
+    - `BoardMetricsService` now delegates filtering to SQL queries for scalability on large boards
+    - frontend `Math.max(...spread)` replaced with `reduce` for empty-array safety
+122. Double LLM call elimination delivery (`#672`/`#727`, 2026-04-03):
+    - `ChatService` now reuses the orchestrator's text response when no tools are called instead of making a second LLM completion request
+    - halves latency for non-tool chat messages with no behavior change for tool-calling flows
+123. JWT invalidation hardening delivery (`#671`/`#728`, 2026-04-03):
+    - added `ActiveUserValidationMiddleware` that checks user active status on every authenticated request with 30-second in-memory cache
+    - cache invalidated on user deletion/deactivation so stale JWTs are rejected within seconds
+    - complements the `TokenValidationMiddleware` (PR `#698`) with runtime active-user enforcement
+124. Expired proposal review UX delivery (`#678`+`#690`/`#729`, 2026-04-03):
+    - added `IsExpired` flag on `ProposalDto` and domain `CanBeDismissed` method
+    - expired proposals in Review now show distinct "Expired" status badge with dismiss action and explanatory notice
+    - Apply/Approve buttons disabled for expired proposals; 60-second reactive clock covers proposals expiring while page is open
+125. Infrastructure repository integration tests delivery (`#699`/`#730`, 2026-04-03):
+    - added 77 integration tests across 7 repository classes running against real SQLite
+    - found and fixed a real `LlmQueueRepository` ordering bug during test development
+    - first delivery from the rigorous test expansion wave (`#721`)
+126. LLM write tools and proposal integration delivery (`#650`/`#731`, 2026-04-03):
+    - added 6 write tool executors (`propose_create`, `propose_move`, `propose_archive`, `propose_update`, `propose_bulk_move`, `propose_create_column`) in Application layer
+    - added EF migration for `ToolCallMetadataJson` field on proposals for tool-call provenance
+    - orchestrator now serves 11 tools (5 read + 6 write); writes always produce proposals per GP-06
+    - frontend tool-status indicators show write-tool progress via SignalR `ToolStatusEvent`
+127. Rigorous test expansion wave 2 delivery (PRs `#740`–`#755`, 2026-04-04):
+    - 8 issues from `#721` tracker, ~586 new tests with two rounds of adversarial review (47 review-fix commits)
+    - domain entity state machine exhaustive tests (`#701`/`#740`): 174 tests across 7 entities (CommandRun, ArchiveItem, ChatSession, UserPreference, NotificationPreference, CardLabel, CardCommentMention)
+    - SignalR hub and realtime integration tests (`#706`/`#751`): 19 tests covering auth, presence, multi-user, authorization, edge cases; review fixed false-positive auth tests and resource leaks
+    - LLM provider and tool-calling edge cases (`#709`/`#747`): 101 tests across orchestrator, provider, classifier, registry; review added loop detection and registry edge cases
+    - data export/import round-trip integrity tests (`#713`/`#752`): 64 tests covering JSON, CSV, GDPR, database, cross-format validation
+    - API error contract regression tests (`#714`/`#753`): 57 tests across 7 endpoint families with GP-03 contract enforcement; review fixed 12 weak 404 assertions and 2 false-positive contract tests
+    - archive and restore lifecycle tests (`#715`/`#755`): 74 tests (45 domain + 29 API) covering state machine, cross-user isolation, conflict detection, audit trail
+    - board metrics accuracy verification tests (`#718`/`#749`): 61 tests (51 service + 10 controller) for throughput, cycle time, WIP, blocked cards, done-column heuristic
+    - notification delivery integration tests (`#719`/`#746`): 36 tests covering all 5 notification types, deduplication, preference filtering, cross-user isolation, batch operations
+    - wave progress: 15 of 22 `#721` issues now delivered (~886 new tests total); 7 issues remain open
+128. Post-adversarial-review hardening and test expansion (PRs `#741`–`#756`, 2026-04-04):
+    - 9 issues from `#721` tracker plus product telemetry taxonomy, two bug fixes, and six frontend regression test additions
+    - product telemetry taxonomy delivered (`#341`/`#741`): `docs/product/TELEMETRY_TAXONOMY.md` with 35+ named events, privacy-first bucketing, and R1/R2/R3 launch gate anchors; opt-in, not yet implemented
+    - board header presence label bug fixed (`#683`/`#744`): username/email flip resolved with `normalizePresenceMembers()` in `BoardView.vue`; adversarial review confirmed no edge cases; 3 new tests
+    - manual card provenance empty state fixed (`#680`/`#754`): 3 bugs caught and fixed by adversarial review (overly broad 404 swallow, global Axios log regression, empty-state flash); `CardModal.vue` now shows "No capture provenance available." correctly; 4 new tests
+    - WIP-limit toast dedup regression tests (`#686`/`#745`): 7 tests in `boardStore.wipLimit.spec.ts` for `createCard` and `moveCard`
+    - auth-flow toast lifecycle tests (`#685`/`#742`): 20 tests in `sessionStore.authToast.spec.ts`; adversarial review fixed timer leak, mock isolation, inverted assertion
+    - router auth guard + workspace stability tests (`#687`/`#748`): `authGuard.spec.ts` and `workspaceRouteStability.spec.ts` with 16-case exhaustive guard table; pre-existing `AuthControllerEdgeCaseTests.cs` compile error fixed
+    - inbox triage action visibility tests (`#688`/`#743`): 21 new tests in `InboxView.spec.ts` for single-item triage and bulk action bar visibility
+    - webhook HMAC verification tests (`#726`/`#750`): 11 tests in `OutboundWebhookHmacDeliveryTests.cs` for header format, round-trip, wrong-key, secret rotation, timing-safe comparison
+    - webhook delivery reliability + SSRF boundary tests (`#710`/`#756`): 78 total webhook tests across 9 files; SSRF coverage via `OutboundWebhookEndpointGuardTests` for private IP ranges; retry/backoff/dead-letter reliability; `HttpClient` resource leak fixed in tests
+    - TST-32–TST-57 wave progress updated: 17 of 25 issues now delivered; remaining open: `#705`, `#711`, `#712`, `#716`, `#717`, `#720`, `#723`, `#725`; frontend suite at 1592 passing (up from 1496)
+129. Dependency hygiene, accessibility, tool-calling refinements, streaming, and test coverage wave (PRs `#771`–`#779`, 2026-04-04):
+    - vendored dependency cleanup (`#761`/`#771`): removed `vendor/ws-7.5.10.tgz` and orphaned Dockerfile `COPY vendor/` line; `ws` resolves from registry as `^7.5.10`; no-op `p-limit` override removed; adversarial review updated stale STATUS.md/MASTERPLAN docs references
+    - accessibility lint remediation (`#762`/`#779`): 105 warnings → 0; form label associations, keyboard event companions, ARIA modal/backdrop attributes, `--max-warnings 20` CI threshold; adversarial review fixed 2 CI regressions (TdTooltip Fragment, role="option" tabindex violation); 2 non-blocking ARIA follow-up items filed
+    - tool-calling Phase 3 refinements (`#651`/`#773`): `LlmToolCallingSettings` with `Enabled`/`MaxToolResultBytes` config keys; `ChatService` bypasses orchestrator when disabled; `TruncateToolResult` binary-search UTF-8 byte budget; cost tracking DI wiring completed; 17 new tests (2 added by adversarial review fixing byte-budget contract bug and replacing O(n) loop)
+    - export streaming (`#670`/`#774`): `GET /api/account/export/stream` streams via `Utf8JsonWriter`; `CountBySessionIdsAsync` GROUP BY fixes N+1; 500-session batch respects SQLite 999-param limit; 15 tests; adversarial review fixed `ToErrorActionResult()` crash after `Response.HasStarted`
+    - frontend view vitest coverage (`#716`/`#775`): 83 tests across 6 views (LoginView, RegisterView, BoardsListView, ExportImportView, SavedViewsView, DevToolsView); adversarial review fixed 3 ESLint errors (CI blocker) and added 3 OAuth callback path tests
+    - Pinia store integration tests (`#711`/`#777`): 91 tests across 6 stores mocking HTTP layer; covers #508/#509 regressions; adversarial review fixed timer leak, microtask drain, and 4 type-bypass casts
+    - resilience/degraded-mode tests (`#720`/`#778`): 34 tests (18 backend + 16 frontend); adversarial review fixed CI blocker (unused import), double-invocation anti-pattern, and timing race
+    - E2E error state expansion (`#712`/`#772`): 25 Playwright scenarios across 3 spec files using `page.route()` interception; adversarial review fixed CI blocker (unused import), route glob, and 3 vacuous assertions
+    - TST-32–TST-57 wave: 23 of 25 issues now delivered (added `#723`/`#769` and `#725`/`#765` from parallel wave); remaining open: `#705`, `#717`; frontend suite ~1734 passing
 130. Ephemeral integration databases via Testcontainers (`#91`, 2026-04-09):
     - new `Taskdeck.Integration.Tests` project with `Testcontainers.PostgreSql` (4.11.0) and `Npgsql.EntityFrameworkCore.PostgreSQL` (8.0.11)
     - `PostgresContainerFixture` manages a shared ephemeral PostgreSQL 16 container per xUnit collection; each test method gets its own isolated database via counter-based `CREATE DATABASE`
-    - schema created via `EnsureCreated()` from the EF Core model (not SQLite migrations) for PostgreSQL provider parity
-    - `PostgresIntegrationTestBase` base class provides `Db` property with `IAsyncLifetime` setup/teardown
-    - 20 integration tests across 7 test classes: Board CRUD (5), Card operations (5), Proposal lifecycle (5), per-test isolation verification (2), parallel execution validation (3)
-    - CI workflow `reusable-container-integration.yml` added to ci-extended lane (label: testing); runs on ubuntu-latest with Docker
-    - documentation at `docs/testing/TESTCONTAINERS_GUIDE.md`
+    - schema created via `EnsureCreated()` from the EF Core model (not SQLite migrations) for PostgreSQL provider parity
+    - `PostgresIntegrationTestBase` base class provides `Db` property with `IAsyncLifetime` setup/teardown
+    - 20 integration tests across 7 test classes: Board CRUD (5), Card operations (5), Proposal lifecycle (5), per-test isolation verification (2), parallel execution validation (3)
+    - CI workflow `reusable-container-integration.yml` added to ci-extended lane (label: testing); runs on ubuntu-latest with Docker
+    - documentation at `docs/testing/TESTCONTAINERS_GUIDE.md`
 131. SignalR scale-out readiness (`#105`, PLAT-03, 2026-04-09):
-    - ADR-0023 documents Redis backplane strategy with alternatives analysis (Azure SignalR Service, custom message bus, sticky sessions)
+    - ADR-0025 documents Redis backplane strategy with alternatives analysis (Azure SignalR Service, custom message bus, sticky sessions)
     - `Microsoft.AspNetCore.SignalR.StackExchangeRedis` 8.0.25 added with conditional activation: Redis backplane enabled when `SignalR:Redis:ConnectionString` configured, in-memory fallback when absent
     - `RedisBackplaneHealthCheck` reports NotConfigured/Healthy/Unhealthy in `/health/ready` endpoint
     - `SignalRRegistration` extension replaces bare `AddSignalR()` with configurable builder
     - operational runbook at `docs/platform/SIGNALR_SCALEOUT_RUNBOOK.md` covers Docker Compose multi-instance, load balancer WebSocket config, failure scenarios, and rollback
     - 14 new tests: configuration detection, logging, health check states, readiness endpoint integration, hub negotiate preservation
-132. SQLite-to-PostgreSQL production migration strategy (`#84`, 2026-04-09):
-    - ADR-0023: recommends PostgreSQL as the production target and documents the alternatives/tradeoffs; runtime provider switching remains follow-up implementation work because `AddInfrastructure()` is still SQLite-only
-    - migration runbook at `docs/platform/SQLITE_TO_POSTGRES_MIGRATION_RUNBOOK.md`: explicit blocker notes for runtime provider wiring and SQLite-only FTS migration SQL, dependency-ordered export/import, full row-count/FK verification scope, rollback procedure, and least-privilege/security guidance
-    - 20-test SQLite-backed provider-compatibility baseline (`DatabaseProviderCompatibilityTests`): CRUD on Board/Card/Proposal, DateTimeOffset fidelity, GUID storage and FK joins, string collation, ordering, pagination, enum storage, aggregates, boolean filtering, batch inserts, Unicode; documents SQLite `DateTimeOffset` ORDER BY limitation
-    - future follow-up: add runtime `UseNpgsql()` support plus a provider-switching test factory before claiming dual-provider execution
-
-133. Platform expansion wave delivery (PRs `#796`–`#805`, 2026-04-09):
-    - 10 parallel worktree agents delivered platform hardening, testing infrastructure, ops documentation, and PWA readiness with two rounds of adversarial review per PR (22 CRITICAL + 32 HIGH findings caught and resolved)
-    - **PLAT-01** SQLite-to-PostgreSQL migration strategy (`#84`/`#801`): ADR-0023 (PostgreSQL target with runtime follow-up explicitly called out), migration runbook, 20 SQLite-backed provider compatibility baseline tests; review caught provider-switch overstatement, missing verification tables, and FTS5 crash risk
-    - **PLAT-02** Distributed caching (`#85`/`#805`): ADR-0024 (cache-aside), `ICacheService` with Redis/InMemory/NoOp implementations, board list caching, 32 tests; review removed unsafe board-detail cache, fixed permanent Redis disable
-    - **PLAT-03** SignalR scale-out (`#105`/`#803`): ADR-0025 (Redis backplane), conditional `AddTaskdeckSignalR`, health check, runbook, 14 tests; review fixed per-probe connection creation, thread-unsafe fields
-    - **TST-02** Cross-browser E2E matrix (`#87`/`#800`): Firefox/WebKit/mobile projects, tagging strategy, 9 tests, CI workflows, flaky test policy; review fixed CI gate timeout, extracted shared helpers
-    - **TST-03** Visual regression harness (`#88`/`#797`): Playwright `toHaveScreenshot()`, 7 visual tests, CI artifact upload, policy doc; review fixed wrong placeholder (guaranteed test failures), double extensions
-    - **TST-05** Mutation testing pilot (`#90`/`#796`): Stryker.NET + Stryker JS configs, weekly CI workflow (non-blocking), policy doc; review removed broken schema URL, invalid properties
-    - **TST-06** Ephemeral DBs via Testcontainers (`#91`/`#804`): `Taskdeck.Integration.Tests` project, PostgreSQL containers, per-test isolation, 20 tests, Docker skip; review fixed DbContext race condition, deadlock
-    - **UX-09** PWA/offline readiness (`#95`/`#802`): VitePWA, service worker, `useOnlineStatus` composable, offline banner, SW update prompt, 18 tests; review eliminated double-reload race, fixed misleading text
-    - **OPS-12** Cloud cost observability (`#104`/`#798`): ADR-0026, cost framework, hotspot registry, breach runbook; review fixed phantom config keys, wrong API endpoints
-    - **OPS-14** Cloud topology ADR (`#111`/`#799`): ADR-0027 (ECS Fargate), autoscaling policy, SLO targets, ~$147-152/month estimate, reference architecture; review fixed cost inconsistency, missing worker, health check accuracy
-    - ADR numbering: PRs originally all created ADR-0023; canonical numbering is ADR-0023 (PLAT-01) through ADR-0027 (OPS-14); file renames needed during merge
-
-## Current Planning Pivot (2026-03-07)
-
-The 2026-03-06 MVP expansion review packages change the next-cycle emphasis without invalidating the current architecture.
-
-Key conclusion:
-
-- Taskdeck's main near-horizon gap is product legibility, not missing backend capability.
-- The demo/tooling layer is now strong enough that the next cycle should focus on making the product teach itself.
-- One core system can support three presentation modes (`guided`, `workbench`, `agent`), but only the first two should drive near-horizon execution.
-
-Operational planning rules from this pivot:
-
-1. Prioritize novice-first shell work before broader autonomy, knowledge, or connector breadth.
-2. Keep the board as the execution center and make board context travel across capture, review, chat, notifications, and follow-through actions.
-3. Treat `Review` as the main automation surface for normal users; keep queue and ops explicitly advanced.
-4. Reuse existing backlog items where overlap is real (`#96`, `#93`, `#100`, `#216`, `#77`, `#75`, `#97`, `#98`, `#218`, `#219`) instead of duplicating scope.
-5. Keep the seeded productization wave (`#318`, `#320`, `#322`, `#324`, `#326`, `#96`, `#100`, `#328`) synchronized in `#107` before promoting more disconnected UX or future-breadth items.
-
-Decision rules promoted from the expanded blueprint:
-
-- If a feature makes demos better but makes the product harder to understand, it is not done.
-- If a normal happy path depends on raw internal IDs, it is not novice-ready.
-- If a page is empty and offers no next step, it is incomplete.
-- If an agent action cannot be traced to a run, policy posture, and proposal/artifact outcome, it is not ready.
-- Do not let chat-first or disconnected agent-database thinking replace the board/capture/review product core.
-
-Implementation carry-forward from the full source audit:
-
-- treat workspace mode as durable product state; do not let it collapse into local-only view toggles once server-backed preferences become practical
-- prefer aggregated product-shaped APIs for `Home`, `Today`, `Review`, and board summary needs over client-side fetch fan-out
-- keep proposal summary generation in the application layer instead of forcing the frontend to reverse-engineer meaning from low-level operations
-- keep the one-core-three-surfaces navigation contract explicit:
-  - guided primary: `Home`, `Today`, `Inbox`, `Projects`, `Review`, `Settings`
-  - workbench primary: `Home`, `Projects`, `Inbox`, `Review`, `Automations`, `Activity`, `Notifications`, `Settings`
-  - agent primary: `Home`, `Agents`, `Runs`, `Knowledge`, `Inbox`, `Projects`, `Review`, `Integrations`, `Settings`
-- preserve product-facing route aliases such as `/workspace/home`, `/workspace/today`, `/workspace/projects`, and `/workspace/review` even when the old implementation-shaped routes remain valid
-- keep novice vocabulary explicit in guided surfaces: `Project`, `Review`, and `Inbox` should lead; queue and ops stay clearly advanced
-- keep board-aware action-rail behavior explicit (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`) so board context actually travels
-- require action-state empty/help states and plain-language top boxes on advanced pages; no page should leave the user with no next step
-- avoid orphan surfaces: board, inbox item, proposal, notification, and later agent-run views should deep-link to the related next action or affected entity
-- hold the frontend to a minimum polish bar: visible keyboard focus, modal focus trap, listbox aria state, explicit destructive confirmations, and no hover-only critical affordances
-- keep first-class backend contracts explicit for Wave P and Wave R:
-  - `UserPreference` server state for workspace mode/onboarding/default board
-  - aggregate DTOs such as `WorkspaceHomeDto`, `TodayAgendaDto`, `ReviewSummaryDto`, `BoardSummaryDto`
-  - `IProposalSummaryService`
-  - later `ITaskdeckTool`, `ITaskdeckToolRegistry`, and `IAgentPolicyEvaluator`
-- the secondary follow-through set from the audit is now seeded as `#329` to `#334`; keep it below Wave P and reuse anchors such as `#216`, `#77`, `#93`, `#98`, `#311`, `#75`, `#218`, and `#219` instead of duplicating their scope
-- the remaining expanded-blueprint architecture wave is now seeded as `#335` to `#341`; keep it below Wave Q and reuse anchors such as `#75`, `#77`, `#98`, `#100`, `#216`, `#218`, `#219`, and `#328` instead of stretching Wave P issues beyond their productization purpose
-
-## Roadmap by Horizon
-
-### Horizon A (Week 1 to 2): Novice-First Shell and Entry Clarity
-
-Focus:
-- add workspace mode preference (`guided`, `workbench`, `agent`) and persist it as durable product state
-- add a true start surface (`Home`) instead of dropping every user into an implementation-shaped boards list
-- make the guided shell contract concrete: `Home`, `Today`, `Inbox`, `Projects`, `Review`, `Settings`, with notifications/archive/help secondary and operator surfaces hidden by default
-- make `Review` the primary normal-user automation surface and keep queue explicitly advanced
-- replace dead-end empty states with action-oriented help blocks on primary pages
-- replace raw board-ID happy paths with selectors/pickers in common flows
-- prefer aggregate/product-shaped APIs for shell summaries instead of client-side stitching
-- make `Home` product-shaped rather than dashboard-shaped:
-  - thesis/welcome line
-  - start-here CTAs
-  - needs-attention counts
-  - continue-working/resume context
-  - learn-Taskdeck cards
-
-Exit Criteria:
-- a guided-mode user lands on a product-shaped entry surface
-- the UI tells the user what to do first without requiring internal docs
-- common capture/review/project flows do not require raw IDs
-- queue remains available for power users but is no longer the implied default
-
-### Horizon B (Week 3 to 6): Board-Centered Daily Workflow
-
-Focus:
-- shipped in `#324`: `Today` as a compact daily agenda surface
-- shipped in `#324`: first-run onboarding checklist and first useful board creation wizard
-- add proposal summary service and readable proposal cards with plain-language summaries, risk, and deep links
-- add board action rails so capture/chat/review follow the current board context by default (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`)
-- strengthen deep links across inbox, review, notifications, activity, and resulting boards/cards
-- shipped `Today` utility now covers:
-  - due today / overdue
-  - blocked
-  - proposals waiting review
-  - inbox needing triage
-  - resume point
-- remaining follow-through for this horizon:
-  - richer contextual help and in-product teaching on top of the shipped board-centered loop
-  - broader telemetry and release-gate follow-through beyond the shipped first-run guardrail
-
-Exit Criteria:
-- the `capture -> review -> board` loop is visible and coherent inside the product
-- board context travels without manual re-entry across primary surfaces
-- a first-time user can create first value without wandering through operator pages
-- proposal review feels like a product surface, not just a diff viewer
-
-Current status:
-- `#326` is now delivered:
-  - application-layer proposal presentation now feeds readable review cards with plain-language summaries, impact/risk/source cues, and affected-entity headlines
-  - board pages now expose an explicit action rail (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`)
-  - board context now travels through inbox, review, chat, notifications, and provenance/deep-link follow-through
-
-### Horizon C (Week 6 to 8): Docs, Help, and Verification Coherence
-
-Focus:
-- add a bridge doc (`START_HERE`) for first-run product understanding
-- reshape the manual and index around top-level navigation and user goals
-- keep `START_HERE.md` and `USER_MANUAL.md` at `docs/` root, while chaptered manual guidance lives under `docs/manual/` and reusable workflow/help-center guides live under `docs/product/`
-- required first-run golden-path smoke test, expressed as a deterministic Playwright guardrail
-- define product-shaped telemetry and launch criteria for novice beta and later agent alpha
-- treat the staged `novice-first-first-run` scenario shape as the acceptance contract for the shipped first-run smoke path
-- keep demo tooling as evidence and acceptance support rather than the main onboarding path
-
-Exit Criteria:
-- docs entry points match the product's intended top-level navigation
-- the first-run smoke path is `Home -> capture -> review -> execute -> board`
-- novice users can recover from empty/confusing surfaces without leaving the product context
-- launch criteria are explicit enough to guide seeding and release decisions
-
-### Horizon D (Post-R1): Agent Substrate Foundation
-
-Focus:
-- add `AgentProfile`, `AgentRun`, and `AgentRunEvent` as first-class runtime primitives
-- ~~add a tool registry abstraction and policy evaluator~~ (delivered in AGT-02, `#337`)
-- ~~add a first bounded agent template~~ (delivered: `InboxTriageAssistant` in AGT-02)
-- add inspectable run traces
-- expose agent mode views only after the substrate is real
-
-Current status:
-- tool registry, policy evaluator, and first bounded template are now delivered (`#337`): `ITaskdeckTool`/`ITaskdeckToolRegistry` domain interfaces, `AgentPolicyEvaluator` with allowlist + risk-level gating, and `InboxTriageAssistant` bounded template (proposal-only, review-first default)
-- LLM tool-calling architecture spike completed (`#618`); Phase 1 delivered (`#649`): read tools + orchestrator + provider tool-calling extension; `#674` delivered (OpenAI strict mode + loop detection with error-retry bypass, PR `#694`); `#677` delivered (card ID prefix resolution for chat-to-proposal continuity, PR `#695`); `#650` delivered (write tools + proposal integration, PR `#731`); `#672` delivered (double LLM call elimination, PR `#727`); `#651` delivered (Phase 3 refinements: cost tracking, `LlmToolCalling:Enabled` feature flag, `TruncateToolResult` byte budget with binary search — 17 new tests, PR `#773`); ~~`#673`~~ delivered (argument replay — `Arguments` field on `ToolCallResult`, OpenAI/Gemini replay uses real arguments, 6 new tests, PR `#770`)
-- MCP server architecture spike completed (`#619`); Phase 1 delivered (`#652`/`#664`): minimal prototype with `taskdeck://boards` resource over stdio; ~~`#653`~~ delivered (full inventory — 9 resources + 11 tools, PR `#739`); remaining: `#654` (HTTP + auth), `#655` (production hardening, deferred)
-- remaining work: `AgentProfile`/`AgentRun`/`AgentRunEvent` runtime primitives (`#336`), agent mode surfaces (`#338`), inspectable run detail
-
-Exit Criteria:
-- runs are first-class and inspectable
-- agent behavior remains proposal-first and trace-first by default
-- no opaque or silent autonomy is introduced
-- LLM chat can dynamically query and mutate board state through tool calls (proposal-first for writes)
-- external AI agents (Claude Code, Cursor) can access Taskdeck via MCP (proposal-first for writes)
-
-### Horizon E (Post-R2): Knowledge and Integrations Surface
-
-Focus:
-- add local-first knowledge documents/notes and SQLite FTS-backed search
-- add note/transcript/clip-style intake paths that feed capture or knowledge flows
-- add integrations registry/management view so imports and webhooks have a coherent home
-- keep connector behavior capture-first and review-safe by default
-
-Exit Criteria:
-- durable searchable context exists without external vector infrastructure
-- integrations surface is coherent and discoverable without bypassing review-first rules
-- knowledge and connector work builds on the same board/capture/proposal substrate
-
-### Horizon F (Concurrent Foundation Streams)
-
-These continue in parallel where they protect trust, performance, or operator posture, but they should not outrun Horizon A through C product legibility work:
-
-- managed-key LLM control plane and abuse controls: `#235`, `#237` (pending), `#238` (operator tooling groundwork delivered; live-traffic wiring pending), `#239` (delivered), `#240` (delivered)
-- premium UI foundations and reskin wave: `#242` to `#250` (plus optional `#251`); foundations delivered: `#243` UI-02 shared primitives, `#245` UI-03 stack spike, `#250` PERF-08 budgets; appshell reskin (`#499`) and board/card polish (`#501`) now shipped with design-token-based styling; UX feedback wave 1 (`#628`) delivered: sidebar footer pinned (`#623`), card drag layout shift eliminated (`#621`), starter-pack modal migrated to design tokens (`#612`), capture triage error messages (`#615`), review collapsible sections with risk color-coding (`#626`); wave 2 delivered: capture triage delimiters (`#614`), chat truncation (`#616`), notification type differentiation/grouping/batch actions (`#625`), search pagination (`#610`), CI-extended path triggers (`#608`); hardening wave (2026-04-03) delivered: label manager dark theme (`#684`), human-readable proposal diffs (`#682`), expired proposal handling (`#678`+`#690`), chat health banner three-state (`#679`), dead workspace routes fixed (`#681`)
-- long-list responsiveness and related UX scale follow-through: `#213` (delivered — inbox + activity virtualized; board cards deferred due to drag-and-drop conflicts)
-- platform, ops, testing, and maturity backlog: `#84` to `#111`, `#87` to `#91`; PWA/offline readiness delivered (`#95`): `vite-plugin-pwa` + Workbox `generateSW` with 84 precached entries, runtime caching (NetworkFirst for API, CacheFirst for static, StaleWhileRevalidate for fonts), SPA navigateFallback, `useOnlineStatus` composable, `OfflineBanner` + `SwUpdatePrompt` components in AppShell, installability-ready manifest, offline behavior documented in `docs/platform/PWA_OFFLINE_BEHAVIOR.md`; 18 new tests (11 composable + 7 component)
-- deferred outreach CRM expansion: `#262` to `#268`
-
-## Release Framing
-
-### Platform Release Plan (2026-03-29)
-
-The release plan now spans packaging, cloud, mobile, and collaboration — not just feature milestones.
-Strategy documents: `docs/strategy/00_MASTER_STRATEGY.md` and companion pillar docs.
-Master tracker: `#531`.
-
-- `v0.1.0` **First Light** (target: Week 1-2):
-  - P0 blocker fixes (`#508`, `#509`)
-  - self-contained single-file executable (Windows + Linux + macOS)
-  - auto-config (JWT, DB path, browser launch)
-  - GitHub Release with cross-platform downloads
-  - polished README with demo GIF
-  - 90-second demo video
-  - packaging wave: `#532` → `#533`, `#534`, `#535`, `#536`
-  - GTM wave: `#544` → `#545`, `#546`
-
-- `v0.2.0` **Open Doors** (target: Week 3-5):
-  - hosted cloud instance on Railway/Render (`#537` → `#538`)
-  - GitHub OAuth login (`#539` — delivered)
-  - custom domain and TLS
-  - Show HN, Reddit, Dev.to launch
-  - landing page on custom domain
-
-- `v0.3.0` **In Your Pocket** (target: Week 6-9):
-  - ~~PWA manifest + service worker (`#540` → `#541`, `#542`)~~ — baseline delivered in `#95`: Workbox generateSW with precaching, runtime caching, SPA navigateFallback, offline banner, SW update prompt, installability-ready manifest
-  - mobile-responsive CSS for core flows (`#543`)
-  - bottom tab navigation for mobile
-  - touch-optimized capture modal
-  - mobile board view (card list)
-  - web push notifications
-
-- `v0.4.0` **Bring Friends** (target: Week 10-14):
-  - board sharing with permission levels
-  - workspace invitations
-  - email notification delivery
-  - activity feed per board
-  - LLM tool-calling for chat (`#647`: ~~`#649`~~ delivered → ~~`#650`~~ delivered → ~~`#651`~~ delivered)
-  - MCP server for external agent integration (`#648`: ~~`#652`~~ delivered → `#653`→`#654`)
-
-- `v0.5.0` **Power Up** (target: Week 15-20):
-  - platform installers (Inno Setup, DMG, AppImage)
-  - package manager listings (winget, Homebrew, Snap)
-  - Google Play listing (TWA/Capacitor)
-  - PostgreSQL backend option for cloud
-  - free/pro tier limits and billing
-
-- `v1.0.0` **Generally Available** (target: Month 6-8):
-  - Apple App Store listing (via Capacitor)
-  - workspace/team/organization model
-  - local + cloud sync (API-based)
-  - optional Tauri 2.0 native desktop shell
-  - agent substrate (inspectable runs, bounded templates)
-
-### Feature Milestones (Original)
-
-- `R1` novice-first beta (largely delivered — maps to v0.1.0/v0.2.0):
-  - `Home`, `Today`, `Review`, onboarding/help coherence
-  - readable proposals, board-centered action rails
-  - no raw-ID requirements in common flows
-- `R2` agent foundation alpha (maps to v1.0.0+):
-  - `AgentProfile`, `AgentRun`, `AgentRunEvent`
-  - tool registry and policy evaluator (delivered in AGT-02)
-  - first bounded template (delivered: `InboxTriageAssistant`)
-  - inspectable run detail
-- `R3` knowledge/integrations alpha (post-v1.0.0):
-  - `KnowledgeDocument` / `KnowledgeChunk`
-  - SQLite FTS search
-  - integrations registry
-  - at least two meaningful supervised inbound context/capture paths
-
-## Active Backlog (Priority-Labeled)
-
-### Priority I (Current Phase 4 Completion Path)
-
-- **Security bug**: `#722` (SEC-20) — `ChangePassword` does not verify caller identity; any authenticated user can change another user's password. Discovered during 2026-04-03 test audit. Must be resolved before external onboarding.
-- Security and policy convergence: `#33`, `#34`, `#44`
-- Final cross-user policy convergence follow-through: `#152`
-- Starter packs foundation: `#48`, `#49`, `#50`, `#51` (delivered)
-- Tech-debt blockers for stable expansion: `#52` (delivered), `#53` (delivered), `#54` (delivered)
-
-### Priority II (Immediate Post-Phase-4 Foundation)
-
-- Analysis follow-through wave tracker: `#151`
-- Capture realignment wave: `#199` to `#211` (delivered); logging redaction follow-through `#212` is delivered, and remaining linked performance follow-through is `#213`
-- Testing harness guardrails wave (`#254` to `#260`) is delivered; follow-up improvements now route through normal hardening issues
-- Rigorous test expansion wave (`#721` tracker, `#699`–`#720`, `#722`–`#726`): 22 issues seeded 2026-04-03 from systematic codebase audit covering infrastructure repository integration tests, untested workers, controller HTTP gaps, cross-user data isolation proof, concurrency stress, auth edge cases, domain state machines, SignalR hub integration, proposal lifecycle edge cases, LLM tool-calling boundaries, webhook SSRF, frontend store/view gaps, E2E scenarios, export/import round-trips, error contracts, resilience testing, and property-based/adversarial input testing; golden path integration test (`#703`) is highest-signal individual item; first delivery: ~~`#699`~~ infrastructure repo integration tests (77 tests, 7 classes, PR `#730`); proposal decision race regression now treats the losing update as a `409 Conflict` through proposal `UpdatedAt` concurrency
-- Provider-agnostic LLM runtime expansion (`OpenAI` + `Gemini`) and demo setup hardening: `#232` (delivered)
-- Managed-key LLM control-plane tracker and foundations: `#235`, `#236` (delivered), `#237`
-- CI/workflow topology expansion and governance track: `#168`
-- API/frontend hardening follow-through: `#153` (delivered), `#154` (delivered), `#155` (delivered), `#157` (delivered)
-- Real-time and observability baseline: `#67` (delivered), `#68` (delivered)
-- Container/deployment and performance harness baseline: `#69` (delivered), `#70` (delivered), `#142` (delivered)
-- Multi-tenancy strategy and collaboration/integration foundations: `#71` (delivered), `#72` (delivered), `#73`, `#74`, `#75`, `#76` (delivered)
-- Seeded Wave P from the 2026-03-07 MVP expansion integration:
-  - `#318` tracker
-  - `#320` workspace modes + `Home` summary shell (delivered)
-  - `#322` `Review`-first routing + empty/help states + board selectors (delivered)
-  - `#324` `Today` agenda + onboarding path (delivered)
-  - `#326` proposal readability + board-centered action flow (delivered)
-  - `#96` onboarding/contextual help (delivered)
-  - `#100` user guides/tutorials/FAQ (delivered)
-  - `#328` first-run smoke + launch-criteria guardrail (delivered)
-- Seeded Saul-facing demo alignment wave:
-  - `#356` tracker
-  - `#354` client-onboarding starter pack + deterministic hero scenario
-  - demo-critical `#326` trust-first readability hardening
-  - demo-critical `#330` hero-path/demo-board cue hardening
-  - `#355` rehearsal contract + acceptance checklist (delivered)
-  - `#216` broader reusable demo script/public framing (current execution step)
-- Reuse-before-duplicate anchors for this wave:
-  - `#326` proposal readability and trust cues
-  - `#330` in-app demoability and hero-board quality
-  - `#216` demo script / public framing
-  - `#175` broader starter-pack expansion after the narrow pre-demo slice
-- Related but intentionally not folded into Wave P core execution: `#93`, `#216`, `#77`
-
-### Priority III (Expansion Tranche: Analytics, Security, Compliance, Premium UI Foundations)
-
-- Analytics and forecasting: `#77` (delivered — board metrics dashboard, PR `#667`; SQL-level filtering follow-up ~~`#675`~~ delivered, PR `#724`), `#78`, `#79`
-- Security/compliance expansion: `#80` (delivered), `#81` (delivered; capture scope extended), `#82`, `#83` (delivered — GDPR data portability + account deletion, PR `#666`; follow-ups `#670`, ~~`#671`~~ (delivered — JWT invalidation after account deletion, PRs `#698`+`#728`, ADR-0021)), `#106`, `#110` (SEC-10 delivered), `#156`, `#212` (delivered), `#238` (SEC-18 operator tooling + groundwork delivered; live wiring follow-up pending), `#239` (SEC-19 delivered), `#240` (delivered)
-- Frontend premium UI foundations wave: `#242`, `#243` (UI-02 shared primitives delivered), `#244`, `#245` (UI-03 stack spike delivered), `#246`, `#247`, `#248`, `#249`, `#250` (PERF-08 delivered)
-- Frontend premium wave reused dependencies: `#154` (lint/CI), `#88` (visual regression), `#92` (a11y remediation), `#213` (virtualization)
-- Seeded secondary MVP follow-through wave (lower priority than Wave P):
-  - `#329` tracker
-  - `#330` in-app demoability and live attention cues
-  - `#331` demo director reporting/assertions/presets/soak (delivered)
-  - `#332` replay-from-trace and scenario-authoring follow-through
-- Seeded expanded-blueprint architecture wave (future agent/knowledge/release-gate follow-through):
-  - `#335` tracker
-  - `#336` agent profile/run/event foundation
-  - `#337` tool registry, policy evaluator, and first bounded template (delivered)
-  - `#339` knowledge document + SQLite FTS foundation
-- Reuse-before-duplicate anchors for this later wave: `#75`, ~~`#77` (delivered — board metrics dashboard, PR `#667`)~~, `#98`, `#100`, `#216`, `#218`, `#219`, `#328`
-- LLM tool-calling implementation wave (from completed spike `#618`):
-  - `#647` tracker
-  - ~~`#649` Phase 1: read tools + orchestrator + provider tool-calling extension~~ (delivered 2026-04-01, PR `#669`)
-  - ~~`#650` Phase 2: write tools + proposal integration~~ (delivered 2026-04-03, PR `#731`)
-  - ~~`#651` Phase 3: refinements — cost tracking, feature flag~~ (delivered 2026-04-04): `LlmToolCalling:Enabled` feature flag, `TruncateToolResult` token budget enforcement, cost tracking to `ILlmQuotaService`, 15 new tests; also ~~`#672`~~ (double LLM call — delivered 2026-04-03, PR `#727`), `#673` (argument replay); ~~`#674`~~ (strict mode + loop detection — delivered 2026-04-03, PR `#694`)
-  - Dependency chain: ~~`#649`~~ → ~~`#650`~~ → ~~`#651`~~
-  - Unblocks conversational refinement (`#576`) and MCP tool inventory (`#653`)
-- MCP server implementation wave (from completed spike `#619`):
-  - `#648` tracker
-  - ~~`#652` Phase 1: minimal prototype — one resource + stdio + Claude Code~~ (delivered 2026-04-01, PR `#664`)
-  - `#653` Phase 2: full resource + tool inventory (2-3 weeks)
-  - `#654` Phase 3: HTTP transport + API key auth (1-2 weeks)
-  - `#655` Phase 4: production hardening (deferred to v0.4.0+ demand, `Priority IV`)
-  - Dependency chain: ~~`#652`~~ → `#653` → `#654` → `#655`
-  - Phase 2 mirrors LLM tool-calling tool abstractions; shared Application layer services
-
-### Platform Expansion Wave (2026-03-29 — Priority II)
-
-Seeded from `docs/strategy/00_MASTER_STRATEGY.md` and companion pillar documents.
-
-- Master strategy tracker: `#531`
-- Packaging and distribution wave: `#532` → `#533` (SPA serving), `#534` (build script), `#535` (release workflow), `#536` (first-run config)
-- Cloud and collaboration wave: `#537` → `#538` (cloud deploy), ~~`#539` (GitHub OAuth — delivered, PR `#668`)~~; follow-up: `#676` (distributed auth code store, PKCE, account linking)
-- Mobile platform wave: `#540` → `#541` (PWA manifest), `#542` (service worker), `#543` (mobile responsive)
-- Market adoption and GTM wave: `#544` → `#545` (README polish), `#546` (demo video), `#547` (LICENSE)
-- Cross-cutting: `#548` (legal/privacy), `#549` (analytics/error tracking), `#550` (brand/domain)
-- Reuse anchors: `#95` (PWA readiness), `#87` (mobile E2E), `#111` (cloud topology), `#105` (SignalR scale-out), `#216` (GTM execution), `#341` (telemetry)
-- Execution order: `v0.1.0` packaging → `v0.2.0` cloud → `v0.3.0` mobile → `v0.4.0` collab → `v0.5.0` maturity → `v1.0.0` GA
-
-### Priority IV (Expansion Tranche: Platform, Test, UX, Docs Maturity)
-
-- Platform and ops maturity: `#84`, `#85`, `#86`, `#101`, `#102`, `#103`, `#104`, ~~`#105` (SignalR scale-out — delivered, ADR-0023)~~, `#111`
-- Test maturity: `#87`, `#88`, `#89` (property/fuzz pilot delivered; extended by `#717`), `#90`, `#91`; rigorous expansion wave tracker at `#721`
-- UX and onboarding maturity: `#92`, `#93`, `#94`, `#95`
-- Frontend responsiveness maturity: `#213`
-- Lower-priority secondary MVP follow-through continuation:
-  - `#333` saved views and productivity shortcuts
-  - `#334` note-style import and clip intake follow-through
-- Expanded-blueprint architecture continuation:
-  - `#338` agent mode surfaces and run-detail timeline
-  - `#340` integrations registry and supervised connector foundation
-- Optional premium UI documentation/component tooling: `#251`
-- Developer/user docs maturity: `#99`, `#216`, `#217`
-- Deferred capture follow-ons after MVP retention proof: `#218`, `#219`, `#220`
-- Outreach CRM deferred expansion wave: `#262` to `#268` (`#263` OUT-01 JSON manifest import delivered)
-- Outreach CRM wave reused dependencies: `#75` (delivered import adapters), `#77` (analytics), `#175` (starter-pack catalog expansion)
-- MCP production hardening (deferred): `#655` (observability, OAuth, resource subscriptions, key management UI, scope-based permissions)
-- Codebase maintainability hotspot refactors (analysis wave): `#158`, `#159`, `#160`, `#161`, `#162`, `#163`, `#164`, `#165`, `#166`, `#167` — ActivityView, BoardView, StarterPackManifestValidator, ArchiveRecoveryService, and AutomationExecutorService decompositions are now delivered; remaining issues in this wave cover other hotspots not yet addressed
-
-### Priority V (Meta/Historical)
-
-- Wave index and historical/closed tracking: `#107` and completed governance items.
-- Expanded-blueprint launch-gate/telemetry framing continuation:
-  - `#341` product telemetry taxonomy and `R1` / `R2` / `R3` launch-gate follow-through
-
-## Research Reconciliation (WIP PDFs, Feb 2026)
-
-Research sources reviewed:
-- `docs/WIP/FutureExpansionAndImprovementsChecklist.pdf`
-- `docs/WIP/In-DepthAnalysisAndProgressReport(Feb2026).pdf`
-- `docs/WIP/Scaling and Hardening Taskdeck (Vue 3 + ASP.NET Core) - Comprehensive Guide.pdf`
-
-Strategic reconciliation applied:
-- Keep current sequence: finish Phase 4 consistency/security first (`Priority I`) before broad feature expansion.
-- Translate research recommendations into dependency-aware issues rather than broad unscoped themes.
-- Treat non-code operations/configuration work as a mandatory delivery track, not "later ops".
-- Added capture/inbox realignment wave from `docs/InReview` planning packs with explicit dependency-mapped issue seeding (`#199` to `#213`).
-- Added frontend premium UI foundations wave from `docs/InReview` premium UI pack with deduplicated issue mapping (`#242` to `#251`, reusing `#154`, `#88`, `#92`, `#213`).
-- Added testing harness/guardrails wave from `docs/InReview` testing-harness pack with duplicate prevention for already-covered scenarios (`#254` to `#260`).
-- Added outreach CRM deferred wave from `docs/InReview/outreach-crm` with low-priority issue seeding (`#262` to `#268`) and explicit reuse of overlapping existing issues (`#75`, `#77`, `#175`).
-- Added 2026-03-07 MVP expansion integration from `docs/InReview/MVP_EXPANSION/`; near-horizon now prioritizes novice-first productization and board-centered review workflows before agent/knowledge surface breadth.
-
-## Out-of-Code and Configuration Coverage Matrix
-
-Covered by seeded issues:
-- Docker + reverse proxy + compression baseline: `#69` (delivered)
-- IaC baseline for single-node AWS environments hosting the Docker workload layer: `#102` (delivered)
-  - follow-up hardening now includes SSM-backed JWT secret bootstrap, replace-on-change semantics for host bootstrap drift, a dedicated persistent EBS data volume so SQLite survives routine host replacement, stop-before-detach safety for planned data-volume changes, default destroy-protection for staging/prod data volumes, and backup-bucket noncurrent-version expiry with explicit versioning dependency
-- Developer MCP baseline and Docker Marketplace setup hardening: delivered (2026-02-20 local ops cycle)
-- MCP operator wiring + verification workflow: `#140` (delivered via `#144`)
-- MCP integration smoke/regression harness: `#141` (delivered)
-- Staged rollout policy (blue/green/canary): `#101`
-- SBOM/release provenance: `#103`
-- Cost guardrails: `#104`
-- Backup/restore disaster recovery: `#86`
-- OpenTelemetry metrics/tracing and alerting runbook: `#68`
-- Load/concurrency harness and budgets: `#70` (delivered)
-- Multi-tenancy strategy ADR: `#71` (delivered)
-- API abuse/rate limiting: `#81` (delivered)
-- OWASP/security headers and CSRF/XSS baseline: `#80` (delivered)
-- Dependency vulnerability management policy: `#106` (delivered)
-  - reusable dependency-security signal workflow now normalizes backend/frontend scan results for PR/manual, nightly, and release contexts; remaining follow-through is limited to future automation escalation (for example auto-ticketing or stricter PR gating) rather than baseline policy definition
-- Secrets/configuration management baseline: `#110`
-- DB migration strategy and cache strategy: `#84`, `#85`
-- Cloud target topology and autoscaling ADR: `#111` (delivered — ADR-0023 defines ECS Fargate topology with ALB, RDS PostgreSQL, ElastiCache Redis, CloudFront CDN; autoscaling policy with CPU/request-rate/connection thresholds; health check contract; SLO targets; cost estimates; companion reference architecture at `docs/ops/CLOUD_REFERENCE_ARCHITECTURE.md`)
-- CI workflow topology expansion/governance baseline: `#168`
-
-Outstanding strategy-level gap to monitor:
-- no major out-of-code categories from the reviewed WIP PDFs are currently untracked; residual risk is execution sequencing and closure quality.
-
-## ARCH-01 Follow-Through Stages (Post-ADR)
-
-1. Stage A (Priority II): tenant-context collaboration foundations and isolation semantics alignment (`#72`, `#73`, `#74`, `#75`, `#76` delivered).
-2. Stage B (Priority IV): platform data-plane evolution for multi-tenant readiness (`#84`, `#85`).
-3. Stage C (Priority IV): tenant-aware DR, rollout, and topology governance (`#86`, `#101`, `#111`).
-4. Stage D (Priority III): security/compliance controls that reinforce tenant boundaries (`#80`, `#81` delivered; `#82`, `#83` delivered, `#110` pending).
-
-
-## Prepackaged Starter States Track (Roadmap Additions)
-
-Goal:
-- reduce setup friction and make boards immediately useful
-- make QA/E2E environments reproducible through deterministic starter states
-- reuse one package definition across product onboarding, demos, and tests
-
-Brainstormed package candidates (to be converted into scoped work items):
-- Label packages: software delivery, bug triage, incident severity, customer support, product discovery, content production, compliance/risk.
-- Column packages: simple Kanban, Scrum sprint, intake-triage-doing-done, incident command flow, support SLA flow, release train flow.
-- Board blueprint packages: sprint board, roadmap board, on-call board, support queue, launch checklist board, design review board.
-- Card template packages: bug report, incident ticket, feature request, technical debt, postmortem, release task, QA test case.
-- Checklist template packages: DoR/DoD, pre-release checklist, rollback checklist, incident response checklist.
-- Automation preset packages: stale-card nudges, due-date reminders, WIP breach alerts, auto-labeling suggestions, proposal gating defaults.
-- Ops preset packages: common command templates, log query presets, correlation-ID trace bundles.
-- Saved filter/view packages: blocked-only view, due-this-week view, critical-label view, owner-centric view.
-- Permissions/access packages: default board role policies and invite presets for common team topologies.
-- Seed-data demo packages: realistic sample boards/cards for walkthroughs and onboarding.
-- Deterministic QA fixture packages: minimal/small/large datasets with stable IDs and timestamps.
-- Edge-case fixture packages: blocked-card-heavy boards, overdue-heavy boards, archive-heavy boards, WIP-limit stress boards.
-- Security fixture packages: unauthorized/forbidden/cross-user scenario seeds for auth contract validation.
-- Performance fixture packages: high-card/high-column/high-label board seeds for load and latency profiling.
-- Archive lifecycle packages: pre-seeded archive/restore scenarios for board/entity recovery testing.
-- Activity discoverability packages: seeded histories across board/entity/user to validate selector UX.
-- Keyboard workflow packages: board states designed to validate no-mouse task creation/edit/navigation paths.
-- LLM/automation sandbox packages: curated prompts + expected proposal shapes for regression validation.
-- Chat-to-project bootstrap packages: paste Markdown checklist/project plan and generate columns/cards/labels/proposals from it.
-- Domain-specific packs: engineering backlog, agency workflow, content calendar, CRM-lite pipeline, research planning.
-- "Golden path" E2E packs: canonical start states for smoke, regression, and release-candidate test suites.
-
-Initial implementation shape:
-1. Define a versioned package manifest schema (labels, columns, cards, automations, metadata, compatibility rules).
-2. Build idempotent package-apply backend endpoints with dry-run and conflict reporting.
-3. Add frontend package catalog with search, preview, and one-click apply (delivered in PACK-03, issue #49).
-4. Ship first-party packs: common labels + common column flows + 3-5 board blueprints (delivered in PACK-04, issue #50).
-5. Reuse package manifests to generate deterministic E2E/QA fixtures (delivered in PACK-05, issue #51).
-6. Add pack telemetry to measure adoption, setup-time reduction, and failure points.
-7. Add pack migration/version compatibility checks for long-lived boards.
-8. Add checklist-ingestion path for chat so pasted plans can map to pack templates and board bootstrap proposals.
-## Planning Updates (2026-03-02)
-
-Demo-expansion migration wave seeding completed:
-- tracker: `#297`
-- dependency-ordered batches: `#298` -> `#299` -> `#300` -> `#301` -> `#302`
-- all migration-wave issues carry `Priority I`
-- each batch issue now includes a suggested branch name and explicit file-scoped commit expectation
-
-Canonical references for this wave:
-- `docs/archive/2026-03-07_docs-root-reorg/DEMO_EXPANSION_MIGRATION_SOT.md`
-- `docs/archive/2026-03-07_docs-root-reorg/temp_description.txt`
-- `docs/ISSUE_EXECUTION_GUIDE.md`
-
-Batch A baseline delivery (`#298`) status:
-- baseline seeding command introduced (`npm run demo:seed`)
-- v0-first-run UX defaults applied (advanced surfaces default off, Automations default to Proposals, queue composer instruction-first guidance)
-- demo playbook promoted to active docs (`docs/product/DEMO_PLAYBOOK.md`)
-
-Batch B harness/docs delivery (`#299`) status:
-- reusable demo harness layer added (`npm run demo:run`, `npm run demo:autopilot`, `scripts/demo-lib.mjs`, `scripts/scenarios/*`)
-- scenario modules added for engineering sprint, support triage, and content-calendar demo flows
-- API walkthrough asset added: `demo/http/taskdeck-demo.http` (updated for current API contracts)
-- stakeholder walkthrough recorder added as opt-in Playwright coverage (`tests/e2e/stakeholder-demo.spec.ts`, gated by `TASKDECK_RUN_DEMO=1`)
-- demo operations docs expanded and indexed (`docs/product/DOGFOODING_GUIDE.md`, `docs/USER_MANUAL.md`, `docs/product/DEMO_PLAYBOOK.md`, `docs/INDEX.md`)
-
-Batch C JSON/capture harness (`#300`) status:
-- JSON scenario runner added with schema + sample scenarios (`scripts/scenario-json-runner.mjs`, `scripts/scenarios-json/*`)
-- `demo:run` now prefers JSON scenarios and supports `--list`, `--skip-llm`, and `--continue-on-error`
-- `demo:autopilot` now supports `--loop queue|capture|mixed` and capture controls (`--capture-prob`, `--leave-capture-untriaged-prob`, `--triage-timeout-ms`, `--capture-source`, `--capture-title-hint`)
-- capture helper functions added in `scripts/demo-lib.mjs` and consumed by JSON runner/autopilot (`create/get/ignore/cancel/triage/wait-for-outcome`)
-- scenario authoring/usage documentation added and indexed (`docs/product/SCENARIOS.md`, `docs/INDEX.md`, `docs/product/DEMO_PLAYBOOK.md`)
-
-Batch D director/artifact orchestration (`#301`) status:
-- demo orchestration commands added (`npm run demo:director`, `npm run demo:snapshot`) with new scripts (`scripts/demo-director.mjs`, `scripts/demo-snapshot.mjs`)
-- runtime trace stream support added across scenario/autopilot/proposal/capture/ops flows via `TASKDECK_DEMO_TRACE_PATH` (`trace.ndjson` artifact)
-- JSON scenario runner expanded with `runOps` step support and `opsRuns` alias namespace
-- scenario samples now include Ops template evidence steps (`health.check`) for richer demo artifacts
-- stakeholder recorder spec now supports director-mode bootstrap (seed/scenario/autopilot/snapshot orchestration + per-step logs under artifacts)
-- playbook and scenario docs updated for director usage and `runOps` authoring guidance
-
-Batch E integration hardening (`#302`) status:
-- demo smoke command added (`npm run demo:director:smoke`) for deterministic, LLM-free regression proof with stable artifact output, isolated smoke DB reset, forced fresh Playwright servers, automatic local API port fallback when `5000` is occupied, and actionable remediation hints when explicit runtime port overrides conflict
-- default Playwright CI lanes now explicitly pin `TASKDECK_RUN_DEMO=0` so recorder-style demo flows stay opt-in
-- `ci-extended.yml` now exposes reusable `demo-director-smoke` workflow wiring for explicit smoke validation (`workflow_dispatch` or PR label `automation`) when the PR touches `.github/workflows/**`, `backend/**`, `frontend/**`, `deploy/**`, or `scripts/**`
-- docs/index consolidation completed for demo script entry points, runtime preconditions, and CI policy boundaries
-- follow-through hardening now auto-enables live-provider demos for Playwright-backed full walkthroughs when usable demo keys are present, preferring Gemini for long/manual runs while keeping smoke paths deterministic via `--skip-llm`
-- non-demo Playwright backend startup now stays pinned to deterministic `Mock` mode by default even when local shell env exports live-provider keys; explicit demo runs still override that baseline when LLM steps are enabled
-- post-epic audit hardening under `#310` now also fails fast on unknown scenario IDs, missing starter-pack labels in legacy JS scenarios, and ambiguous duplicate column/label names in JSON scenario resolution
-- post-epic audit hardening under `#310` now keeps `demo:seed` rerun-bounded for canonical evidence generation, validates director CLI flags before Playwright passthrough, and keeps recorder board targeting aligned with explicit autopilot-board overrides
-- post-epic audit hardening now continues under `#311` so demo runtime/test follow-through stays scoped outside the original migration batches
-
-## Saul-Facing Demo Alignment Wave (2026-03-26)
-
-The new capability spec in `docs/WIP/Taskdeck_Demo_Capability_Specification.md` was reconciled into a narrow delivery wave rather than a broad roadmap reset.
-
-Canonical reconciliation record:
-- `docs/analysis/2026-03-26_saul-demo-capability-reconciliation.md`
-
-Execution conclusion:
-- the hard substrate is already shipped: capture triage, review-first gating, provenance, board-centered follow-through, and deterministic demo tooling are all present
-- the remaining pre-recording gap is business-legible packaging, not missing architecture
-- the work should stay pinned to one stakeholder story: `Home -> Inbox/Capture -> Review -> Board`
-- execution status now reflects stacked delivery in progress: `#354` plus demo-critical follow-through from `#326` and `#330` are already delivered for this wave, `#355` rehearsal contract is delivered, and `#216` is the remaining pre-recording focus
-
-Seeded issues:
-- `#354` `PACK-08`: add a Saul-facing client-onboarding starter pack and deterministic demo scenario
-- demo-critical `#326`: trust-first review legibility hardening
-- demo-critical `#330`: in-app hero-path/demo-board cues
-- `#355` `TST-24`: add the rehearsal contract, acceptance checklist, and artifact expectations for the exact stakeholder path (delivered)
-- `#356` `DEMO-00`: track the narrow demo-alignment wave
-
-Reused existing anchors:
-- `#326` for proposal readability and trust-cue hardening
-- `#330` for in-app demoability and hero-board presentation quality
-- `#216` for the broader demo script and public-facing narrative
-- `#175` for broader starter-pack expansion after the narrow pre-demo slice
-
-## Manual Product Audit Follow-through Wave (2026-03-26)
-
-The runtime audit in `docs/analysis/2026-03-26_manual-product-audit.md` was reconciled into a focused execution wave rather than left as a read-only artifact.
-
-Canonical reconciliation record:
-- `docs/analysis/2026-03-26_manual-product-audit-followthrough.md`
-
-Execution conclusion:
-- the golden path is real, but several runtime-coherence gaps still need explicit ownership
-- the highest-value follow-through is not broad new feature work; it is truthfulness and trust around realtime health, triage freshness, provider visibility, and docs/runtime alignment
-- raw-ID-heavy review readability remains intentionally routed through existing issue `#326` rather than duplicated here
-
-Seeded issues:
-- `#363` `ANL-2026-03-26`: tracker
-- `#364` `COL-05`: realtime hub CORS/SignalR health
-- `#365` `CAP-23`: Inbox triage freshness
-- `#366` `UX-20`: Workbench/nav/docs truth alignment
-- `#367` `UX-21`: board-history semantic alignment
-- `#368` `AUTO-04`: chat live-provider status and first-turn fidelity
-- `#369` `TST-25`: headed manual-audit Playwright pack (`Priority IV`)
-
-Immediate hardening landed in this context:
-- `GET /api/llm/chat/health` plus explicit Automation Chat provider-state rendering (`live` / `mock` / degraded)
-- opt-in live-provider Playwright probe (`tests/e2e/live-llm.spec.ts`)
-- headed local audit shortcuts (`npm run test:e2e:audit:headed`, `npm run test:e2e:live-llm:headed`)
-
-## Chat-to-Proposal NLP Gap (2026-03-29)
-
-Manual testing surfaced a significant usability gap in the chat-to-proposal pipeline: natural language requests (e.g., "can you create new onboarding tasks for people who aren't technical?") fail to produce proposals because the pipeline relies on static keyword substring matching (`LlmIntentClassifier`) and regex-based instruction parsing (`AutomationPlannerService.ParseInstructionAsync`). All three LLM providers (Mock, OpenAI, Gemini) share the same brittle classifier; none leverage the LLM for instruction extraction.
-
-Tracker: `#570`. Improvement tiers:
-- **Tier 1 (shipped):** classifier hardening with compiled regex, word-distance matching, stemming/plurals, broader verb coverage, and negative context filtering (`#571`); structured parse-hint error responses with closest-match suggestions and frontend hint card with "try this instead" pre-fill (`#572`); substring ordering bug fixed ("remove card" no longer misclassifies as `card.move`)
-- **Tier 2 (next):** system prompt + structured output for instruction extraction from real providers (`#573`); multi-instruction parsing for batch requests (`#574`)
-- **Tier 3 (delivered):** board-context-aware prompting (`#575`, delivered in `#617`); conversational refinement loop for ambiguous requests (`#576`, delivered in `#791`)
-- **Testing (shipped):** dedicated classifier + chat-to-proposal integration tests (`#577`); null guard added to `Classify()`; 86 classifier unit tests + 28 ChatService flow tests
-
-Analysis: `docs/analysis/2026-03-29_chat_nlp_proposal_gap.md`
-
-## Active Blockers (2026-03-29 Manual Test Session)
-
-Two P0 bugs discovered in fresh-registration manual testing must be resolved before Phase 4 can be signed off or any external user onboarding begins. These are data correctness/security failures, not UX polish:
-
-- **`#508`** — Queue list endpoint not scoped to the authenticated user: a fresh-registered account sees all historical queue items from other sessions. Add a `userId` predicate to the LLM queue list query and add a cross-user isolation integration test.
-- **`#509`** — Board view auto-switches between boards every few seconds: `boardStore` overwrites `activeBoardId` on each `fetchBoards` response. Add a `preserveSelection` guard so the active board is not reset while it still exists in the refreshed list.
-
-Additional P1 issues from the same session (tracked in `#510`–`#515`) cover excessive board polling, the missing Inbox capture button, chat not emitting proposals, delete-card without confirmation, dark-mode theming gaps on three surfaces, and text-selected cards being non-draggable. Full findings at `docs/analysis/2026-03-29_manual_testing_consolidated_findings.md`.
-
-## Next Best Steps (Immediate)
-
-1. **Resolve `#508` and `#509` (P0 blockers above) before any other backlog work.**
-2. Close remaining unblocked Priority I security/policy work first (`#33`, `#34`, `#44`, `#152`) with regression coverage.
-2. Run the manual-audit follow-through wave in trust-first order: `#364` -> `#365` -> `#368`, then align product truthfulness through `#366` and `#367`, while routing review-readability detail through `#326`; keep `#369` explicitly lower priority.
-3. Run the Saul-facing demo alignment wave as the next narrow product-facing slice: `#354` first, then legibility/demoability follow-through through `#326` and `#330`, then lock the recording contract in `#355` and `#216`.
-4. Continue the seeded novice-first shell tranche from `#322`, using the shipped `#320` home/workspace-mode foundation rather than reopening it.
-5. Keep the docs/help/testing tranche synchronized with the shipped Wave P core (`#320`, `#322`, `#324`, `#326`, `#96`, `#100`): keep the now-delivered `#328` smoke contract aligned to the shipped first-run loop, and route broader telemetry/release-gate follow-through to `#341`.
-6. Keep the delivered testing-harness wave (`#254` to `#260`) in maintenance mode and route any new guardrail expansion through normal follow-up issues while keeping aligned existing seeds `#89`, `#90`, `#106`, and `#168`.
-7. Continue managed-key control-plane and abuse follow-through in dependency order: `#235` -> `#237` (quota/kill-switch, not yet started) -> SEC-18 live-traffic wiring follow-up; `#238`/`#239`/`#240` operator tooling and policy groundwork are now delivered.
-8. Continue frontend premium UI wave from the delivered foundations: shared primitives (UI-02), PERF-08 budgets, stack decision spike (UI-03), and inbox premium primitives (`#249`/`#788`) are done; next is `#246` (token system audit), `#247` (component reskin pass), and `#248`/`#250` interaction/accessibility hardening.
-9. Keep agent substrate and knowledge/integrations work sequenced behind novice-first exit criteria; do not promote them ahead of Horizons A through C.
-13. Continue the chat-to-proposal NLP gap (`#570`): Tier 1 delivered — classifier hardening (`#571`), error UX (`#572`), and integration tests (`#577`) are merged; Tier 3 now fully delivered — board-context prompting (`#575`/`#617`) and conversational refinement (`#576`/`#791`) are both merged. Remaining follow-up: enrich audit log entries with changed field details (`#583`).
-14. **UX feedback wave (2026-03-31)**: tracker at `#628`; 17 issues seeded from manual testing. Wave 1 delivered 6 fixes (`#612`, `#615`, `#617`, `#621`, `#623`, `#626`). Wave 2 delivered 5 more: both P1 blockers closed — capture triage dash/semicolon delimiters with context hints (`#614`), chat array truncation detection (`#616`); P2 notification type differentiation, grouping, and batch mark-all-read (`#625`); P4 search cursor pagination (`#610`); ops CI-extended path triggers (`#608`). Wave 3 delivered review card sticky footer (`#613`/`#665`). Remaining open from `#628`: 2 P3 strategic spikes (`#618`, `#619`) both completed with implementation waves in progress. Full analysis at `docs/analysis/2026-03-31_manual_testing_ux_feedback.md`.
-15. **Hardening and UX wave (2026-04-03)**: 9 issues across 8 PRs (`#691`–`#698`) with adversarial review follow-through: P1 dead workspace routes (`#681`), expired proposal handling in Review (`#678`+`#690`), chat card ID continuity (`#677`), human-readable proposal diffs (`#682`), dark theme label manager (`#684`), chat health banner three-state (`#679`), OpenAI strict mode + loop detection (`#674`), JWT invalidation after account deletion (`#671`/ADR-0021). ~58 new tests added across the wave.
-16. **Post-hardening delivery wave (2026-04-03)**: 6 issues across 6 PRs (`#724`–`#731`): SQL-level board metrics filtering (`#675`), double LLM call elimination (`#672`), JWT invalidation hardening with active-user middleware (`#671`), expired proposal review UX with dismiss action (`#678`+`#690`), infrastructure repo integration tests (`#699` — 77 tests, 7 classes, real SQLite, found real ordering bug), LLM write tools + proposal integration (`#650` — 6 write executors, EF migration, 11 total tools, frontend status indicators).
-17. **Security + testing + MCP wave (2026-04-04)**: 8 issues across 8 PRs (`#732`–`#739`) with two rounds of adversarial self-review. ~300 new tests added. Key deliveries: SEC-20 ChangePassword identity bypass fix (`#722`/`#732`), golden-path capture→board integration test (`#703`/`#735`), cross-user data isolation tests (`#704`/`#733` — 38 tests, 3 false-positive tests caught in review), worker integration tests (`#700`/`#734` — 24 tests, fake repo status-tracking fixed in review), controller HTTP tests (`#702`/`#738` — 67 tests, 6 controllers, 2 pre-existing bugs found), proposal lifecycle edge cases (`#708`/`#736` — 74 tests, clock-flakiness fixed in review), OAuth/auth edge cases (`#707`/`#737` — 44 tests, found+fixed `ExternalLoginAsync` Substring overflow production bug), MCP full inventory (`#653`/`#739` — 9 resources + 11 tools, user-scoping gap found+fixed in review). Test expansion wave (`#721`) progress: 7 of 22 issues now delivered (`#699`, `#700`, `#702`, `#703`, `#704`, `#707`, `#708`); remaining 15 open.
-18. **Tech-debt, security, and feature hardening wave (2026-04-04)**: 7 issues across 7 PRs (`#765`–`#770`, `#776`) with two rounds of adversarial review per PR (~65 new tests: 32 backend + 33 frontend). Key deliveries: Agent API 500 fix (`#758`/`#776` — `DateTimeOffset` ORDER BY in SQLite, `AgentRunRepository` upgraded to `IsSqlite()` SQL-level pattern, round 2 caught load-all-before-limit perf bug), DataExport exception logging (`#759`/`#766` — `ILogger` added to `DataExportService`/`AccountDeletionService`, round 2 added `OperationCanceledException` filter + `CancellationToken.None` rollback), streaming chat token usage (`#763`/`#768` — `LlmTokenEvent` extended, all 3 providers populated, `StreamResponseAsync` now persists messages + records quota), EF Core version alignment (`#760`/`#767` — 9.0.14→8.0.14, EF9-only API removed, `FrameworkReference` swap, round 2 added `PrivateAssets`), frontend HTTP interceptor/auth guard tests (`#725`/`#765` — 33 tests, round 2 fixed ESLint `no-import-assign` CI breaker), OAuth token lifecycle tests (`#723`/`#769` — 19 tests covering auth code store + JWT lifecycle + SignalR auth, round 2 fixed `HttpClient` leak + misleading test names), tool argument replay (`#673`/`#770` — `Arguments` field on `ToolCallResult`, OpenAI/Gemini replay now uses real arguments). Test expansion wave (`#721`) progress: 23 of 25 issues now delivered (waves 4+5 added `#711`, `#712`, `#716`, `#720`, `#723`, `#725`); remaining 2 open (`#705`, `#717`).
-19. **Feature, analytics, MCP, chat, testing, and UX expansion wave (2026-04-08)**: 7 issues across 7 PRs (`#787`–`#793`) with two rounds of adversarial review per PR (~390+ new tests). Key deliveries: exportable analytics CSV (`#78`/`#787` — `MetricsExportService` with CSV injection protection, `ADR-0022` deferring PDF, 29 tests, adversarial review caught embedded-newline injection HIGH), forecasting service (`#79`/`#790` — heuristic `ForecastingService` with rolling-average throughput, std-dev confidence bands, frontend MetricsView section, 32 tests, adversarial review caught throughput double-counting HIGH + history window bug), MCP HTTP transport + API key auth (`#654`/`#792` — `ApiKey` entity with SHA-256, `ApiKeyMiddleware`, `HttpUserContextProvider`, `MapMcp()`, REST key management, rate limiting, 31 tests, adversarial review caught key-existence oracle + modulo bias), conversational refinement loop (`#576`/`#791` — `ClarificationDetector` with strong/weak signal split, max 2 rounds + skip, Mock simulation, frontend badge + skip button, 41 tests, adversarial review caught false-positive heuristic HIGH), concurrency stress tests (`#705`/`#793` — 13 `SemaphoreSlim`-barrier stress tests for queue claims, card conflicts, proposal races, rate limiting, multi-user), property-based adversarial tests (`#717`/`#789` — 211 FsCheck + fast-check tests across domain/API/frontend, no 500s from any input), inbox premium primitives (`#249`/`#788` — `TdSkeleton`/`TdInlineAlert`/`TdEmptyState`/`TdBadge` rework, 7 tests). Test expansion wave (`#721`) progress: 25 of 25 issues now delivered (this wave closed `#705` and `#717`). Additional issues closed: `#78`, `#79`, `#249`, `#576`, `#654`.
-10. Keep issue `#107` synchronized as the single wave index and maintain one-priority-label-per-issue discipline (`Priority I` to `Priority V`).
-11. Treat the demo-expansion migration wave (`#297` -> `#302`) as delivered; route any further demo-tooling work through normal scoped follow-up issues such as `#311`, `#354`, `#355`, and `#369` instead of reopening the migration batches.
-12. Test suite baseline counts recertified 2026-04-09: backend ~3,600+ passing, frontend ~1,984+ passing, combined ~5,600+. Rigorous test expansion wave (`#721`) fully delivered (25/25 issues).
-13. **Mutation testing pilot** (`#90`): Stryker.NET (backend Domain) and Stryker JS (frontend captureStore/boardStore) configured with non-blocking weekly CI lane; policy at `docs/testing/MUTATION_TESTING_POLICY.md`; scope expansion to Application layer and additional stores planned after baseline calibration from first 3-4 runs.
-20. **Platform expansion wave (2026-04-09)**: 10 issues (`#84`, `#85`, `#87`, `#88`, `#90`, `#91`, `#95`, `#104`, `#105`, `#111`) across 10 PRs (`#796`–`#805`) delivered platform hardening (PLAT-01/02/03), testing infrastructure (TST-02/03/05/06), PWA readiness (UX-09), and ops documentation (OPS-12/14). 5 new ADRs (ADR-0023 through ADR-0027). Two rounds of adversarial review per PR caught 22 CRITICAL + 32 HIGH issues, all resolved. New test projects: `Taskdeck.Integration.Tests` (Testcontainers). New CI workflows: cross-browser matrix, visual regression, mutation testing, container integration. New infra: `ICacheService`, SignalR Redis backplane, VitePWA service worker.
-21. **Feature, security, and ops expansion wave (2026-04-09)**: 8 issues (`#82`, `#94`, `#101`, `#251`, `#334`, `#338`, `#549`, `#676`) across 8 PRs (`#806`–`#813`) delivered calendar/timeline views (UX-08), staged deployment workflow (OPS-09, ADR-0028), Storybook baseline (UI-12), note-style import (INT-05), agent mode surfaces (AGT-03), error tracking/analytics (OBS-02), OAuth PKCE + account linking (CLD-03), and SSO/OIDC + MFA (SEC-07, ADR-0029). Two rounds of adversarial review per PR (self + independent cold review); the independent round caught 9 CRITICAL and 11 HIGH findings — all resolved. ~231+ new tests. New controllers: NoteImport, Telemetry. New frontend views: CalendarView, AgentsView, AgentRunsView, AgentRunDetailView. New auth infra: DB-backed auth codes, PKCE, OIDC provider factory, TOTP MFA. New dev tooling: Storybook 10.3.5 with 17 primitive stories. New ops: 4-phase deployment workflow, smoke test script, CD staging gate CI workflow, observability setup guide.
-22. Test suite baseline counts recertified 2026-04-09: backend ~3,600+ passing, frontend ~1,984+ passing, combined ~5,600+.
-
-## Documentation Operating Model
-Active docs:
-- `docs/STATUS.md`
-- `docs/IMPLEMENTATION_MASTERPLAN.md`
-- `docs/TESTING_GUIDE.md`
-- `docs/MANUAL_TEST_CHECKLIST.md`
-
-Audience-first product docs:
-- `docs/START_HERE.md`
-- `docs/USER_MANUAL.md`
-- `docs/product/DEMO_PLAYBOOK.md`
-
-Archived docs:
-- all superseded detail packs and historical snapshots under `docs/archive/`
-
-Rule:
-- Any behavior-changing PR must update status + masterplan and relevant testing/checklist docs.
-
-## Weekly Cadence
-
-- Start of week:
-  - reconcile `docs/STATUS.md`
-  - commit top 3 backlog items for the week
-- During week:
-  - ship tested vertical slices
-  - avoid adding new top-level planning docs
-- End of week:
-  - update this file with completed work and reprioritized next steps
-
-## Risk Register
-
-- Risk: auth retrofit causes regressions in existing UI flows
-  - Mitigation: staged rollout + integration contract tests
-- Risk: automation parser/executor changes introduce unsafe operations
-  - Mitigation: strict schema validation + proposal-first enforcement
-- Risk: UX changes increase complexity without cohesion
-  - Mitigation: shared modular patterns (selectors/input-assist/navigation) + RFC-first implementation
-- Risk: docs drift returns after consolidation
-  - Mitigation: strict update requirements on behavior-changing PRs
-- Risk: capture pipeline breaks on natural-language input, undermining near-zero-friction thesis
-  - Mitigation: phased improvement — regex delimiter expansion first, LLM-assisted extraction second, semantic pipeline long-term (`#614`)
-- Risk: LLM tool-calling / MCP architecture becomes scope-creep or breaks review-first safety
-  - Mitigation: spike-first approach (`#618`, `#619`); write tools MUST produce proposals, never direct mutations; read tools are ungated
+
+132. Platform expansion wave delivery (PRs `#796`–`#805`, 2026-04-09):
+    - 10 parallel worktree agents delivered platform hardening, testing infrastructure, ops documentation, and PWA readiness with two rounds of adversarial review per PR (22 CRITICAL + 32 HIGH findings caught and resolved)
+    - **PLAT-01** SQLite-to-PostgreSQL migration strategy (`#84`/`#801`): ADR-0023 (PostgreSQL target), migration runbook, 20 provider compatibility tests; review caught phantom table, 5 missing tables, FTS5 crash
+    - **PLAT-02** Distributed caching (`#85`/`#805`): ADR-0024 (cache-aside), `ICacheService` with Redis/InMemory/NoOp implementations, board list caching, 32 tests; review removed unsafe board-detail cache, fixed permanent Redis disable
+    - **PLAT-03** SignalR scale-out (`#105`/`#803`): ADR-0025 (Redis backplane), conditional `AddTaskdeckSignalR`, health check, runbook, 14 tests; review fixed per-probe connection creation, thread-unsafe fields
+    - **TST-02** Cross-browser E2E matrix (`#87`/`#800`): Firefox/WebKit/mobile projects, tagging strategy, 9 tests, CI workflows, flaky test policy; review fixed CI gate timeout, extracted shared helpers
+    - **TST-03** Visual regression harness (`#88`/`#797`): Playwright `toHaveScreenshot()`, 7 visual tests, CI artifact upload, policy doc; review fixed wrong placeholder (guaranteed test failures), double extensions
+    - **TST-05** Mutation testing pilot (`#90`/`#796`): Stryker.NET + Stryker JS configs, weekly CI workflow (non-blocking), policy doc; review removed broken schema URL, invalid properties
+    - **TST-06** Ephemeral DBs via Testcontainers (`#91`/`#804`): `Taskdeck.Integration.Tests` project, PostgreSQL containers, per-test isolation, 20 tests, Docker skip; review fixed DbContext race condition, deadlock
+    - **UX-09** PWA/offline readiness (`#95`/`#802`): VitePWA, service worker, `useOnlineStatus` composable, offline banner, SW update prompt, 18 tests; review eliminated double-reload race, fixed misleading text
+    - **OPS-12** Cloud cost observability (`#104`/`#798`): ADR-0026, cost framework, hotspot registry, breach runbook; review fixed phantom config keys, wrong API endpoints
+    - **OPS-14** Cloud topology ADR (`#111`/`#799`): ADR-0027 (ECS Fargate), autoscaling policy, SLO targets, ~$147-152/month estimate, reference architecture; review fixed cost inconsistency, missing worker, health check accuracy
+    - ADR numbering: PRs originally all created ADR-0023; canonical numbering is ADR-0023 (PLAT-01) through ADR-0027 (OPS-14); file renames needed during merge
+
+## Current Planning Pivot (2026-03-07)
+
+The 2026-03-06 MVP expansion review packages change the next-cycle emphasis without invalidating the current architecture.
+
+Key conclusion:
+
+- Taskdeck's main near-horizon gap is product legibility, not missing backend capability.
+- The demo/tooling layer is now strong enough that the next cycle should focus on making the product teach itself.
+- One core system can support three presentation modes (`guided`, `workbench`, `agent`), but only the first two should drive near-horizon execution.
+
+Operational planning rules from this pivot:
+
+1. Prioritize novice-first shell work before broader autonomy, knowledge, or connector breadth.
+2. Keep the board as the execution center and make board context travel across capture, review, chat, notifications, and follow-through actions.
+3. Treat `Review` as the main automation surface for normal users; keep queue and ops explicitly advanced.
+4. Reuse existing backlog items where overlap is real (`#96`, `#93`, `#100`, `#216`, `#77`, `#75`, `#97`, `#98`, `#218`, `#219`) instead of duplicating scope.
+5. Keep the seeded productization wave (`#318`, `#320`, `#322`, `#324`, `#326`, `#96`, `#100`, `#328`) synchronized in `#107` before promoting more disconnected UX or future-breadth items.
+
+Decision rules promoted from the expanded blueprint:
+
+- If a feature makes demos better but makes the product harder to understand, it is not done.
+- If a normal happy path depends on raw internal IDs, it is not novice-ready.
+- If a page is empty and offers no next step, it is incomplete.
+- If an agent action cannot be traced to a run, policy posture, and proposal/artifact outcome, it is not ready.
+- Do not let chat-first or disconnected agent-database thinking replace the board/capture/review product core.
+
+Implementation carry-forward from the full source audit:
+
+- treat workspace mode as durable product state; do not let it collapse into local-only view toggles once server-backed preferences become practical
+- prefer aggregated product-shaped APIs for `Home`, `Today`, `Review`, and board summary needs over client-side fetch fan-out
+- keep proposal summary generation in the application layer instead of forcing the frontend to reverse-engineer meaning from low-level operations
+- keep the one-core-three-surfaces navigation contract explicit:
+  - guided primary: `Home`, `Today`, `Inbox`, `Projects`, `Review`, `Settings`
+  - workbench primary: `Home`, `Projects`, `Inbox`, `Review`, `Automations`, `Activity`, `Notifications`, `Settings`
+  - agent primary: `Home`, `Agents`, `Runs`, `Knowledge`, `Inbox`, `Projects`, `Review`, `Integrations`, `Settings`
+- preserve product-facing route aliases such as `/workspace/home`, `/workspace/today`, `/workspace/projects`, and `/workspace/review` even when the old implementation-shaped routes remain valid
+- keep novice vocabulary explicit in guided surfaces: `Project`, `Review`, and `Inbox` should lead; queue and ops stay clearly advanced
+- keep board-aware action-rail behavior explicit (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`) so board context actually travels
+- require action-state empty/help states and plain-language top boxes on advanced pages; no page should leave the user with no next step
+- avoid orphan surfaces: board, inbox item, proposal, notification, and later agent-run views should deep-link to the related next action or affected entity
+- hold the frontend to a minimum polish bar: visible keyboard focus, modal focus trap, listbox aria state, explicit destructive confirmations, and no hover-only critical affordances
+- keep first-class backend contracts explicit for Wave P and Wave R:
+  - `UserPreference` server state for workspace mode/onboarding/default board
+  - aggregate DTOs such as `WorkspaceHomeDto`, `TodayAgendaDto`, `ReviewSummaryDto`, `BoardSummaryDto`
+  - `IProposalSummaryService`
+  - later `ITaskdeckTool`, `ITaskdeckToolRegistry`, and `IAgentPolicyEvaluator`
+- the secondary follow-through set from the audit is now seeded as `#329` to `#334`; keep it below Wave P and reuse anchors such as `#216`, `#77`, `#93`, `#98`, `#311`, `#75`, `#218`, and `#219` instead of duplicating their scope
+- the remaining expanded-blueprint architecture wave is now seeded as `#335` to `#341`; keep it below Wave Q and reuse anchors such as `#75`, `#77`, `#98`, `#100`, `#216`, `#218`, `#219`, and `#328` instead of stretching Wave P issues beyond their productization purpose
+
+## Roadmap by Horizon
+
+### Horizon A (Week 1 to 2): Novice-First Shell and Entry Clarity
+
+Focus:
+- add workspace mode preference (`guided`, `workbench`, `agent`) and persist it as durable product state
+- add a true start surface (`Home`) instead of dropping every user into an implementation-shaped boards list
+- make the guided shell contract concrete: `Home`, `Today`, `Inbox`, `Projects`, `Review`, `Settings`, with notifications/archive/help secondary and operator surfaces hidden by default
+- make `Review` the primary normal-user automation surface and keep queue explicitly advanced
+- replace dead-end empty states with action-oriented help blocks on primary pages
+- replace raw board-ID happy paths with selectors/pickers in common flows
+- prefer aggregate/product-shaped APIs for shell summaries instead of client-side stitching
+- make `Home` product-shaped rather than dashboard-shaped:
+  - thesis/welcome line
+  - start-here CTAs
+  - needs-attention counts
+  - continue-working/resume context
+  - learn-Taskdeck cards
+
+Exit Criteria:
+- a guided-mode user lands on a product-shaped entry surface
+- the UI tells the user what to do first without requiring internal docs
+- common capture/review/project flows do not require raw IDs
+- queue remains available for power users but is no longer the implied default
+
+### Horizon B (Week 3 to 6): Board-Centered Daily Workflow
+
+Focus:
+- shipped in `#324`: `Today` as a compact daily agenda surface
+- shipped in `#324`: first-run onboarding checklist and first useful board creation wizard
+- add proposal summary service and readable proposal cards with plain-language summaries, risk, and deep links
+- add board action rails so capture/chat/review follow the current board context by default (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`)
+- strengthen deep links across inbox, review, notifications, activity, and resulting boards/cards
+- shipped `Today` utility now covers:
+  - due today / overdue
+  - blocked
+  - proposals waiting review
+  - inbox needing triage
+  - resume point
+- remaining follow-through for this horizon:
+  - richer contextual help and in-product teaching on top of the shipped board-centered loop
+  - broader telemetry and release-gate follow-through beyond the shipped first-run guardrail
+
+Exit Criteria:
+- the `capture -> review -> board` loop is visible and coherent inside the product
+- board context travels without manual re-entry across primary surfaces
+- a first-time user can create first value without wandering through operator pages
+- proposal review feels like a product surface, not just a diff viewer
+
+Current status:
+- `#326` is now delivered:
+  - application-layer proposal presentation now feeds readable review cards with plain-language summaries, impact/risk/source cues, and affected-entity headlines
+  - board pages now expose an explicit action rail (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`)
+  - board context now travels through inbox, review, chat, notifications, and provenance/deep-link follow-through
+
+### Horizon C (Week 6 to 8): Docs, Help, and Verification Coherence
+
+Focus:
+- add a bridge doc (`START_HERE`) for first-run product understanding
+- reshape the manual and index around top-level navigation and user goals
+- keep `START_HERE.md` and `USER_MANUAL.md` at `docs/` root, while chaptered manual guidance lives under `docs/manual/` and reusable workflow/help-center guides live under `docs/product/`
+- required first-run golden-path smoke test, expressed as a deterministic Playwright guardrail
+- define product-shaped telemetry and launch criteria for novice beta and later agent alpha
+- treat the staged `novice-first-first-run` scenario shape as the acceptance contract for the shipped first-run smoke path
+- keep demo tooling as evidence and acceptance support rather than the main onboarding path
+
+Exit Criteria:
+- docs entry points match the product's intended top-level navigation
+- the first-run smoke path is `Home -> capture -> review -> execute -> board`
+- novice users can recover from empty/confusing surfaces without leaving the product context
+- launch criteria are explicit enough to guide seeding and release decisions
+
+### Horizon D (Post-R1): Agent Substrate Foundation
+
+Focus:
+- add `AgentProfile`, `AgentRun`, and `AgentRunEvent` as first-class runtime primitives
+- ~~add a tool registry abstraction and policy evaluator~~ (delivered in AGT-02, `#337`)
+- ~~add a first bounded agent template~~ (delivered: `InboxTriageAssistant` in AGT-02)
+- add inspectable run traces
+- expose agent mode views only after the substrate is real
+
+Current status:
+- tool registry, policy evaluator, and first bounded template are now delivered (`#337`): `ITaskdeckTool`/`ITaskdeckToolRegistry` domain interfaces, `AgentPolicyEvaluator` with allowlist + risk-level gating, and `InboxTriageAssistant` bounded template (proposal-only, review-first default)
+- LLM tool-calling architecture spike completed (`#618`); Phase 1 delivered (`#649`): read tools + orchestrator + provider tool-calling extension; `#674` delivered (OpenAI strict mode + loop detection with error-retry bypass, PR `#694`); `#677` delivered (card ID prefix resolution for chat-to-proposal continuity, PR `#695`); `#650` delivered (write tools + proposal integration, PR `#731`); `#672` delivered (double LLM call elimination, PR `#727`); `#651` delivered (Phase 3 refinements: cost tracking, `LlmToolCalling:Enabled` feature flag, `TruncateToolResult` byte budget with binary search — 17 new tests, PR `#773`); ~~`#673`~~ delivered (argument replay — `Arguments` field on `ToolCallResult`, OpenAI/Gemini replay uses real arguments, 6 new tests, PR `#770`)
+- MCP server architecture spike completed (`#619`); Phase 1 delivered (`#652`/`#664`): minimal prototype with `taskdeck://boards` resource over stdio; ~~`#653`~~ delivered (full inventory — 9 resources + 11 tools, PR `#739`); remaining: `#654` (HTTP + auth), `#655` (production hardening, deferred)
+- remaining work: `AgentProfile`/`AgentRun`/`AgentRunEvent` runtime primitives (`#336`), agent mode surfaces (`#338`), inspectable run detail
+
+Exit Criteria:
+- runs are first-class and inspectable
+- agent behavior remains proposal-first and trace-first by default
+- no opaque or silent autonomy is introduced
+- LLM chat can dynamically query and mutate board state through tool calls (proposal-first for writes)
+- external AI agents (Claude Code, Cursor) can access Taskdeck via MCP (proposal-first for writes)
+
+### Horizon E (Post-R2): Knowledge and Integrations Surface
+
+Focus:
+- add local-first knowledge documents/notes and SQLite FTS-backed search
+- add note/transcript/clip-style intake paths that feed capture or knowledge flows
+- add integrations registry/management view so imports and webhooks have a coherent home
+- keep connector behavior capture-first and review-safe by default
+
+Exit Criteria:
+- durable searchable context exists without external vector infrastructure
+- integrations surface is coherent and discoverable without bypassing review-first rules
+- knowledge and connector work builds on the same board/capture/proposal substrate
+
+### Horizon F (Concurrent Foundation Streams)
+
+These continue in parallel where they protect trust, performance, or operator posture, but they should not outrun Horizon A through C product legibility work:
+
+- managed-key LLM control plane and abuse controls: `#235`, `#237` (pending), `#238` (operator tooling groundwork delivered; live-traffic wiring pending), `#239` (delivered), `#240` (delivered)
+- premium UI foundations and reskin wave: `#242` to `#250` (plus optional `#251`); foundations delivered: `#243` UI-02 shared primitives, `#245` UI-03 stack spike, `#250` PERF-08 budgets; appshell reskin (`#499`) and board/card polish (`#501`) now shipped with design-token-based styling; UX feedback wave 1 (`#628`) delivered: sidebar footer pinned (`#623`), card drag layout shift eliminated (`#621`), starter-pack modal migrated to design tokens (`#612`), capture triage error messages (`#615`), review collapsible sections with risk color-coding (`#626`); wave 2 delivered: capture triage delimiters (`#614`), chat truncation (`#616`), notification type differentiation/grouping/batch actions (`#625`), search pagination (`#610`), CI-extended path triggers (`#608`); hardening wave (2026-04-03) delivered: label manager dark theme (`#684`), human-readable proposal diffs (`#682`), expired proposal handling (`#678`+`#690`), chat health banner three-state (`#679`), dead workspace routes fixed (`#681`)
+- long-list responsiveness and related UX scale follow-through: `#213` (delivered — inbox + activity virtualized; board cards deferred due to drag-and-drop conflicts)
+- platform, ops, testing, and maturity backlog: `#84` to `#111`, `#87` to `#91`; PWA/offline readiness delivered (`#95`): `vite-plugin-pwa` + Workbox `generateSW` with 84 precached entries, runtime caching (NetworkFirst for API, CacheFirst for static, StaleWhileRevalidate for fonts), SPA navigateFallback, `useOnlineStatus` composable, `OfflineBanner` + `SwUpdatePrompt` components in AppShell, installability-ready manifest, offline behavior documented in `docs/platform/PWA_OFFLINE_BEHAVIOR.md`; 18 new tests (11 composable + 7 component)
+- deferred outreach CRM expansion: `#262` to `#268`
+
+## Release Framing
+
+### Platform Release Plan (2026-03-29)
+
+The release plan now spans packaging, cloud, mobile, and collaboration — not just feature milestones.
+Strategy documents: `docs/strategy/00_MASTER_STRATEGY.md` and companion pillar docs.
+Master tracker: `#531`.
+
+- `v0.1.0` **First Light** (target: Week 1-2):
+  - P0 blocker fixes (`#508`, `#509`)
+  - self-contained single-file executable (Windows + Linux + macOS)
+  - auto-config (JWT, DB path, browser launch)
+  - GitHub Release with cross-platform downloads
+  - polished README with demo GIF
+  - 90-second demo video
+  - packaging wave: `#532` → `#533`, `#534`, `#535`, `#536`
+  - GTM wave: `#544` → `#545`, `#546`
+
+- `v0.2.0` **Open Doors** (target: Week 3-5):
+  - hosted cloud instance on Railway/Render (`#537` → `#538`)
+  - GitHub OAuth login (`#539` — delivered)
+  - custom domain and TLS
+  - Show HN, Reddit, Dev.to launch
+  - landing page on custom domain
+
+- `v0.3.0` **In Your Pocket** (target: Week 6-9):
+  - ~~PWA manifest + service worker (`#540` → `#541`, `#542`)~~ — baseline delivered in `#95`: Workbox generateSW with precaching, runtime caching, SPA navigateFallback, offline banner, SW update prompt, installability-ready manifest
+  - mobile-responsive CSS for core flows (`#543`)
+  - bottom tab navigation for mobile
+  - touch-optimized capture modal
+  - mobile board view (card list)
+  - web push notifications
+
+- `v0.4.0` **Bring Friends** (target: Week 10-14):
+  - board sharing with permission levels
+  - workspace invitations
+  - email notification delivery
+  - activity feed per board
+  - LLM tool-calling for chat (`#647`: ~~`#649`~~ delivered → ~~`#650`~~ delivered → ~~`#651`~~ delivered)
+  - MCP server for external agent integration (`#648`: ~~`#652`~~ delivered → `#653`→`#654`)
+
+- `v0.5.0` **Power Up** (target: Week 15-20):
+  - platform installers (Inno Setup, DMG, AppImage)
+  - package manager listings (winget, Homebrew, Snap)
+  - Google Play listing (TWA/Capacitor)
+  - PostgreSQL backend option for cloud
+  - free/pro tier limits and billing
+
+- `v1.0.0` **Generally Available** (target: Month 6-8):
+  - Apple App Store listing (via Capacitor)
+  - workspace/team/organization model
+  - local + cloud sync (API-based)
+  - optional Tauri 2.0 native desktop shell
+  - agent substrate (inspectable runs, bounded templates)
+
+### Feature Milestones (Original)
+
+- `R1` novice-first beta (largely delivered — maps to v0.1.0/v0.2.0):
+  - `Home`, `Today`, `Review`, onboarding/help coherence
+  - readable proposals, board-centered action rails
+  - no raw-ID requirements in common flows
+- `R2` agent foundation alpha (maps to v1.0.0+):
+  - `AgentProfile`, `AgentRun`, `AgentRunEvent`
+  - tool registry and policy evaluator (delivered in AGT-02)
+  - first bounded template (delivered: `InboxTriageAssistant`)
+  - inspectable run detail
+- `R3` knowledge/integrations alpha (post-v1.0.0):
+  - `KnowledgeDocument` / `KnowledgeChunk`
+  - SQLite FTS search
+  - integrations registry
+  - at least two meaningful supervised inbound context/capture paths
+
+## Active Backlog (Priority-Labeled)
+
+### Priority I (Current Phase 4 Completion Path)
+
+- **Security bug**: `#722` (SEC-20) — `ChangePassword` does not verify caller identity; any authenticated user can change another user's password. Discovered during 2026-04-03 test audit. Must be resolved before external onboarding.
+- Security and policy convergence: `#33`, `#34`, `#44`
+- Final cross-user policy convergence follow-through: `#152`
+- Starter packs foundation: `#48`, `#49`, `#50`, `#51` (delivered)
+- Tech-debt blockers for stable expansion: `#52` (delivered), `#53` (delivered), `#54` (delivered)
+
+### Priority II (Immediate Post-Phase-4 Foundation)
+
+- Analysis follow-through wave tracker: `#151`
+- Capture realignment wave: `#199` to `#211` (delivered); logging redaction follow-through `#212` is delivered, and remaining linked performance follow-through is `#213`
+- Testing harness guardrails wave (`#254` to `#260`) is delivered; follow-up improvements now route through normal hardening issues
+- Rigorous test expansion wave (`#721` tracker, `#699`–`#720`, `#722`–`#726`): 22 issues seeded 2026-04-03 from systematic codebase audit covering infrastructure repository integration tests, untested workers, controller HTTP gaps, cross-user data isolation proof, concurrency stress, auth edge cases, domain state machines, SignalR hub integration, proposal lifecycle edge cases, LLM tool-calling boundaries, webhook SSRF, frontend store/view gaps, E2E scenarios, export/import round-trips, error contracts, resilience testing, and property-based/adversarial input testing; golden path integration test (`#703`) is highest-signal individual item; first delivery: ~~`#699`~~ infrastructure repo integration tests (77 tests, 7 classes, PR `#730`); proposal decision race regression now treats the losing update as a `409 Conflict` through proposal `UpdatedAt` concurrency
+- Provider-agnostic LLM runtime expansion (`OpenAI` + `Gemini`) and demo setup hardening: `#232` (delivered)
+- Managed-key LLM control-plane tracker and foundations: `#235`, `#236` (delivered), `#237`
+- CI/workflow topology expansion and governance track: `#168`
+- API/frontend hardening follow-through: `#153` (delivered), `#154` (delivered), `#155` (delivered), `#157` (delivered)
+- Real-time and observability baseline: `#67` (delivered), `#68` (delivered)
+- Container/deployment and performance harness baseline: `#69` (delivered), `#70` (delivered), `#142` (delivered)
+- Multi-tenancy strategy and collaboration/integration foundations: `#71` (delivered), `#72` (delivered), `#73`, `#74`, `#75`, `#76` (delivered)
+- Seeded Wave P from the 2026-03-07 MVP expansion integration:
+  - `#318` tracker
+  - `#320` workspace modes + `Home` summary shell (delivered)
+  - `#322` `Review`-first routing + empty/help states + board selectors (delivered)
+  - `#324` `Today` agenda + onboarding path (delivered)
+  - `#326` proposal readability + board-centered action flow (delivered)
+  - `#96` onboarding/contextual help (delivered)
+  - `#100` user guides/tutorials/FAQ (delivered)
+  - `#328` first-run smoke + launch-criteria guardrail (delivered)
+- Seeded Saul-facing demo alignment wave:
+  - `#356` tracker
+  - `#354` client-onboarding starter pack + deterministic hero scenario
+  - demo-critical `#326` trust-first readability hardening
+  - demo-critical `#330` hero-path/demo-board cue hardening
+  - `#355` rehearsal contract + acceptance checklist (delivered)
+  - `#216` broader reusable demo script/public framing (current execution step)
+- Reuse-before-duplicate anchors for this wave:
+  - `#326` proposal readability and trust cues
+  - `#330` in-app demoability and hero-board quality
+  - `#216` demo script / public framing
+  - `#175` broader starter-pack expansion after the narrow pre-demo slice
+- Related but intentionally not folded into Wave P core execution: `#93`, `#216`, `#77`
+
+### Priority III (Expansion Tranche: Analytics, Security, Compliance, Premium UI Foundations)
+
+- Analytics and forecasting: `#77` (delivered — board metrics dashboard, PR `#667`; SQL-level filtering follow-up ~~`#675`~~ delivered, PR `#724`), `#78`, `#79`
+- Security/compliance expansion: `#80` (delivered), `#81` (delivered; capture scope extended), `#82`, `#83` (delivered — GDPR data portability + account deletion, PR `#666`; follow-ups `#670`, ~~`#671`~~ (delivered — JWT invalidation after account deletion, PRs `#698`+`#728`, ADR-0021)), `#106`, `#110` (SEC-10 delivered), `#156`, `#212` (delivered), `#238` (SEC-18 operator tooling + groundwork delivered; live wiring follow-up pending), `#239` (SEC-19 delivered), `#240` (delivered)
+- Frontend premium UI foundations wave: `#242`, `#243` (UI-02 shared primitives delivered), `#244`, `#245` (UI-03 stack spike delivered), `#246`, `#247`, `#248`, `#249`, `#250` (PERF-08 delivered)
+- Frontend premium wave reused dependencies: `#154` (lint/CI), `#88` (visual regression), `#92` (a11y remediation), `#213` (virtualization)
+- Seeded secondary MVP follow-through wave (lower priority than Wave P):
+  - `#329` tracker
+  - `#330` in-app demoability and live attention cues
+  - `#331` demo director reporting/assertions/presets/soak (delivered)
+  - `#332` replay-from-trace and scenario-authoring follow-through
+- Seeded expanded-blueprint architecture wave (future agent/knowledge/release-gate follow-through):
+  - `#335` tracker
+  - `#336` agent profile/run/event foundation
+  - `#337` tool registry, policy evaluator, and first bounded template (delivered)
+  - `#339` knowledge document + SQLite FTS foundation
+- Reuse-before-duplicate anchors for this later wave: `#75`, ~~`#77` (delivered — board metrics dashboard, PR `#667`)~~, `#98`, `#100`, `#216`, `#218`, `#219`, `#328`
+- LLM tool-calling implementation wave (from completed spike `#618`):
+  - `#647` tracker
+  - ~~`#649` Phase 1: read tools + orchestrator + provider tool-calling extension~~ (delivered 2026-04-01, PR `#669`)
+  - ~~`#650` Phase 2: write tools + proposal integration~~ (delivered 2026-04-03, PR `#731`)
+  - ~~`#651` Phase 3: refinements — cost tracking, feature flag~~ (delivered 2026-04-04): `LlmToolCalling:Enabled` feature flag, `TruncateToolResult` token budget enforcement, cost tracking to `ILlmQuotaService`, 15 new tests; also ~~`#672`~~ (double LLM call — delivered 2026-04-03, PR `#727`), `#673` (argument replay); ~~`#674`~~ (strict mode + loop detection — delivered 2026-04-03, PR `#694`)
+  - Dependency chain: ~~`#649`~~ → ~~`#650`~~ → ~~`#651`~~
+  - Unblocks conversational refinement (`#576`) and MCP tool inventory (`#653`)
+- MCP server implementation wave (from completed spike `#619`):
+  - `#648` tracker
+  - ~~`#652` Phase 1: minimal prototype — one resource + stdio + Claude Code~~ (delivered 2026-04-01, PR `#664`)
+  - `#653` Phase 2: full resource + tool inventory (2-3 weeks)
+  - `#654` Phase 3: HTTP transport + API key auth (1-2 weeks)
+  - `#655` Phase 4: production hardening (deferred to v0.4.0+ demand, `Priority IV`)
+  - Dependency chain: ~~`#652`~~ → `#653` → `#654` → `#655`
+  - Phase 2 mirrors LLM tool-calling tool abstractions; shared Application layer services
+
+### Platform Expansion Wave (2026-03-29 — Priority II)
+
+Seeded from `docs/strategy/00_MASTER_STRATEGY.md` and companion pillar documents.
+
+- Master strategy tracker: `#531`
+- Packaging and distribution wave: `#532` → `#533` (SPA serving), `#534` (build script), `#535` (release workflow), `#536` (first-run config)
+- Cloud and collaboration wave: `#537` → `#538` (cloud deploy), ~~`#539` (GitHub OAuth — delivered, PR `#668`)~~; follow-up: `#676` (distributed auth code store, PKCE, account linking)
+- Mobile platform wave: `#540` → `#541` (PWA manifest), `#542` (service worker), `#543` (mobile responsive)
+- Market adoption and GTM wave: `#544` → `#545` (README polish), `#546` (demo video), `#547` (LICENSE)
+- Cross-cutting: `#548` (legal/privacy), `#549` (analytics/error tracking), `#550` (brand/domain)
+- Reuse anchors: `#95` (PWA readiness), `#87` (mobile E2E), `#111` (cloud topology), `#105` (SignalR scale-out), `#216` (GTM execution), `#341` (telemetry)
+- Execution order: `v0.1.0` packaging → `v0.2.0` cloud → `v0.3.0` mobile → `v0.4.0` collab → `v0.5.0` maturity → `v1.0.0` GA
+
+### Priority IV (Expansion Tranche: Platform, Test, UX, Docs Maturity)
+
+- Platform and ops maturity: `#84`, `#85`, `#86`, `#101`, `#102`, `#103`, ~~`#104`~~ (delivered), ~~`#105`~~ (SignalR scale-out - delivered, ADR-0025), `#111`
+- Test maturity: `#87`, `#88`, `#89` (property/fuzz pilot delivered; extended by `#717`), `#90`, `#91`; rigorous expansion wave tracker at `#721`
+- UX and onboarding maturity: `#92`, `#93`, `#94`, `#95`
+- Frontend responsiveness maturity: `#213`
+- Lower-priority secondary MVP follow-through continuation:
+  - `#333` saved views and productivity shortcuts
+  - `#334` note-style import and clip intake follow-through
+- Expanded-blueprint architecture continuation:
+  - `#338` agent mode surfaces and run-detail timeline
+  - `#340` integrations registry and supervised connector foundation
+- Optional premium UI documentation/component tooling: `#251`
+- Developer/user docs maturity: `#99`, `#216`, `#217`
+- Deferred capture follow-ons after MVP retention proof: `#218`, `#219`, `#220`
+- Outreach CRM deferred expansion wave: `#262` to `#268` (`#263` OUT-01 JSON manifest import delivered)
+- Outreach CRM wave reused dependencies: `#75` (delivered import adapters), `#77` (analytics), `#175` (starter-pack catalog expansion)
+- MCP production hardening (deferred): `#655` (observability, OAuth, resource subscriptions, key management UI, scope-based permissions)
+- Codebase maintainability hotspot refactors (analysis wave): `#158`, `#159`, `#160`, `#161`, `#162`, `#163`, `#164`, `#165`, `#166`, `#167` — ActivityView, BoardView, StarterPackManifestValidator, ArchiveRecoveryService, and AutomationExecutorService decompositions are now delivered; remaining issues in this wave cover other hotspots not yet addressed
+
+### Priority V (Meta/Historical)
+
+- Wave index and historical/closed tracking: `#107` and completed governance items.
+- Expanded-blueprint launch-gate/telemetry framing continuation:
+  - `#341` product telemetry taxonomy and `R1` / `R2` / `R3` launch-gate follow-through
+
+## Research Reconciliation (WIP PDFs, Feb 2026)
+
+Research sources reviewed:
+- `docs/WIP/FutureExpansionAndImprovementsChecklist.pdf`
+- `docs/WIP/In-DepthAnalysisAndProgressReport(Feb2026).pdf`
+- `docs/WIP/Scaling and Hardening Taskdeck (Vue 3 + ASP.NET Core) - Comprehensive Guide.pdf`
+
+Strategic reconciliation applied:
+- Keep current sequence: finish Phase 4 consistency/security first (`Priority I`) before broad feature expansion.
+- Translate research recommendations into dependency-aware issues rather than broad unscoped themes.
+- Treat non-code operations/configuration work as a mandatory delivery track, not "later ops".
+- Added capture/inbox realignment wave from `docs/InReview` planning packs with explicit dependency-mapped issue seeding (`#199` to `#213`).
+- Added frontend premium UI foundations wave from `docs/InReview` premium UI pack with deduplicated issue mapping (`#242` to `#251`, reusing `#154`, `#88`, `#92`, `#213`).
+- Added testing harness/guardrails wave from `docs/InReview` testing-harness pack with duplicate prevention for already-covered scenarios (`#254` to `#260`).
+- Added outreach CRM deferred wave from `docs/InReview/outreach-crm` with low-priority issue seeding (`#262` to `#268`) and explicit reuse of overlapping existing issues (`#75`, `#77`, `#175`).
+- Added 2026-03-07 MVP expansion integration from `docs/InReview/MVP_EXPANSION/`; near-horizon now prioritizes novice-first productization and board-centered review workflows before agent/knowledge surface breadth.
+
+## Out-of-Code and Configuration Coverage Matrix
+
+Covered by seeded issues:
+- Docker + reverse proxy + compression baseline: `#69` (delivered)
+- IaC baseline for single-node AWS environments hosting the Docker workload layer: `#102` (delivered)
+  - follow-up hardening now includes SSM-backed JWT secret bootstrap, replace-on-change semantics for host bootstrap drift, a dedicated persistent EBS data volume so SQLite survives routine host replacement, stop-before-detach safety for planned data-volume changes, default destroy-protection for staging/prod data volumes, and backup-bucket noncurrent-version expiry with explicit versioning dependency
+- Developer MCP baseline and Docker Marketplace setup hardening: delivered (2026-02-20 local ops cycle)
+- MCP operator wiring + verification workflow: `#140` (delivered via `#144`)
+- MCP integration smoke/regression harness: `#141` (delivered)
+- Staged rollout policy (blue/green/canary): `#101`
+- SBOM/release provenance: `#103`
+- Cost guardrails: `#104` (delivered 2026-04-09): cloud cost observability framework, feature cost hotspot registry, budget breach runbook, ADR-0026
+- Backup/restore disaster recovery: `#86`
+- OpenTelemetry metrics/tracing and alerting runbook: `#68`
+- Load/concurrency harness and budgets: `#70` (delivered)
+- Multi-tenancy strategy ADR: `#71` (delivered)
+- API abuse/rate limiting: `#81` (delivered)
+- OWASP/security headers and CSRF/XSS baseline: `#80` (delivered)
+- Dependency vulnerability management policy: `#106` (delivered)
+  - reusable dependency-security signal workflow now normalizes backend/frontend scan results for PR/manual, nightly, and release contexts; remaining follow-through is limited to future automation escalation (for example auto-ticketing or stricter PR gating) rather than baseline policy definition
+- Secrets/configuration management baseline: `#110`
+- DB migration strategy and cache strategy: `#84`, `#85`
+- Cloud target topology and autoscaling ADR: `#111` (delivered — ADR-0023 defines ECS Fargate topology with ALB, RDS PostgreSQL, ElastiCache Redis, CloudFront CDN; autoscaling policy with CPU/request-rate/connection thresholds; health check contract; SLO targets; cost estimates; companion reference architecture at `docs/ops/CLOUD_REFERENCE_ARCHITECTURE.md`)
+- CI workflow topology expansion/governance baseline: `#168`
+
+Outstanding strategy-level gap to monitor:
+- no major out-of-code categories from the reviewed WIP PDFs are currently untracked; residual risk is execution sequencing and closure quality.
+
+## ARCH-01 Follow-Through Stages (Post-ADR)
+
+1. Stage A (Priority II): tenant-context collaboration foundations and isolation semantics alignment (`#72`, `#73`, `#74`, `#75`, `#76` delivered).
+2. Stage B (Priority IV): platform data-plane evolution for multi-tenant readiness (`#84`, `#85`).
+3. Stage C (Priority IV): tenant-aware DR, rollout, and topology governance (`#86`, `#101`, `#111`).
+4. Stage D (Priority III): security/compliance controls that reinforce tenant boundaries (`#80`, `#81` delivered; `#82`, `#83` delivered, `#110` pending).
+
+
+## Prepackaged Starter States Track (Roadmap Additions)
+
+Goal:
+- reduce setup friction and make boards immediately useful
+- make QA/E2E environments reproducible through deterministic starter states
+- reuse one package definition across product onboarding, demos, and tests
+
+Brainstormed package candidates (to be converted into scoped work items):
+- Label packages: software delivery, bug triage, incident severity, customer support, product discovery, content production, compliance/risk.
+- Column packages: simple Kanban, Scrum sprint, intake-triage-doing-done, incident command flow, support SLA flow, release train flow.
+- Board blueprint packages: sprint board, roadmap board, on-call board, support queue, launch checklist board, design review board.
+- Card template packages: bug report, incident ticket, feature request, technical debt, postmortem, release task, QA test case.
+- Checklist template packages: DoR/DoD, pre-release checklist, rollback checklist, incident response checklist.
+- Automation preset packages: stale-card nudges, due-date reminders, WIP breach alerts, auto-labeling suggestions, proposal gating defaults.
+- Ops preset packages: common command templates, log query presets, correlation-ID trace bundles.
+- Saved filter/view packages: blocked-only view, due-this-week view, critical-label view, owner-centric view.
+- Permissions/access packages: default board role policies and invite presets for common team topologies.
+- Seed-data demo packages: realistic sample boards/cards for walkthroughs and onboarding.
+- Deterministic QA fixture packages: minimal/small/large datasets with stable IDs and timestamps.
+- Edge-case fixture packages: blocked-card-heavy boards, overdue-heavy boards, archive-heavy boards, WIP-limit stress boards.
+- Security fixture packages: unauthorized/forbidden/cross-user scenario seeds for auth contract validation.
+- Performance fixture packages: high-card/high-column/high-label board seeds for load and latency profiling.
+- Archive lifecycle packages: pre-seeded archive/restore scenarios for board/entity recovery testing.
+- Activity discoverability packages: seeded histories across board/entity/user to validate selector UX.
+- Keyboard workflow packages: board states designed to validate no-mouse task creation/edit/navigation paths.
+- LLM/automation sandbox packages: curated prompts + expected proposal shapes for regression validation.
+- Chat-to-project bootstrap packages: paste Markdown checklist/project plan and generate columns/cards/labels/proposals from it.
+- Domain-specific packs: engineering backlog, agency workflow, content calendar, CRM-lite pipeline, research planning.
+- "Golden path" E2E packs: canonical start states for smoke, regression, and release-candidate test suites.
+
+Initial implementation shape:
+1. Define a versioned package manifest schema (labels, columns, cards, automations, metadata, compatibility rules).
+2. Build idempotent package-apply backend endpoints with dry-run and conflict reporting.
+3. Add frontend package catalog with search, preview, and one-click apply (delivered in PACK-03, issue #49).
+4. Ship first-party packs: common labels + common column flows + 3-5 board blueprints (delivered in PACK-04, issue #50).
+5. Reuse package manifests to generate deterministic E2E/QA fixtures (delivered in PACK-05, issue #51).
+6. Add pack telemetry to measure adoption, setup-time reduction, and failure points.
+7. Add pack migration/version compatibility checks for long-lived boards.
+8. Add checklist-ingestion path for chat so pasted plans can map to pack templates and board bootstrap proposals.
+## Planning Updates (2026-03-02)
+
+Demo-expansion migration wave seeding completed:
+- tracker: `#297`
+- dependency-ordered batches: `#298` -> `#299` -> `#300` -> `#301` -> `#302`
+- all migration-wave issues carry `Priority I`
+- each batch issue now includes a suggested branch name and explicit file-scoped commit expectation
+
+Canonical references for this wave:
+- `docs/archive/2026-03-07_docs-root-reorg/DEMO_EXPANSION_MIGRATION_SOT.md`
+- `docs/archive/2026-03-07_docs-root-reorg/temp_description.txt`
+- `docs/ISSUE_EXECUTION_GUIDE.md`
+
+Batch A baseline delivery (`#298`) status:
+- baseline seeding command introduced (`npm run demo:seed`)
+- v0-first-run UX defaults applied (advanced surfaces default off, Automations default to Proposals, queue composer instruction-first guidance)
+- demo playbook promoted to active docs (`docs/product/DEMO_PLAYBOOK.md`)
+
+Batch B harness/docs delivery (`#299`) status:
+- reusable demo harness layer added (`npm run demo:run`, `npm run demo:autopilot`, `scripts/demo-lib.mjs`, `scripts/scenarios/*`)
+- scenario modules added for engineering sprint, support triage, and content-calendar demo flows
+- API walkthrough asset added: `demo/http/taskdeck-demo.http` (updated for current API contracts)
+- stakeholder walkthrough recorder added as opt-in Playwright coverage (`tests/e2e/stakeholder-demo.spec.ts`, gated by `TASKDECK_RUN_DEMO=1`)
+- demo operations docs expanded and indexed (`docs/product/DOGFOODING_GUIDE.md`, `docs/USER_MANUAL.md`, `docs/product/DEMO_PLAYBOOK.md`, `docs/INDEX.md`)
+
+Batch C JSON/capture harness (`#300`) status:
+- JSON scenario runner added with schema + sample scenarios (`scripts/scenario-json-runner.mjs`, `scripts/scenarios-json/*`)
+- `demo:run` now prefers JSON scenarios and supports `--list`, `--skip-llm`, and `--continue-on-error`
+- `demo:autopilot` now supports `--loop queue|capture|mixed` and capture controls (`--capture-prob`, `--leave-capture-untriaged-prob`, `--triage-timeout-ms`, `--capture-source`, `--capture-title-hint`)
+- capture helper functions added in `scripts/demo-lib.mjs` and consumed by JSON runner/autopilot (`create/get/ignore/cancel/triage/wait-for-outcome`)
+- scenario authoring/usage documentation added and indexed (`docs/product/SCENARIOS.md`, `docs/INDEX.md`, `docs/product/DEMO_PLAYBOOK.md`)
+
+Batch D director/artifact orchestration (`#301`) status:
+- demo orchestration commands added (`npm run demo:director`, `npm run demo:snapshot`) with new scripts (`scripts/demo-director.mjs`, `scripts/demo-snapshot.mjs`)
+- runtime trace stream support added across scenario/autopilot/proposal/capture/ops flows via `TASKDECK_DEMO_TRACE_PATH` (`trace.ndjson` artifact)
+- JSON scenario runner expanded with `runOps` step support and `opsRuns` alias namespace
+- scenario samples now include Ops template evidence steps (`health.check`) for richer demo artifacts
+- stakeholder recorder spec now supports director-mode bootstrap (seed/scenario/autopilot/snapshot orchestration + per-step logs under artifacts)
+- playbook and scenario docs updated for director usage and `runOps` authoring guidance
+
+Batch E integration hardening (`#302`) status:
+- demo smoke command added (`npm run demo:director:smoke`) for deterministic, LLM-free regression proof with stable artifact output, isolated smoke DB reset, forced fresh Playwright servers, automatic local API port fallback when `5000` is occupied, and actionable remediation hints when explicit runtime port overrides conflict
+- default Playwright CI lanes now explicitly pin `TASKDECK_RUN_DEMO=0` so recorder-style demo flows stay opt-in
+- `ci-extended.yml` now exposes reusable `demo-director-smoke` workflow wiring for explicit smoke validation (`workflow_dispatch` or PR label `automation`) when the PR touches `.github/workflows/**`, `backend/**`, `frontend/**`, `deploy/**`, or `scripts/**`
+- docs/index consolidation completed for demo script entry points, runtime preconditions, and CI policy boundaries
+- follow-through hardening now auto-enables live-provider demos for Playwright-backed full walkthroughs when usable demo keys are present, preferring Gemini for long/manual runs while keeping smoke paths deterministic via `--skip-llm`
+- non-demo Playwright backend startup now stays pinned to deterministic `Mock` mode by default even when local shell env exports live-provider keys; explicit demo runs still override that baseline when LLM steps are enabled
+- post-epic audit hardening under `#310` now also fails fast on unknown scenario IDs, missing starter-pack labels in legacy JS scenarios, and ambiguous duplicate column/label names in JSON scenario resolution
+- post-epic audit hardening under `#310` now keeps `demo:seed` rerun-bounded for canonical evidence generation, validates director CLI flags before Playwright passthrough, and keeps recorder board targeting aligned with explicit autopilot-board overrides
+- post-epic audit hardening now continues under `#311` so demo runtime/test follow-through stays scoped outside the original migration batches
+
+## Saul-Facing Demo Alignment Wave (2026-03-26)
+
+The new capability spec in `docs/WIP/Taskdeck_Demo_Capability_Specification.md` was reconciled into a narrow delivery wave rather than a broad roadmap reset.
+
+Canonical reconciliation record:
+- `docs/analysis/2026-03-26_saul-demo-capability-reconciliation.md`
+
+Execution conclusion:
+- the hard substrate is already shipped: capture triage, review-first gating, provenance, board-centered follow-through, and deterministic demo tooling are all present
+- the remaining pre-recording gap is business-legible packaging, not missing architecture
+- the work should stay pinned to one stakeholder story: `Home -> Inbox/Capture -> Review -> Board`
+- execution status now reflects stacked delivery in progress: `#354` plus demo-critical follow-through from `#326` and `#330` are already delivered for this wave, `#355` rehearsal contract is delivered, and `#216` is the remaining pre-recording focus
+
+Seeded issues:
+- `#354` `PACK-08`: add a Saul-facing client-onboarding starter pack and deterministic demo scenario
+- demo-critical `#326`: trust-first review legibility hardening
+- demo-critical `#330`: in-app hero-path/demo-board cues
+- `#355` `TST-24`: add the rehearsal contract, acceptance checklist, and artifact expectations for the exact stakeholder path (delivered)
+- `#356` `DEMO-00`: track the narrow demo-alignment wave
+
+Reused existing anchors:
+- `#326` for proposal readability and trust-cue hardening
+- `#330` for in-app demoability and hero-board presentation quality
+- `#216` for the broader demo script and public-facing narrative
+- `#175` for broader starter-pack expansion after the narrow pre-demo slice
+
+## Manual Product Audit Follow-through Wave (2026-03-26)
+
+The runtime audit in `docs/analysis/2026-03-26_manual-product-audit.md` was reconciled into a focused execution wave rather than left as a read-only artifact.
+
+Canonical reconciliation record:
+- `docs/analysis/2026-03-26_manual-product-audit-followthrough.md`
+
+Execution conclusion:
+- the golden path is real, but several runtime-coherence gaps still need explicit ownership
+- the highest-value follow-through is not broad new feature work; it is truthfulness and trust around realtime health, triage freshness, provider visibility, and docs/runtime alignment
+- raw-ID-heavy review readability remains intentionally routed through existing issue `#326` rather than duplicated here
+
+Seeded issues:
+- `#363` `ANL-2026-03-26`: tracker
+- `#364` `COL-05`: realtime hub CORS/SignalR health
+- `#365` `CAP-23`: Inbox triage freshness
+- `#366` `UX-20`: Workbench/nav/docs truth alignment
+- `#367` `UX-21`: board-history semantic alignment
+- `#368` `AUTO-04`: chat live-provider status and first-turn fidelity
+- `#369` `TST-25`: headed manual-audit Playwright pack (`Priority IV`)
+
+Immediate hardening landed in this context:
+- `GET /api/llm/chat/health` plus explicit Automation Chat provider-state rendering (`live` / `mock` / degraded)
+- opt-in live-provider Playwright probe (`tests/e2e/live-llm.spec.ts`)
+- headed local audit shortcuts (`npm run test:e2e:audit:headed`, `npm run test:e2e:live-llm:headed`)
+
+## Chat-to-Proposal NLP Gap (2026-03-29)
+
+Manual testing surfaced a significant usability gap in the chat-to-proposal pipeline: natural language requests (e.g., "can you create new onboarding tasks for people who aren't technical?") fail to produce proposals because the pipeline relies on static keyword substring matching (`LlmIntentClassifier`) and regex-based instruction parsing (`AutomationPlannerService.ParseInstructionAsync`). All three LLM providers (Mock, OpenAI, Gemini) share the same brittle classifier; none leverage the LLM for instruction extraction.
+
+Tracker: `#570`. Improvement tiers:
+- **Tier 1 (shipped):** classifier hardening with compiled regex, word-distance matching, stemming/plurals, broader verb coverage, and negative context filtering (`#571`); structured parse-hint error responses with closest-match suggestions and frontend hint card with "try this instead" pre-fill (`#572`); substring ordering bug fixed ("remove card" no longer misclassifies as `card.move`)
+- **Tier 2 (next):** system prompt + structured output for instruction extraction from real providers (`#573`); multi-instruction parsing for batch requests (`#574`)
+- **Tier 3 (delivered):** board-context-aware prompting (`#575`, delivered in `#617`); conversational refinement loop for ambiguous requests (`#576`, delivered in `#791`)
+- **Testing (shipped):** dedicated classifier + chat-to-proposal integration tests (`#577`); null guard added to `Classify()`; 86 classifier unit tests + 28 ChatService flow tests
+
+Analysis: `docs/analysis/2026-03-29_chat_nlp_proposal_gap.md`
+
+## Active Blockers (2026-03-29 Manual Test Session)
+
+Two P0 bugs discovered in fresh-registration manual testing must be resolved before Phase 4 can be signed off or any external user onboarding begins. These are data correctness/security failures, not UX polish:
+
+- **`#508`** — Queue list endpoint not scoped to the authenticated user: a fresh-registered account sees all historical queue items from other sessions. Add a `userId` predicate to the LLM queue list query and add a cross-user isolation integration test.
+- **`#509`** — Board view auto-switches between boards every few seconds: `boardStore` overwrites `activeBoardId` on each `fetchBoards` response. Add a `preserveSelection` guard so the active board is not reset while it still exists in the refreshed list.
+
+Additional P1 issues from the same session (tracked in `#510`–`#515`) cover excessive board polling, the missing Inbox capture button, chat not emitting proposals, delete-card without confirmation, dark-mode theming gaps on three surfaces, and text-selected cards being non-draggable. Full findings at `docs/analysis/2026-03-29_manual_testing_consolidated_findings.md`.
+
+## Next Best Steps (Immediate)
+
+1. **Resolve `#508` and `#509` (P0 blockers above) before any other backlog work.**
+2. Close remaining unblocked Priority I security/policy work first (`#33`, `#34`, `#44`, `#152`) with regression coverage.
+2. Run the manual-audit follow-through wave in trust-first order: `#364` -> `#365` -> `#368`, then align product truthfulness through `#366` and `#367`, while routing review-readability detail through `#326`; keep `#369` explicitly lower priority.
+3. Run the Saul-facing demo alignment wave as the next narrow product-facing slice: `#354` first, then legibility/demoability follow-through through `#326` and `#330`, then lock the recording contract in `#355` and `#216`.
+4. Continue the seeded novice-first shell tranche from `#322`, using the shipped `#320` home/workspace-mode foundation rather than reopening it.
+5. Keep the docs/help/testing tranche synchronized with the shipped Wave P core (`#320`, `#322`, `#324`, `#326`, `#96`, `#100`): keep the now-delivered `#328` smoke contract aligned to the shipped first-run loop, and route broader telemetry/release-gate follow-through to `#341`.
+6. Keep the delivered testing-harness wave (`#254` to `#260`) in maintenance mode and route any new guardrail expansion through normal follow-up issues while keeping aligned existing seeds `#89`, `#90`, `#106`, and `#168`.
+7. Continue managed-key control-plane and abuse follow-through in dependency order: `#235` -> `#237` (quota/kill-switch, not yet started) -> SEC-18 live-traffic wiring follow-up; `#238`/`#239`/`#240` operator tooling and policy groundwork are now delivered.
+8. Continue frontend premium UI wave from the delivered foundations: shared primitives (UI-02), PERF-08 budgets, stack decision spike (UI-03), and inbox premium primitives (`#249`/`#788`) are done; next is `#246` (token system audit), `#247` (component reskin pass), and `#248`/`#250` interaction/accessibility hardening.
+9. Keep agent substrate and knowledge/integrations work sequenced behind novice-first exit criteria; do not promote them ahead of Horizons A through C.
+13. Continue the chat-to-proposal NLP gap (`#570`): Tier 1 delivered — classifier hardening (`#571`), error UX (`#572`), and integration tests (`#577`) are merged; Tier 3 now fully delivered — board-context prompting (`#575`/`#617`) and conversational refinement (`#576`/`#791`) are both merged. Remaining follow-up: enrich audit log entries with changed field details (`#583`).
+14. **UX feedback wave (2026-03-31)**: tracker at `#628`; 17 issues seeded from manual testing. Wave 1 delivered 6 fixes (`#612`, `#615`, `#617`, `#621`, `#623`, `#626`). Wave 2 delivered 5 more: both P1 blockers closed — capture triage dash/semicolon delimiters with context hints (`#614`), chat array truncation detection (`#616`); P2 notification type differentiation, grouping, and batch mark-all-read (`#625`); P4 search cursor pagination (`#610`); ops CI-extended path triggers (`#608`). Wave 3 delivered review card sticky footer (`#613`/`#665`). Remaining open from `#628`: 2 P3 strategic spikes (`#618`, `#619`) both completed with implementation waves in progress. Full analysis at `docs/analysis/2026-03-31_manual_testing_ux_feedback.md`.
+15. **Hardening and UX wave (2026-04-03)**: 9 issues across 8 PRs (`#691`–`#698`) with adversarial review follow-through: P1 dead workspace routes (`#681`), expired proposal handling in Review (`#678`+`#690`), chat card ID continuity (`#677`), human-readable proposal diffs (`#682`), dark theme label manager (`#684`), chat health banner three-state (`#679`), OpenAI strict mode + loop detection (`#674`), JWT invalidation after account deletion (`#671`/ADR-0021). ~58 new tests added across the wave.
+16. **Post-hardening delivery wave (2026-04-03)**: 6 issues across 6 PRs (`#724`–`#731`): SQL-level board metrics filtering (`#675`), double LLM call elimination (`#672`), JWT invalidation hardening with active-user middleware (`#671`), expired proposal review UX with dismiss action (`#678`+`#690`), infrastructure repo integration tests (`#699` — 77 tests, 7 classes, real SQLite, found real ordering bug), LLM write tools + proposal integration (`#650` — 6 write executors, EF migration, 11 total tools, frontend status indicators).
+17. **Security + testing + MCP wave (2026-04-04)**: 8 issues across 8 PRs (`#732`–`#739`) with two rounds of adversarial self-review. ~300 new tests added. Key deliveries: SEC-20 ChangePassword identity bypass fix (`#722`/`#732`), golden-path capture→board integration test (`#703`/`#735`), cross-user data isolation tests (`#704`/`#733` — 38 tests, 3 false-positive tests caught in review), worker integration tests (`#700`/`#734` — 24 tests, fake repo status-tracking fixed in review), controller HTTP tests (`#702`/`#738` — 67 tests, 6 controllers, 2 pre-existing bugs found), proposal lifecycle edge cases (`#708`/`#736` — 74 tests, clock-flakiness fixed in review), OAuth/auth edge cases (`#707`/`#737` — 44 tests, found+fixed `ExternalLoginAsync` Substring overflow production bug), MCP full inventory (`#653`/`#739` — 9 resources + 11 tools, user-scoping gap found+fixed in review). Test expansion wave (`#721`) progress: 7 of 22 issues now delivered (`#699`, `#700`, `#702`, `#703`, `#704`, `#707`, `#708`); remaining 15 open.
+18. **Tech-debt, security, and feature hardening wave (2026-04-04)**: 7 issues across 7 PRs (`#765`–`#770`, `#776`) with two rounds of adversarial review per PR (~65 new tests: 32 backend + 33 frontend). Key deliveries: Agent API 500 fix (`#758`/`#776` — `DateTimeOffset` ORDER BY in SQLite, `AgentRunRepository` upgraded to `IsSqlite()` SQL-level pattern, round 2 caught load-all-before-limit perf bug), DataExport exception logging (`#759`/`#766` — `ILogger` added to `DataExportService`/`AccountDeletionService`, round 2 added `OperationCanceledException` filter + `CancellationToken.None` rollback), streaming chat token usage (`#763`/`#768` — `LlmTokenEvent` extended, all 3 providers populated, `StreamResponseAsync` now persists messages + records quota), EF Core version alignment (`#760`/`#767` — 9.0.14→8.0.14, EF9-only API removed, `FrameworkReference` swap, round 2 added `PrivateAssets`), frontend HTTP interceptor/auth guard tests (`#725`/`#765` — 33 tests, round 2 fixed ESLint `no-import-assign` CI breaker), OAuth token lifecycle tests (`#723`/`#769` — 19 tests covering auth code store + JWT lifecycle + SignalR auth, round 2 fixed `HttpClient` leak + misleading test names), tool argument replay (`#673`/`#770` — `Arguments` field on `ToolCallResult`, OpenAI/Gemini replay now uses real arguments). Test expansion wave (`#721`) progress: 23 of 25 issues now delivered (waves 4+5 added `#711`, `#712`, `#716`, `#720`, `#723`, `#725`); remaining 2 open (`#705`, `#717`).
+19. **Feature, analytics, MCP, chat, testing, and UX expansion wave (2026-04-08)**: 7 issues across 7 PRs (`#787`–`#793`) with two rounds of adversarial review per PR (~390+ new tests). Key deliveries: exportable analytics CSV (`#78`/`#787` — `MetricsExportService` with CSV injection protection, `ADR-0022` deferring PDF, 29 tests, adversarial review caught embedded-newline injection HIGH), forecasting service (`#79`/`#790` — heuristic `ForecastingService` with rolling-average throughput, std-dev confidence bands, frontend MetricsView section, 32 tests, adversarial review caught throughput double-counting HIGH + history window bug), MCP HTTP transport + API key auth (`#654`/`#792` — `ApiKey` entity with SHA-256, `ApiKeyMiddleware`, `HttpUserContextProvider`, `MapMcp()`, REST key management, rate limiting, 31 tests, adversarial review caught key-existence oracle + modulo bias), conversational refinement loop (`#576`/`#791` — `ClarificationDetector` with strong/weak signal split, max 2 rounds + skip, Mock simulation, frontend badge + skip button, 41 tests, adversarial review caught false-positive heuristic HIGH), concurrency stress tests (`#705`/`#793` — 13 `SemaphoreSlim`-barrier stress tests for queue claims, card conflicts, proposal races, rate limiting, multi-user), property-based adversarial tests (`#717`/`#789` — 211 FsCheck + fast-check tests across domain/API/frontend, no 500s from any input), inbox premium primitives (`#249`/`#788` — `TdSkeleton`/`TdInlineAlert`/`TdEmptyState`/`TdBadge` rework, 7 tests). Test expansion wave (`#721`) progress: 25 of 25 issues now delivered (this wave closed `#705` and `#717`). Additional issues closed: `#78`, `#79`, `#249`, `#576`, `#654`.
+10. Keep issue `#107` synchronized as the single wave index and maintain one-priority-label-per-issue discipline (`Priority I` to `Priority V`).
+11. Treat the demo-expansion migration wave (`#297` -> `#302`) as delivered; route any further demo-tooling work through normal scoped follow-up issues such as `#311`, `#354`, `#355`, and `#369` instead of reopening the migration batches.
+12. Test suite baseline counts recertified 2026-04-09: backend ~3,600+ passing, frontend ~1,984+ passing, combined ~5,600+. Rigorous test expansion wave (`#721`) fully delivered (25/25 issues).
+13. **Mutation testing pilot** (`#90`): Stryker.NET (backend Domain) and Stryker JS (frontend captureStore/boardStore) configured with non-blocking weekly CI lane; policy at `docs/testing/MUTATION_TESTING_POLICY.md`; scope expansion to Application layer and additional stores planned after baseline calibration from first 3-4 runs.
+20. **Platform expansion wave (2026-04-09)**: 10 issues (`#84`, `#85`, `#87`, `#88`, `#90`, `#91`, `#95`, `#104`, `#105`, `#111`) across 10 PRs (`#796`–`#805`) delivered platform hardening (PLAT-01/02/03), testing infrastructure (TST-02/03/05/06), PWA readiness (UX-09), and ops documentation (OPS-12/14). 5 new ADRs (ADR-0023 through ADR-0027). Two rounds of adversarial review per PR caught 22 CRITICAL + 32 HIGH issues, all resolved. New test projects: `Taskdeck.Integration.Tests` (Testcontainers). New CI workflows: cross-browser matrix, visual regression, mutation testing, container integration. New infra: `ICacheService`, SignalR Redis backplane, VitePWA service worker.
+21. **Feature, security, and ops expansion wave (2026-04-09)**: 8 issues (`#82`, `#94`, `#101`, `#251`, `#334`, `#338`, `#549`, `#676`) across 8 PRs (`#806`–`#813`) delivered calendar/timeline views (UX-08), staged deployment workflow (OPS-09, ADR-0028), Storybook baseline (UI-12), note-style import (INT-05), agent mode surfaces (AGT-03), error tracking/analytics (OBS-02), OAuth PKCE + account linking (CLD-03), and SSO/OIDC + MFA (SEC-07, ADR-0029). Two rounds of adversarial review per PR (self + independent cold review); the independent round caught 9 CRITICAL and 11 HIGH findings — all resolved. ~231+ new tests. New controllers: NoteImport, Telemetry. New frontend views: CalendarView, AgentsView, AgentRunsView, AgentRunDetailView. New auth infra: DB-backed auth codes, PKCE, OIDC provider factory, TOTP MFA. New dev tooling: Storybook 10.3.5 with 17 primitive stories. New ops: 4-phase deployment workflow, smoke test script, CD staging gate CI workflow, observability setup guide.
+22. Test suite baseline counts recertified 2026-04-09: backend ~3,600+ passing, frontend ~1,984+ passing, combined ~5,600+.
+
+## Documentation Operating Model
+Active docs:
+- `docs/STATUS.md`
+- `docs/IMPLEMENTATION_MASTERPLAN.md`
+- `docs/TESTING_GUIDE.md`
+- `docs/MANUAL_TEST_CHECKLIST.md`
+
+Audience-first product docs:
+- `docs/START_HERE.md`
+- `docs/USER_MANUAL.md`
+- `docs/product/DEMO_PLAYBOOK.md`
+
+Archived docs:
+- all superseded detail packs and historical snapshots under `docs/archive/`
+
+Rule:
+- Any behavior-changing PR must update status + masterplan and relevant testing/checklist docs.
+
+## Weekly Cadence
+
+- Start of week:
+  - reconcile `docs/STATUS.md`
+  - commit top 3 backlog items for the week
+- During week:
+  - ship tested vertical slices
+  - avoid adding new top-level planning docs
+- End of week:
+  - update this file with completed work and reprioritized next steps
+
+## Risk Register
+
+- Risk: auth retrofit causes regressions in existing UI flows
+  - Mitigation: staged rollout + integration contract tests
+- Risk: automation parser/executor changes introduce unsafe operations
+  - Mitigation: strict schema validation + proposal-first enforcement
+- Risk: UX changes increase complexity without cohesion
+  - Mitigation: shared modular patterns (selectors/input-assist/navigation) + RFC-first implementation
+- Risk: docs drift returns after consolidation
+  - Mitigation: strict update requirements on behavior-changing PRs
+- Risk: capture pipeline breaks on natural-language input, undermining near-zero-friction thesis
+  - Mitigation: phased improvement — regex delimiter expansion first, LLM-assisted extraction second, semantic pipeline long-term (`#614`)
+- Risk: LLM tool-calling / MCP architecture becomes scope-creep or breaks review-first safety
+  - Mitigation: spike-first approach (`#618`, `#619`); write tools MUST produce proposals, never direct mutations; read tools are ungated
diff --git a/docs/STATUS.md b/docs/STATUS.md
index 6a2e4904..4e35c5c0 100644
--- a/docs/STATUS.md
+++ b/docs/STATUS.md
@@ -1,1146 +1,1142 @@
-# Taskdeck Status (Source of Truth)
-
-Last Updated: 2026-04-09
-<br>
-Status Owner: Repository maintainers  
-Authoritative Scope: Current implementation, verified test execution, and active phase progress
-Companion Active Docs:
-- `docs/STATUS.md`
-- `docs/IMPLEMENTATION_MASTERPLAN.md`
-- `docs/TESTING_GUIDE.md`
-- `docs/MANUAL_TEST_CHECKLIST.md`
-- `docs/GOLDEN_PRINCIPLES.md`
-
-## Project Summary
-
-Taskdeck is a local-first execution system for developers, built with a .NET 8 backend and a Vue 3 frontend.
-Core board workflows are stable, and advanced slices are implemented for automation proposals, chat, ops/log querying, archive recovery, and worker health reporting.
-
-Rebranding thesis (2026-02-23):
-- capture should be near-zero friction
-- automation should remain review-first and provenance-visible
-- product value is reducing maintenance overhead, not maximizing opaque autonomy
-
-Current constraints are mostly hardening and consistency:
-- ~~**security bug discovered 2026-04-03**: `#722` (SEC-20) — `ChangePassword` endpoint does not verify caller identity~~ **RESOLVED** (`#722`/`#732`, 2026-04-04): `ChangePassword` now derives userId exclusively from JWT claims; `[Authorize]` enforced; `UserId` removed from request body; `AuthController` inherits `AuthenticatedControllerBase`; 5 integration tests proving the fix
-- security and identity behavior is converging but still not uniform across all controller families
-- some UX/operator surfaces are functional but not yet keyboard-first or discoverability-first
-- LLM flow now supports config-gated `OpenAI` and `Gemini` providers with deterministic `Mock` fallback for safe local/test posture; degraded provider responses are now structurally distinct (`messageType: "degraded"` + `degradedReason`) and the health endpoint supports opt-in probe verification (`?probe=true`); chat-to-proposal pipeline improvements delivered: `LlmIntentClassifier` now uses compiled regex patterns with word-distance matching, stemming/plurals, broader verb coverage, and negative context filtering for negations and other-tool questions (`#571`); parse failures now return structured hint payloads with closest-match suggestions and a frontend hint card with "try this instead" pre-fill (`#572`); dedicated classifier and chat-to-proposal integration test coverage added (`#577`); LLM-assisted instruction extraction now delivered (`#573`): OpenAI and Gemini providers request structured JSON output with a system prompt describing supported instruction patterns, parse the response into `LlmCompletionResult.Instructions`, and fall back to the static `LlmIntentClassifier` when structured parsing fails; `ChatService` iterates LLM-extracted instructions (supporting multiple proposals from a single message) and falls back to raw user message parsing when no instructions are extracted; Mock provider unchanged for deterministic test behavior; multi-instruction batch parsing now delivered (`#574`): `ParseBatchInstructionAsync` splits multiple natural-language instructions into individual planner calls, `ChatService` routes multi-instruction messages through batch parsing to generate multiple proposals from a single chat message; board-context LLM prompting now delivered (`#575`, expanded in `#617`): `BoardContextBuilder` constructs bounded board context (columns, card IDs, titles, labels) grouped per column and appends it to system prompts across OpenAI and Gemini providers via `LlmSystemPromptBuilder`; card IDs are included as first-8 hex chars so the LLM can generate `move card <id>` instructions; context budget increased to 4000 chars with single-query card fetch; **remaining gap**: conversational refinement (`#576`) remains undelivered; analysis at `docs/analysis/2026-03-29_chat_nlp_proposal_gap.md`
-- managed-key shared-token abuse-control strategy is now explicitly seeded in `#235` to `#240` before broad external exposure
-- testing-harness guardrail expansion from `#254` to `#260` is shipped; remaining work is normal follow-up hardening rather than the original wave
-- visual regression harness delivered (`#88`): Playwright-based screenshot comparison for 7 key UI surfaces (board empty/populated, command palette open/search, archive, inbox, home); separate `playwright.visual.config.ts` with fixed viewport (1280x720), animations disabled, 0.5% pixel tolerance; CI Extended integration via `reusable-visual-regression.yml` with diff artifact upload on failure; policy document at `docs/testing/VISUAL_REGRESSION_POLICY.md`
-- rigorous test expansion wave seeded 2026-04-03 (`#721` tracker, 22 issues `#699`–`#726`): systematic codebase audit identified 25+ untested infrastructure repositories, zero tests on the central worker, 6 controllers with untested HTTP surfaces, and no golden-path integration test for the capture → proposal → board pipeline; execution is tracked in `docs/TESTING_GUIDE.md`; first delivery: infrastructure repository integration tests (`#699`/`#730` — 77 tests across 7 repo classes against real SQLite); **major wave delivery 2026-04-04** (PRs `#732`–`#739`, 8 issues, ~300 new tests): SEC-20 ChangePassword fix (`#722`/`#732`), golden-path capture→board integration test (`#703`/`#735` — 7 tests proving full pipeline), cross-user data isolation tests (`#704`/`#733` — 38 tests across all major API boundaries), LlmQueueToProposalWorker integration tests (`#700`/`#734` — 24 tests, previously zero coverage), controller HTTP integration tests (`#702`/`#738` — 67 tests covering 6 untested controllers, found 2 pre-existing bugs), proposal lifecycle edge cases (`#708`/`#736` — 74 tests for state machine/expiry/race conditions), OAuth/auth edge cases (`#707`/`#737` — 44 tests, found and fixed `Substring` overflow bug in `ExternalLoginAsync`), MCP full resource/tool inventory (`#653`/`#739` — 9 resources + 11 tools with 42 tests, GP-06 compliant, user-scoping gap fixed during review); **second wave delivery 2026-04-04** (PRs `#740`–`#755`, 8 issues, ~586 new tests with two rounds of adversarial review, 47 review-fix commits): domain entity state machine exhaustive tests (`#701`/`#740` — 174 tests across 7 entities: CommandRun, ArchiveItem, ChatSession, UserPreference, NotificationPreference, CardLabel, CardCommentMention), SignalR hub and realtime integration tests (`#706`/`#751` — 19 tests covering auth, presence lifecycle, multi-user, authorization, edge cases), LLM provider abstraction and tool-calling edge cases (`#709`/`#747` — 101 tests across orchestrator, provider, classifier, registry), data export/import round-trip integrity tests (`#713`/`#752` — 64 tests covering JSON, CSV, GDPR, database, cross-format validation), API error contract regression and boundary validation (`#714`/`#753` — 57 tests across 7 endpoint families with GP-03 contract enforcement), archive and restore lifecycle integration tests (`#715`/`#755` — 74 tests: 45 domain + 29 API covering state machine, cross-user isolation, conflict detection, audit trail), board metrics and analytics accuracy verification (`#718`/`#749` — 61 tests: 51 service + 10 controller covering throughput, cycle time, WIP, blocked cards, done-column heuristic), notification delivery, deduplication, and preference filtering (`#719`/`#746` — 36 tests covering all 5 notification types, deduplication, preference filtering, cross-user isolation, batch operations)
-- MVP dogfooding flow now supports canonical checklist bootstrap in chat (proposal-first, board-scoped); broader template coverage remains future work
-- collaborative editing now includes board/card presence visibility and conflict-hinting guardrails for stale card writes
-- card collaboration now includes threaded comments with mention-linked notifications and moderation-aware edit/delete guardrails
-- capture/inbox realignment is now shipped for the CAP MVP loop (`#200` to `#211`); logging redaction guardrails are delivered in `#212`, and long-list virtualization for inbox/activity views is delivered in `#213`
-- frontend interaction latency budgets and instrumentation are delivered in `#250`: performance mark composable, route-transition/board/inbox/review/home/diff instrumentation, lazy route splitting, and documented thresholds in `docs/PERFORMANCE_BUDGETS.md`
-- post-demo-expansion planning is now explicitly biased toward product legibility before new surface breadth: novice-first entry, board-context continuity, readable review flows, and stronger in-app guidance take precedence over broad autonomy work
-- cold first-run now has launch-criteria proofing beyond route teaching; guided `Home`, durable workspace modes, review-first automation routing, the recoverable `Today` onboarding path, board-centered review/capture handoff, key-route contextual help, and the novice-first docs/help-center stack (root entry docs, chaptered manual, and page-level help/workflow guides) are now shipped, and the dedicated first-run smoke plus launch-criteria guardrail is delivered in `#328`
-- Saul-facing demo reconciliation is now explicit: the core `Home -> Inbox/Capture -> Review -> Board` proof is shipped, the business-facing substrate/trust-cue/hero-path slices are delivered through `#354` plus demo-critical follow-through from `#326` and `#330`; the rehearsal contract is now codified in `docs/product/SAUL_DEMO_REHEARSAL_CONTRACT.md` (`#355`), and the GTM baseline is now delivered in `#216` with a timed demo script (`docs/product/DEMO_SCRIPT.md`), thesis-aligned landing copy (`docs/product/LANDING_COPY.md`), and beta intake workflow/cadence (`docs/product/BETA_INTAKE_WORKFLOW.md`)
-- demo rehearsal walkthrough (2026-03-27) confirmed the core loop is visually correct but surfaced 9 runtime issues in seed tooling, scenario runner, and DX ergonomics; two are blockers for one-command deterministic rehearsal: seed re-run 409 conflicts (`#387`) and `--skip-llm` proposal alias resolution failure (`#389`); tracked in `#395` with analysis in `docs/analysis/2026-03-27_demo-rehearsal-runtime-issues.md`
-- fresh-registration manual test (2026-03-29) surfaced 2 P0 blockers and 16 additional bugs/observations spanning data isolation, board stability, dark-mode theming, chat utility, and UX polish; full findings at `docs/analysis/2026-03-29_manual_testing_consolidated_findings.md`; P0 blockers: queue data not scoped to the authenticated user (`#508`), board auto-switching on multi-board accounts (`#509`); P1 issues tracked in `#510` through `#515`; P2/P3 in `#516` through `#524`; **no external user onboarding should occur until `#508` is resolved**; two bugs from this session now resolved: activity audit trail not recording board mutations (`#521`, fixed — audit logging wired for all board/card/column/label mutations with `SafeLogAsync` resilience wrapper), archive board 30-second freeze (`#519`, fixed — navigation before reactive state teardown prevents cascading re-renders)
-- platform expansion strategy (2026-03-29) now covers four strategic pillars: market adoption (`#544`), packaging/distribution (`#532`), cloud/collaboration (`#537`), and mobile platform (`#540`); master strategy tracker at `#531`; strategy documents at `docs/strategy/`; release versioning plan: `v0.1.0` (self-contained exe) → `v0.2.0` (hosted cloud) → `v0.3.0` (PWA/mobile) → `v0.4.0` (collaboration) → `v0.5.0` (platform maturity) → `v1.0.0` (GA)
-- hands-on UX testing (2026-03-31) surfaced 8 areas of feedback spanning review, inbox, today, home, board, notifications, and LLM chat; 2 P1 issues (capture triage fails on natural-language text `#614`, chat response truncation showing raw JSON `#616`), 11 P2 usability/visual-coherence issues (`#611`–`#613`, `#615`, `#617`, `#620`, `#622`, `#624`–`#627`), and 4 P3 polish/strategic items (`#618`–`#619`, `#621`, `#623`); tracker at `#628`; full analysis at `docs/analysis/2026-03-31_manual_testing_ux_feedback.md`; cross-cutting themes: progressive disclosure needed across review/today/notifications, semantic color vocabulary for status tags, capture pipeline needs LLM-assisted extraction, and chat needs tool-calling/function-calling architecture; LLM tool-calling spike (`#618`) and MCP server spike (`#619`) seeded for strategic planning
-- UX feedback wave 1 delivered (2026-03-31): 6 of 17 issues from `#628` resolved — sidebar footer pinned (`#623`), card drag layout shift eliminated (`#621`), starter-pack modal migrated to design tokens (`#612`), capture triage error messages surfaced with retry hint (`#615`), board context expanded with card IDs for LLM chat (`#617`, N+1 query fixed), review proposal cards now use collapsible detail sections with risk color-coding and keyboard-accessible links dropdown (`#626`)
-- UX feedback wave 2 delivered (2026-03-31): 5 additional issues resolved — both P1 blockers closed: capture triage now handles dash-separated (` - `) and semicolon-delimited text with first-segment context hints and single-sentence fallback (`#614`), chat JSON array truncation detection extended to `[`-started responses with degraded message UX (`#616`); P2: notification list now has type-colored left borders, type badges, smart same-type grouping, time-based section headers, and batch "Mark all read" with board-scoped optimistic update (`#625`); P4: global search endpoint now supports `maxResults`/`offset` pagination with `hasMore`/`totalCardCount` response fields and frontend "Load more" in command palette (`#610`); ops: `ci-extended.yml` now auto-triggers on `.csproj`/workflow/deploy/script changes, PR template and AGENTS.md updated (`#608`); remaining open from `#628`: 0 P2 (~~`#613`~~ delivered in `#665`), 2 P3 strategic spikes (`#618`, `#619`) both completed with implementation waves delivered (Phase 1+2 for tool-calling `#647`, Phase 1 for MCP `#648`)
-- LLM tool-calling spike (`#618`) completed (2026-04-01): architecture document at `docs/spikes/SPIKE_618_COMPLETED.md`; decided on custom implementation over Semantic Kernel (~800 LOC, zero new dependencies), extending `ILlmProvider` with `CompleteWithToolsAsync`, 11 tools (5 read + 6 write, writes always produce proposals per GP-06), new `ToolCallingChatOrchestrator` with multi-turn loop (max 5 rounds, 60s timeout), Mock provider with pattern-based dispatch, ~$0.00088 per 3-round conversation on GPT-4o-mini; implementation tracker at `#647` with phase issues `#649` (read tools + orchestrator — delivered), `#650` (write tools + proposals — delivered), `#651` (Phase 3 refinements — delivered, PR `#773`)
-- LLM tool-calling Phase 1 delivered (`#649`, 2026-04-01): `CompleteWithToolsAsync` added to `ILlmProvider` with OpenAI, Gemini, and Mock implementations; 5 read tool executors (`list_board_columns`, `list_cards_in_column`, `get_card_details`, `search_cards`, `get_board_labels`) in Application layer; `ToolCallingChatOrchestrator` with multi-turn loop (max 5 rounds, 30s/round, 60s total timeout) and graceful degradation to single-turn on failure; Mock provider uses pattern-matching dispatch table for deterministic simulation; SignalR `ToolStatusEvent` integration for intermediate state streaming; `ChatService` delegates to orchestrator for board-scoped sessions with automatic single-turn fallback; 67 new tests
-- LLM tool-calling Phase 2 delivered (`#650`/`#731`, 2026-04-03): 6 write tool executors (`propose_create`, `propose_move`, `propose_archive`, `propose_update`, `propose_bulk_move`, `propose_create_column`) in Application layer; EF migration adds `ToolCallMetadataJson` for provenance; orchestrator now serves 11 tools (5 read + 6 write); writes always produce proposals per GP-06; frontend tool-status indicators show write-tool progress via SignalR
-- Double LLM call eliminated (`#672`/`#727`, 2026-04-03): `ChatService` reuses the orchestrator's text response when no tools are called instead of making a second LLM call; halves latency for non-tool chat messages; remaining follow-up items: argument replay (`#673`)
-- MCP server spike (`#619`) completed (2026-04-01): architecture document at `docs/spikes/SPIKE_619_COMPLETED.md`; decided on official MCP C# SDK (`ModelContextProtocol` v1.2.0), embedded in API process with `--mcp` startup flag, stdio transport first (Claude Code/Cursor), 9 resources under `taskdeck://` URI scheme, 9 tools (2 read + 5 write + 2 proposal management, `approve_proposal` intentionally excluded), API key auth (`tdsk_` prefix) for remote HTTP transport, write tools return proposal IDs for review-first compliance; implementation tracker at `#648` with phase issues `#652` (minimal prototype), `#653` (full inventory), `#654` (HTTP + auth), `#655` (production hardening, deferred)
-- MCP minimal prototype delivered (`#652`/`#664`, 2026-04-01): `ModelContextProtocol` NuGet v1.2.0 added; `IUserContextProvider` interface in Application layer with `StdioUserContextProvider` implementation; `BoardResources` class with `[McpServerResource]` for `taskdeck://boards` resource returning compact JSON (id, name, columnCount, cardCount, isArchived, updatedAt); `--mcp` startup flag in `Program.cs` selects stdio host builder skipping web server overhead; 11 integration tests covering shape, archived exclusion, counts, empty results, and multi-user scoping
-- UX feedback wave 3 delivered (2026-04-01): review proposal card UX improved (`#613`/`#665`) — sticky action footer with `position: sticky; bottom: 0` keeps action buttons visible regardless of card content length, cards constrained to `max-height: 70vh` (80vh mobile) with internal scrolling, detail section heights capped at `12rem`
-- GDPR data portability delivered (`#83`/`#666`, 2026-04-01): `DataExportService` exports all user-scoped data as versioned JSON package (boards, notifications, captures, proposals, chat sessions, audit trail, preferences); `AccountDeletionService` with password re-authentication + confirmation phrase safeguard, PII anonymization (username/email/password), `BoardAccess` cleanup, sole-owner guard, transactional rollback on partial failure; `DataPortabilityController` with `[Authorize]` + `[ResponseCache(NoStore = true)]`; PII-free audit logging at request and completion stages; 32 tests; follow-up items: export streaming for large datasets (`#670`); JWT invalidation after deletion delivered (`#671`/`#698`+`#728`)
-- Board metrics dashboard delivered (`#77`/`#667`, 2026-04-01): `BoardMetricsService` computes throughput (audit-log-based card completion), cycle time (creation-to-done via audit), WIP (cards per column), and blocked card count/duration; `MetricsController` with date range, board, and label filters; done column resolved by name heuristic (done/complete/finished/shipped/etc.) with positional fallback; frontend dashboard at `/workspace/metrics` with CSS bar charts, summary cards, tables, board selector, date picker, loading/error/empty states; lazy-loaded route + sidebar nav link; 24 backend + 22 frontend tests; SQL-level filtering follow-up delivered (`#675`/`#724`)
-- GitHub OAuth frontend integration delivered (`#539`/`#668`, 2026-04-01): conditional "Sign in with GitHub" button in LoginView based on `/api/auth/providers` response; OAuth code exchange flow with demo-mode gating, array-safe query param extraction, and awaited URL cleanup; session store action with error handling and toast notifications; open redirect prevention on both backend (`Url.IsLocalUrl`) and frontend (`sanitizeInternalRedirect`); follow-up: distributed auth code store, PKCE, account linking (`#676`)
-- Hardening and UX wave delivered (2026-04-03, PRs `#691`–`#698`): 9 issues resolved across 8 PRs with adversarial review follow-through:
-  - **P1 bug fixed** (`#681`/`#691`): Archive, Activity, Ops, and Access workspace routes no longer silently redirect to Home — feature flags for shipped surfaces now default to `true`; 5 new router guard tests
-  - **Expired proposal handling** (`#678`+`#690`/`#696`): Review no longer presents expired proposals as "Approved, ready to apply"; expired proposals show distinct status badge with dismiss/clear action; client-side expiry detection with 60-second reactive clock covers proposals the housekeeping worker hasn't transitioned yet; 9 new tests
-  - **Chat card ID continuity** (`#677`/`#695`): new `CardIdPrefixResolver` resolves 8-char hex prefixes to full GUIDs via board-scoped prefix matching; wired into `AutomationPlannerService` (6 call sites) and `NaturalLanguageInstructionExtractor`; full GUIDs pass through without DB hits; 15 new tests
-  - **Human-readable proposal diffs** (`#682`/`#697`): `GetProposalDiffAsync` now batch-loads cards and columns (2 queries) and resolves operation targets to names; falls back to raw GUID when resolution fails; frontend diff panel with ARIA label and word-wrapping; 4 new tests
-  - **Dark theme label manager** (`#684`/`#692`): 22 light-theme Tailwind classes replaced with design-token equivalents following ColumnEditModal pattern; 2 new tests
-  - **Chat health banner three-state** (`#679`/`#693`): `verificationStatus` field (`unverified`/`verified`/`failed`) added to health DTO; banner shows amber for configured-but-unverified, green for verified, red for failed; 6 new tests
-  - **OpenAI strict mode + loop detection** (`#674`/`#694`): `strict: true` added to OpenAI tool schemas; SHA256-based loop detection in orchestrator aborts when consecutive rounds have identical tool-call fingerprints (with error-retry bypass for transient failures); 10 new tests
-  - **JWT invalidation after account deletion** (`#671`/`#698`): `TokenInvalidatedAt` field on User entity with EF migration; `TokenValidationMiddleware` checks `IsActive` and compares token `iat` against invalidation timestamp on every authenticated request; `AccountDeletionService` sets invalidation timestamp during deletion; whole-second precision truncation matches JWT `iat` granularity; ADR-0021 documents the design decision; 9 new tests
-- Post-hardening delivery wave (2026-04-03, PRs `#724`–`#731`): 6 issues resolved across 6 PRs:
-  - **SQL-level board metrics filtering** (`#675`/`#724`): `BoardMetricsService` now uses SQL-level filtering via new repository methods (`GetForMetricsAsync`, `CountCardsByColumnAsync`, `GetBlockedByBoardIdAsync`) instead of in-memory filtering; frontend `Math.max(...spread)` replaced with `reduce` for empty-array safety
-  - **Double LLM call elimination** (`#672`/`#727`): `ChatService` reuses the orchestrator's text response when no tools are called, halving latency for non-tool chat messages
-  - **JWT invalidation hardening** (`#671`/`#728`): `ActiveUserValidationMiddleware` checks user active status on every authenticated request with 30-second in-memory cache; cache invalidated on deletion/deactivation
-  - **Expired proposal review UX** (`#678`+`#690`/`#729`): `IsExpired` flag on `ProposalDto`, domain `CanBeDismissed` method, expired proposals rendered distinctly in Review with dismiss action and disabled apply/approve buttons
-  - **Infrastructure repository integration tests** (`#699`/`#730`): 77 new tests across 7 repository classes against real SQLite; found and fixed a real `LlmQueueRepository` ordering bug
-  - **LLM write tools and proposal integration** (`#650`/`#731`): 6 write tool executors (`propose_create`, `propose_move`, `propose_archive`, `propose_update`, `propose_bulk_move`, `propose_create_column`), EF migration for `ToolCallMetadataJson`, orchestrator now serves 11 tools total (5 read + 6 write), frontend tool-status indicators for write operations
-- Security + testing + MCP delivery wave (2026-04-04, PRs `#732`–`#739`): 8 issues resolved across 8 PRs with two rounds of adversarial review:
-  - **SEC-20 ChangePassword identity bypass fixed** (`#722`/`#732`): userId now derived exclusively from JWT claims; `[Authorize]` enforced; `UserId` removed from request body; `AuthController` refactored to inherit `AuthenticatedControllerBase`; 5 new integration tests
-  - **Golden-path integration test** (`#703`/`#735`): 7 tests exercising full capture → triage → proposal → review → board pipeline; validates card title, column placement, provenance chain, multi-operation atomicity, cross-user isolation, audit trail, and triage failure determinism
-  - **Cross-user data isolation tests** (`#704`/`#733`): 38 integration tests across all major API boundaries (boards, columns, cards, captures, proposals, notifications, audit trails, chat sessions, knowledge docs, webhooks, board exports, labels, board access controls); includes shared-board grant/scope/revocation tests; adversarial review caught and fixed 3 false-positive tests and missing precondition assertions
-  - **LlmQueueToProposalWorker integration tests** (`#700`/`#734`): 24 tests covering happy path, empty queue, transient/permanent error, retry/backoff, cancellation, fair-batch interleaving, already-claimed items, and capture triage paths; adversarial review fixed fake repository status-tracking and race condition simulation
-  - **Controller HTTP integration tests** (`#702`/`#738`): 67 tests covering 6 previously-untested controllers (DataPortability, AbuseContainment, Metrics, Search, AgentProfiles, AgentRuns) + 17 new authz regression matrix entries; discovered 2 pre-existing bugs (agent list 500, empty board export); adversarial review fixed weak assertions and resource leaks
-  - **Proposal lifecycle edge cases** (`#708`/`#736`): 74 tests (42 domain + 25 application + 7 api) covering expiry timing boundaries, double-apply prevention, comprehensive state machine violations, dismissal edge cases, operation mutation guards, batch expiry, worker-vs-manual race conditions; adversarial review fixed clock-resolution flakiness and added 5 new edge case tests
-  - **OAuth/auth edge case tests** (`#707`/`#737`): 44 tests covering login/registration edge cases, token validation (malformed/expired/wrong-key/missing-claims), OAuth code exchange, open redirect prevention, middleware enforcement; **found and fixed production bug**: `ExternalLoginAsync` `Substring(0, 50)` overflow for short usernames
-  - **MCP full resource and tool inventory** (`#653`/`#739`): 9 resources under `taskdeck://` URI scheme + 11 tools (2 read + 6 write + 3 proposal management); all write tools produce proposals per GP-06; `approve_proposal` intentionally excluded; 42 MCP-specific tests; **adversarial review found and fixed user-scoping gap** on proposal resources/tools
-- Post-adversarial-review hardening and test expansion wave (2026-04-04, PRs `#741`–`#756`, 9 issues):
-  - **Product telemetry taxonomy** (`#341`/`#741`): `docs/product/TELEMETRY_TAXONOMY.md` defines 35+ named events across 7 categories (Capture, Proposal/Review, Board, Auth, Navigation, Agent, Error) with `noun.verb` naming convention, universal envelope, privacy guardrails (bucketed counts, no PII), and R1/R2/R3 launch gate anchors; telemetry is opt-in and not yet implemented
-  - **Board header presence label fixed** (`#683`/`#744`): `normalizePresenceMembers()` in `BoardView.vue` now replaces current user's SignalR `displayName` with locally-known username, eliminating email/username flip on card open; 3 new tests
-  - **Manual card provenance empty state** (`#680`/`#754`): `cardsApi.getCardProvenance()` now returns null only for "Capture provenance not found" 404s (not all 404s); CardModal shows "No capture provenance available." with `loadedCaptureProvenanceCardId` guard against flash; 4 new tests; adversarial review caught and fixed 3 bugs (overly broad 404 catch, global Axios log-level regression, empty-state flash)
-  - **WIP-limit duplicate toast regression** (`#686`/`#745`): 7 regression tests in `boardStore.wipLimit.spec.ts` guard against future double-toast on WIP limit violations for createCard and moveCard
-  - **Auth-flow toast regression coverage** (`#685`/`#742`): 20 tests in `sessionStore.authToast.spec.ts` covering login/register/OAuth failure and success toast lifecycle, isolation, and auto-removal; adversarial review fixed timer leak, mock isolation, and inverted assertion
-  - **Route and workspace-state stability** (`#687`/`#748`): `authGuard.spec.ts` (auth guard decision table) and `workspaceRouteStability.spec.ts` (mode persistence, hydration drift, resetForLogout) with 16-case exhaustive guard table; also fixed pre-existing `AuthControllerEdgeCaseTests.cs` compile error
-  - **Inbox triage action visibility** (`#688`/`#743`): 21 new tests in `InboxView.spec.ts` covering single-item triage action states and bulk action bar visibility with DOM-level assertions
-  - **Webhook HMAC signature verification** (`#726`/`#750`): 11 tests in `OutboundWebhookHmacDeliveryTests.cs` covering header format, HMAC round-trip, wrong-key rejection, secret rotation, large payload, and timing-safe comparison; adversarial review fixed rotation test and replaced BCL-testing stubs with real domain property tests
-  - **Webhook delivery reliability and SSRF boundary** (`#710`/`#756`): 78 webhook tests across 9 files (endpoint guard, service, signature, delivery worker, HMAC delivery, API, repository, domain delivery, domain subscription); SSRF coverage via `OutboundWebhookEndpointGuardTests` includes private IPv4/IPv6 ranges; delivery reliability covers retry/backoff, dead-letter, concurrent delivery, HMAC at worker boundary; `HttpClient` resource leak fixed in tests
-- Tech-debt, security, and feature hardening wave (2026-04-04, PRs `#765`–`#770`, `#776`, 7 issues, ~32 new backend tests + 33 new frontend tests, two rounds of adversarial review per PR):
-  - **Agent API 500 fix** (`#758`/`#776`): root cause was `DateTimeOffset` ORDER BY failing in SQLite; `AgentProfileRepository` fixed with materialize-then-sort; `AgentRunRepository` upgraded to `IsSqlite()` + `FromSqlInterpolated` pattern for SQL-level ORDER BY + LIMIT; 2 previously-skipped tests un-skipped; round 2 review caught and fixed the load-all-before-limit performance issue in `AgentRunRepository`
-  - **DataExport exception logging** (`#759`/`#766`): `ILogger<T>` added to `DataExportService` and `AccountDeletionService` with `LogError` in previously-silent catch blocks; round 2 review added `OperationCanceledException` filter to avoid monitoring noise and changed rollback to `CancellationToken.None` for reliability; 3 new tests
-  - **Streaming chat token usage** (`#763`/`#768`): `LlmTokenEvent` extended with `TokensUsed`, `Provider`, and `Model` fields; all 3 LLM providers (Mock, OpenAI, Gemini) populate usage on final stream event; `ChatService.StreamResponseAsync` now persists assistant `ChatMessage` with token usage and records quota via `ILlmQuotaService.RecordUsageAsync` (matching non-streaming path); 4 new/updated tests
-  - **EF Core version alignment** (`#760`/`#767`): downgraded `Microsoft.EntityFrameworkCore`, `.Sqlite`, `.Design`, and `.Tools` from 9.0.14 to 8.0.14 across Infrastructure and Api projects; removed EF9-only `PendingModelChangesWarning` suppression; replaced stale `Microsoft.AspNetCore.Http` 2.3.9 with `FrameworkReference Include="Microsoft.AspNetCore.App"`; round 2 review added `PrivateAssets="all"` to Design package; migration snapshot `ProductVersion: "9.0.14"` is metadata-only, self-corrects on next migration
-  - **Frontend HTTP interceptor and auth guard tests** (`#725`/`#765`): 33 new tests across 2 files — `http.spec.ts` (19 tests: token injection, 401 handling, demo mode, X-Request-Id, error propagation) and `routerIntegration.spec.ts` (14 tests: auth guards, feature flags, legacy redirects, expired token handling); `axios-mock-adapter` added as dev dependency; round 2 review fixed CI-breaking ESLint `no-import-assign` with `vi.hoisted` pattern, `window.location` restoration leak, and inaccurate docstring
-  - **OAuth token lifecycle tests** (`#723`/`#769`): 19 integration tests covering auth code store (valid exchange, expiry, replay prevention, concurrent atomicity, cleanup), JWT lifecycle (expiry, wrong key, garbage token, deactivated user, re-issue after password change), SignalR query-string auth (3 tests), and GitHub OAuth config (2 tests); round 2 review fixed redundant ternary, `HttpClient` resource leak in concurrent test, misleading SignalR test names, and weak string-contains assertion
-  - **Tool argument replay** (`#673`/`#770`): `Arguments` field (`JsonElement`) added to `ToolCallResult` with backward-compatible default; orchestrator passes original arguments through; OpenAI uses `GetRawText()` and Gemini uses inline `Arguments` object in synthetic replay messages instead of hardcoded `"{}"` / `new { }`; falls back to empty when `ValueKind == Undefined`; `GeminiLlmProvider.BuildToolCallingPayload` promoted to `internal` for testability; 6 new tests
-
-- Dependency hygiene, accessibility, tool-calling refinements, streaming, and test coverage wave (2026-04-04, PRs `#771`–`#779`, 8 issues, ~258 new tests with two rounds of adversarial review per PR):
-  - **Vendored dependency cleanup** (`#761`/`#771`): removed `vendor/ws-7.5.10.tgz` file and orphaned Dockerfile `COPY vendor/` line; `ws` now resolves from npm registry as `^7.5.10`; no-op `p-limit@3.0.2` override removed; adversarial review caught stale STATUS.md and MASTERPLAN docs references and updated them
-  - **Accessibility lint: 105 warnings → 0** (`#762`/`#779`): form label associations (`for`/`id` pairs, `aria-label`), keyboard event companions for click handlers, `role="dialog"` + `aria-modal` + Escape handler on modal backdrops, redundant-role removals; `--max-warnings 20` CI threshold enforced; adversarial review found and fixed 2 CI regressions: `TdTooltip.vue` Vue-Fragment breakage (9 failing tests) and invalid `tabindex="-1"` on `role="option"` items; 2 non-blocking ARIA follow-up items filed
-  - **Tool-calling Phase 3 refinements** (`#651`/`#773`): `LlmToolCallingSettings` DI singleton with `Enabled` (default `true`) and `MaxToolResultBytes` (default 8 000) config keys; `ChatService` bypasses orchestrator when disabled; `TruncateToolResult` enforces UTF-8 byte budget via binary search with zero heap allocations in the search loop; cost tracking DI wiring completed; 17 new tests; adversarial review caught byte-budget contract violation when `maxBytes < marker length` and replaced O(n) loop with correct binary search
-  - **Export streaming for large datasets** (`#670`/`#774`): new `GET /api/account/export/stream` endpoint streams JSON response body via `Utf8JsonWriter` — memory usage is constant regardless of dataset size; N+1 chat-message count query fixed with `CountBySessionIdsAsync` (single GROUP BY query, 500-session windows to respect SQLite 999-param limit); backward-compatible with original `/export` endpoint; 15 tests; adversarial review caught `ToErrorActionResult()` crash when called after `Response.HasStarted`; streaming HTTP 200 partial-response limitation documented in controller comment
-  - **Frontend view vitest coverage** (`#716`/`#775`): 83 new tests for 6 previously-untested views (LoginView, RegisterView, BoardsListView, ExportImportView, SavedViewsView, DevToolsView) with DOM-level assertions for loading/error/empty states, user interactions, and form validation; adversarial review fixed 3 ESLint errors (CI blocker: unused vars, invalid `[key]` selector) and added 3 missing OAuth callback path tests
-  - **Pinia store integration tests** (`#711`/`#777`): 91 new tests across 6 stores (boardStore, captureStore, workspaceStore, queueStore, notificationStore, sessionStore) mocking HTTP layer rather than API modules, exercising real API client code; covers boardStore auto-switch regression (`#509`), queueStore data isolation (`#508`); adversarial review fixed fake timer leak, unreliable microtask drain, and 4 `as never[]`/`as never` type bypasses defeating integration test value
-  - **Resilience and degraded-mode tests** (`#720`/`#778`): 34 new tests (18 backend + 16 frontend) covering ChatService LLM provider failure/fallback, worker crash/retry/cancellation/max-retries, frontend store error states, SignalR reconnect polling fallback; adversarial review fixed unused import (CI blocker), double-invocation anti-pattern, and 150ms timing race widened to 500ms
-  - **E2E error state expansion** (`#712`/`#772`): 25 new Playwright scenarios across 3 spec files (`error-recovery.spec.ts`, `multi-board.spec.ts`, `edge-journeys.spec.ts`) using `page.route()` for deterministic error injection without live backend dependency; adversarial review fixed unused import (CI blocker), route glob missing query-param suffix, 3 vacuous soft-assertion blocks replaced with unconditional assertions
-
-- Feature, analytics, MCP, chat, testing, and UX expansion wave (2026-04-08, PRs `#787`–`#793`, 7 issues, ~390+ new tests with two rounds of adversarial review per PR):
-  - **Exportable analytics CSV** (`#78`/`#787`): `MetricsExportService` with schema-versioned CSV export, CSV injection protection (leading-char and embedded-newline sanitization), UTF-8 BOM for Excel compatibility; `GET /api/metrics/boards/{boardId}/export` endpoint with date range/label filters and `Content-Disposition` attachment header; frontend "Export CSV" button in MetricsView with error toast; `ADR-0022` defers PDF export; 29 tests (21 unit + 8 integration); adversarial review caught and fixed embedded-newline injection vector (HIGH), missing CancellationToken forwarding, and silent frontend error swallowing
-  - **Forecasting and capacity-planning service** (`#79`/`#790`): `ForecastingService` with rolling-average throughput from audit log card-move events, standard-deviation confidence bands (optimistic/expected/pessimistic), average cycle time from creation-to-done; `GET /api/forecast/board/{boardId}` endpoint with documented assumptions and data-point count; frontend forecast section in MetricsView showing estimated completion, confidence range, and caveats; 32 tests; adversarial review caught and fixed throughput double-counting when cards bounce Done→InProgress→Done (HIGH), history-window calculation using wrong denominator, and regex compiled fresh on every call
-  - **MCP HTTP transport and API key authentication** (`#654`/`#792`): `ApiKey` domain entity with `tdsk_` prefix and SHA-256 hashing at rest; EF Core migration for `ApiKeys` table with unique `KeyHash` index; `ApiKeyMiddleware` for Bearer token validation on `/mcp` path; `HttpUserContextProvider` maps API key → user for claims-first identity; `ApiKeysController` REST endpoints (create/list/revoke) with JWT auth; `MapMcp()` HTTP transport alongside REST endpoints via `ModelContextProtocol.AspNetCore`; rate limiting per API key (60 req/60s); 31 tests (11 domain + 20 integration); adversarial review caught and fixed key-existence oracle via differentiated error messages (MEDIUM), modulo bias in key generation, and bare catch block
-  - **Conversational refinement loop** (`#576`/`#791`): `ClarificationDetector` with strong/weak signal pattern split for ambiguity detection, max 2 clarification rounds before best-effort, skip-phrase detection ("just do your best"); `ChatService` integration tracking clarification state and injecting system prompt guidance; Mock provider simulates clarification for deterministic testing; frontend clarification badge and "Skip, just do your best" button in AutomationChatView; 41 tests (22 detector + 7 service + 6 false-positive regression + domain); adversarial review caught and fixed false-positive heuristic classifying normal LLM responses as clarification (HIGH)
+# Taskdeck Status (Source of Truth)
+
+Last Updated: 2026-04-09
+<br>
+Status Owner: Repository maintainers
+Authoritative Scope: Current implementation, verified test execution, and active phase progress
+Companion Active Docs:
+- `docs/STATUS.md`
+- `docs/IMPLEMENTATION_MASTERPLAN.md`
+- `docs/TESTING_GUIDE.md`
+- `docs/MANUAL_TEST_CHECKLIST.md`
+- `docs/GOLDEN_PRINCIPLES.md`
+
+## Project Summary
+
+Taskdeck is a local-first execution system for developers, built with a .NET 8 backend and a Vue 3 frontend.
+Core board workflows are stable, and advanced slices are implemented for automation proposals, chat, ops/log querying, archive recovery, and worker health reporting.
+
+Rebranding thesis (2026-02-23):
+- capture should be near-zero friction
+- automation should remain review-first and provenance-visible
+- product value is reducing maintenance overhead, not maximizing opaque autonomy
+
+Current constraints are mostly hardening and consistency:
+- ~~**security bug discovered 2026-04-03**: `#722` (SEC-20) — `ChangePassword` endpoint does not verify caller identity~~ **RESOLVED** (`#722`/`#732`, 2026-04-04): `ChangePassword` now derives userId exclusively from JWT claims; `[Authorize]` enforced; `UserId` removed from request body; `AuthController` inherits `AuthenticatedControllerBase`; 5 integration tests proving the fix
+- security and identity behavior is converging but still not uniform across all controller families
+- some UX/operator surfaces are functional but not yet keyboard-first or discoverability-first
+- LLM flow now supports config-gated `OpenAI` and `Gemini` providers with deterministic `Mock` fallback for safe local/test posture; degraded provider responses are now structurally distinct (`messageType: "degraded"` + `degradedReason`) and the health endpoint supports opt-in probe verification (`?probe=true`); chat-to-proposal pipeline improvements delivered: `LlmIntentClassifier` now uses compiled regex patterns with word-distance matching, stemming/plurals, broader verb coverage, and negative context filtering for negations and other-tool questions (`#571`); parse failures now return structured hint payloads with closest-match suggestions and a frontend hint card with "try this instead" pre-fill (`#572`); dedicated classifier and chat-to-proposal integration test coverage added (`#577`); LLM-assisted instruction extraction now delivered (`#573`): OpenAI and Gemini providers request structured JSON output with a system prompt describing supported instruction patterns, parse the response into `LlmCompletionResult.Instructions`, and fall back to the static `LlmIntentClassifier` when structured parsing fails; `ChatService` iterates LLM-extracted instructions (supporting multiple proposals from a single message) and falls back to raw user message parsing when no instructions are extracted; Mock provider unchanged for deterministic test behavior; multi-instruction batch parsing now delivered (`#574`): `ParseBatchInstructionAsync` splits multiple natural-language instructions into individual planner calls, `ChatService` routes multi-instruction messages through batch parsing to generate multiple proposals from a single chat message; board-context LLM prompting now delivered (`#575`, expanded in `#617`): `BoardContextBuilder` constructs bounded board context (columns, card IDs, titles, labels) grouped per column and appends it to system prompts across OpenAI and Gemini providers via `LlmSystemPromptBuilder`; card IDs are included as first-8 hex chars so the LLM can generate `move card <id>` instructions; context budget increased to 4000 chars with single-query card fetch; **remaining gap**: conversational refinement (`#576`) remains undelivered; analysis at `docs/analysis/2026-03-29_chat_nlp_proposal_gap.md`
+- managed-key shared-token abuse-control strategy is now explicitly seeded in `#235` to `#240` before broad external exposure
+- testing-harness guardrail expansion from `#254` to `#260` is shipped; remaining work is normal follow-up hardening rather than the original wave
+- rigorous test expansion wave seeded 2026-04-03 (`#721` tracker, 22 issues `#699`–`#726`): systematic codebase audit identified 25+ untested infrastructure repositories, zero tests on the central worker, 6 controllers with untested HTTP surfaces, and no golden-path integration test for the capture → proposal → board pipeline; execution is tracked in `docs/TESTING_GUIDE.md`; first delivery: infrastructure repository integration tests (`#699`/`#730` — 77 tests across 7 repo classes against real SQLite); **major wave delivery 2026-04-04** (PRs `#732`–`#739`, 8 issues, ~300 new tests): SEC-20 ChangePassword fix (`#722`/`#732`), golden-path capture→board integration test (`#703`/`#735` — 7 tests proving full pipeline), cross-user data isolation tests (`#704`/`#733` — 38 tests across all major API boundaries), LlmQueueToProposalWorker integration tests (`#700`/`#734` — 24 tests, previously zero coverage), controller HTTP integration tests (`#702`/`#738` — 67 tests covering 6 untested controllers, found 2 pre-existing bugs), proposal lifecycle edge cases (`#708`/`#736` — 74 tests for state machine/expiry/race conditions), OAuth/auth edge cases (`#707`/`#737` — 44 tests, found and fixed `Substring` overflow bug in `ExternalLoginAsync`), MCP full resource/tool inventory (`#653`/`#739` — 9 resources + 11 tools with 42 tests, GP-06 compliant, user-scoping gap fixed during review); **second wave delivery 2026-04-04** (PRs `#740`–`#755`, 8 issues, ~586 new tests with two rounds of adversarial review, 47 review-fix commits): domain entity state machine exhaustive tests (`#701`/`#740` — 174 tests across 7 entities: CommandRun, ArchiveItem, ChatSession, UserPreference, NotificationPreference, CardLabel, CardCommentMention), SignalR hub and realtime integration tests (`#706`/`#751` — 19 tests covering auth, presence lifecycle, multi-user, authorization, edge cases), LLM provider abstraction and tool-calling edge cases (`#709`/`#747` — 101 tests across orchestrator, provider, classifier, registry), data export/import round-trip integrity tests (`#713`/`#752` — 64 tests covering JSON, CSV, GDPR, database, cross-format validation), API error contract regression and boundary validation (`#714`/`#753` — 57 tests across 7 endpoint families with GP-03 contract enforcement), archive and restore lifecycle integration tests (`#715`/`#755` — 74 tests: 45 domain + 29 API covering state machine, cross-user isolation, conflict detection, audit trail), board metrics and analytics accuracy verification (`#718`/`#749` — 61 tests: 51 service + 10 controller covering throughput, cycle time, WIP, blocked cards, done-column heuristic), notification delivery, deduplication, and preference filtering (`#719`/`#746` — 36 tests covering all 5 notification types, deduplication, preference filtering, cross-user isolation, batch operations)
+- MVP dogfooding flow now supports canonical checklist bootstrap in chat (proposal-first, board-scoped); broader template coverage remains future work
+- collaborative editing now includes board/card presence visibility and conflict-hinting guardrails for stale card writes
+- card collaboration now includes threaded comments with mention-linked notifications and moderation-aware edit/delete guardrails
+- capture/inbox realignment is now shipped for the CAP MVP loop (`#200` to `#211`); logging redaction guardrails are delivered in `#212`, and long-list virtualization for inbox/activity views is delivered in `#213`
+- frontend interaction latency budgets and instrumentation are delivered in `#250`: performance mark composable, route-transition/board/inbox/review/home/diff instrumentation, lazy route splitting, and documented thresholds in `docs/PERFORMANCE_BUDGETS.md`
+- post-demo-expansion planning is now explicitly biased toward product legibility before new surface breadth: novice-first entry, board-context continuity, readable review flows, and stronger in-app guidance take precedence over broad autonomy work
+- cold first-run now has launch-criteria proofing beyond route teaching; guided `Home`, durable workspace modes, review-first automation routing, the recoverable `Today` onboarding path, board-centered review/capture handoff, key-route contextual help, and the novice-first docs/help-center stack (root entry docs, chaptered manual, and page-level help/workflow guides) are now shipped, and the dedicated first-run smoke plus launch-criteria guardrail is delivered in `#328`
+- Saul-facing demo reconciliation is now explicit: the core `Home -> Inbox/Capture -> Review -> Board` proof is shipped, the business-facing substrate/trust-cue/hero-path slices are delivered through `#354` plus demo-critical follow-through from `#326` and `#330`; the rehearsal contract is now codified in `docs/product/SAUL_DEMO_REHEARSAL_CONTRACT.md` (`#355`), and the GTM baseline is now delivered in `#216` with a timed demo script (`docs/product/DEMO_SCRIPT.md`), thesis-aligned landing copy (`docs/product/LANDING_COPY.md`), and beta intake workflow/cadence (`docs/product/BETA_INTAKE_WORKFLOW.md`)
+- demo rehearsal walkthrough (2026-03-27) confirmed the core loop is visually correct but surfaced 9 runtime issues in seed tooling, scenario runner, and DX ergonomics; two are blockers for one-command deterministic rehearsal: seed re-run 409 conflicts (`#387`) and `--skip-llm` proposal alias resolution failure (`#389`); tracked in `#395` with analysis in `docs/analysis/2026-03-27_demo-rehearsal-runtime-issues.md`
+- fresh-registration manual test (2026-03-29) surfaced 2 P0 blockers and 16 additional bugs/observations spanning data isolation, board stability, dark-mode theming, chat utility, and UX polish; full findings at `docs/analysis/2026-03-29_manual_testing_consolidated_findings.md`; P0 blockers: queue data not scoped to the authenticated user (`#508`), board auto-switching on multi-board accounts (`#509`); P1 issues tracked in `#510` through `#515`; P2/P3 in `#516` through `#524`; **no external user onboarding should occur until `#508` is resolved**; two bugs from this session now resolved: activity audit trail not recording board mutations (`#521`, fixed — audit logging wired for all board/card/column/label mutations with `SafeLogAsync` resilience wrapper), archive board 30-second freeze (`#519`, fixed — navigation before reactive state teardown prevents cascading re-renders)
+- platform expansion strategy (2026-03-29) now covers four strategic pillars: market adoption (`#544`), packaging/distribution (`#532`), cloud/collaboration (`#537`), and mobile platform (`#540`); master strategy tracker at `#531`; strategy documents at `docs/strategy/`; release versioning plan: `v0.1.0` (self-contained exe) → `v0.2.0` (hosted cloud) → `v0.3.0` (PWA/mobile) → `v0.4.0` (collaboration) → `v0.5.0` (platform maturity) → `v1.0.0` (GA)
+- hands-on UX testing (2026-03-31) surfaced 8 areas of feedback spanning review, inbox, today, home, board, notifications, and LLM chat; 2 P1 issues (capture triage fails on natural-language text `#614`, chat response truncation showing raw JSON `#616`), 11 P2 usability/visual-coherence issues (`#611`–`#613`, `#615`, `#617`, `#620`, `#622`, `#624`–`#627`), and 4 P3 polish/strategic items (`#618`–`#619`, `#621`, `#623`); tracker at `#628`; full analysis at `docs/analysis/2026-03-31_manual_testing_ux_feedback.md`; cross-cutting themes: progressive disclosure needed across review/today/notifications, semantic color vocabulary for status tags, capture pipeline needs LLM-assisted extraction, and chat needs tool-calling/function-calling architecture; LLM tool-calling spike (`#618`) and MCP server spike (`#619`) seeded for strategic planning
+- UX feedback wave 1 delivered (2026-03-31): 6 of 17 issues from `#628` resolved — sidebar footer pinned (`#623`), card drag layout shift eliminated (`#621`), starter-pack modal migrated to design tokens (`#612`), capture triage error messages surfaced with retry hint (`#615`), board context expanded with card IDs for LLM chat (`#617`, N+1 query fixed), review proposal cards now use collapsible detail sections with risk color-coding and keyboard-accessible links dropdown (`#626`)
+- UX feedback wave 2 delivered (2026-03-31): 5 additional issues resolved — both P1 blockers closed: capture triage now handles dash-separated (` - `) and semicolon-delimited text with first-segment context hints and single-sentence fallback (`#614`), chat JSON array truncation detection extended to `[`-started responses with degraded message UX (`#616`); P2: notification list now has type-colored left borders, type badges, smart same-type grouping, time-based section headers, and batch "Mark all read" with board-scoped optimistic update (`#625`); P4: global search endpoint now supports `maxResults`/`offset` pagination with `hasMore`/`totalCardCount` response fields and frontend "Load more" in command palette (`#610`); ops: `ci-extended.yml` now auto-triggers on `.csproj`/workflow/deploy/script changes, PR template and AGENTS.md updated (`#608`); remaining open from `#628`: 0 P2 (~~`#613`~~ delivered in `#665`), 2 P3 strategic spikes (`#618`, `#619`) both completed with implementation waves delivered (Phase 1+2 for tool-calling `#647`, Phase 1 for MCP `#648`)
+- LLM tool-calling spike (`#618`) completed (2026-04-01): architecture document at `docs/spikes/SPIKE_618_COMPLETED.md`; decided on custom implementation over Semantic Kernel (~800 LOC, zero new dependencies), extending `ILlmProvider` with `CompleteWithToolsAsync`, 11 tools (5 read + 6 write, writes always produce proposals per GP-06), new `ToolCallingChatOrchestrator` with multi-turn loop (max 5 rounds, 60s timeout), Mock provider with pattern-based dispatch, ~$0.00088 per 3-round conversation on GPT-4o-mini; implementation tracker at `#647` with phase issues `#649` (read tools + orchestrator — delivered), `#650` (write tools + proposals — delivered), `#651` (Phase 3 refinements — delivered, PR `#773`)
+- LLM tool-calling Phase 1 delivered (`#649`, 2026-04-01): `CompleteWithToolsAsync` added to `ILlmProvider` with OpenAI, Gemini, and Mock implementations; 5 read tool executors (`list_board_columns`, `list_cards_in_column`, `get_card_details`, `search_cards`, `get_board_labels`) in Application layer; `ToolCallingChatOrchestrator` with multi-turn loop (max 5 rounds, 30s/round, 60s total timeout) and graceful degradation to single-turn on failure; Mock provider uses pattern-matching dispatch table for deterministic simulation; SignalR `ToolStatusEvent` integration for intermediate state streaming; `ChatService` delegates to orchestrator for board-scoped sessions with automatic single-turn fallback; 67 new tests
+- LLM tool-calling Phase 2 delivered (`#650`/`#731`, 2026-04-03): 6 write tool executors (`propose_create`, `propose_move`, `propose_archive`, `propose_update`, `propose_bulk_move`, `propose_create_column`) in Application layer; EF migration adds `ToolCallMetadataJson` for provenance; orchestrator now serves 11 tools (5 read + 6 write); writes always produce proposals per GP-06; frontend tool-status indicators show write-tool progress via SignalR
+- Double LLM call eliminated (`#672`/`#727`, 2026-04-03): `ChatService` reuses the orchestrator's text response when no tools are called instead of making a second LLM call; halves latency for non-tool chat messages; remaining follow-up items: argument replay (`#673`)
+- MCP server spike (`#619`) completed (2026-04-01): architecture document at `docs/spikes/SPIKE_619_COMPLETED.md`; decided on official MCP C# SDK (`ModelContextProtocol` v1.2.0), embedded in API process with `--mcp` startup flag, stdio transport first (Claude Code/Cursor), 9 resources under `taskdeck://` URI scheme, 9 tools (2 read + 5 write + 2 proposal management, `approve_proposal` intentionally excluded), API key auth (`tdsk_` prefix) for remote HTTP transport, write tools return proposal IDs for review-first compliance; implementation tracker at `#648` with phase issues `#652` (minimal prototype), `#653` (full inventory), `#654` (HTTP + auth), `#655` (production hardening, deferred)
+- MCP minimal prototype delivered (`#652`/`#664`, 2026-04-01): `ModelContextProtocol` NuGet v1.2.0 added; `IUserContextProvider` interface in Application layer with `StdioUserContextProvider` implementation; `BoardResources` class with `[McpServerResource]` for `taskdeck://boards` resource returning compact JSON (id, name, columnCount, cardCount, isArchived, updatedAt); `--mcp` startup flag in `Program.cs` selects stdio host builder skipping web server overhead; 11 integration tests covering shape, archived exclusion, counts, empty results, and multi-user scoping
+- UX feedback wave 3 delivered (2026-04-01): review proposal card UX improved (`#613`/`#665`) — sticky action footer with `position: sticky; bottom: 0` keeps action buttons visible regardless of card content length, cards constrained to `max-height: 70vh` (80vh mobile) with internal scrolling, detail section heights capped at `12rem`
+- GDPR data portability delivered (`#83`/`#666`, 2026-04-01): `DataExportService` exports all user-scoped data as versioned JSON package (boards, notifications, captures, proposals, chat sessions, audit trail, preferences); `AccountDeletionService` with password re-authentication + confirmation phrase safeguard, PII anonymization (username/email/password), `BoardAccess` cleanup, sole-owner guard, transactional rollback on partial failure; `DataPortabilityController` with `[Authorize]` + `[ResponseCache(NoStore = true)]`; PII-free audit logging at request and completion stages; 32 tests; follow-up items: export streaming for large datasets (`#670`); JWT invalidation after deletion delivered (`#671`/`#698`+`#728`)
+- Board metrics dashboard delivered (`#77`/`#667`, 2026-04-01): `BoardMetricsService` computes throughput (audit-log-based card completion), cycle time (creation-to-done via audit), WIP (cards per column), and blocked card count/duration; `MetricsController` with date range, board, and label filters; done column resolved by name heuristic (done/complete/finished/shipped/etc.) with positional fallback; frontend dashboard at `/workspace/metrics` with CSS bar charts, summary cards, tables, board selector, date picker, loading/error/empty states; lazy-loaded route + sidebar nav link; 24 backend + 22 frontend tests; SQL-level filtering follow-up delivered (`#675`/`#724`)
+- GitHub OAuth frontend integration delivered (`#539`/`#668`, 2026-04-01): conditional "Sign in with GitHub" button in LoginView based on `/api/auth/providers` response; OAuth code exchange flow with demo-mode gating, array-safe query param extraction, and awaited URL cleanup; session store action with error handling and toast notifications; open redirect prevention on both backend (`Url.IsLocalUrl`) and frontend (`sanitizeInternalRedirect`); follow-up: distributed auth code store, PKCE, account linking (`#676`)
+- Hardening and UX wave delivered (2026-04-03, PRs `#691`–`#698`): 9 issues resolved across 8 PRs with adversarial review follow-through:
+  - **P1 bug fixed** (`#681`/`#691`): Archive, Activity, Ops, and Access workspace routes no longer silently redirect to Home — feature flags for shipped surfaces now default to `true`; 5 new router guard tests
+  - **Expired proposal handling** (`#678`+`#690`/`#696`): Review no longer presents expired proposals as "Approved, ready to apply"; expired proposals show distinct status badge with dismiss/clear action; client-side expiry detection with 60-second reactive clock covers proposals the housekeeping worker hasn't transitioned yet; 9 new tests
+  - **Chat card ID continuity** (`#677`/`#695`): new `CardIdPrefixResolver` resolves 8-char hex prefixes to full GUIDs via board-scoped prefix matching; wired into `AutomationPlannerService` (6 call sites) and `NaturalLanguageInstructionExtractor`; full GUIDs pass through without DB hits; 15 new tests
+  - **Human-readable proposal diffs** (`#682`/`#697`): `GetProposalDiffAsync` now batch-loads cards and columns (2 queries) and resolves operation targets to names; falls back to raw GUID when resolution fails; frontend diff panel with ARIA label and word-wrapping; 4 new tests
+  - **Dark theme label manager** (`#684`/`#692`): 22 light-theme Tailwind classes replaced with design-token equivalents following ColumnEditModal pattern; 2 new tests
+  - **Chat health banner three-state** (`#679`/`#693`): `verificationStatus` field (`unverified`/`verified`/`failed`) added to health DTO; banner shows amber for configured-but-unverified, green for verified, red for failed; 6 new tests
+  - **OpenAI strict mode + loop detection** (`#674`/`#694`): `strict: true` added to OpenAI tool schemas; SHA256-based loop detection in orchestrator aborts when consecutive rounds have identical tool-call fingerprints (with error-retry bypass for transient failures); 10 new tests
+  - **JWT invalidation after account deletion** (`#671`/`#698`): `TokenInvalidatedAt` field on User entity with EF migration; `TokenValidationMiddleware` checks `IsActive` and compares token `iat` against invalidation timestamp on every authenticated request; `AccountDeletionService` sets invalidation timestamp during deletion; whole-second precision truncation matches JWT `iat` granularity; ADR-0021 documents the design decision; 9 new tests
+- Post-hardening delivery wave (2026-04-03, PRs `#724`–`#731`): 6 issues resolved across 6 PRs:
+  - **SQL-level board metrics filtering** (`#675`/`#724`): `BoardMetricsService` now uses SQL-level filtering via new repository methods (`GetForMetricsAsync`, `CountCardsByColumnAsync`, `GetBlockedByBoardIdAsync`) instead of in-memory filtering; frontend `Math.max(...spread)` replaced with `reduce` for empty-array safety
+  - **Double LLM call elimination** (`#672`/`#727`): `ChatService` reuses the orchestrator's text response when no tools are called, halving latency for non-tool chat messages
+  - **JWT invalidation hardening** (`#671`/`#728`): `ActiveUserValidationMiddleware` checks user active status on every authenticated request with 30-second in-memory cache; cache invalidated on deletion/deactivation
+  - **Expired proposal review UX** (`#678`+`#690`/`#729`): `IsExpired` flag on `ProposalDto`, domain `CanBeDismissed` method, expired proposals rendered distinctly in Review with dismiss action and disabled apply/approve buttons
+  - **Infrastructure repository integration tests** (`#699`/`#730`): 77 new tests across 7 repository classes against real SQLite; found and fixed a real `LlmQueueRepository` ordering bug
+  - **LLM write tools and proposal integration** (`#650`/`#731`): 6 write tool executors (`propose_create`, `propose_move`, `propose_archive`, `propose_update`, `propose_bulk_move`, `propose_create_column`), EF migration for `ToolCallMetadataJson`, orchestrator now serves 11 tools total (5 read + 6 write), frontend tool-status indicators for write operations
+- Security + testing + MCP delivery wave (2026-04-04, PRs `#732`–`#739`): 8 issues resolved across 8 PRs with two rounds of adversarial review:
+  - **SEC-20 ChangePassword identity bypass fixed** (`#722`/`#732`): userId now derived exclusively from JWT claims; `[Authorize]` enforced; `UserId` removed from request body; `AuthController` refactored to inherit `AuthenticatedControllerBase`; 5 new integration tests
+  - **Golden-path integration test** (`#703`/`#735`): 7 tests exercising full capture → triage → proposal → review → board pipeline; validates card title, column placement, provenance chain, multi-operation atomicity, cross-user isolation, audit trail, and triage failure determinism
+  - **Cross-user data isolation tests** (`#704`/`#733`): 38 integration tests across all major API boundaries (boards, columns, cards, captures, proposals, notifications, audit trails, chat sessions, knowledge docs, webhooks, board exports, labels, board access controls); includes shared-board grant/scope/revocation tests; adversarial review caught and fixed 3 false-positive tests and missing precondition assertions
+  - **LlmQueueToProposalWorker integration tests** (`#700`/`#734`): 24 tests covering happy path, empty queue, transient/permanent error, retry/backoff, cancellation, fair-batch interleaving, already-claimed items, and capture triage paths; adversarial review fixed fake repository status-tracking and race condition simulation
+  - **Controller HTTP integration tests** (`#702`/`#738`): 67 tests covering 6 previously-untested controllers (DataPortability, AbuseContainment, Metrics, Search, AgentProfiles, AgentRuns) + 17 new authz regression matrix entries; discovered 2 pre-existing bugs (agent list 500, empty board export); adversarial review fixed weak assertions and resource leaks
+  - **Proposal lifecycle edge cases** (`#708`/`#736`): 74 tests (42 domain + 25 application + 7 api) covering expiry timing boundaries, double-apply prevention, comprehensive state machine violations, dismissal edge cases, operation mutation guards, batch expiry, worker-vs-manual race conditions; adversarial review fixed clock-resolution flakiness and added 5 new edge case tests
+  - **OAuth/auth edge case tests** (`#707`/`#737`): 44 tests covering login/registration edge cases, token validation (malformed/expired/wrong-key/missing-claims), OAuth code exchange, open redirect prevention, middleware enforcement; **found and fixed production bug**: `ExternalLoginAsync` `Substring(0, 50)` overflow for short usernames
+  - **MCP full resource and tool inventory** (`#653`/`#739`): 9 resources under `taskdeck://` URI scheme + 11 tools (2 read + 6 write + 3 proposal management); all write tools produce proposals per GP-06; `approve_proposal` intentionally excluded; 42 MCP-specific tests; **adversarial review found and fixed user-scoping gap** on proposal resources/tools
+- Post-adversarial-review hardening and test expansion wave (2026-04-04, PRs `#741`–`#756`, 9 issues):
+  - **Product telemetry taxonomy** (`#341`/`#741`): `docs/product/TELEMETRY_TAXONOMY.md` defines 35+ named events across 7 categories (Capture, Proposal/Review, Board, Auth, Navigation, Agent, Error) with `noun.verb` naming convention, universal envelope, privacy guardrails (bucketed counts, no PII), and R1/R2/R3 launch gate anchors; telemetry is opt-in and not yet implemented
+  - **Board header presence label fixed** (`#683`/`#744`): `normalizePresenceMembers()` in `BoardView.vue` now replaces current user's SignalR `displayName` with locally-known username, eliminating email/username flip on card open; 3 new tests
+  - **Manual card provenance empty state** (`#680`/`#754`): `cardsApi.getCardProvenance()` now returns null only for "Capture provenance not found" 404s (not all 404s); CardModal shows "No capture provenance available." with `loadedCaptureProvenanceCardId` guard against flash; 4 new tests; adversarial review caught and fixed 3 bugs (overly broad 404 catch, global Axios log-level regression, empty-state flash)
+  - **WIP-limit duplicate toast regression** (`#686`/`#745`): 7 regression tests in `boardStore.wipLimit.spec.ts` guard against future double-toast on WIP limit violations for createCard and moveCard
+  - **Auth-flow toast regression coverage** (`#685`/`#742`): 20 tests in `sessionStore.authToast.spec.ts` covering login/register/OAuth failure and success toast lifecycle, isolation, and auto-removal; adversarial review fixed timer leak, mock isolation, and inverted assertion
+  - **Route and workspace-state stability** (`#687`/`#748`): `authGuard.spec.ts` (auth guard decision table) and `workspaceRouteStability.spec.ts` (mode persistence, hydration drift, resetForLogout) with 16-case exhaustive guard table; also fixed pre-existing `AuthControllerEdgeCaseTests.cs` compile error
+  - **Inbox triage action visibility** (`#688`/`#743`): 21 new tests in `InboxView.spec.ts` covering single-item triage action states and bulk action bar visibility with DOM-level assertions
+  - **Webhook HMAC signature verification** (`#726`/`#750`): 11 tests in `OutboundWebhookHmacDeliveryTests.cs` covering header format, HMAC round-trip, wrong-key rejection, secret rotation, large payload, and timing-safe comparison; adversarial review fixed rotation test and replaced BCL-testing stubs with real domain property tests
+  - **Webhook delivery reliability and SSRF boundary** (`#710`/`#756`): 78 webhook tests across 9 files (endpoint guard, service, signature, delivery worker, HMAC delivery, API, repository, domain delivery, domain subscription); SSRF coverage via `OutboundWebhookEndpointGuardTests` includes private IPv4/IPv6 ranges; delivery reliability covers retry/backoff, dead-letter, concurrent delivery, HMAC at worker boundary; `HttpClient` resource leak fixed in tests
+- Tech-debt, security, and feature hardening wave (2026-04-04, PRs `#765`–`#770`, `#776`, 7 issues, ~32 new backend tests + 33 new frontend tests, two rounds of adversarial review per PR):
+  - **Agent API 500 fix** (`#758`/`#776`): root cause was `DateTimeOffset` ORDER BY failing in SQLite; `AgentProfileRepository` fixed with materialize-then-sort; `AgentRunRepository` upgraded to `IsSqlite()` + `FromSqlInterpolated` pattern for SQL-level ORDER BY + LIMIT; 2 previously-skipped tests un-skipped; round 2 review caught and fixed the load-all-before-limit performance issue in `AgentRunRepository`
+  - **DataExport exception logging** (`#759`/`#766`): `ILogger<T>` added to `DataExportService` and `AccountDeletionService` with `LogError` in previously-silent catch blocks; round 2 review added `OperationCanceledException` filter to avoid monitoring noise and changed rollback to `CancellationToken.None` for reliability; 3 new tests
+  - **Streaming chat token usage** (`#763`/`#768`): `LlmTokenEvent` extended with `TokensUsed`, `Provider`, and `Model` fields; all 3 LLM providers (Mock, OpenAI, Gemini) populate usage on final stream event; `ChatService.StreamResponseAsync` now persists assistant `ChatMessage` with token usage and records quota via `ILlmQuotaService.RecordUsageAsync` (matching non-streaming path); 4 new/updated tests
+  - **EF Core version alignment** (`#760`/`#767`): downgraded `Microsoft.EntityFrameworkCore`, `.Sqlite`, `.Design`, and `.Tools` from 9.0.14 to 8.0.14 across Infrastructure and Api projects; removed EF9-only `PendingModelChangesWarning` suppression; replaced stale `Microsoft.AspNetCore.Http` 2.3.9 with `FrameworkReference Include="Microsoft.AspNetCore.App"`; round 2 review added `PrivateAssets="all"` to Design package; migration snapshot `ProductVersion: "9.0.14"` is metadata-only, self-corrects on next migration
+  - **Frontend HTTP interceptor and auth guard tests** (`#725`/`#765`): 33 new tests across 2 files — `http.spec.ts` (19 tests: token injection, 401 handling, demo mode, X-Request-Id, error propagation) and `routerIntegration.spec.ts` (14 tests: auth guards, feature flags, legacy redirects, expired token handling); `axios-mock-adapter` added as dev dependency; round 2 review fixed CI-breaking ESLint `no-import-assign` with `vi.hoisted` pattern, `window.location` restoration leak, and inaccurate docstring
+  - **OAuth token lifecycle tests** (`#723`/`#769`): 19 integration tests covering auth code store (valid exchange, expiry, replay prevention, concurrent atomicity, cleanup), JWT lifecycle (expiry, wrong key, garbage token, deactivated user, re-issue after password change), SignalR query-string auth (3 tests), and GitHub OAuth config (2 tests); round 2 review fixed redundant ternary, `HttpClient` resource leak in concurrent test, misleading SignalR test names, and weak string-contains assertion
+  - **Tool argument replay** (`#673`/`#770`): `Arguments` field (`JsonElement`) added to `ToolCallResult` with backward-compatible default; orchestrator passes original arguments through; OpenAI uses `GetRawText()` and Gemini uses inline `Arguments` object in synthetic replay messages instead of hardcoded `"{}"` / `new { }`; falls back to empty when `ValueKind == Undefined`; `GeminiLlmProvider.BuildToolCallingPayload` promoted to `internal` for testability; 6 new tests
+
+- Dependency hygiene, accessibility, tool-calling refinements, streaming, and test coverage wave (2026-04-04, PRs `#771`–`#779`, 8 issues, ~258 new tests with two rounds of adversarial review per PR):
+  - **Vendored dependency cleanup** (`#761`/`#771`): removed `vendor/ws-7.5.10.tgz` file and orphaned Dockerfile `COPY vendor/` line; `ws` now resolves from npm registry as `^7.5.10`; no-op `p-limit@3.0.2` override removed; adversarial review caught stale STATUS.md and MASTERPLAN docs references and updated them
+  - **Accessibility lint: 105 warnings → 0** (`#762`/`#779`): form label associations (`for`/`id` pairs, `aria-label`), keyboard event companions for click handlers, `role="dialog"` + `aria-modal` + Escape handler on modal backdrops, redundant-role removals; `--max-warnings 20` CI threshold enforced; adversarial review found and fixed 2 CI regressions: `TdTooltip.vue` Vue-Fragment breakage (9 failing tests) and invalid `tabindex="-1"` on `role="option"` items; 2 non-blocking ARIA follow-up items filed
+  - **Tool-calling Phase 3 refinements** (`#651`/`#773`): `LlmToolCallingSettings` DI singleton with `Enabled` (default `true`) and `MaxToolResultBytes` (default 8 000) config keys; `ChatService` bypasses orchestrator when disabled; `TruncateToolResult` enforces UTF-8 byte budget via binary search with zero heap allocations in the search loop; cost tracking DI wiring completed; 17 new tests; adversarial review caught byte-budget contract violation when `maxBytes < marker length` and replaced O(n) loop with correct binary search
+  - **Export streaming for large datasets** (`#670`/`#774`): new `GET /api/account/export/stream` endpoint streams JSON response body via `Utf8JsonWriter` — memory usage is constant regardless of dataset size; N+1 chat-message count query fixed with `CountBySessionIdsAsync` (single GROUP BY query, 500-session windows to respect SQLite 999-param limit); backward-compatible with original `/export` endpoint; 15 tests; adversarial review caught `ToErrorActionResult()` crash when called after `Response.HasStarted`; streaming HTTP 200 partial-response limitation documented in controller comment
+  - **Frontend view vitest coverage** (`#716`/`#775`): 83 new tests for 6 previously-untested views (LoginView, RegisterView, BoardsListView, ExportImportView, SavedViewsView, DevToolsView) with DOM-level assertions for loading/error/empty states, user interactions, and form validation; adversarial review fixed 3 ESLint errors (CI blocker: unused vars, invalid `[key]` selector) and added 3 missing OAuth callback path tests
+  - **Pinia store integration tests** (`#711`/`#777`): 91 new tests across 6 stores (boardStore, captureStore, workspaceStore, queueStore, notificationStore, sessionStore) mocking HTTP layer rather than API modules, exercising real API client code; covers boardStore auto-switch regression (`#509`), queueStore data isolation (`#508`); adversarial review fixed fake timer leak, unreliable microtask drain, and 4 `as never[]`/`as never` type bypasses defeating integration test value
+  - **Resilience and degraded-mode tests** (`#720`/`#778`): 34 new tests (18 backend + 16 frontend) covering ChatService LLM provider failure/fallback, worker crash/retry/cancellation/max-retries, frontend store error states, SignalR reconnect polling fallback; adversarial review fixed unused import (CI blocker), double-invocation anti-pattern, and 150ms timing race widened to 500ms
+  - **E2E error state expansion** (`#712`/`#772`): 25 new Playwright scenarios across 3 spec files (`error-recovery.spec.ts`, `multi-board.spec.ts`, `edge-journeys.spec.ts`) using `page.route()` for deterministic error injection without live backend dependency; adversarial review fixed unused import (CI blocker), route glob missing query-param suffix, 3 vacuous soft-assertion blocks replaced with unconditional assertions
+
+- Feature, analytics, MCP, chat, testing, and UX expansion wave (2026-04-08, PRs `#787`–`#793`, 7 issues, ~390+ new tests with two rounds of adversarial review per PR):
+  - **Exportable analytics CSV** (`#78`/`#787`): `MetricsExportService` with schema-versioned CSV export, CSV injection protection (leading-char and embedded-newline sanitization), UTF-8 BOM for Excel compatibility; `GET /api/metrics/boards/{boardId}/export` endpoint with date range/label filters and `Content-Disposition` attachment header; frontend "Export CSV" button in MetricsView with error toast; `ADR-0022` defers PDF export; 29 tests (21 unit + 8 integration); adversarial review caught and fixed embedded-newline injection vector (HIGH), missing CancellationToken forwarding, and silent frontend error swallowing
+  - **Forecasting and capacity-planning service** (`#79`/`#790`): `ForecastingService` with rolling-average throughput from audit log card-move events, standard-deviation confidence bands (optimistic/expected/pessimistic), average cycle time from creation-to-done; `GET /api/forecast/board/{boardId}` endpoint with documented assumptions and data-point count; frontend forecast section in MetricsView showing estimated completion, confidence range, and caveats; 32 tests; adversarial review caught and fixed throughput double-counting when cards bounce Done→InProgress→Done (HIGH), history-window calculation using wrong denominator, and regex compiled fresh on every call
+  - **MCP HTTP transport and API key authentication** (`#654`/`#792`): `ApiKey` domain entity with `tdsk_` prefix and SHA-256 hashing at rest; EF Core migration for `ApiKeys` table with unique `KeyHash` index; `ApiKeyMiddleware` for Bearer token validation on `/mcp` path; `HttpUserContextProvider` maps API key → user for claims-first identity; `ApiKeysController` REST endpoints (create/list/revoke) with JWT auth; `MapMcp()` HTTP transport alongside REST endpoints via `ModelContextProtocol.AspNetCore`; rate limiting per API key (60 req/60s); 31 tests (11 domain + 20 integration); adversarial review caught and fixed key-existence oracle via differentiated error messages (MEDIUM), modulo bias in key generation, and bare catch block
+  - **Conversational refinement loop** (`#576`/`#791`): `ClarificationDetector` with strong/weak signal pattern split for ambiguity detection, max 2 clarification rounds before best-effort, skip-phrase detection ("just do your best"); `ChatService` integration tracking clarification state and injecting system prompt guidance; Mock provider simulates clarification for deterministic testing; frontend clarification badge and "Skip, just do your best" button in AutomationChatView; 41 tests (22 detector + 7 service + 6 false-positive regression + domain); adversarial review caught and fixed false-positive heuristic classifying normal LLM responses as clarification (HIGH)
   - **Concurrency and race condition stress tests** (`#705`/`#793`): 13 stress tests in `ConcurrencyRaceConditionStressTests.cs` covering queue claim races (double-triage, stale timestamp, batch concurrent), card update conflicts (concurrent moves, stale-write 409, last-writer-wins), column reorder race, proposal approval races (double-approve, approve+reject, double-execute), rate limiting under load (burst beyond limit, cross-user isolation), and multi-user board stress; uses `SemaphoreSlim` barriers with `WaitAsync` for true simultaneity and separate `HttpClient` per task; SQLite write serialization limitations documented; proposal decision losers now return `409 Conflict` via proposal `UpdatedAt` optimistic concurrency; adversarial review fixed misleading doc comments, tightened weak assertions, and replaced non-thread-safe variables with `ConcurrentDictionary`
-  - **Property-based and adversarial input tests** (`#717`/`#789`): 211 tests across 5 files — 77 FsCheck domain entity tests (adversarial strings: unicode, null bytes, BOM, ZWSP, RTL override, surrogate pairs, XSS, SQL injection; boundary lengths; GUID/position validation), 29 JSON serialization round-trip fuzz tests (GUID format variations, DateTime boundaries, malformed JSON, large payloads), 80 API adversarial integration tests (no 500s from any adversarial input across board/card/column/capture/auth/search endpoints, malformed JSON, wrong content types, concurrent adversarial requests), 16 fast-check frontend input sanitization property tests, 9 store resilience property tests; `fast-check` added as frontend dev dependency; adversarial review fixed capture payload round-trip testing wrong DTO and null handling inconsistency in FsCheck generators
-  - **Inbox premium primitives** (`#249`/`#788`): `InboxView.vue` reworked to use shared UI primitive components — `TdSkeleton` for loading states, `TdInlineAlert` for errors, `TdEmptyState` for empty list, `TdBadge` for status chips, `TdSpinner` for detail refresh; ~65 lines of redundant CSS removed; 7 new vitest tests; adversarial review fixed skeleton screen reader announcements (added `role="status"` and sr-only labels) and redundant `role="alert"` nesting
-- Ephemeral integration databases via Testcontainers (`#91`): `Taskdeck.Integration.Tests` project with `Testcontainers.PostgreSql` and `Npgsql.EntityFrameworkCore.PostgreSQL` packages; `PostgresContainerFixture` manages a shared ephemeral PostgreSQL container per xUnit collection; each test method gets its own isolated database (no cross-test contamination); schema created via `EnsureCreated()` from the EF Core model for PostgreSQL provider parity; 20 integration tests across 7 test classes covering Board CRUD, Card operations, Proposal lifecycle, per-test isolation verification, and sequential operation validation; CI workflow at `reusable-container-integration.yml` in ci-extended lane (label: testing); guide at `docs/testing/TESTCONTAINERS_GUIDE.md`
-
-- Mutation testing pilot now delivered (`#90`): Stryker.NET targeting `Taskdeck.Domain` (backend) and Stryker JS targeting `captureStore`/`boardStore` (frontend); non-blocking weekly CI lane (`.github/workflows/mutation-testing.yml`); policy and triage guidance at `docs/testing/MUTATION_TESTING_POLICY.md`; 60% low / 80% high thresholds with 0% break (triage signal, not enforcement gate); scope expansion roadmap covers Application layer and additional frontend stores
-
-- SQLite-to-PostgreSQL production migration strategy delivered (`#84`): ADR-0023 documents PostgreSQL as the production target while explicitly noting the runtime remains SQLite-only today; migration runbook at `docs/platform/SQLITE_TO_POSTGRES_MIGRATION_RUNBOOK.md` now captures the real blockers (missing runtime provider switch, SQLite-only FTS migration SQL) and the full table-verification scope, including `ApiKeys`; 20 SQLite-backed provider-compatibility baseline tests in `DatabaseProviderCompatibilityTests` document the persistence behaviors PostgreSQL support must preserve, including the known SQLite `DateTimeOffset` ORDER BY limitation and batch-insert sanity coverage
-
-Target experience metrics for the capture direction:
-- capture action to saved artifact should feel under 10 seconds in normal use
-- capture artifact to reviewed/applicable proposal should be achievable inside a ~60-second loop
-
-Direction guardrails (explicit):
-- no silent/destructive automation by default
-- keep proposal-first review gate for board mutations driven by capture triage
-- preserve claims-first identity and stable error-contract behavior while expanding surface area
-
-## Current Implementation Snapshot
-
-### Backend
-
-- Architecture: Clean Architecture (`Domain`, `Application`, `Infrastructure`, `Api`)
-- Persistence: EF Core 8.0.14 + SQLite (aligned to net8.0 TFM as of `#760`/`#767`)
-- Core controllers: boards, columns, cards, labels
-- Extended controllers: auth, users, board-access, audit, export/import, external-imports, llm-queue, automation proposals, archive, chat, notifications, ops-cli, logs, health, starter-packs, search, metrics, data-portability, note-import, telemetry, api-keys, forecast
-- Worker runtime:
-  - `LlmQueueToProposalWorker`
-  - `ProposalHousekeepingWorker`
-  - `WorkerHeartbeatRegistry` (used by `/health/ready`)
-- Cross-cutting API consistency:
-  - `ApiErrorResponse` contract for stable error payload shape (`errorCode`, `message`)
-  - `ResultExtensions` mapping for domain/app errors to HTTP statuses
-  - JWT challenge/forbidden handlers return `ApiErrorResponse` payloads for middleware-level `401/403` responses
-  - `AuthenticatedControllerBase` for claim extraction and authenticated-user guardrails
-  - request correlation middleware (`X-Request-Id`) with response echo and log scope propagation
-  - development CORS origin policy keeps localhost defaults (`http://localhost:5173`, `http://localhost:5174`), adds fallback localhost dev ports (`http://localhost:4173`, `http://localhost:5001`), and supports additive `Cors:DevelopmentAllowedOrigins` config overrides
-- Implemented automation stack:
-  - `AutomationProposalService`, `AutomationPlannerService`, `AutomationPolicyEngine`, `AutomationExecutorService` (decomposed into `OperationParameterParser`, `ExecutionAuditRecorder`, `OperationHandlerRegistry`)
-  - `ArchiveRecoveryService` (decomposed into `ArchiveConflictDetector`, `RestorePlanner`, `RestoreExecutor`)
-  - `StarterPackManifestValidator` decomposed into `StarterPackSchemaValidator`, `StarterPackSemanticValidator`, `StarterPackConflictDetector`, `StarterPackIdempotencyChecker`
-  - `AbuseDetectionService` with `AbuseActor`/`AbuseEvent` domain entities and a 4-state containment model (Observe → Suspicious → Restricted → Blocked); operator kill-switch API groundwork for SEC-18
-  - agent tool registry substrate (AGT-02): `ITaskdeckTool`/`ITaskdeckToolRegistry` domain interfaces with `ToolScope`/`ToolRiskLevel` classification, `PolicyDecision` value object, `AgentPolicyEvaluator` (allowlist + risk-level gating, review-first default), `InboxTriageAssistant` bounded template (proposal-only, never direct board mutation), singleton registry with scoped evaluation
-  - `ChatService` + deterministic `ILlmProvider` selection policy (`Mock` default; `OpenAI`/`Gemini` behind explicit gates with config validation fallback); `ToolCallingChatOrchestrator` wraps `ChatService` for board-scoped sessions with multi-turn tool-calling loop (11 tools: 5 read + 6 write, max 5 rounds, 60s timeout, Mock pattern-based dispatch); write tools produce proposals via `propose_*` prefix (GP-06 compliant); `ChatService` reuses orchestrator text when no tools called to avoid double LLM invocation; streaming responses now persist assistant `ChatMessage` records with token usage and record quota via `ILlmQuotaService` (`#763`/`#768`); multi-turn replay preserves original tool arguments in provider-specific wire format (`#673`/`#770`); **conversational refinement loop** (`#576`/`#791`): `ClarificationDetector` with strong/weak signal pattern split detects ambiguous requests and asks clarifying questions (max 2 rounds, then best-effort); skip-phrase detection supports "just do your best"; Mock provider simulates clarification for deterministic testing
-  - `DataExportService` (versioned JSON export of all user-scoped data; streaming export via new `GET /api/account/export/stream` endpoint using `Utf8JsonWriter` for memory-constant large-dataset exports — `#670`/`#774`; exception logging via `ILogger` with `OperationCanceledException` filter, `#759`/`#766`) + `AccountDeletionService` (password re-auth, confirmation phrase, PII anonymization, sole-owner guard, transactional rollback with `CancellationToken.None` for rollback reliability) + `DataPortabilityController` with audit logging
-  - `BoardMetricsService` (throughput, cycle time, WIP, blocked — audit-log-based completion tracking, done column name heuristic, SQL-level filtering via dedicated repository methods) + `MetricsController` with date/board/label filters + `MetricsExportService` for schema-versioned CSV export with CSV injection protection (`#78`/`#787`)
-  - `ForecastingService` (heuristic completion forecasting using rolling-average throughput from audit log card-move events, standard-deviation confidence bands, cycle time tracking) + `ForecastController` with `GET /api/forecast/board/{boardId}` endpoint (`#79`/`#790`)
-  - MCP server: `ModelContextProtocol` v1.2.0 with full resource and tool inventory (`#653`/`#739`); 9 resources under `taskdeck://` URI scheme (boards, board detail, columns, cards, card detail, captures, proposals, board labels); 11 tools (2 read: `search_cards`, `get_board_summary`; 6 write: `create_card`, `move_card`, `update_card`, `archive_card`, `create_capture`, `create_column` — all produce proposals per GP-06; 3 proposal management: `get_proposal_status`, `list_proposals`, `dismiss_proposal`; `approve_proposal` intentionally excluded); `--mcp` startup flag for stdio transport; `StdioUserContextProvider` for local user mapping; user-scoped proposal access enforced; **MCP HTTP transport** (`#654`/`#792`): `ModelContextProtocol.AspNetCore` adds `MapMcp()` HTTP endpoint alongside REST routes; `ApiKey` entity with `tdsk_` prefix and SHA-256 hashing at rest; `ApiKeyMiddleware` validates Bearer tokens on `/mcp` path; `HttpUserContextProvider` maps API key → user identity; REST key management (create/list/revoke); rate limiting per API key (60 req/60s)
-  - `NotificationService` with per-user preference filtering and deduplication safeguards
-  - outbound webhook integration baseline: board-scoped webhook subscriptions (endpoint + event filters + secret rotation/revocation), mutation-event delivery queueing, and signed delivery worker retries/dead-letter transitions
-  - `OpsCliService` + `LogQueryService`
-  - `StarterPackManifestValidator` + `StarterPackApplyService` (idempotent apply with dry-run conflict reporting)
-  - SignalR realtime baseline: `BoardsHub` with board-scoped subscription authz and application-level board mutation event publishing; **scale-out readiness** (`#105`/ADR-0023): conditional Redis backplane via `Microsoft.AspNetCore.SignalR.StackExchangeRedis` 8.0.25 — enabled when `SignalR:Redis:ConnectionString` is configured, falls back to in-memory when absent; `RedisBackplaneHealthCheck` reports NotConfigured/Healthy/Unhealthy in `/health/ready`; operational runbook at `docs/platform/SIGNALR_SCALEOUT_RUNBOOK.md`
-  - OpenTelemetry baseline for API + worker metrics/traces with configurable OTLP/console exporters
-  - security logging redaction baseline for capture/auth-sensitive flows: sanitized exception summaries in middleware/workers/providers, generic invalid-source errors, redacted persisted queue/webhook failure messages, and disabled automatic ASP.NET Core trace exception recording
-- Auth posture today:
-  - JWT middleware is wired
-  - `ActiveUserValidationMiddleware` checks user active status on every authenticated request (30-second in-memory cache, invalidated on deletion/deactivation); tokens issued before account deletion/deactivation are rejected even if JWT is unexpired
-  - `[Authorize]` currently enforced on boards, columns, cards, labels, export/import, audit, llm-queue, board-access, users, chat, notifications, automation-proposals, archive, ops-cli, and logs controllers
-  - GitHub OAuth login (`CLD-03`): environment-gated OAuth middleware activates only when `GitHubOAuth:ClientId` and `GitHubOAuth:ClientSecret` are configured; `ExternalLogin` entity links GitHub accounts to users without auto-linking by email (prevents account takeover); OAuth callback uses short-lived single-use authorization codes (now DB-backed with atomic consumption, replacing in-memory `ConcurrentDictionary`); PKCE enabled via `UsePkce = true`; account linking endpoints allow existing users to link/unlink GitHub identity from settings; frontend LoginView conditionally shows "Sign in with GitHub" button based on `/api/auth/providers` response; full test coverage in Domain, Application, and frontend layers
-  - OIDC/SSO integration (`SEC-07`): config-gated pluggable OIDC provider support (Microsoft Entra ID, Google, generic OIDC) via `IOidcProviderFactory`; OIDC login/callback/exchange with open-redirect protection; cross-provider identity isolation (`provider + providerUserId` unique key); no auto-linking by email; disabled by default
-  - TOTP MFA (`SEC-07`): optional MFA via `MfaPolicy` configuration; TOTP setup with QR URI and 8 bcrypt-hashed recovery codes; constant-time comparison; replay protection; `MfaChallengeModal` gates sensitive actions when policy requires
-
-### Frontend
-
-- Stack: Vue 3 + TypeScript + Pinia + Vue Router + Vite
-- Workspace routes include:
-  - home
-  - boards
-  - activity
-  - review
-  - automation queue/chat (advanced)
-  - notifications (inbox + read-state actions)
-  - ops (cli/endpoints/logs)
-  - metrics (board throughput, cycle time, WIP, blocked trends, CSV export, heuristic forecasting with confidence bands)
-  - calendar (monthly grid + timeline modes for due-date cards with overdue/blocked indicators)
-  - agents (agent profiles, runs, run-detail timeline — visible in agent workspace mode only)
-  - settings (profile/preferences/access/export-import/linked-accounts/mfa-setup/telemetry-consent)
-  - archive
-- Current navigation is now partially product-shaped:
-  - `Home` is the default landing route, backed by persisted `guided` / `workbench` / `agent` workspace modes and a product-shaped workspace summary API
-  - `Today` is now shipped as the daily agenda route, while `Agents`, `Runs`, `Knowledge`, and `Integrations` remain planned but not shipped
-  - a static frontend-only UI mock now exists at `frontend/taskdeck-web/public/mock/` for lightweight GitHub Pages-style walkthroughs of the current `Home` / `Today` / `Review` / `Inbox` / `Board` feel using local example data only, and GitHub Pages now deploys that folder through a dedicated Actions workflow instead of the old branch-based `main` + `/docs` path
-- Feature slices integrated end to end:
-  - workspace home summary shell with server-backed workspace mode persistence
-  - workspace `Today` agenda with persisted onboarding state, replay/dismiss controls, and first-use board setup shortcuts
-  - canonical review-first proposal routing/approve/reject/execute and diff viewing with readable proposal presentation cards
-  - board-centered action rail and board-aware deep links across board, inbox, review, chat, notifications, and capture provenance flows
-  - dismissible contextual help callouts across `Home`, `Today`, `Review`, `Inbox`, board action flow, and selector-heavy activity guidance, with per-surface replay/dismiss persistence
-  - audience-first docs/help-center stack aligned to the shipped `Home` / `Today` / `Inbox` / `Review` / `Boards` shell, with root entry docs, chaptered manual guidance, workflow recipes, FAQ coverage, and troubleshooting guidance
-  - chat session flow with selector-safe board context and review handoff
-  - ops template execution and log querying with route-aware tab defaults
-  - archive listing and restore operations
-  - notification inbox and per-user notification preference controls
-  - board realtime subscription lifecycle (SignalR join/leave/reconnect with polling fallback)
-  - batch triage and suggestion editing for inbox artifacts
-  - keyboard card movement (Alt+Arrow) and move-to action menu on cards
-- Storybook baseline: Storybook 10.3.5 with stories for all 17 Td* primitives; `npm run storybook` (dev :6006) and `npm run storybook:build` scripts
-- Note-style import: markdown file upload (heading-based section splitting) and web clip paste intake tabs in ExportImportView; all content routes through capture pipeline
-- OIDC login buttons: config-gated SSO buttons on LoginView for configured OIDC providers
-- Error tracking: config-gated Sentry browser SDK, Plausible/Umami analytics script injection, telemetry consent UI in settings
-- Cross-cutting UI infrastructure:
-  - command palette with global search (Ctrl+K): live cross-board search for boards and cards via `/api/search`, with 200ms debounced queries, abort-on-supersede, and keyboard-first grouped results navigation
-  - feature flags, correlation IDs, toasts, keyboard shortcuts
-  - shared UI primitives foundation (UI-02): 15 TdButton/TdInput/TdDialog/TdDropdown/TdTooltip/TdBadge/etc. primitives built on Reka UI via shadcn-vue ownership model with WAI-ARIA keyboard foundation; stack decision documented in `docs/analysis/ui-primitive-stack-decision-spike.md`
-  - appshell premium reskin: shell sidebar, topbar, command palette, and keyboard help components now use `--td-*` design token system with focus-visible accessibility rings and glass morphism effects
-  - board/card surface polish: board canvas, toolbar, action rail, column lanes, and card components now use design-token-based styling with standardized interactive states and accessibility focus rings
-  - centralized JWT token storage abstraction (`utils/tokenStorage.ts`) with base64url + JSON payload validation, `isValidJwtStructure` guard, and `clearAll` helper; session-token storage ADR at `docs/analysis/session-token-storage-adr.md`
-  - CSP hardening: removed `unsafe-inline` from `script-src` in security headers middleware; OWASP baseline doc updated
-  - performance instrumentation composable (`usePerformanceMark`) with `PERF_BUDGETS` constants; 7 latency thresholds documented in `docs/PERFORMANCE_BUDGETS.md`; 16 workspace route views converted to lazy `() => import()` for initial bundle reduction
-  - WCAG 2.1 AA accessibility baseline: skip-to-content link, `sr-only` utility, `eslint-plugin-vuejs-accessibility` rules, ARIA landmarks and roles across HomeView/TodayView/ReviewView/InboxView/CaptureModal/ToastContainer/BoardView, and Playwright axe-core E2E regression for 6 core views
-  - PWA/offline client readiness (`#95`): `vite-plugin-pwa` configured with Workbox `generateSW` (84 precached app shell entries), runtime caching (NetworkFirst for API, CacheFirst for static assets, StaleWhileRevalidate for fonts), SPA navigateFallback for offline deep links; `useOnlineStatus` composable with reactive connectivity tracking; `OfflineBanner` component with ARIA live region; `SwUpdatePrompt` component for user-controlled SW updates; manifest with correct installability criteria (separate `any`/`maskable` icon purposes); offline behavior documented in `docs/platform/PWA_OFFLINE_BEHAVIOR.md`
-- Large view decompositions (hotspot refactor wave):
-  - `ActivityView.vue` decomposed from ~735 → ~117 lines via `useActivityQuery` composable + `ActivitySelector` + `ActivityResults` components
-  - `BoardView.vue` decomposed from ~771 → ~270 lines via `useBoardDragDrop` + `useBoardKeyboardNav` composables + `BoardToolbar` + `BoardActionRail` + `BoardCanvas` + `BoardDialogHost` components
-- Demo baseline (migration batches A + B + C + D + E delivered):
-  - `frontend/taskdeck-web/scripts/demo-seed.mjs` + `npm run demo:seed` for first-run seeded workspace generation, now bounded on reruns so canonical seeded captures, queue samples, chat evidence, comments, and Ops logs are reused instead of appended indefinitely
-  - `frontend/taskdeck-web/scripts/demo-lib.mjs`, `frontend/taskdeck-web/scripts/demo-run.mjs`, `frontend/taskdeck-web/scripts/demo-autopilot.mjs`, `frontend/taskdeck-web/scripts/scenario-json-runner.mjs`, `frontend/taskdeck-web/scripts/scenarios-json/*`, and `frontend/taskdeck-web/scripts/scenarios/*` (compatibility path) for reusable scripted scenario/autopilot harness flows
-  - `frontend/taskdeck-web/scripts/demo-director.mjs` + `frontend/taskdeck-web/scripts/demo-snapshot.mjs` with `npm run demo:director` and `npm run demo:snapshot` for one-command orchestration and artifact capture (`run-summary.json`, `trace.ndjson`, `snapshot.json`, screenshots, logs)
-  - `frontend/taskdeck-web/scripts/demo-director-presets.mjs` for named preset scenarios (happy-path-capture, review-approve-flow, error-recovery-demo, soak-baseline) with override merging and runtime registration
-  - `frontend/taskdeck-web/scripts/demo-trace-assertions.mjs` for exact and structural trace comparison plus step ordering and error detection assertions
-  - `frontend/taskdeck-web/scripts/demo-report-html.mjs` for self-contained HTML report generation with inline styles, trace tables, pass/fail badges, and embedded base64 screenshots
-  - `frontend/taskdeck-web/scripts/demo-soak.mjs` for long-run director scenario loops with configurable iteration counts, cooldown, and cumulative metrics tracking
-  - full Playwright-backed demos now auto-enable a live LLM provider when LLM steps are enabled and usable demo keys are present, preferring Gemini by default for long/manual runs while preserving explicit mock opt-out
-  - non-demo Playwright backend startup now stays pinned to deterministic `Mock` mode by default even when local shell env exports live-provider keys; demo-only overrides still take precedence when explicitly enabled
-  - when demo-specific live-provider overrides need to be injected, Playwright now disables existing-server reuse by default so full demos do not silently stick to an older mock backend unless the operator explicitly forces reuse
-  - `frontend/taskdeck-web/package.json` now includes `npm run demo:director:smoke` for deterministic, LLM-free regression proof with stable artifact output (`demo-artifacts/ci-smoke`), isolated smoke DB reset (`taskdeck.demo.ci.db`), forced fresh Playwright servers, automatic local API port fallback when `5000` is occupied, and actionable conflict hints when explicit runtime port overrides cannot bind
-  - `docs/product/DEMO_PLAYBOOK.md`, `docs/product/SCENARIOS.md`, `docs/product/DOGFOODING_GUIDE.md`, and `docs/USER_MANUAL.md` for seeded stakeholder walkthrough, JSON scenario authoring/runner usage, daily dogfooding cadence, and user-facing operations guidance
-  - `demo/http/taskdeck-demo.http` for local API walkthrough against the dev backend
-  - opt-in stakeholder walkthrough recorder spec: `frontend/taskdeck-web/tests/e2e/stakeholder-demo.spec.ts` (gated by `TASKDECK_RUN_DEMO=1`) with director-mode bootstrap via `TASKDECK_DEMO_DIRECTOR=1`, scenario-aware board selection, explicit-board override alignment with autopilot targeting, UI-driven feature-flag enabling for advanced surfaces, and mandatory seeded-card presence checks
-  - scenario runner and legacy JS compatibility checks now fail loudly on unresolved template references, missing starter-pack labels, ambiguous duplicate column/label names, and unknown scenario IDs so demo/test setup does not degrade into half-valid state
-  - `demo:director` now validates its own flags before Playwright passthrough (`--` required for forwarded args) so malformed option usage fails fast instead of silently drifting into partial demo state
-  - required Playwright CI lanes explicitly pin `TASKDECK_RUN_DEMO=0`; opt-in demo smoke is exposed in `ci-extended.yml` via the reusable `demo-director-smoke` workflow for PRs that touch `.github/workflows/**`, `backend/**`, `frontend/**`, `deploy/**`, or `scripts/**`, or through manual dispatch
-  - autopilot loop controls now cover queue/capture/mixed paths with capture-triage flags for inbox-flow demonstration
-  - autopilot deterministic replay supports `--rng-seed` (with `--seed` backward compatibility) and emits trace events for artifact summarization
-  - JSON scenarios now support `runOps` steps for seeded Ops evidence inside scenario runs
-  - advanced/diagnostic nav surfaces now default off via feature flags (`Activity`, `Ops`, `Access`, `Archive`)
-  - `Automations` nav now defaults to proposals review path instead of queue path
-  - queue composer now defaults to instruction-first request type with guided helper text and board-context guardrails for board-scoped instructions
-  - Automation Chat now exposes explicit provider-health truth (`/api/llm/chat/health`) so operators and tests can see whether the surface is using a live provider, mock provider, or a degraded/unavailable path; `?probe=true` sends a minimal completion to verify reachability; degraded responses now carry `messageType: "degraded"` with `degradedReason` instead of embedding failure text in normal response content
-  - opt-in live-provider chat verification now exists at `frontend/taskdeck-web/tests/e2e/live-llm.spec.ts` (gated by `TASKDECK_RUN_LIVE_LLM_TESTS=1`), with headed local entry points in `npm run test:e2e:audit:headed` and `npm run test:e2e:live-llm:headed`
-- Shared maintainability utilities:
-  - `buildQueryString` for API query construction across filter-driven endpoints
-  - `getErrorMessage` for consistent API/store error extraction
-
-## Platform Expansion Wave (2026-04-09, PRs `#796`–`#805`, 10 issues)
-
-Ten parallel worktree agents delivered platform hardening, testing infrastructure, ops documentation, and PWA readiness across 10 PRs with two rounds of adversarial review per PR. All CRITICAL and HIGH findings were resolved.
-
-**Architecture & Platform:**
-- **PLAT-01 SQLite-to-PostgreSQL migration strategy** (`#84`/`#801`): ADR-0023 recommends PostgreSQL as the production target, but the runtime/provider switch remains follow-up implementation work; migration runbook at `docs/platform/SQLITE_TO_POSTGRES_MIGRATION_RUNBOOK.md` now accurately documents the current blockers, least-privilege provisioning, dependency-ordered export/import, and full verification scope; `DatabaseProviderCompatibilityTests.cs` is a SQLite-backed compatibility baseline covering CRUD, DateTimeOffset, GUID, collation, Unicode, and batch-insert persistence semantics
-- **PLAT-02 Distributed caching** (`#85`/`#805`): ADR-0024 documents cache-aside pattern; `ICacheService` interface in Application layer; `InMemoryCacheService` (ConcurrentDictionary + sweep timer + 10K cap), `RedisCacheService` (lazy reconnect, safe degradation), `NoOpCacheService`; board list caching with 60s TTL and write-through invalidation; `CacheSettings` config binding; 32 tests; adversarial review removed stale board-detail cache (columns mutated by non-cache-aware services), fixed permanent Redis disable on transient failure, added eviction and timer safety
-- **PLAT-03 SignalR scale-out** (`#105`/`#803`): ADR-0025 documents Redis backplane strategy; conditional `AddTaskdeckSignalR` extension with `SignalR:Redis:ConnectionString` toggle; `RedisBackplaneHealthCheck` with 30s cache and three-state reporting (NotConfigured/Healthy/Unhealthy); runbook at `docs/platform/SIGNALR_SCALEOUT_RUNBOOK.md`; 14 tests; adversarial review replaced per-probe ConnectionMultiplexer with singleton lazy connection, fixed thread-unsafe cache fields, corrected ADR Degraded/Unhealthy mismatch
-
-**Testing Infrastructure:**
-- **TST-02 Cross-browser E2E matrix** (`#87`/`#800`): Playwright config expanded with Firefox, WebKit, mobile-chrome (Pixel 7), mobile-safari (iPhone 14) projects; `@smoke`/`@cross-browser`/`@mobile`/`@quarantine` tagging strategy; 5 cross-browser + 4 mobile viewport tests with shared `boardUiHelpers.ts`; `reusable-e2e-cross-browser.yml` wired into nightly/extended CI; flaky test policy at `docs/testing/FLAKY_TEST_POLICY.md`; adversarial review fixed CI gate timeout, extracted duplicated helpers, removed conditional assertions
-- **TST-03 Visual regression harness** (`#88`/`#797`): Playwright visual comparison via `toHaveScreenshot()` with dedicated `playwright.visual.config.ts` (1280x720, animations disabled, 0.5% threshold); 7 visual tests across board, command palette, archive, inbox, home views; `reusable-visual-regression.yml` with diff artifact upload; policy at `docs/testing/VISUAL_REGRESSION_POLICY.md`; adversarial review fixed wrong command palette placeholder (would fail all palette tests), double `.png.png` extensions, added CI baseline generation
-- **TST-05 Mutation testing pilot** (`#90`/`#796`): Stryker.NET config targeting `Taskdeck.Domain` (60/80/0 thresholds); frontend Stryker JS config targeting `captureStore`/`boardStore` + board submodules (~1400 lines) with vitest runner; `mutation-testing.yml` weekly schedule + manual dispatch (non-blocking); policy at `docs/testing/MUTATION_TESTING_POLICY.md`; adversarial review removed broken schema URL, invalid config properties, fixed CI shellcheck violations, corrected concurrency over-subscription
-- **TST-06 Ephemeral DBs via Testcontainers** (`#91`/`#804`): new `Taskdeck.Integration.Tests` project with `Testcontainers.PostgreSql` 4.11.0; `PostgresContainerFixture` with per-test database isolation via counter-based `CREATE DATABASE`; `DockerAvailableCheck` with `SkippableFact` for graceful skip without Docker; 20 integration tests across Board CRUD, Card operations, Proposal lifecycle, cross-class isolation, parallel execution; `reusable-container-integration.yml` wired into extended CI; guide at `docs/testing/TESTCONTAINERS_GUIDE.md`; adversarial review fixed race condition (shared DbContext across tasks), deadlock in Docker check, container disposal on partial start
-
-**PWA & Offline:**
-- **UX-09 PWA/offline readiness** (`#95`/`#802`): VitePWA integration with `prompt` registerType, `navigateFallback` with `/api/`+`/mcp` denylist, `NetworkFirst` API caching + `CacheFirst` static assets; `useOnlineStatus` composable with reactive `navigator.onLine` tracking; `OfflineBanner` component with ARIA `role="status"`; `SwUpdatePrompt` component via `virtual:pwa-register` for controlled SW update lifecycle; offline behavior doc at `docs/platform/PWA_OFFLINE_BEHAVIOR.md`; 18 tests (11 composable + 7 component); adversarial review eliminated duplicate SW lifecycle handlers (double-reload race), fixed misleading sync text, corrected opaque response caching and SVG icon sizes
-
-**Ops & Architecture Documentation:**
-- **OPS-12 Cloud cost observability** (`#104`/`#798`): ADR-0026 documents proactive cost observability decision; framework at `docs/ops/CLOUD_COST_OBSERVABILITY.md` (6 cost dimensions, 3-tier alerts at 70/90/100%, monthly review workflow, Terraform budget template); hotspot registry at `docs/ops/COST_HOTSPOT_REGISTRY.md` (6 features with per-request LLM costs, monthly projections at 4 usage levels); breach runbook at `docs/ops/BUDGET_BREACH_RUNBOOK.md` (5-phase playbook); adversarial review fixed phantom config keys, wrong API endpoint, incorrect JSON payload, compute instance types
-- **OPS-14 Cloud topology ADR** (`#111`/`#799`): ADR-0027 documents container-based ECS Fargate topology; autoscaling policy (CPU 65%/25%, 1000 req/min, 500 WS connections); health checks (liveness/readiness/startup); SLO targets (99.5% availability, p95 read <300ms, write <800ms); cost estimate ~$147-152/month; reference architecture at `docs/ops/CLOUD_REFERENCE_ARCHITECTURE.md` (VPC layout, ECS tasks, CI/CD pipeline, DR strategy); adversarial review fixed cost inconsistency, missing worker service, latency alarm gap, health check endpoint accuracy, connection pooling risk
-
-**ADR numbering note**: All 5 PRs that created ADRs originally used ADR-0023. The canonical numbering is ADR-0023 (SQLite migration) through ADR-0027 (cloud topology). PR branches need ADR file renames during merge to match this index.
-
-## Feature, Security, and Ops Expansion Wave (2026-04-09, PRs `#806`–`#813`, 8 issues)
-
-Eight parallel worktree agents delivered new features, security infrastructure, ops tooling, and developer experience improvements across 8 PRs. Each PR received two rounds of adversarial review (original self-review + independent cold review). The independent round caught 9 CRITICAL and 11 HIGH findings — all resolved before merge.
-
-**Features:**
-- **UX-08 Calendar/timeline views** (`#94`/`#810`): `WorkspaceService.GetCalendarAsync` with board-access-scoped date-range card query (90-day cap, 500-result limit); `CardRepository.GetByDueDateRangeAsync`; `GET /api/workspace/calendar?from=&to=` endpoint defaulting to current month; frontend `CalendarView.vue` with grid mode (monthly calendar, color-coded due-date cards, overflow "+N more") and timeline mode (chronological date-grouped list); month navigation, status indicators (on-track/overdue/blocked), drill-down to board/card; loading/error/empty states; ARIA grid roles; sidebar nav item; 8 backend + 20+ frontend tests; adversarial review fixed UTC timezone mismatch, overdue logic inconsistency, and unbounded query results
-- **INT-05 Note-style import and web clip intake** (`#334`/`#809`): `NoteImportService` with markdown heading-based section splitting and web clip metadata intake; `CaptureSource.MarkdownImport` and `CaptureSource.WebClip` enum values; `NoteImportController` with `POST /api/import/notes/markdown` and `POST /api/import/notes/webclip` (auth + rate limiting); all imported content routes through `ICaptureService.CreateAsync` (GP-06 compliant — no silent board mutations); provenance via `ExternalRef` (filename/URL) and `TitleHint`; frontend markdown upload and web clip paste tabs in `ExportImportView`; security: path traversal validation, URL scheme restriction (http/https only), no outbound requests (no SSRF), content as plain text (no XSS); 38 backend + 6 frontend tests; adversarial review fixed silent success on all-sections-fail and ExternalRef overflow
-- **AGT-03 Agents/Runs surfaces** (`#338`/`#808`): `AgentsView.vue` (profile list with status badges), `AgentRunsView.vue` (run list per agent with proposal linkage), `AgentRunDetailView.vue` (vertical event timeline with human-readable labels, JSON payload display, proposal navigation); `agentStore` Pinia store with 3 data slices; `agentApi` HTTP client with enum normalization for backend integer serialization; 3 lazy-loaded routes under `/workspace/agents` gated to `agent` workspace mode; sidebar nav item with `primaryModes: ['agent']`; loading/error/empty states throughout; 42 frontend tests; adversarial review confirmed clean (no CRITICAL/HIGH)
-- **UI-12 Storybook baseline** (`#251`/`#807`): Storybook 10.3.5 (`@storybook/vue3-vite`) configured for Vue 3 + Vite 8; stories for all 17 Td* UI primitives (TdButton, TdIconButton, TdInput, TdTextarea, TdSelect, TdFieldWrapper, TdDialog, TdDropdown, TdPopover, TdTooltip, TdToast, TdInlineAlert, TdSpinner, TdSkeleton, TdBadge, TdTag, TdEmptyState) showing key state variants; design token CSS import + obsidian theme background; `viteFinal` hook strips PWA plugin for storybook builds; `npm run storybook` (dev server :6006) and `npm run storybook:build` scripts; adversarial review confirmed clean
-
-**Security & Auth:**
-- **SEC-07 SSO/OIDC with MFA** (`#82`/`#813`): configurable OIDC provider support (Microsoft Entra ID, Google, generic OIDC) via `IOidcProviderFactory` with pluggable registration; OIDC is config-gated and disabled by default; OIDC login/callback/exchange endpoints with open-redirect protection and short-lived single-use authorization codes; TOTP-based MFA (RFC 6238) with setup (secret + QR URI + 8 recovery codes), confirm, verify, and disable endpoints; recovery codes bcrypt-hashed at rest; constant-time comparison and replay protection; `MfaPolicy` configuration (`EnableMfaSetup`, `RequireMfaForSensitiveActions`) gating password change and account deletion; frontend OIDC login buttons on LoginView (config-gated), `MfaSetup.vue` settings component, `MfaChallengeModal.vue` for protected actions; no auto-linking by email (prevents account takeover); ADR-0029 documents design decisions; 30+ backend tests; adversarial review fixed dead MFA enforcement code, permanent user lockout via DisableAsync, and OIDC endpoint routing
-- **CLD-03 OAuth PKCE and account linking** (`#676`/`#812`): DB-backed auth code store replacing in-memory `ConcurrentDictionary` — `OAuthAuthCode` entity with EF migration, `IOAuthAuthCodeRepository` with atomic `TryConsumeAtomicAsync` (raw SQL `UPDATE WHERE IsConsumed = 0 AND ExpiresAt > now`); PKCE support via `UsePkce = true` in ASP.NET Core 8 OAuth middleware; account linking endpoints (`POST /api/auth/github/link`, `DELETE /api/auth/github/link`, `GET /api/auth/linked-accounts`) with conflict detection and session verification; frontend Linked Accounts section in `ProfileSettingsView` with Link/Unlink buttons and avatar display; 24+ backend tests; adversarial review fixed CSRF on account linking, TOCTOU in expiry check, JWT plaintext in DB, DoS via full-table load, and unbounded table growth
-
-**Ops & Observability:**
-- **OPS-09 Staged deployment workflow** (`#101`/`#806`): ADR-0028 documents blue/green + canary deployment strategy with rollback criteria; `docs/ops/DEPLOYMENT_WORKFLOW.md` canonical 4-phase workflow (build verification → staging → production canary → production promotion) with rollback procedures, database migration safety, emergency hotfix override, and ownership/escalation model; `docs/ops/RELEASE_CHECKLIST.md` versioned smoke verification (7 pre-deploy + 9 automated staging + 7 manual staging + 7 canary + 6 post-promotion + 5 post-release checks) with failure response matrix; `scripts/deploy/smoke-test.sh` portable smoke test (9 automated checks: health, API, auth, board auth gate, frontend, SignalR, static assets, security headers, container restart detection); `.github/workflows/cd-staging-gate.yml` with `production` environment manual approval gate; adversarial review fixed script injection in CI workflow and unscoped container checks
-- **OBS-02 Error tracking and product analytics** (`#549`/`#811`): config-gated Sentry SDK for backend (`Sentry.AspNetCore` with `BeforeSend` PII scrubbing for emails/JWTs, `ServerName` blanked) and frontend; opt-in product telemetry service (`TelemetryEventService`) aligned with `docs/product/TELEMETRY_TAXONOMY.md` — property key allowlist (15 safe keys), max 10 properties, 200-char value truncation; `TelemetryController` with anonymous config endpoint and authenticated events endpoint; Plausible/Umami analytics script injection (`useAnalyticsScript`) with HTTPS-only URL validation; Pinia `telemetryStore` with consent management, event buffering, and flush; DNT/GPC privacy signal detection prevents auto-restore of consent; telemetry consent toggle in `ProfileSettingsView`; `docs/ops/OBSERVABILITY_SETUP.md` configuration guide; all telemetry opt-in and disabled by default; 38 backend + 25 frontend tests; adversarial review fixed Sentry PII leak, arbitrary properties injection, XSS via script URL, and DNT non-compliance
-
-## Phase Progress (Reconciled)
-
-Progress is tracked against `filesAndResources/taskdeck_technical_design_document.md`.
-
-1. Phase 1 - Core Data Model and API: COMPLETE (100%)
-2. Phase 2 - Basic Web UI: COMPLETE (100%)
-3. Phase 3 - UX Improvements: COMPLETE (100%)
-4. Phase 4 - Advanced Features: IN PROGRESS (97%)
-
-Completed in Phase 4:
-- CI gate split and matrix hardening
-- authn/authz infrastructure baseline
-- boards controller family retrofit to claims-derived identity (`[Authorize]` + owner-scoped board operations)
-- claims-first retrofit for columns/cards/labels/export-import/queue/board-access (actor identity derived from claims; caller actor query/body IDs removed)
-- export/import board JSON flow
-- audit and queue service/API slices
-- automation proposal lifecycle + diff + execute flow
-- archive recovery flow
-- chat + ops + logs + worker/health stack
-- frontend integration for automations/chat/ops/archive
-- archive lifecycle coherence for boards across board settings and archive workspace flows
-- drag/edit interaction safety guardrails via explicit card/column drag handles and non-handle drag blocking
-- collaborative presence/conflict policy (`#73`): SignalR-backed board/card presence snapshots with editor markers, optimistic stale-write conflict handling, and conflict-audit capture with actor identity
-- collaborative comments/mentions workflow (`#74`): board-scoped threaded card comments (create/list/reply/edit/delete), mention-to-user linking, mention notification publication, and authz-safe moderation boundaries
-- maintainability refactor across API/controller error handling and frontend API/store utilities (PR #23)
-- CI hardening follow-up: workflow concurrency cancellation, frontend typecheck/build parity, TRX artifacts, caching
-- mechanical checks added: docs governance CI checks (`check-docs-governance` + `check-github-ops-governance`) and architecture boundary test project
-- API integration harness additions for authz assertions (`AssertUnauthorized`, `AssertForbidden`, `AssertNotFoundOrForbidden`, `AssertCrossUserIsolation`)
-- SEC-04 API error-contract assertions for key auth/validation paths, including middleware-level `401/403` payload normalization
-- starter-pack manifest foundation (`PACK-01`): versioned manifest schema doc plus deterministic backend parsing/validation tests
-- starter-pack apply backend (`PACK-02`): idempotent apply endpoint with dry-run conflict reporting and integration coverage for success/re-apply/conflict flows
-- starter-pack frontend catalog (`PACK-03`): board-scoped catalog modal with search, preview (dry-run), and one-click apply flow with frontend interaction tests
-- starter-pack first-party catalog (`PACK-04`): API-backed first-party pack catalog (label/column/blueprint packs) consumed by board starter-pack UI
-- starter-pack deterministic fixture packs (`PACK-05`): Playwright bootstrap helpers and manifest-backed small/medium/edge deterministic E2E fixture coverage
-- DEBT-01 nullability reduction (`#52`): domain `CS8618` warnings eliminated with EF-safe non-null initialization defaults
-- DEBT-02 log-query scalability pass (`#53`): repository-filtered query flow replaces full-table scans and command-run log N+1 composition
-- DEBT-03 database export/import (`#54`): sandbox-gated SQLite file export/import endpoints with payload signature/size validation and file-replacement rollback guardrails
-
-Remaining for Phase 4 completion:
-- UX/operator hardening for remaining keyboard/accessibility/discoverability gaps (WCAG baseline delivered, conversational refinement `#576` delivered, calendar views `#94` delivered, agent surfaces `#338` delivered)
-- product-legibility hardening so the app teaches the `capture -> review -> board` loop without relying on demo scripts or internal docs
-
-## Future Expansion Backlog Snapshot (2026-02-18)
-
-Backlog seeding was expanded from near-horizon only to a staged future roadmap grounded in `docs/WIP` research PDFs.
-
-- New future-expansion issues created: `#67` to `#111`
-- Wave index issue: `#107` (`OPS-13`)
-- Priority-label rollout completed across every issue (open and closed):
-  - `Priority I`: current Phase 4 completion path
-  - `Priority II`: post-Phase-4 foundation tranche
-  - `Priority III`: analytics/security/compliance expansion tranche
-  - `Priority IV`: platform, UX, testing, docs maturity tranche
-  - `Priority V`: low-urgency/meta/historical tracking
-
-Current open backlog is now split into:
-- Phase-4 completion tranche (`#33` to `#57`, `Priority I`)
-- Future expansion tranche (`#72` to `#111`, `Priority II` to `Priority V`)
-
-## Analysis Follow-through Wave (2026-02-21)
-
-To convert the 2026-02-21 repository scan into executable work, a dedicated issue wave was seeded:
-- umbrella tracker: `#151`
-- engineering hardening issues: `#152` to `#157`
-- hotspot refactor issues: `#158` to `#167`
-- CI/workflow topology expansion issue: `#168`
-
-Priority distribution for this wave:
-- `Priority I`: `#152`
-- `Priority II`: `#151`, `#153`, `#154`, `#155`, `#157`, `#168`
-- `Priority III`: `#156`
-- `Priority IV`: `#158` to `#167`
-
-Analysis record:
-- `docs/analysis/2026-02-21_repo-scan-analysis.md`
-- `docs/analysis/2026-02-21_ci-github-actions-expansion-plan.md`
-
-## Demo Expansion Migration Wave (2026-03-02)
-
-A dedicated staged migration wave was seeded to port external demo-expansion assets into the current repository with compatibility guardrails.
-
-Seeded issues:
-- tracker: `#297`
-- batches: `#298` to `#302` (`v0` baseline -> `v3` director -> integration hardening)
-
-Execution constraints:
-- all wave issues are labeled `Priority I`
-- strict dependency order (`#298` -> `#299` -> `#300` -> `#301` -> `#302`)
-- one branch per batch issue using suggested branch names embedded in issue bodies
-- file-scoped commit preference for review/rollback safety
-
-Implementation delivery (shipped in this context):
-- `#298` Batch A (`v0`): baseline demo seeding command + first-run UX defaults + seeded playbook promotion
-- `#299` Batch B (`v1`): reusable demo harness scripts (`demo:run`, `demo:autopilot`), scenario modules, API walkthrough asset, stakeholder opt-in recorder spec, and expanded demo/dogfooding/user docs
-- `#300` Batch C (`v2`): JSON scenario runner + schema/sample scenarios, `demo:run` JSON-first flags (`--list`, `--skip-llm`, `--continue-on-error`), capture-aware autopilot loop modes (`queue|capture|mixed`), capture helper library additions, and scenario authoring docs (`docs/product/SCENARIOS.md`)
-- `#301` Batch D (`v3`): demo director + snapshot scripts (`demo:director`, `demo:snapshot`), trace-aware scenario/autopilot/runtime events, `runOps` scenario step support, and director-mode stakeholder recorder bootstrap with artifact logs/snapshots
-- `#302` Batch E: integration hardening delivered with explicit demo CI policy (`TASKDECK_RUN_DEMO=0` in default Playwright lanes), opt-in `demo-director-smoke` workflow wiring in `ci-extended.yml`, deterministic smoke command (`npm run demo:director:smoke`) with isolated smoke DB reset + forced fresh servers, automatic free-port fallback for local API startup, actionable explicit-port remediation hints, and docs/index/runtime-precondition consolidation for the migrated demo tooling
-
-## Saul-Facing Demo Reconciliation (2026-03-26)
-
-`docs/WIP/Taskdeck_Demo_Capability_Specification.md` was reconciled against shipped code, canonical docs, and the active GitHub backlog in `docs/analysis/2026-03-26_saul-demo-capability-reconciliation.md`.
-
-Current state:
-- already shipped: capture triage, review-first proposal gating, board-centered follow-through, provenance links, and deterministic seed/director/scenario tooling
-- delivered in the demo wave: dedicated client-onboarding starter pack/scenario (`#354`), trust-first review wording hardening (demo-critical `#326` subset), and in-app hero-path/demo-board cues (demo-critical `#330` subset)
-- rehearsal contract is now delivered (`#355`); GTM baseline (demo script, landing copy, beta intake workflow) is now delivered (`#216`)
-- demo rehearsal runtime issues (2026-03-27): seed idempotency blocker (`#387`), scenario `--skip-llm` blocker (`#389`), DX friction (`#388`, `#390`), narrative mismatch (`#394`), and polish (`#391`, `#392`, `#393`) — tracked in `#395`
-
-Targeted follow-through seeded:
-- `#354` `PACK-08`: Saul-facing client-onboarding starter pack and deterministic demo scenario
-- `#355` `TST-24`: Saul-facing demo rehearsal contract, acceptance checklist, and artifact guide (delivered)
-- `#356` `DEMO-00`: Saul-facing demo alignment tracker
-
-Existing reused anchors:
-- `#175` for broader starter-pack expansion beyond the pre-demo slice
-- `#216` for broader demo script / public framing (delivered: `DEMO_SCRIPT.md`, `LANDING_COPY.md`, `BETA_INTAKE_WORKFLOW.md`)
-- `#326` for proposal readability and trust-cue hardening (demo-critical subset)
-- `#330` for in-app demoability and hero-board presentation quality (demo-critical subset); nav badges now show pending triage and review counts on Inbox and Review nav items
-- post-epic follow-through is now tracked in `#311` for continued demo/runtime/test hardening without reopening the migration batches
-
-## Manual Product Audit Follow-through Wave (2026-03-26)
-
-The headed runtime audit in `docs/analysis/2026-03-26_manual-product-audit.md` was reconciled into a focused follow-through wave rather than left as a standalone artifact.
-
-Canonical follow-through record:
-- `docs/analysis/2026-03-26_manual-product-audit-followthrough.md`
-
-Seeded issues:
-- `#363` tracker
-- `#364` realtime hub CORS/SignalR health
-- `#365` Inbox triage freshness
-- `#366` Workbench/nav/docs truth alignment
-- `#367` board-history semantic alignment
-- `#368` chat live-provider status and first-turn fidelity — degraded message type, probe health, verified UI state
-- `#369` headed manual-audit Playwright pack (`Priority IV` by design)
-
-Reused existing anchor:
-- `#326` proposal readability — affected entity labels now show named targets instead of raw IDs, correlation IDs truncated in UI
-
-## Future Testing and Hardening Strategy Analysis (2026-03-29)
-
-TST-08 (`#143`) delivered a gap analysis of the current testing/hardening posture across MCP integrations, deployment/container runtime, operational reliability, and security checks.
-
-Analysis record:
-- `docs/analysis/2026-03-29_testing-hardening-strategy.md`
-
-Key findings:
-- Current posture is strong (1400+ automated tests, comprehensive CI topology, established security baselines)
-- Highest-ROI gaps are CI automation of existing manual validation (MCP, Terraform, drills, container runtime) and supply-chain security scanning (SAST, secrets, image CVEs)
-- 15 proposed follow-up issues across 4 priority tiers with acceptance criteria and execution sequencing
-
-Proposed issue summary:
-- Priority I (SEC-20 to SEC-22): SAST, secret scanning, container image scanning
-- Priority II (SEC-23, OPS-21 to OPS-24): dependency blocking gate, container smoke, drill/MCP/Terraform CI wiring
-- Priority III (TST-27 to TST-29, SEC-24): repository tests, board sub-store tests, router tests, DAST
-- Priority IV (TST-30, TST-31, OPS-25, SEC-25): OpenAPI snapshots, shutdown tests, CSP reporting, HTTP client tests
-
-## Post-Merge Wave (2026-03-29)
-
-Windows Git hardening (`#121`):
-- `scripts/check-git-env.sh` validates Git for Windows resolution (not Cygwin/MSYS2) and detects stale `.git/index.lock` with worktree awareness
-- `CLAUDE.md` and `AGENTS.md` updated with script reference and PATH remediation guidance
-
-Dependency update automation (`#148`):
-- `.github/dependabot.yml` active for NuGet, npm, and GitHub Actions with weekly cadence and grouped minor/patch updates
-- `docs/ops/DEPENDENCY_UPDATE_POLICY.md` covers triage SLAs, escalation, and policy boundaries
-
-Headed manual-audit Playwright pack (`#369`):
-- `frontend/taskdeck-web/tests/e2e/manual-audit.spec.ts` covers core `Home -> Inbox/Capture -> Review -> Board` audit loop with 18 screenshots
-- gated behind `TASKDECK_RUN_AUDIT` env var; live LLM probes opt-in via `TASKDECK_RUN_LIVE_LLM_TESTS`
-- usage documented in `docs/testing/MANUAL_AUDIT_PACK.md`
-
-Manual validation checklists (`#130`, `#131`):
-- Slice A (`#130`): 22 step-indexed scenarios (A-01 to A-22) in `docs/testing/manual-validation-a-workspace-board-ux.md` covering workspace shell, board lifecycle, keyboard UX, and escape behavior stack
-- Slice B (`#131`): 175 step-indexed checks (B-01 to B-175) in `docs/testing/manual-validation-b-authz-contracts.md` covering all 28 controllers with two-user isolation matrix
-
-## Post-Merge Wave 2 (2026-03-29)
-
-AppShell premium reskin (`#499`):
-- Shell sidebar, topbar, command palette, and keyboard help components reskinned from hardcoded Tailwind/rgba values to `--td-*` design token system
-- Added focus-visible accessibility rings throughout shell layer
-- Glass morphism and smooth transitions for premium visual feel
-
-Board/card surface polish (`#501`):
-- Board canvas, toolbar, action rail, column lanes, and card components reskinned to design token system
-- Standardized card visual states (hover, focus, selected, disabled, dragging) with token-based styling
-- Fixed combined selected+focus-visible keyboard navigation specificity conflict
-- Replaced hardcoded font sizes with token references in filter count badges
-
-AGT-02 tool registry, policy evaluator, and first bounded template (`#337`, PR `#502`):
-- Added domain primitives: `ToolScope`, `ToolRiskLevel` enums, `ITaskdeckTool`, `ITaskdeckToolRegistry` interfaces, `PolicyDecision` value object
-- Added `TaskdeckToolRegistry` (thread-safe in-memory registry), `AgentPolicyEvaluator` (allowlist + risk-level gating), and `InboxTriageAssistant` (bounded template that creates proposals, never direct board mutations)
-- DI registration: singleton tool registry with `inbox.triage` pre-registered, scoped policy evaluator and triage assistant
-- Default policy is review-first for all risk levels; auto-apply is opt-in only for low-risk tools
-- 42 backend tests covering registry, policy evaluation, and inbox triage assistant
-
-Demo director reporting, assertions, presets, and soak mode (`#331`, PR `#500`):
-- Added `demo-director-presets.mjs` with named preset system for common demo modes (happy-path-capture, review-approve-flow, error-recovery-demo, soak-baseline)
-- Added `demo-trace-assertions.mjs` for exact and structural trace comparison
-- Added `demo-report-html.mjs` for self-contained HTML report generation with embedded screenshots
-- Added `demo-soak.mjs` for long-run director scenario loops with cumulative metrics
-- 63 frontend tests covering presets, assertions, reports, soak mode, and integration
-
-Incident rehearsal and recovery program (`#150`, PR `#503`):
-- Added `docs/ops/INCIDENT_REHEARSAL_CADENCE.md` (monthly lightweight + quarterly deep drill schedule)
-- Added `docs/ops/EVIDENCE_TEMPLATE.md` (standardized rehearsal outcome format)
-- Added `docs/ops/REHEARSAL_BACKOFF_RULES.md` (finding-to-issue workflow with severity SLAs)
-- Added 4 rehearsal scenario templates: degraded-api-health, missing-telemetry-signal, mcp-server-startup-regression, deployment-readiness-failure
-- Added first execution evidence: `docs/ops/rehearsals/2026-03-29_degraded-api-health.md`
-- Cross-linked from `TESTING_GUIDE.md` and `MANUAL_TEST_CHECKLIST.md`
-
-## Post-Merge Wave 3 (2026-03-30 to 2026-03-31)
-
-Chat-to-proposal NLP gap fix (`#570`, PR `#602`):
-- Added `NaturalLanguageInstructionExtractor` to bridge the intent classification-to-parsing gap: translates natural language into structured instructions the regex parser can consume
-- MockLlmProvider now produces `Instructions` when the classifier detects actionable intent
-- OpenAI and Gemini provider fallback paths also use the extractor when LLM-based JSON extraction fails
-- 38 unit tests for the extractor
-
-Multi-instruction batch parsing (`#574`, PR `#591`):
-- Added `ParseBatchInstructionAsync` to `IAutomationPlannerService` interface
-- `ChatService` now routes multi-instruction messages through batch parsing to generate multiple proposals from a single chat message
-- Backend + frontend tests for batch instruction parsing
-
-Board-context LLM prompting (`#575`, PR `#589`):
-- Added `BoardContextBuilder` to construct bounded board context (columns, card titles, labels) for LLM system prompts
-- Added `LlmSystemPromptBuilder` for centralized system prompt composition
-- OpenAI and Gemini providers now append board context to system prompts via the builder
-- Backend tests for board context builder and ChatService integration
-
-Board keyboard card movement (`#248`, PR `#590`):
-- Added Alt+Arrow keyboard shortcuts for card movement within and across columns in BoardView
-- Added move-to action menu on CardItem for click-based column moves
-- Card Movement section added to keyboard shortcuts help dialog
-- Frontend unit tests for keyboard movement and ColumnLane coverage
-
-Transcript capture source (`#218`, PR `#592`):
-- Added `TranscriptFile` capture source with transcript-specific size limits
-- Added transcript paste/file capture mode to CaptureModal frontend
-- Backend validation tests and frontend interaction tests
-
-Contact card YAML parser (`#264`, PR `#588`):
-- Added `ContactCardYamlParser` with parse/serialize and field validation for card-first outreach CRM use case
-- Added `ContactCardFrontMatter` model with `YamlDotNet` dependency
-- Static serializer/deserializer caching for performance
-- Backend unit tests
-
-Global search and quick-action launcher (`#93`, PR `#603`):
-- Added `SearchService` and `/api/search?q=` endpoint for cross-board search respecting authorization boundaries
-- Enhanced `ShellCommandPalette` (Ctrl+K) with live search results alongside command navigation
-- Added `searchApi` client, `useGlobalSearch` composable with 200ms debounce and abort-on-supersede
-- Grouped results display (Commands, Boards, Cards) with keyboard-first navigation
-- Frontend tests for composable and command palette search integration
-
-Developer portal and OpenAPI (`#99`, PR `#605`):
-- Added OpenAPI annotations (`[ProducesResponseType]`, XML doc summaries) to Boards, Cards, Columns, Capture, Chat, Auth, and Webhooks controllers
-- Enhanced Swagger configuration with API metadata, JWT Bearer security definition, and XML comment inclusion
-- Added developer portal docs (`docs/api/`): `QUICKSTART.md`, `AUTHENTICATION.md`, `BOARDS.md`, `CAPTURE.md`, `CHAT.md`, `WEBHOOKS.md`, `ERROR_CONTRACTS.md`
-- Added developer portal CI workflow and local OpenAPI export script
-
-SBOM and release provenance (`#103`, PR `#606`):
-- Added reusable workflow (`.github/workflows/reusable-sbom-provenance.yml`) for CycloneDX JSON SBOMs (backend + frontend) and SLSA v1-style provenance manifest
-- Wired into `ci-release.yml` (replacing placeholder) and `release-security.yml`
-- Added `docs/ops/SBOM_RELEASE_PROVENANCE.md` documentation
-- Updated dependency vulnerability policy to reference SBOM artifacts
-
-Batch triage and suggestion editing (`#220`, PR `#607`):
-- Added `POST /api/capture/items/batch-triage` endpoint with per-item actions (triage/ignore/cancel), 200/207/422 response semantics, and batch size limit (50)
-- Added `PUT /api/capture/items/{id}/suggestion` for editing capture text before triage with state-transition guards
-- Added multi-select checkboxes, select-all toggle, batch action bar, and inline suggestion editing in InboxView
-- Backend + frontend tests for batch triage and suggestion editing
-
-Property-based and fuzz testing pilot (`#89`, PR `#601`):
-- Added FsCheck property-based testing packages to Domain and Application test projects
-- Added property-based tests for Board, Card, Column, Label entity invariants and AutomationProposal state machine
-- Added fuzz tests for StarterPackManifestValidator, LlmIntentClassifier regex safety, and export/import DTO serialization roundtrip contracts
-
-Accessibility audit and WCAG remediation (`#92`, PR `#604`):
-- Added skip-to-content link, `sr-only` utility class, and `eslint-plugin-vuejs-accessibility` with tuned rules
-- WCAG improvements across BoardView, HomeView, TodayView, ReviewView, InboxView, CaptureModal, and ToastContainer
-- Added Playwright axe-core E2E tests for 6 core views (Home, Today, Inbox, Review, Boards, Login) plus skip-link test
-- `role=presentation` on virtual scroller wrappers in InboxView
-
-Dependency updates (PRs `#593`–`#600`):
-- `@eslint/js` 9.39.4 → 10.0.1 (with ESLint v10 rule violation fixes in demo scripts and playwright config)
-- `@types/node` 24.10.1 → 25.5.0
-- GitHub Actions group bump (5 updates)
-- `Microsoft.NET.Test.Sdk` 17.14.1 → 18.3.0
-- `Swashbuckle.AspNetCore` 6.9.0 → 10.1.7 (with OpenApi v2.x compatibility fix); exported OpenAPI artifact needs regeneration (`#609`)
-- `Microsoft.IdentityModel.Tokens` and `System.IdentityModel.Tokens.Jwt` upgraded to 8.17.0
-- `xunit.runner.visualstudio` 2.8.2 → 3.1.5
-
-Follow-through issues seeded from changelog audit (`docs/analysis/2026-03-31_changelog-audit.md`):
-- `#608` OPS-26: require `ci-extended` pass for workflow and infrastructure PRs (`Priority II`)
-- `#609` DOC-04: regenerate and validate OpenAPI spec artifact after Swashbuckle 10 upgrade (`Priority III`)
-- `#610` UX-16: add cursor pagination to global search endpoint (`Priority IV`)
-
-## MVP Expansion Planning Integration (2026-03-07)
-
-New review packages under `docs/InReview/MVP_EXPANSION/` were cross-read against the current repo state and backlog:
-
-- `MINIMAL/`: near-horizon execution filter
-- `EXPANDED/`: staged product and architecture roadmap
-
-Planning conclusion adopted into canonical docs:
-
-- demoability improved faster than self-serve product clarity
-- near-horizon work should prioritize product legibility before adding broad new capability families
-- preferred sequence is:
-  1. novice-first shell and entry clarity (`Home`, `Review`, workspace modes, empty/help states, board selectors)
-  2. board-centered daily workflow (`Today`, proposal readability, board action rails, deep links, onboarding)
-  3. docs/help/testing coherence
-  4. agent substrate
-  5. knowledge/integrations surface
-
-Backlog implication:
-
-- existing overlap and reuse anchors are partial (`#96`, `#93`, `#77`, `#75`, `#98`, `#216`, `#218`, `#219`, `#311`)
-- the novice-first productization wave is now shipped through docs/help follow-through for `#318`, `#320`, `#322`, `#324`, `#326`, `#96`, `#100`, and `#328`; the first-run smoke and launch-criteria guardrail now lives as a deterministic Playwright contract on the shipped `Home -> capture -> review -> execute -> board` loop
-- `#320` is now shipped: durable `UserPreference` workspace mode persistence, `/api/workspace/home` + `/api/workspace/preferences`, `Home` default routing, and mode-aware shell navigation
-- `#322` is now shipped: `/workspace/review` is the canonical automation route, legacy proposals URLs redirect compatibly, queue/chat/ops/access are explicitly framed as advanced surfaces, board access/chat common flows prefer selectors over raw board IDs, and primary empty states now point users toward concrete next steps
-- `#324` is now shipped: `/workspace/today` aggregates review, triage, overdue, due-today, and blocked work into one agenda, while Home/Today share a persisted onboarding loop with setup replay/dismiss and first-use starter-board creation
-- `#326` is now shipped: proposal cards expose plain-language summaries, impact/risk/source cues, and affected-entity headlines from an application-layer presentation contract, while board pages now expose a board action rail (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`) and board context now travels across inbox/review/chat/notifications/provenance links; affected entity labels now show named targets from operation parameters instead of raw IDs, and correlation IDs are truncated in the review UI
-- `#96` is now shipped: novice-first contextual help is now present on the key workflow surfaces (`Home`, `Today`, `Review`, `Inbox`, board action flow, and selector-heavy activity`) with dismiss/replay persistence that keeps guidance discoverable without forcing it on experienced users
-- the lower-priority secondary follow-through wave is now seeded as `#329` to `#334`, subordinate to Wave P, covering in-app demoability/product evidence, harness/report maturity, saved-view productivity follow-through, and broader note/clip intake follow-through
-- the remaining expanded-blueprint architecture wave is now seeded as `#335` to `#341`, subordinate to both Wave P and Wave Q, covering agent substrate, knowledge/search, supervised connector architecture, and explicit `R1` / `R2` / `R3` launch-gate framing
-- planned-but-not-shipped concepts now explicitly tracked in roadmap docs include:
-  - broader telemetry and release-gate follow-through remain tracked in `#341`
-  - `Agents`, `Runs`, `Knowledge`, and `Integrations` product surfaces
-  - `Demo Tools`, guided narrative/demo-tour flow, HTML report/assertions, and saved views
-  - explicit release framing for `R1` novice-first beta, `R2` agent foundation alpha, and `R3` knowledge/integrations alpha
-- active docs root is now curated as a living-doc spine only; stable reference material is organized under `docs/product`, `docs/manual`, `docs/ops`, `docs/platform`, `docs/security`, and `docs/tooling`
-
-## Capture Realignment Wave (2026-02-23)
-
-Realignment packs (now archived for traceability) were reviewed and reconciled into active backlog seeding:
-- automation realignment pack:
-  - `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/2026-02-21_capture-automation_realignment_pack/`
-- security/performance addendum:
-  - `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/2026-02-21_capture-security-performance-addendum/`
-
-Seeded issue wave:
-- umbrella tracker: `#199`
-- capture delivery sequence: `#200` to `#211`
-- linked hardening/performance follow-through: `#212` (delivered), `#213` (delivered)
-- existing rate-limit issue updated with capture scope (no duplicate issue): `#81`
-- deferred capture follow-ons seeded: `#218`, `#219`, `#220`
-- adjacent go-to-market and research execution seeds: `#216`, `#217`
-
-Implementation delivery (shipped):
-- `#200` CAP-01 delivered and regression-tested:
-  - queue-wrapper capture model locked (`LlmRequest` + `inbox.capture.v1`)
-  - capture source/status contracts and transition policy added
-  - capture payload invariants enforced (schema version, text limits, actor-field rejection)
-  - provenance linkage fields added to support `capture item -> triage run -> proposal`
-- `#201` CAP-02 capture API slice delivered and regression-tested:
-  - added authenticated `/api/capture/items` endpoints (create/list/detail/ignore/cancel)
-  - create now returns `201` and uses queue-wrapper persistence with capture payload normalization
-  - list is user-scoped and excerpt-only (full text returned only by detail endpoint)
-  - ignore/cancel paths are idempotent for already-ignored items and enforce cross-user `403`
-- `#202` CAP-03 queue provenance fix delivered and regression-tested:
-  - planner now accepts explicit proposal source metadata overrides
-  - queue worker now creates proposals with `SourceType = Queue`
-  - queue worker forwards `SourceReferenceId` and `CorrelationId` using queue item id for traceability
-- `#203` CAP-04 triage enqueue/state transitions delivered and regression-tested:
-  - added authenticated triage enqueue endpoint: `POST /api/capture/items/{id}/triage` (`202 Accepted`)
-  - triage enqueue now returns deterministic capture state with idempotent `already triaging` behavior
-  - invalid transition attempts now fail with stable `Conflict` error contract payloads
-  - generic queue processing now skips `inbox.capture.v1` pending items so capture triage remains explicit
-- `#204` CAP-05 worker triage path delivered and regression-tested:
-  - queue worker now routes `inbox.capture.*` triaging items through a dedicated capture-triage proposal path (separate from generic instruction parsing)
-  - deterministic extraction baseline now converts checklist/bullet/numbered capture text into proposal operations with stable idempotency keys
-  - triage outcomes now persist capture provenance linkage (`capture item -> triage run -> proposal`) and surface `ProposalCreated` status when linkage exists
-  - invalid capture triage inputs (for example boardless capture triage) now fail deterministically without direct board mutation and remain bounded by existing worker retry policy
-- `#205` CAP-06 strict triage schema/prompt versioning delivered and regression-tested:
-  - added strict capture triage output contract (`capture-triage-output.v1`) with machine-validated schema and contract tests
-  - triage pipeline now enforces schema version + prompt version invariants before proposal generation
-  - triage provenance now persists prompt version `triage.v1` per triage run for capture item linkage/audit visibility
-  - added golden and negative fixture coverage for schema validation failures (missing tasks, wrong prompt version, unknown properties)
-- `#212` SEC-14 logging redaction guardrails delivered and regression-tested:
-  - published `docs/security/SECURITY_LOGGING_REDACTION.md` and linked it from active security docs
-  - invalid capture-source validation now returns generic messages without echoing caller-controlled values
-  - unexpected middleware/provider/worker failures now log sanitized exception summaries instead of raw exception objects on sensitive paths
-  - queue and webhook failure persistence now redacts or generalizes sensitive exception text before storage, and ASP.NET Core trace auto-exception recording is disabled to keep raw exception events out of default telemetry
-- `#206` CAP-07 inbox frontend route/list/detail delivered and regression-tested:
-  - added workspace inbox route (`/workspace/inbox`) with shell navigation integration
-  - inbox list now renders excerpt-first capture summaries and loads full text only on explicit detail open
-  - inbox detail now supports deterministic ignore/cancel actions with refreshed state from capture API
-  - keyboard-first navigation (`ArrowUp`/`ArrowDown`/`Enter`) and escape-stack compliant detail close behavior are now regression-tested
-- `#207` CAP-08 capture modal + command palette/hotkey integration delivered and regression-tested:
-  - added keyboard-first quick-capture modal with deterministic submit (`Ctrl+Enter`) and close (`Escape`) behavior
-  - command palette now includes capture action entry and retains inbox navigation access
-  - added global quick-capture hotkey (`Ctrl+Shift+C`) with escape-stack compliant modal close ordering
-  - successful capture submission now provides immediate feedback by routing to inbox with the new item rendered in list state
-- `#208` CAP-09 inbox triage trigger + proposal-linking UX delivered and regression-tested:
-  - inbox detail now includes deterministic triage enqueue action with explicit in-progress/completion button state semantics
-  - capture detail contract now surfaces provenance metadata (`capture item -> triage run -> proposal`) so proposal linkage is visible to UI consumers
-  - inbox detail now renders direct proposal-review navigation when triage yields a linked proposal
-  - capture store/api regression tests now cover triage enqueue success/failure behavior and proposal-link rendering
-- `#209` CAP-10 card/proposal provenance UX delivered and regression-tested:
-  - cards API now exposes capture provenance contract for capture-created cards (`GET /api/boards/{boardId}/cards/{cardId}/provenance`)
-  - triage create-card operations now persist deterministic card target ids so provenance lookup remains stable after proposal execution
-  - card modal now shows explicit capture-origin marker with direct capture/proposal links and triage-run metadata when provenance exists
-  - automations proposal surface now shows capture-linked context (capture artifact link + triage run reference), with frontend/backend regression coverage
-- `#210` CAP-11 capture loop E2E regression delivered and regression-tested:
-  - added dedicated Playwright regression (`tests/e2e/capture-loop.spec.ts`) covering capture create -> triage -> proposal approve/execute -> card provenance verification
-  - coverage validates proposal-first review gate behavior (no direct board mutation from triage output before explicit approve/execute)
-  - coverage validates provenance deep-links (`Open Capture`, `Open Proposal`) and triage-run metadata visibility from resulting card surfaces
-  - full Playwright suite now includes capture-loop verification in the default regression path
-- `#211` CAP-12 canonical docs promotion delivered:
-  - updated canonical docs (`STATUS`, `IMPLEMENTATION_MASTERPLAN`, `TESTING_GUIDE`, `MANUAL_TEST_CHECKLIST`) to reflect shipped capture runtime behavior and verification posture
-  - promoted capture validation and manual-run guidance into active docs as baseline expectations
-  - marked the original in-review capture pack READMEs as historical/stale after promotion to canonical docs
-
-Execution intent:
-- preserve proposal-first trust posture (no direct model auto-apply)
-- keep claims-first identity and `401/403/404` policy semantics
-- require deterministic schema/error handling and provenance visibility for capture-generated changes
-
-Reconciliation record:
-- `docs/analysis/2026-02-23_capture-realignment-synthesis.md`
-- `docs/analysis/2026-02-23_inreview-extraction-audit.md`
-- `docs/analysis/2026-02-23_capture-model-decision.md`
-
-## LLM Provider Expansion Track (2026-02-24)
-
-`#232` AUTO-03 is now delivered:
-
-- provider runtime supports `OpenAI` + `Gemini` with deterministic config/environment-aware `Mock` fallback
-- live-provider misconfiguration degrades safely without request crashes
-- capture triage provenance now persists `provider` + `model` alongside `promptVersion`
-- provider adapter coverage now includes Gemini success/failure/invalid-response/cancellation and chat integration coverage with a non-mock provider stub
-
-`#236` SEC-16 is now delivered:
-
-- chat provider requests now carry server-derived attribution (`userId`, correlation ID, source surface, board/session scope) through `ChatCompletionRequest`
-- provider adapters now receive standardized attribution headers (`x-taskdeck-*`) and OpenAI now gets a pseudonymous `user` token mapping
-- capture queue provenance now persists managed-key attribution metadata (`requestedByUserId`, `correlationId`, `sourceSurface`, scope IDs) for audit and abuse-triage workflows
-- regression coverage now includes attribution propagation, spoofing rejection, and chat API provider-stub attribution assertions
-
-Documentation baseline for this track:
-
-- `docs/platform/LLM_PROVIDER_SETUP_GUIDE.md`
-
-## Managed-Key Abuse-Control Track (2026-02-23)
-
-To capture the security and operational risk of letting users consume model calls via a platform-managed provider key, a dedicated control wave was seeded. Identity attribution foundation is now delivered via `#236`; user-facing usage policy is now delivered via `#240`. Remaining controls stay in this wave:
-
-- `#235` tracker: managed-key threat model and control sequencing
-- `#236` identity attribution contract for managed-key requests (`Priority II`) -- delivered
-- `#237` quota/budget/kill-switch guardrails (`Priority II`) -- pending
-- `#238` SEC-18 abuse detection + automated containment (`Priority III`) -- **operator tooling + domain groundwork delivered**: `AbuseActor`/`AbuseEvent` entities, `AbuseDetectionService` (4-state Observe→Suspicious→Restricted→Blocked model), operator evaluation/quarantine/unquarantine/block API; live-traffic automated containment wiring is a follow-up slice
-- `#239` SEC-19 incident response + key rotation drills (`Priority III`) -- **delivered**: `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` + `docs/security/SECRETS_MANAGEMENT_BASELINE.md` + `scripts/drills/` (5 failure-injection drill scripts + orchestrator)
-- `#240` user-facing fair-use and abuse consequence policy (`Priority III`) -- delivered: `docs/security/MANAGED_KEY_USAGE_POLICY.md`
-
-## Frontend Premium UI Wave (2026-02-23)
-
-Commit `0aef077f6d46262a844eb796cb9e95f83132ca09` introduced a premium UI planning pack (archived for traceability) under:
-
-- `docs/InReview/HUMAN/07_FRONTEND_PREMIUM_UI_OVERVIEW.md`
-- `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/2026-02-23_frontend-premium-ui-pack/`
-
-Issue seeding and reconciliation completed:
-
-- tracker: `#242` (UI-00 frontend premium UI wave)
-- net-new wave issues: `#243` to `#251`
-- explicit reuse (no duplicate issue creation): `#154`, `#88`, `#92`, `#213`
-
-Execution posture:
-
-- foundations-first sequencing is mandatory (`#243`, `#245`, `#244` before screen reskins)
-- no broad global reskin until shared primitives and token contracts are established
-- accessibility/keyboard and visual/performance quality gates remain explicit dependencies
-
-Reconciliation record:
-
-- `docs/analysis/2026-02-23_frontend-premium-ui-synthesis.md`
-
-## Testing Harness Improvement Wave (2026-02-23)
-
-Commit `909db0d` introduced a testing-harness improvement pack (archived for traceability) under:
-
-- `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/taskdeck_testing_harness_improvement_pack_2026-02-23/`
-
-Issue seeding and reconciliation completed:
-
-- tracker: `#254` (TST-15 testing harness wave)
-- net-new wave issues: `#255` to `#260`
-- existing seeds updated with extracted pack guidance: `#89`, `#90`, `#106`, `#168`
-- explicit non-duplicate mapping to already-covered scenarios:
-  - WIP limit enforcement tests already present (`CardServiceTests`, `CardsApiTests`, `tests/e2e/smoke.spec.ts`)
-  - sandbox gate behavior already present (`ExportApiTests`)
-  - starter-pack idempotency/conflict safety already present (`StarterPacksApiTests`)
-
-Delivery posture:
-
-- `#255` removed residual wall-clock flake patterns and centralized E2E polling helpers
-- `#256` added high-signal drag/drop persistence coverage after full reload
-- `#257` expanded representative API error-contract coverage
-- `#258`, `#259`, and `#260` added non-blocking CI guardrails (OpenAPI generation/validation, golden principles enforcement, nightly quality artifacts)
-
-Reconciliation record:
-
-- `docs/analysis/2026-02-23_testing-harness-synthesis.md`
-
-Recent follow-through (2026-02-24):
-- `#260` adds `.github/workflows/nightly-quality.yml` (scheduled + manual) to collect non-blocking quality telemetry artifacts on `main`
-- workflow now publishes backend (Domain/Application) coverage artifacts, frontend coverage artifacts, and dependency/security signal artifacts (`dotnet list package --vulnerable`, `npm audit`)
-- dependency/security signal handling is now policy-backed (`#106`): reusable normalized summaries, PR/manual opt-in `ci-extended` scan lane, nightly scheduled signal collection, release-lane enforcement option, severity SLAs, and expiry-bound exception rules are documented in `docs/security/SECURITY_DEPENDENCY_VULNERABILITY_POLICY.md`
-- workflow surfaces signal exits in step summary/warnings while keeping required PR CI path unchanged (reporting-first nightly lane)
-- `#259` adds `docs/GOLDEN_PRINCIPLES.md` as a concise invariant baseline and cross-links it from canonical active docs/index and contributor guidance
-- governance lane now runs `scripts/check-golden-principles.mjs` and docs-governance now requires/validates the golden-principles document alongside canonical active docs
-- `#258` adds a reusable OpenAPI guardrail lane (`reusable-openapi-guardrail.yml`) wired into `ci-extended` (PR/manual) and `ci-nightly`
-- guardrail now generates `artifacts/openapi/taskdeck-api.json`, validates JSON/top-level contract shape, and uploads artifact/log outputs for inspection
-- snapshot/diff gating remains explicitly deferred to follow-up work; current scope is generation + parse-validation + artifact publication
-- `#257` expanded `ApiErrorContractApiTests` with representative `400/401/403/404/409` coverage in one suite
-- representative error-path tests now assert `X-Request-Id` echo behavior alongside stable JSON error-contract shape assertions
-
-## Outreach CRM Deferred Expansion Track (2026-02-23)
-
-New in-review outreach CRM planning docs were added under:
-
-- `docs/InReview/outreach-crm/`
-
-Issue seeding and reconciliation completed:
-
-- tracker: `#262` (OUT-00 outreach CRM deferred wave)
-- net-new wave issues: `#263` to `#268`
-- explicit reuse (no duplicate issue creation): `#75`, `#77`, `#175`, `#107`
-
-Execution posture:
-
-- keep outreach CRM expansion in Priority IV until higher-priority active tracks complete
-- sequence foundational modeling/UX slices before dashboard/runtime drafting slices
-- keep execution-mode behavior configurable (draft/manual default, connector expansion separately gated)
-
-Reconciliation record:
-
-- `docs/analysis/2026-02-23_outreach-crm-synthesis.md`
-
-## Test Status (Executed)
-
-Verification Date: 2026-03-31 (recertified after PRs #588–#607 merge wave)
-
-### Backend (Executed)
-
-Command:
-- `dotnet test backend/Taskdeck.sln -c Release -m:1`
-
-Result:
-- Domain: 357/357 passing
-- Application: 1193/1193 passing
-- API integration: 413/413 passing
-- CLI contract: 4/4 passing
-- Architecture boundaries: 8/8 passing
-- Backend Total: 1975/1975 passing
-
-### Frontend Unit + Build (Executed)
-
-Commands:
-- `cd frontend/taskdeck-web && npm run lint`
-- `cd frontend/taskdeck-web && npx vitest --run`
-- `cd frontend/taskdeck-web && npm run typecheck`
-- `cd frontend/taskdeck-web && npm run build`
-
-Result:
-- Frontend unit: 1491/1491 passing (134 test files) — **stale**: post-wave count is 1592/1592 (~125 files); see `docs/TESTING_GUIDE.md` for latest estimates
-- Typecheck: passing
-- Production build: passing
-
-### Frontend E2E (Last Successful Run)
-
-Command:
-- `cd frontend/taskdeck-web && npx playwright test`
-
-Result:
-- default required E2E lane remains the smoke + automation/ops + capture loop + starter-pack fixture flow
-- opt-in/manual coverage now also includes `stakeholder-demo.spec.ts` (`TASKDECK_RUN_DEMO=1`) and `live-llm.spec.ts` (`TASKDECK_RUN_LIVE_LLM_TESTS=1`)
-- 2026-03-06 local rerun still passes after frontend E2E startup hardening:
-  - Playwright frontend port resolution now auto-falls back (`5173` -> `4173` -> `5001`) with deterministic runner/worker convergence.
-  - local reuse mode only reuses already-listening ports when the listener is identity-verified as Taskdeck frontend; CI mode prefers bindable ports so stale listeners do not break startup.
-  - first fallback resolution is now persisted in-process so worker config imports stay pinned to the runner-selected frontend port during CI execution.
-  - backend Playwright startup stays on deterministic `Mock` provider mode unless the run is an explicit demo flow that injects live-provider overrides.
-  - Investigation record remains at `docs/analysis/2026-02-25_frontend-gate-port-bind-and-cors-blockers.md`.
-- 2026-03-26 manual audit confirmed the previously published raw API/E2E counts were stale; the next full end-to-end suite recertification should refresh discovery/pass totals rather than continuing to repeat the older 2026-03-06 figures.
-
-### Demo Director Smoke
-
-Command:
-- `cd frontend/taskdeck-web && npm run demo:director:smoke`
-
-Result:
-- deterministic demo smoke: passing
-- isolated smoke DB reset (`taskdeck.demo.ci.db`) and fresh backend/frontend startup both verified
-
-### Total
-
-- Combined automated total (backend + frontend unit/build + default frontend E2E): ~4600+ passing (backend ~2990+ + frontend unit 1592 + E2E)
-- Note: backend totals are estimates after three 2026-04-04 delivery waves; full-suite recertification needed. See `docs/TESTING_GUIDE.md` for detailed breakdown.
-
-## CI Status
-
-Required workflow: `.github/workflows/ci-required.yml`
-
-- `docs-governance` (Ubuntu)
-- `backend-architecture` (Ubuntu)
-- `backend-unit` (Ubuntu/Windows)
-- `api-integration` (Ubuntu/Windows)
-- `frontend-unit` (Ubuntu/Windows)
-  - lint + typecheck + build + unit tests
-- `container-images` (Ubuntu)
-- `e2e-smoke` (Ubuntu, depends on prior jobs)
-
-Extended/non-blocking workflow: `.github/workflows/ci-extended.yml`
-
-- `workflow-lint` (Actionlint for workflow YAML drift)
-- `dependency-review` (PR dependency risk check)
-- label/manual-triggered backend solution + E2E smoke lanes (`testing` label or `workflow_dispatch`) for PRs that touch `.github/workflows/**`, `backend/**`, `frontend/**`, `deploy/**`, or `scripts/**`
-- label/manual-triggered demo director smoke lane (`automation` label or `workflow_dispatch`) via `.github/workflows/reusable-demo-director-smoke.yml`; docs-only PRs still need manual dispatch because `ci-extended.yml` path filters do not watch `docs/**`
-- label/manual-triggered load/concurrency harness lane via `.github/workflows/reusable-load-concurrency-harness.yml`
-- label/manual-triggered cross-browser E2E matrix lane via `.github/workflows/reusable-e2e-cross-browser.yml` (5-project parallel matrix: Chromium, Firefox, WebKit, mobile-chrome, mobile-safari)
-- label/manual-triggered visual regression lane via `.github/workflows/reusable-visual-regression.yml` (Playwright `toHaveScreenshot()` with diff artifact upload; `testing`/`visual` label)
-- label/manual-triggered container integration lane via `.github/workflows/reusable-container-integration.yml` (Testcontainers PostgreSQL; `testing` label)
-
-Mutation testing workflow: `.github/workflows/mutation-testing.yml`
-
-- Weekly schedule (Sunday 04:00 UTC) + manual dispatch
-- Backend Stryker.NET (Domain) + Frontend Stryker JS (captureStore/boardStore)
-- Non-blocking; HTML/JSON reports uploaded as 30-day artifacts
-
-Release workflow: `.github/workflows/ci-release.yml`
-
-- SBOM/provenance generation via `.github/workflows/reusable-sbom-provenance.yml` (CycloneDX SBOMs for backend + frontend, SLSA v1-style provenance manifest)
-- Container image build/export artifacts
-
-Security workflow: `.github/workflows/release-security.yml`
-
-- Dependency inventory/vulnerability reporting
-- SBOM/provenance generation alongside existing security scans
-
-Developer portal workflow: `.github/workflows/reusable-developer-portal.yml`
-
-- OpenAPI spec export and developer portal generation
-
-Nightly workflow: `.github/workflows/ci-nightly.yml`
-
-- scheduled/manual backend solution regression
-- scheduled/manual E2E smoke (reuses `.github/workflows/reusable-e2e-smoke.yml`)
-- scheduled/manual load/concurrency harness (reuses `.github/workflows/reusable-load-concurrency-harness.yml`)
-- scheduled/manual container image regression
-
-Dependency update automation: `.github/dependabot.yml`
-
-- weekly Dependabot PRs for NuGet, npm, and GitHub Actions ecosystems
-- minor/patch grouped; major NuGet/npm individual; Actions fully grouped
-- security updates follow severity-based triage SLAs in `docs/ops/DEPENDENCY_UPDATE_POLICY.md`
-- no auto-merge; all dependency PRs require human review and `ci-required.yml` gate pass
-
-Release/security deep workflow: `.github/workflows/release-security.yml`
-
-- release/tag/manual dependency inventory + vulnerability signal artifacts
-- optional strict frontend audit enforcement for manual runs
-- container image artifact/checksum lane reused from container baseline workflow
-
-Nightly quality signals workflow: `.github/workflows/nightly-quality.yml`
-
-- scheduled/manual backend coverage (domain + application)
-- scheduled/manual frontend coverage
-- dependency and security signal scan (reuses `.github/workflows/reusable-dependency-security-signals.yml`)
-
-CI workflow topology is documented in the header comment of `.github/workflows/ci-required.yml`.
-Workflow ownership is enforced via `CODEOWNERS` (`.github/workflows/` requires maintainer review).
-
-## Known Gaps and Risks
-
-Security and identity:
-- claims-first identity is now aligned for boards/columns/cards/labels/export/queue/board-access
-- claims-first identity is now aligned for audit/users as well (including self-scoped user/audit history flows)
-- remaining security convergence work is concentrated on consistent cross-user policy enforcement breadth
-- policy decision is now explicit: cross-user authenticated access failures should return `403`; remaining work is consistent enforcement across all families/tests
-
-Automation and data:
-- active LLM provider policy supports explicit mock vs live-provider switching (`OpenAI`/`Gemini`) with safe defaults for development/test environments
-- managed-key shared-token controls are now more broadly shipped: identity attribution baseline (`#236`), user-facing usage policy (`#240`, `docs/security/MANAGED_KEY_USAGE_POLICY.md`), secrets/config management baseline (SEC-10, `docs/security/SECRETS_MANAGEMENT_BASELINE.md`), incident runbook + drill scripts (SEC-19, `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` + `scripts/drills/`), and abuse detection domain groundwork + operator API (`#238` SEC-18, `AbuseActor`/`AbuseEvent`/`AbuseDetectionService` with 4-state model) are all delivered; remaining automated live-traffic containment and quota enforcement remain tracked in `#237` (kill-switch budget guardrails) and the SEC-18 follow-through slice for live wiring
-- planner extraction remains rule/regex-based with deterministic validation and expanded board/column operation coverage
-- database-level export/import now exists as a minimal safe implementation and is restricted to Development sandbox mode
-- database import is file-replacement based and can fail when the SQLite file is actively locked by other operations; run imports during quiescent windows when possible
-- capture inbox pipeline and canonical docs promotion are now shipped (`#200` to `#211`); logging redaction follow-through is delivered in `#212`, and remaining capture-linked scalability follow-through is tracked in `#213`
-- premium UI foundations are delivered (`#243` UI-02 shared primitives, `#245` UI-03 stack spike, `#250` PERF-08 budgets); appshell premium reskin (`#499`) and board/card surface polish (`#501`) are now shipped with design-token-based styling across shell sidebar/topbar/command-palette/keyboard-help and board canvas/toolbar/action-rail/column-lane/card components; remaining premium UI items are tracked in `#244`, `#246` to `#249`, and optional `#251`
-- testing-harness wave guardrails are shipped through `#255` to `#260`; follow-up improvements now belong to normal hardening work rather than the original wave
-- outreach CRM deferred expansion is not shipped; tracked in `#262` to `#268` with reuse links to delivered `#75` (import adapters) plus `#77` and `#175`
-
-Observability and scalability:
-- frontend/CI baseline is now Node 24.13.1 (LTS) to align with Vite 7 engine requirements and longer support runway
-- containerized deployment baseline is now shipped (`#69`): backend/frontend Dockerfiles, compose profile, reverse proxy compression/security headers posture, and CI image artifacts
-- Terraform IaC baseline is now shipped (`#102`): reusable AWS single-node environment templates (`dev`/`staging`/`prod`), host bootstrap for the existing Docker workload layer, JWT secret retrieval from a pre-created SecureString SSM parameter instead of raw EC2 user-data injection, a dedicated persistent EBS data volume for `/var/lib/taskdeck`, instance replacement on bootstrap changes without discarding the SQLite path, stop-before-detach protection for planned data-volume attachment changes, protected data-volume destroy defaults for `staging`/`prod`, backup-bucket noncurrent-version expiry with explicit versioning dependency, and an operator drift-check workflow
-- multi-tenancy strategy ADR is now documented (`#71`) with shared-schema + `TenantId` as the default rollout target; tenant isolation implementation slices remain pending
-- local developer MCP posture now includes a Docker Marketplace server bundle with a stable default gateway set (`docker,docker-docs,openapi,time,jetbrains,filesystem,SQLite,terraform`) and optional integrations staged behind credentials/config (`postman`, `dockerhub`, `kubernetes`, `semgrep`)
-- MCP operations runbook and helper scripts are now available for credential wiring and repeatable baseline/optional MCP dry-run verification
-- MCP regression harness now provides actionable optional prerequisite diagnostics and CI-friendly status output modes (`PASS`, `PASS_WITH_WARNINGS`, `FAIL`)
-- out-of-code/platform execution is now tracked, but not yet fully shipped:
-  - production DB migration strategy (`#84`) and distributed cache strategy (`#85`)
-  - backup/restore disaster-recovery playbook (`#86`)
-  - staged rollout policy (`#101`), SBOM/provenance (`#103`), cost guardrails (`#104`)
-  - cloud target topology and autoscaling ADR (`#111`, delivered — ADR-0023 defines ECS Fargate topology, autoscaling policy, SLO targets, health check contract, and cost estimates; companion reference architecture at `docs/ops/CLOUD_REFERENCE_ARCHITECTURE.md`)
-
-UX and operability (reconciled from product notes):
-- escape behavior now follows a top-surface-first contract; maintain regression coverage as new overlays and panels are introduced
-- primary product gap is now telemetry and release-gate follow-through rather than missing route teaching: the product legibility wave has shipped the main shell, route guidance, docs baseline, and the first-run smoke guardrail, while `#341` carries the remaining telemetry/release-gate framing
-- review/proposal flow now includes readable proposal summaries, impact/risk/source cues, affected-entity headlines, board-centered action rails, and deep links across inbox/review/chat/notifications/provenance (delivered in `#326`); remaining polish is incremental rather than structural
-- `docs/START_HERE.md`, `docs/USER_MANUAL.md`, `docs/manual/*`, and the new product help guides now complement the shipped `Home` / `Today` onboarding path and key-route contextual help with a navigation-shaped help-center stack; the first-run smoke and launch-criteria guardrail is now delivered in `#328`, while broader telemetry and release-gate follow-through stays tracked in `#341`
-
-Security/compliance hardening backlog added from research cross-check:
-- OWASP/security headers + CSRF/XSS baseline (`#80`, delivered)
-- API abuse/rate-limiting policy (`#81`, delivered)
-- SSO/OIDC + optional MFA (`#82`)
-- data portability/deletion workflow (`#83`)
-- secrets/configuration management baseline (`#110`)
-
-## Recently Resolved (This Cycle)
-
-- Unified API error-response shape and HTTP error-code mapping in shared backend helpers.
-- Reduced duplicated frontend API/store logic by extracting shared query and error utilities.
-- Reconciled active docs and test totals after PR #23 merge.
-- Delivered development CORS configurability: default localhost origins remain allowed, development fallback localhost dev ports (`4173`, `5001`) are included for restricted-port workflows, and development-only configured origins (`Cors:DevelopmentAllowedOrigins`) are merged into the API allowlist with deterministic integration coverage.
-- Archived stale note artifacts (`personalNotes.txt`, `notesFromManualTesting.txt`) and archived `docs/InReview/REPO_PACK` into dated `docs/archive/` bundles with updated canonical cross-links.
-- Resolved local frontend E2E gate blocker by hardening Playwright frontend port resolution to avoid runner/worker `baseURL` drift when fallback ports are used; investigation retained in `docs/analysis/2026-02-25_frontend-gate-port-bind-and-cors-blockers.md`.
-- Hardened local frontend manual startup (`npm run dev`) with deterministic port fallback (`5173` -> `4173` -> `5001`), bind-first occupied-port skipping for new Vite processes, and strict-port startup so restricted `5173` environments no longer fail or drift through implicit Vite port auto-increment.
-- Resolved frontend container-image `npm ci` policy blockers by keeping SignalR-compatible `ws@7.5.10` via vendored local tarball dependency (`file:vendor/ws-7.5.10.tgz`) and moving `p-limit` override to compatible `3.0.2`, removing forbidden registry tarball fetches while avoiding cross-major override drift.
-- Archived `REFACTOR_AUDIT_AND_ACTION_PLAN_2026-02-13.md` into `docs/archive/2026-02-13_phase4-doc-consolidation/audits-and-history/`.
-- Added CI hardening parity updates: concurrency cancellation, frontend typecheck/build enforcement, TRX/JUnit failure artifacts, and package/browser caches.
-- Delivered OPS-19 CI topology first pass (`#168`): migrated required pipeline entrypoint to `.github/workflows/ci-required.yml` and extracted docs-governance lane into reusable workflow `.github/workflows/reusable-docs-governance.yml`.
-- Delivered OPS-19 CI topology second pass (`#168`): extracted backend architecture and frontend unit lanes into reusable workflows (`.github/workflows/reusable-backend-architecture.yml`, `.github/workflows/reusable-frontend-unit.yml`) and routed `ci-required.yml` through them.
-- Delivered OPS-19 CI topology API-integration extraction (`#168`): extracted API integration lane into reusable workflow `.github/workflows/reusable-api-integration.yml` and routed `ci-required.yml` through it while preserving Ubuntu/Windows matrix behavior.
-- Delivered OPS-19 CI topology third pass (`#168`): added `merge_group` trigger parity to `.github/workflows/ci-required.yml` so merge-queue evaluation runs the same required checks as PR/push.
-- Delivered OPS-19 CI topology fourth pass (`#168`): extracted backend-unit lane into reusable workflow `.github/workflows/reusable-backend-unit.yml` and routed `ci-required.yml` through it while preserving Ubuntu/Windows matrix behavior and domain/application/CLI split coverage.
-- Delivered OPS-19 CI topology fifth pass (`#168`): extracted container image and E2E smoke lanes into reusable workflows (`.github/workflows/reusable-container-images.yml`, `.github/workflows/reusable-e2e-smoke.yml`) and routed `ci-required.yml` through them while preserving required-gate dependencies and artifact behavior.
-- Delivered OPS-19 CI topology sixth pass (`#168`): added non-blocking and scheduled orchestrator workflows (`.github/workflows/ci-extended.yml`, `.github/workflows/ci-nightly.yml`) plus release/security orchestration (`.github/workflows/release-security.yml`) and reusable full backend regression lane (`.github/workflows/reusable-backend-solution.yml`) to make nightly and release topology explicit.
-- Delivered OPS-19 CI topology completion (`#168`): added `ci-release.yml` release build-verification lane with SBOM/provenance placeholder, added comprehensive workflow topology documentation to `ci-required.yml` header, added topology reference comments to all orchestrator workflows, added `CODEOWNERS` for `.github/workflows/` governance, and updated CI Status section in `STATUS.md` to reflect the full topology including `nightly-quality.yml`.
-- Added docs governance script and architecture boundary tests as CI invariants.
-- Added GitHub operations governance script to enforce issue-template label hygiene and project-automation doc invariants in CI.
-- Retrofitted boards controller family to claims-first authz with integration coverage for 401/403/cross-user/happy path.
-- Retrofitted columns/cards/labels/export/queue/board-access to claims-first identity and removed caller-supplied actor query/body IDs.
-- Added request-correlation middleware and propagated request IDs into Ops command correlation IDs.
-- Added lightweight timing/result diagnostics for log queries and automation proposal execution.
-- Recorded cross-user existence policy decision: use `403` for authenticated-but-unauthorized access, reserve `404` for true missing resources.
-- Aligned active docs cross-links/date stamps across `STATUS`, `IMPLEMENTATION_MASTERPLAN`, `TESTING_GUIDE`, and `MANUAL_TEST_CHECKLIST`.
-- Confirmed GitHub Project operational safety view as `No Status` (`no:status`) and documented release/weekly safety checks.
-- Enforced `[Authorize]` on remaining legacy controllers (columns/cards/labels/export/audit/llm-queue/board-access/users) with expanded API integration `401` coverage.
-- Retrofitted audit/users families to claims-first actor identity and self-scoped access with cross-user `403` coverage.
-- Expanded authz regression matrix tests across legacy + advanced protected controllers for explicit `401/403/404` policy assertions.
-- Advanced SEC-11 cross-user convergence (`#152`) with proposal-scope authorization enforcement in automation proposal lifecycle endpoints (`get/approve/reject/execute/diff`) and expanded API integration policy coverage for automation/logs/starter-pack protected routes.
-- Advanced SEC-11 cross-user convergence (`#152`) with archive read-path authorization hardening: archive item list/detail/entity-lookup endpoints now enforce board-read permissions for the authenticated caller (`403` for cross-user unauthorized, `404` for true missing), with expanded application/API regression coverage.
-- Advanced SEC-11 cross-user convergence (`#152`) with audit entity-history authorization hardening: `GET /api/audit/entities/{entityType}/{entityId}` now resolves board-scoped entities (`Board`/`Column`/`Card`/`Label`) and enforces board-read permissions (`403` cross-user unauthorized, `404` true missing), with expanded API regression matrix coverage.
-- Advanced SEC-11 cross-user convergence (`#152`) with LLM queue board-scope authorization hardening: `POST /api/llm-queue` now enforces board-read permissions when `boardId` is provided (`403` cross-user unauthorized, `404` true missing board), with expanded application/API regression matrix coverage.
-- Advanced SEC-11 cross-user convergence (`#152`) with final API coverage sweep: added explicit cross-user `403` assertions for board update, board-access management endpoints (`list/grant/update/revoke`), and chat session/message endpoints; added explicit chat `404` assertions for true missing session IDs.
-- Delivered API-06 centralized exception/fallback error-contract hardening (`#153`): added global unhandled-exception middleware returning deterministic `ApiErrorResponse` (`UnexpectedError`) without internal exception leakage, standardized unknown-result fallback `500` mapping to the same contract shape, and added fault-injection API integration coverage asserting fallback payload shape plus correlation header expectations.
-- Delivered SEC-06 API rate-limiting hardening (`#81`): added partitioned fixed-window rate limiting policies (auth per-IP, capture write per-user, hot-path per-user), deterministic `429` `ApiErrorResponse` contract with retry metadata headers (`Retry-After`, `X-RateLimit-Policy`), endpoint-level policy application across auth/capture/chat/llm queue paths, and regression coverage for burst throttling, reset-window recovery, and cross-user false-positive boundaries.
-- Delivered SEC-06 forwarded-header trust follow-through (`#81`): rate-limit partitioning now supports trusted forwarded-header processing behind explicit proxy/network allowlists plus configurable forwarded-hop depth (`ForwardedHeaders:ForwardLimit`), keeps safe no-trust defaults when allowlists are unset, hardens `OnRejected` write-order guardrails for started responses, adds regression coverage for trusted multi-hop forwarded-client partition behavior, and documents emergency kill-switch + proxy-topology smoke-check operations.
-- Delivered SEC-05 OWASP baseline hardening (`#80`): added API security-header middleware with environment-aware HSTS behavior, added API integration coverage for security-header presence on success/auth-failure responses and HTTPS HSTS emission posture, and published `docs/security/SECURITY_OWASP_BASELINE.md` to document CSRF/XSS posture and tracked follow-up gaps.
-- Delivered TST-14 architecture-guard expansion (`#157`): added deterministic architecture invariants for source-layer purity (forbidden namespace imports in Domain/Application), controller boundary rules (`ControllerBase` direct inheritance restricted to auth/health controllers), and protected-controller `[Authorize]` declaration enforcement.
-- Delivered AUTH-06 register/login hardening (`#174`) by preventing inactive-candidate short-circuit lockout in identifier-collision login paths, adding actionable duplicate-registration guidance, and expanding backend/frontend regression coverage for duplicate-register-then-login flow plus account-state vs invalid-credentials contract behavior.
-- Delivered TST-01 load/concurrency regression harness (`#70`): added k6 board-heavy API profile with thresholds and diagnostics, added Playwright multi-session concurrency scenarios, and wired reusable load harness workflow into `ci-extended`/`ci-nightly` with artifact uploads.
-- Delivered ARCH-01 multi-tenancy strategy ADR (`#71`): documented option tradeoffs (`database-per-tenant`, `schema-per-tenant`, `shared-schema + TenantId`), selected phased target model, and published tenant-isolation readiness + test strategy checklist.
-- Delivered FE-11 frontend lint baseline + CI gate (`#154`): added Vue 3 + TypeScript ESLint baseline (`.eslintrc.cjs`), introduced `npm run lint` with zero-warning enforcement, integrated lint into reusable frontend CI workflow, and documented lint suppression guidance in active testing docs.
-- Delivered FE-12 frontend coverage threshold gate (`#155`): enforced global + critical-surface Vitest coverage thresholds (`src/api`, `src/store`, `src/composables`, `src/utils`, `src/components/board`), switched required frontend CI lane to thresholded coverage execution, and standardized JUnit+coverage artifact upload for triage.
-- Delivered COL-02 notification framework (`#72`): added notification domain/persistence + preferences model, shipped authenticated inbox/preferences/read-state APIs with preference-aware deduped event publication for mention/assignment/proposal-outcome families, integrated frontend inbox/preferences routes + stores, and expanded backend/frontend regression coverage.
-- Delivered COL-04 card comments/mentions workflow (`#74`): added threaded card comments with reply constraints and moderation-aware edit/delete policy, integrated mention parsing with board-scope user linking and notification publication, shipped board/card comment APIs + frontend modal interactions, and expanded backend/frontend regression coverage.
-- Delivered INT-01 external import adapters foundation (`#75`): added board-scoped external import endpoint with provider-registry orchestration, shipped CSV adapter path with outreach-contact mapping and deterministic dedupe-key ordering (`linkedin_url` -> `email` -> normalized `display_name+company`), added dry-run/apply create-update-skip/conflict reporting and rollback-safe apply semantics, enforced CSV payload/row guardrails plus archived-board import rejection behavior, and documented mapping guidance in `docs/platform/IMPORT_ADAPTERS_GUIDE.md`.
-- Delivered INT-02 webhook integration security model (`#76`): added board-scoped outbound webhook subscription/delivery runtime with endpoint + event-filter + secret-rotation/revocation controls, signed delivery dispatch, atomic claim/reload worker processing, and retry/dead-letter handling for non-success dispatch outcomes.
-- Standardized middleware-level auth failures to emit `ApiErrorResponse` payloads and added SEC-04 API integration assertions for auth + validation contract stability.
-- Aligned board archive lifecycle UX/API contract: board settings archive action now reflects soft-delete semantics, archive workspace lists/restores archived boards, and API integration covers archive-to-restore roundtrip.
-- Delivered UX-02 drag/edit interaction safety guardrails: card/column drag now starts from explicit handles only, and non-handle drag gestures are blocked with unit + E2E regression coverage.
-- Delivered UX-03 command palette keyboard model: shell command palette now supports keyboard-first item filtering, selection, and activation with unit + E2E regression coverage.
-- Delivered UX-04 activity selector discoverability: activity workflows now use selector-first board/entity/user exploration with ID copy affordance and unit + E2E regression coverage.
-- Delivered UX-04 shared input-assist scaffolding: shared combobox/listbox input-assist is now integrated into Ops template selection and automation chat board targeting with keyboard-first option navigation and dedicated unit coverage.
-- Delivered UX-05 escape behavior contract: Escape now closes only the top-most transient surface per key press, board routes exit to `/workspace/boards` when clean, and regression coverage spans shell/unit and board keyboard-flow E2E paths.
-- Delivered AUTO-01 provider strategy: deterministic environment-aware `ILlmProvider` selection now gates OpenAI usage behind explicit config while keeping mock default safety, with policy + provider tests for switching behavior.
-- Delivered AUTO-03 provider-agnostic runtime (`#232`): expanded `ILlmProvider` runtime support to `OpenAI` + `Gemini` with deterministic config validation fallback to `Mock`, added Gemini provider adapter + policy/test coverage, and extended capture/chat integration assertions for provider/model provenance and non-mock provider stubs.
-- Delivered SEC-16 managed-key identity attribution baseline (`#236`): added server-derived chat provider attribution contract (`userId`, correlation ID, source surface, board/session scope), standardized provider attribution header mapping with pseudonymous provider user-token usage, persisted capture provenance attribution metadata for audit follow-through, and expanded backend regression coverage for attribution propagation and spoofing rejection.
-- Delivered AUTO-02 planner/executor hardening: expanded deterministic planner instruction coverage (board/column intents), hardened executor parameter validation and partial-failure semantics, and improved audit entity attribution with new regression coverage.
-- Delivered MVP-01 chat-to-project bootstrap: canonical Markdown checklist paste now creates a proposal-first board bootstrap plan in chat, with one-click approve+execute path and regression coverage for happy path + key validation failures.
-- Delivered PACK-01 starter-pack manifest foundation: added v1 manifest schema documentation and deterministic backend validator/test coverage for parsing, compatibility rules, and cross-reference validation.
-- Delivered PACK-02 starter-pack apply backend: added `/api/boards/{boardId}/starter-packs/apply` with idempotent apply semantics, dry-run actionable conflict reporting, and API integration coverage for apply success/re-apply/conflict paths.
-- Delivered PACK-03 starter-pack frontend catalog: added board-level starter pack catalog UI with search, preview (dry-run), and one-click apply flow, plus frontend API/component interaction tests.
-- Delivered PACK-04 first-party starter packs v1: added API-backed first-party starter-pack catalog with common labels, common column flow, and 3 board blueprints, plus backend/frontend coverage for catalog usability and validity.
-- Delivered PACK-05 deterministic fixture packs: added Playwright starter-pack fixture bootstrap helpers with manifest-backed small/medium/edge scenarios and dedicated E2E regression coverage.
-- Delivered PACK-07 warning-first starter-pack apply UX (`#176`): non-blocking seed-card conflicts now return warning severity (not hard-stop `409`), apply now proceeds when only warnings exist, and the starter-pack modal now surfaces explicit applied/skipped/blocked/warning outcomes with updated backend/frontend regression coverage.
-- Delivered OPS-20 ops role discoverability and permission guidance (`#179`): Ops console now surfaces current role + runnable-template context, restricted template failures now return actionable role-escalation guidance with runnable fallback lists, profile settings now expose role/capability posture, and operator/manual docs now document the role-assignment workflow.
-- Delivered UX-11 archive lifecycle control refinement (`#177`): board settings now use a single lifecycle action (archive/restore) instead of duplicated archive controls, archive workspace now supports hide/unhide behavior for archived boards with explicit hidden-board reveal toggles, and regression coverage now includes API lifecycle transitions plus archive visibility filtering behavior.
-- Delivered DEBT-01 nullability reduction: removed current domain `CS8618` warnings using EF-safe non-null default initialization patterns and verified backend regression suite pass.
-- Delivered DEBT-02 log-query scalability pass: replaced broad in-memory + command-run N+1 log composition with repository-filtered query paths while preserving logs API behavior and contracts.
-- Delivered COL-01 realtime board updates (`#67`): added authz-safe SignalR board subscriptions, app-layer mutation event publishing, frontend realtime lifecycle with polling fallback, and regression coverage across API/unit/E2E suites.
-- Delivered OBS-01 observability baseline (`#68`): added OpenTelemetry tracing/metrics wiring, worker/queue/heartbeat telemetry emission, correlation-to-trace tagging, and versioned runbook/alert threshold documentation.
-- Delivered OPS-07 containerized deployment baseline (`#69`): added production-oriented backend/frontend Dockerfiles, compose-based proxy stack with gzip/security header posture, CI image artifact packaging, and deployment runbook coverage.
-- Delivered OPS-16 deployment/container hardening verification matrix (`#142`): added `scripts/deploy/Verify-TaskdeckDeploymentHardening.ps1` to automate secret-enforcement, proxy-header, unauthorized-path, and startup/restart/shutdown checks; published pass/fail matrix criteria in `docs/ops/DEPLOYMENT_HARDENING_MATRIX.md`; and extended testing/manual/deployment runbooks with the new verification path.
-- Expanded local Docker MCP Marketplace setup: enabled additional Docker catalog servers (including SQLite/JetBrains/Postman candidates), configured Docker gateway defaults in project Codex config, and documented optional credential-gated integrations.
-- Added MCP operator runbook + scripts (`Set-MarketplaceMcpCredentials.ps1`, `Test-DockerMcpProfile.ps1`) for daily/weekly workflow integration and deterministic optional-server verification.
-- Delivered TST-07 MCP integration smoke/regression harness (`#141`): optional-server prerequisite diagnostics are now explicit, strict/warning/skip policies are codified, and CI-friendly deterministic status output is documented and shipped.
-- Seeded capture realignment wave issues (`#199` to `#213`), updated the wave index (`#107`) with a dedicated capture wave, and extended SEC-06 rate-limiting scope (`#81`) to include capture endpoints.
-- Seeded future-expansion backlog issues (`#67` to `#111`) and added execution-wave index (`#107`).
-- Applied `Priority I` through `Priority V` labels to every repository issue.
-- Seeded testing-harness wave issues (`#254` to `#260`) and updated in-review extraction records with duplicate prevention notes.
-- Seeded outreach CRM deferred-wave issues (`#262` to `#268`) and reconciled overlapping scope into existing issues (`#75`, `#77`, `#175`, `#107`).
-- Delivered TST-CODEX-01 to TST-CODEX-15 unit test coverage wave (`#415` to `#429`, PRs `#436` to `#448`): added frontend API/composable/store tests and backend domain entity/application service/API tests across 13 PRs, with adversarial review fixes for tautological assertions, missing guard branches, modifier-key coverage, and edge-case gaps.
-- Delivered AGT-01 follow-up (PR `#453`): removed `FromSqlInterpolated` raw-SQL SQLite branch from `AgentRunRepository`; now uses pure LINQ path for all agent-run queries.
-- Delivered KNOW-01 follow-up (PR `#454`): `KnowledgeChunkRepository.DeleteByDocumentIdAsync` now uses `ExecuteDeleteAsync` for a single-roundtrip server-side delete; `KnowledgeFtsSearchService` GUID lookups use `.ToUpperInvariant()` to match EF Core uppercase storage; `SourceType` column typed as `int?`; application-managed FTS sync via `UpdateFtsIndexAsync`/`DeleteFtsIndexAsync` replaces broken trigger pattern; `SanitizeFtsQuery` internal method added for FTS5 query safety.
-- Delivered UI-01 follow-up (PR `#455`): DRY accent-color refactor in `design-tokens.css` — 9 hardcoded hex values replaced with `--_td-light-accent` and `--_td-light-accent-hover` CSS variables; single source of truth for the primary action accent.
-- Delivered TST-26 knowledge service tests (PR `#456`): 32 new backend tests across `KnowledgeServiceChunkContentTests`, `KnowledgeFtsSearchServiceSanitizeTests`, `KnowledgeServiceAuthorizationTests`, and `KnowledgeApiTests`; includes EF Core migration with proper Designer snapshot, SQLite DateTimeOffset ORDER BY fix via `FromSqlInterpolated`, and FTS5 trigger-removal migration.
-- Delivered UI-03 primitive stack decision spike (PR `#457`): `docs/analysis/ui-primitive-stack-decision-spike.md` documents the selection of shadcn-vue over Reka UI direct and Headless UI across 6 evaluation criteria (component count, ARIA baseline, copy-paste ownership, accessibility maturity, Vue 3 compatibility, ecosystem trajectory).
-- Delivered DOC-05 / SEC-17 managed-key usage policy (PR `#458`): `docs/security/MANAGED_KEY_USAGE_POLICY.md` — user-facing fair-use limits, prohibited patterns (scraping, bulk operations, key extraction), enforcement ladder (warn → restrict → suspend → ban), and appeals process; linked from active security docs.
-- Delivered SEC-10 secrets and configuration management baseline (PR `#459`): `docs/security/SECRETS_MANAGEMENT_BASELINE.md` with secret inventory, per-environment storage model, and rotation runbooks; `deploy/docker-compose.yml` updated to wire `Llm__EnableLiveProviders`, `Llm__Provider`, `Llm__OpenAi__ApiKey`, and `Llm__Gemini__ApiKey` env vars through to the API container.
-- Delivered SEC-19 incident response drills (PR `#460`): `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` covering 4-stage incident lifecycle (detect → contain → eradicate → recover) with identity-scope quarantine accuracy note (caller-self only); `scripts/drills/` with 5 failure-injection drill scripts (`drill-api-auth-failure.sh`, `drill-api-rate-limit-exhaustion.sh`, `drill-budget-threshold-breach.sh`, `drill-mcp-config-validation.sh`, `drill-provider-degradation.sh`) and `run-all-drills.sh` orchestrator.
-- Delivered ActivityView decomposition (PR `#461`): `ActivityView.vue` reduced from ~735 → ~117 lines via extracted `useActivityQuery` composable (API fetching/filtering state), `ActivitySelector.vue` (board/entity/user picker UI), and `ActivityResults.vue` (result list rendering); unit + component tests added for each piece.
-- Delivered PERF-08 frontend latency budgets (PR `#462`): `usePerformanceMark` composable with `performance.mark()`/`performance.measure()` API and reactive `duration`/`overBudget` refs; `PERF_BUDGETS` constants; 16 workspace route views converted to lazy `() => import()` for route splitting; `docs/PERFORMANCE_BUDGETS.md` with 7 documented latency thresholds; CaptureModal instrumented.
-- Delivered BoardView decomposition (PR `#463`): `BoardView.vue` reduced from ~771 → ~270 lines via `useBoardDragDrop` (column/card DnD logic), `useBoardKeyboardNav` (j/k/h/l keyboard selection), `BoardToolbar.vue` (header, presence, filter, settings actions), `BoardActionRail.vue` (board-context action strip), `BoardCanvas.vue` (column DnD scaffold + ColumnLane), `BoardDialogHost.vue` (all modal/overlay hosting); unit + component tests added.
-- Delivered UI-02 shared UI primitives foundation (PR `#464`): 15 shared primitive components in `src/components/ui/` — `TdButton`, `TdIconButton`, `TdInput`, `TdTextarea`, `TdSelect`, `TdFieldWrapper`, `TdDialog`, `TdDropdown`, `TdPopover`, `TdTooltip`, `TdToast`, `TdInlineAlert`, `TdSkeleton`, `TdSpinner`, `TdBadge`, `TdTag`, `TdEmptyState`; built on Reka UI via shadcn-vue copy-paste ownership; WAI-ARIA keyboard foundation throughout.
-- Delivered OUT-01 JSON manifest import tab (PR `#465`): `StarterPackCatalogModal.vue` gains a JSON Import tab with paste/file-upload, validate→dry-run→apply flow; JSON payload parsed against the v1 manifest schema with actionable error display before apply.
-- Delivered SEC-12 session-token storage hardening (PR `#466`): `utils/tokenStorage.ts` centralizes all JWT token/session key access behind `getToken`/`setToken`/`clearAll`; `isValidJwtStructure` validates base64url segment count AND decodes the payload as JSON (rejecting structurally invalid tokens like `aaa.bbb.ccc`); `router/index.ts` and `sessionStore` migrated to tokenStorage abstraction; CSP `unsafe-inline` removed from `script-src`; OWASP baseline doc updated with CSP note; session-token storage ADR at `docs/analysis/session-token-storage-adr.md`.
-- Delivered StarterPack service decomposition (PR `#467`): `StarterPackManifestValidator` extracted into `StarterPackSchemaValidator` (structure/field/collection validation), `StarterPackSemanticValidator` (content/cross-reference constraints), `StarterPackConflictDetector` (dry-run board-state conflict detection), and `StarterPackIdempotencyChecker` (re-apply idempotency logic); duplicate null-collection validation bug fixed in self-review.
-- Delivered SEC-18 abuse detection operator tooling + domain groundwork (PR `#468`): `AbuseActor.cs` + `AbuseEvent.cs` domain entities with 4-state containment model (Observe → Suspicious → Restricted → Blocked); `AbuseDetectionService` with signal evaluation, state-machine transitions, operator quarantine/unquarantine/block/list API groundwork; live-traffic wiring is an explicit follow-up slice.
-- Delivered ArchiveRecovery service decomposition (PR `#469`): `ArchiveRecoveryService` extracted into `ArchiveConflictDetector` (pre-restore board-name/column/label conflict detection), `RestorePlanner` (produces ordered restore operations), and `RestoreExecutor` (applies restore operations transactionally).
-- Delivered AutomationExecutor pipeline decomposition (PR `#470`): `AutomationExecutorService` extracted into `OperationParameterParser` (type-safe parameter extraction), `ExecutionAuditRecorder` (per-operation audit emission), and `OperationHandlerRegistry` (handler dispatch table); each piece unit-tested independently.
-- Delivered deploy/MCP failure injection drills (PR `#471`): `scripts/drills/` with 5 shell scripts covering API auth failure, rate-limit exhaustion, budget threshold breach, MCP config validation/unknown-server handling, and provider degradation scenarios; `run-all-drills.sh` orchestrator with pass/fail summary; corrected drill-mcp scope to config validation (not credential injection) in self-review.
-
-## Canonical Documentation Policy
-
-Authoritative docs:
-- `docs/STATUS.md`
-- `docs/IMPLEMENTATION_MASTERPLAN.md`
-- `docs/TESTING_GUIDE.md`
-- `docs/MANUAL_TEST_CHECKLIST.md`
-
-Audience-first product docs:
-- `docs/START_HERE.md`
-- `docs/USER_MANUAL.md`
-- `docs/product/DEMO_PLAYBOOK.md`
-
-Historical/spec detail material:
-- `docs/archive/` (latest consolidation bundle: `docs/archive/2026-02-13_phase4-doc-consolidation/`)
-
-Rule:
-- If archive content conflicts with active docs, active docs win.
-
+  - **Property-based and adversarial input tests** (`#717`/`#789`): 211 tests across 5 files — 77 FsCheck domain entity tests (adversarial strings: unicode, null bytes, BOM, ZWSP, RTL override, surrogate pairs, XSS, SQL injection; boundary lengths; GUID/position validation), 29 JSON serialization round-trip fuzz tests (GUID format variations, DateTime boundaries, malformed JSON, large payloads), 80 API adversarial integration tests (no 500s from any adversarial input across board/card/column/capture/auth/search endpoints, malformed JSON, wrong content types, concurrent adversarial requests), 16 fast-check frontend input sanitization property tests, 9 store resilience property tests; `fast-check` added as frontend dev dependency; adversarial review fixed capture payload round-trip testing wrong DTO and null handling inconsistency in FsCheck generators
+  - **Inbox premium primitives** (`#249`/`#788`): `InboxView.vue` reworked to use shared UI primitive components — `TdSkeleton` for loading states, `TdInlineAlert` for errors, `TdEmptyState` for empty list, `TdBadge` for status chips, `TdSpinner` for detail refresh; ~65 lines of redundant CSS removed; 7 new vitest tests; adversarial review fixed skeleton screen reader announcements (added `role="status"` and sr-only labels) and redundant `role="alert"` nesting
+- Ephemeral integration databases via Testcontainers (`#91`): `Taskdeck.Integration.Tests` project with `Testcontainers.PostgreSql` and `Npgsql.EntityFrameworkCore.PostgreSQL` packages; `PostgresContainerFixture` manages a shared ephemeral PostgreSQL container per xUnit collection; each test method gets its own isolated database (no cross-test contamination); schema created via `EnsureCreated()` from the EF Core model for PostgreSQL provider parity; 20 integration tests across 7 test classes covering Board CRUD, Card operations, Proposal lifecycle, per-test isolation verification, and sequential operation validation; CI workflow at `reusable-container-integration.yml` in ci-extended lane (label: testing); guide at `docs/testing/TESTCONTAINERS_GUIDE.md`
+
+- Mutation testing pilot now delivered (`#90`): Stryker.NET targeting `Taskdeck.Domain` (backend) and Stryker JS targeting `captureStore`/`boardStore` (frontend); non-blocking weekly CI lane (`.github/workflows/mutation-testing.yml`); policy and triage guidance at `docs/testing/MUTATION_TESTING_POLICY.md`; 60% low / 80% high thresholds with 0% break (triage signal, not enforcement gate); scope expansion roadmap covers Application layer and additional frontend stores
+
+Target experience metrics for the capture direction:
+- capture action to saved artifact should feel under 10 seconds in normal use
+- capture artifact to reviewed/applicable proposal should be achievable inside a ~60-second loop
+
+Direction guardrails (explicit):
+- no silent/destructive automation by default
+- keep proposal-first review gate for board mutations driven by capture triage
+- preserve claims-first identity and stable error-contract behavior while expanding surface area
+
+## Current Implementation Snapshot
+
+### Backend
+
+- Architecture: Clean Architecture (`Domain`, `Application`, `Infrastructure`, `Api`)
+- Persistence: EF Core 8.0.14 + SQLite (aligned to net8.0 TFM as of `#760`/`#767`)
+- Core controllers: boards, columns, cards, labels
+- Extended controllers: auth, users, board-access, audit, export/import, external-imports, llm-queue, automation proposals, archive, chat, notifications, ops-cli, logs, health, starter-packs, search, metrics, data-portability, note-import, telemetry, api-keys, forecast
+- Worker runtime:
+  - `LlmQueueToProposalWorker`
+  - `ProposalHousekeepingWorker`
+  - `WorkerHeartbeatRegistry` (used by `/health/ready`)
+- Cross-cutting API consistency:
+  - `ApiErrorResponse` contract for stable error payload shape (`errorCode`, `message`)
+  - `ResultExtensions` mapping for domain/app errors to HTTP statuses
+  - JWT challenge/forbidden handlers return `ApiErrorResponse` payloads for middleware-level `401/403` responses
+  - `AuthenticatedControllerBase` for claim extraction and authenticated-user guardrails
+  - request correlation middleware (`X-Request-Id`) with response echo and log scope propagation
+  - development CORS origin policy keeps localhost defaults (`http://localhost:5173`, `http://localhost:5174`), adds fallback localhost dev ports (`http://localhost:4173`, `http://localhost:5001`), and supports additive `Cors:DevelopmentAllowedOrigins` config overrides
+- Implemented automation stack:
+  - `AutomationProposalService`, `AutomationPlannerService`, `AutomationPolicyEngine`, `AutomationExecutorService` (decomposed into `OperationParameterParser`, `ExecutionAuditRecorder`, `OperationHandlerRegistry`)
+  - `ArchiveRecoveryService` (decomposed into `ArchiveConflictDetector`, `RestorePlanner`, `RestoreExecutor`)
+  - `StarterPackManifestValidator` decomposed into `StarterPackSchemaValidator`, `StarterPackSemanticValidator`, `StarterPackConflictDetector`, `StarterPackIdempotencyChecker`
+  - `AbuseDetectionService` with `AbuseActor`/`AbuseEvent` domain entities and a 4-state containment model (Observe → Suspicious → Restricted → Blocked); operator kill-switch API groundwork for SEC-18
+  - agent tool registry substrate (AGT-02): `ITaskdeckTool`/`ITaskdeckToolRegistry` domain interfaces with `ToolScope`/`ToolRiskLevel` classification, `PolicyDecision` value object, `AgentPolicyEvaluator` (allowlist + risk-level gating, review-first default), `InboxTriageAssistant` bounded template (proposal-only, never direct board mutation), singleton registry with scoped evaluation
+  - `ChatService` + deterministic `ILlmProvider` selection policy (`Mock` default; `OpenAI`/`Gemini` behind explicit gates with config validation fallback); `ToolCallingChatOrchestrator` wraps `ChatService` for board-scoped sessions with multi-turn tool-calling loop (11 tools: 5 read + 6 write, max 5 rounds, 60s timeout, Mock pattern-based dispatch); write tools produce proposals via `propose_*` prefix (GP-06 compliant); `ChatService` reuses orchestrator text when no tools called to avoid double LLM invocation; streaming responses now persist assistant `ChatMessage` records with token usage and record quota via `ILlmQuotaService` (`#763`/`#768`); multi-turn replay preserves original tool arguments in provider-specific wire format (`#673`/`#770`); **conversational refinement loop** (`#576`/`#791`): `ClarificationDetector` with strong/weak signal pattern split detects ambiguous requests and asks clarifying questions (max 2 rounds, then best-effort); skip-phrase detection supports "just do your best"; Mock provider simulates clarification for deterministic testing
+  - `DataExportService` (versioned JSON export of all user-scoped data; streaming export via new `GET /api/account/export/stream` endpoint using `Utf8JsonWriter` for memory-constant large-dataset exports — `#670`/`#774`; exception logging via `ILogger` with `OperationCanceledException` filter, `#759`/`#766`) + `AccountDeletionService` (password re-auth, confirmation phrase, PII anonymization, sole-owner guard, transactional rollback with `CancellationToken.None` for rollback reliability) + `DataPortabilityController` with audit logging
+  - `BoardMetricsService` (throughput, cycle time, WIP, blocked — audit-log-based completion tracking, done column name heuristic, SQL-level filtering via dedicated repository methods) + `MetricsController` with date/board/label filters + `MetricsExportService` for schema-versioned CSV export with CSV injection protection (`#78`/`#787`)
+  - `ForecastingService` (heuristic completion forecasting using rolling-average throughput from audit log card-move events, standard-deviation confidence bands, cycle time tracking) + `ForecastController` with `GET /api/forecast/board/{boardId}` endpoint (`#79`/`#790`)
+  - MCP server: `ModelContextProtocol` v1.2.0 with full resource and tool inventory (`#653`/`#739`); 9 resources under `taskdeck://` URI scheme (boards, board detail, columns, cards, card detail, captures, proposals, board labels); 11 tools (2 read: `search_cards`, `get_board_summary`; 6 write: `create_card`, `move_card`, `update_card`, `archive_card`, `create_capture`, `create_column` — all produce proposals per GP-06; 3 proposal management: `get_proposal_status`, `list_proposals`, `dismiss_proposal`; `approve_proposal` intentionally excluded); `--mcp` startup flag for stdio transport; `StdioUserContextProvider` for local user mapping; user-scoped proposal access enforced; **MCP HTTP transport** (`#654`/`#792`): `ModelContextProtocol.AspNetCore` adds `MapMcp()` HTTP endpoint alongside REST routes; `ApiKey` entity with `tdsk_` prefix and SHA-256 hashing at rest; `ApiKeyMiddleware` validates Bearer tokens on `/mcp` path; `HttpUserContextProvider` maps API key → user identity; REST key management (create/list/revoke); rate limiting per API key (60 req/60s)
+  - `NotificationService` with per-user preference filtering and deduplication safeguards
+  - outbound webhook integration baseline: board-scoped webhook subscriptions (endpoint + event filters + secret rotation/revocation), mutation-event delivery queueing, and signed delivery worker retries/dead-letter transitions
+  - `OpsCliService` + `LogQueryService`
+  - `StarterPackManifestValidator` + `StarterPackApplyService` (idempotent apply with dry-run conflict reporting)
+  - SignalR realtime baseline: `BoardsHub` with board-scoped subscription authz and application-level board mutation event publishing; **scale-out readiness** (`#105`/ADR-0023): conditional Redis backplane via `Microsoft.AspNetCore.SignalR.StackExchangeRedis` 8.0.25 — enabled when `SignalR:Redis:ConnectionString` is configured, falls back to in-memory when absent; `RedisBackplaneHealthCheck` reports NotConfigured/Healthy/Unhealthy in `/health/ready`; operational runbook at `docs/platform/SIGNALR_SCALEOUT_RUNBOOK.md`
+  - OpenTelemetry baseline for API + worker metrics/traces with configurable OTLP/console exporters
+  - security logging redaction baseline for capture/auth-sensitive flows: sanitized exception summaries in middleware/workers/providers, generic invalid-source errors, redacted persisted queue/webhook failure messages, and disabled automatic ASP.NET Core trace exception recording
+- Auth posture today:
+  - JWT middleware is wired
+  - `ActiveUserValidationMiddleware` checks user active status on every authenticated request (30-second in-memory cache, invalidated on deletion/deactivation); tokens issued before account deletion/deactivation are rejected even if JWT is unexpired
+  - `[Authorize]` currently enforced on boards, columns, cards, labels, export/import, audit, llm-queue, board-access, users, chat, notifications, automation-proposals, archive, ops-cli, and logs controllers
+  - GitHub OAuth login (`CLD-03`): environment-gated OAuth middleware activates only when `GitHubOAuth:ClientId` and `GitHubOAuth:ClientSecret` are configured; `ExternalLogin` entity links GitHub accounts to users without auto-linking by email (prevents account takeover); OAuth callback uses short-lived single-use authorization codes (now DB-backed with atomic consumption, replacing in-memory `ConcurrentDictionary`); PKCE enabled via `UsePkce = true`; account linking endpoints allow existing users to link/unlink GitHub identity from settings; frontend LoginView conditionally shows "Sign in with GitHub" button based on `/api/auth/providers` response; full test coverage in Domain, Application, and frontend layers
+  - OIDC/SSO integration (`SEC-07`): config-gated pluggable OIDC provider support (Microsoft Entra ID, Google, generic OIDC) via `IOidcProviderFactory`; OIDC login/callback/exchange with open-redirect protection; cross-provider identity isolation (`provider + providerUserId` unique key); no auto-linking by email; disabled by default
+  - TOTP MFA (`SEC-07`): optional MFA via `MfaPolicy` configuration; TOTP setup with QR URI and 8 bcrypt-hashed recovery codes; constant-time comparison; replay protection; `MfaChallengeModal` gates sensitive actions when policy requires
+
+### Frontend
+
+- Stack: Vue 3 + TypeScript + Pinia + Vue Router + Vite
+- Workspace routes include:
+  - home
+  - boards
+  - activity
+  - review
+  - automation queue/chat (advanced)
+  - notifications (inbox + read-state actions)
+  - ops (cli/endpoints/logs)
+  - metrics (board throughput, cycle time, WIP, blocked trends, CSV export, heuristic forecasting with confidence bands)
+  - calendar (monthly grid + timeline modes for due-date cards with overdue/blocked indicators)
+  - agents (agent profiles, runs, run-detail timeline — visible in agent workspace mode only)
+  - settings (profile/preferences/access/export-import/linked-accounts/mfa-setup/telemetry-consent)
+  - archive
+- Current navigation is now partially product-shaped:
+  - `Home` is the default landing route, backed by persisted `guided` / `workbench` / `agent` workspace modes and a product-shaped workspace summary API
+  - `Today` is now shipped as the daily agenda route, while `Agents`, `Runs`, `Knowledge`, and `Integrations` remain planned but not shipped
+  - a static frontend-only UI mock now exists at `frontend/taskdeck-web/public/mock/` for lightweight GitHub Pages-style walkthroughs of the current `Home` / `Today` / `Review` / `Inbox` / `Board` feel using local example data only, and GitHub Pages now deploys that folder through a dedicated Actions workflow instead of the old branch-based `main` + `/docs` path
+- Feature slices integrated end to end:
+  - workspace home summary shell with server-backed workspace mode persistence
+  - workspace `Today` agenda with persisted onboarding state, replay/dismiss controls, and first-use board setup shortcuts
+  - canonical review-first proposal routing/approve/reject/execute and diff viewing with readable proposal presentation cards
+  - board-centered action rail and board-aware deep links across board, inbox, review, chat, notifications, and capture provenance flows
+  - dismissible contextual help callouts across `Home`, `Today`, `Review`, `Inbox`, board action flow, and selector-heavy activity guidance, with per-surface replay/dismiss persistence
+  - audience-first docs/help-center stack aligned to the shipped `Home` / `Today` / `Inbox` / `Review` / `Boards` shell, with root entry docs, chaptered manual guidance, workflow recipes, FAQ coverage, and troubleshooting guidance
+  - chat session flow with selector-safe board context and review handoff
+  - ops template execution and log querying with route-aware tab defaults
+  - archive listing and restore operations
+  - notification inbox and per-user notification preference controls
+  - board realtime subscription lifecycle (SignalR join/leave/reconnect with polling fallback)
+  - batch triage and suggestion editing for inbox artifacts
+  - keyboard card movement (Alt+Arrow) and move-to action menu on cards
+- Storybook baseline: Storybook 10.3.5 with stories for all 17 Td* primitives; `npm run storybook` (dev :6006) and `npm run storybook:build` scripts
+- Note-style import: markdown file upload (heading-based section splitting) and web clip paste intake tabs in ExportImportView; all content routes through capture pipeline
+- OIDC login buttons: config-gated SSO buttons on LoginView for configured OIDC providers
+- Error tracking: config-gated Sentry browser SDK, Plausible/Umami analytics script injection, telemetry consent UI in settings
+- Cross-cutting UI infrastructure:
+  - command palette with global search (Ctrl+K): live cross-board search for boards and cards via `/api/search`, with 200ms debounced queries, abort-on-supersede, and keyboard-first grouped results navigation
+  - feature flags, correlation IDs, toasts, keyboard shortcuts
+  - shared UI primitives foundation (UI-02): 15 TdButton/TdInput/TdDialog/TdDropdown/TdTooltip/TdBadge/etc. primitives built on Reka UI via shadcn-vue ownership model with WAI-ARIA keyboard foundation; stack decision documented in `docs/analysis/ui-primitive-stack-decision-spike.md`
+  - appshell premium reskin: shell sidebar, topbar, command palette, and keyboard help components now use `--td-*` design token system with focus-visible accessibility rings and glass morphism effects
+  - board/card surface polish: board canvas, toolbar, action rail, column lanes, and card components now use design-token-based styling with standardized interactive states and accessibility focus rings
+  - centralized JWT token storage abstraction (`utils/tokenStorage.ts`) with base64url + JSON payload validation, `isValidJwtStructure` guard, and `clearAll` helper; session-token storage ADR at `docs/analysis/session-token-storage-adr.md`
+  - CSP hardening: removed `unsafe-inline` from `script-src` in security headers middleware; OWASP baseline doc updated
+  - performance instrumentation composable (`usePerformanceMark`) with `PERF_BUDGETS` constants; 7 latency thresholds documented in `docs/PERFORMANCE_BUDGETS.md`; 16 workspace route views converted to lazy `() => import()` for initial bundle reduction
+  - WCAG 2.1 AA accessibility baseline: skip-to-content link, `sr-only` utility, `eslint-plugin-vuejs-accessibility` rules, ARIA landmarks and roles across HomeView/TodayView/ReviewView/InboxView/CaptureModal/ToastContainer/BoardView, and Playwright axe-core E2E regression for 6 core views
+  - PWA/offline client readiness (`#95`): `vite-plugin-pwa` configured with Workbox `generateSW` (84 precached app shell entries), runtime caching (NetworkFirst for API, CacheFirst for static assets, StaleWhileRevalidate for fonts), SPA navigateFallback for offline deep links; `useOnlineStatus` composable with reactive connectivity tracking; `OfflineBanner` component with ARIA live region; `SwUpdatePrompt` component for user-controlled SW updates; manifest with correct installability criteria (separate `any`/`maskable` icon purposes); offline behavior documented in `docs/platform/PWA_OFFLINE_BEHAVIOR.md`
+- Large view decompositions (hotspot refactor wave):
+  - `ActivityView.vue` decomposed from ~735 → ~117 lines via `useActivityQuery` composable + `ActivitySelector` + `ActivityResults` components
+  - `BoardView.vue` decomposed from ~771 → ~270 lines via `useBoardDragDrop` + `useBoardKeyboardNav` composables + `BoardToolbar` + `BoardActionRail` + `BoardCanvas` + `BoardDialogHost` components
+- Demo baseline (migration batches A + B + C + D + E delivered):
+  - `frontend/taskdeck-web/scripts/demo-seed.mjs` + `npm run demo:seed` for first-run seeded workspace generation, now bounded on reruns so canonical seeded captures, queue samples, chat evidence, comments, and Ops logs are reused instead of appended indefinitely
+  - `frontend/taskdeck-web/scripts/demo-lib.mjs`, `frontend/taskdeck-web/scripts/demo-run.mjs`, `frontend/taskdeck-web/scripts/demo-autopilot.mjs`, `frontend/taskdeck-web/scripts/scenario-json-runner.mjs`, `frontend/taskdeck-web/scripts/scenarios-json/*`, and `frontend/taskdeck-web/scripts/scenarios/*` (compatibility path) for reusable scripted scenario/autopilot harness flows
+  - `frontend/taskdeck-web/scripts/demo-director.mjs` + `frontend/taskdeck-web/scripts/demo-snapshot.mjs` with `npm run demo:director` and `npm run demo:snapshot` for one-command orchestration and artifact capture (`run-summary.json`, `trace.ndjson`, `snapshot.json`, screenshots, logs)
+  - `frontend/taskdeck-web/scripts/demo-director-presets.mjs` for named preset scenarios (happy-path-capture, review-approve-flow, error-recovery-demo, soak-baseline) with override merging and runtime registration
+  - `frontend/taskdeck-web/scripts/demo-trace-assertions.mjs` for exact and structural trace comparison plus step ordering and error detection assertions
+  - `frontend/taskdeck-web/scripts/demo-report-html.mjs` for self-contained HTML report generation with inline styles, trace tables, pass/fail badges, and embedded base64 screenshots
+  - `frontend/taskdeck-web/scripts/demo-soak.mjs` for long-run director scenario loops with configurable iteration counts, cooldown, and cumulative metrics tracking
+  - full Playwright-backed demos now auto-enable a live LLM provider when LLM steps are enabled and usable demo keys are present, preferring Gemini by default for long/manual runs while preserving explicit mock opt-out
+  - non-demo Playwright backend startup now stays pinned to deterministic `Mock` mode by default even when local shell env exports live-provider keys; demo-only overrides still take precedence when explicitly enabled
+  - when demo-specific live-provider overrides need to be injected, Playwright now disables existing-server reuse by default so full demos do not silently stick to an older mock backend unless the operator explicitly forces reuse
+  - `frontend/taskdeck-web/package.json` now includes `npm run demo:director:smoke` for deterministic, LLM-free regression proof with stable artifact output (`demo-artifacts/ci-smoke`), isolated smoke DB reset (`taskdeck.demo.ci.db`), forced fresh Playwright servers, automatic local API port fallback when `5000` is occupied, and actionable conflict hints when explicit runtime port overrides cannot bind
+  - `docs/product/DEMO_PLAYBOOK.md`, `docs/product/SCENARIOS.md`, `docs/product/DOGFOODING_GUIDE.md`, and `docs/USER_MANUAL.md` for seeded stakeholder walkthrough, JSON scenario authoring/runner usage, daily dogfooding cadence, and user-facing operations guidance
+  - `demo/http/taskdeck-demo.http` for local API walkthrough against the dev backend
+  - opt-in stakeholder walkthrough recorder spec: `frontend/taskdeck-web/tests/e2e/stakeholder-demo.spec.ts` (gated by `TASKDECK_RUN_DEMO=1`) with director-mode bootstrap via `TASKDECK_DEMO_DIRECTOR=1`, scenario-aware board selection, explicit-board override alignment with autopilot targeting, UI-driven feature-flag enabling for advanced surfaces, and mandatory seeded-card presence checks
+  - scenario runner and legacy JS compatibility checks now fail loudly on unresolved template references, missing starter-pack labels, ambiguous duplicate column/label names, and unknown scenario IDs so demo/test setup does not degrade into half-valid state
+  - `demo:director` now validates its own flags before Playwright passthrough (`--` required for forwarded args) so malformed option usage fails fast instead of silently drifting into partial demo state
+  - required Playwright CI lanes explicitly pin `TASKDECK_RUN_DEMO=0`; opt-in demo smoke is exposed in `ci-extended.yml` via the reusable `demo-director-smoke` workflow for PRs that touch `.github/workflows/**`, `backend/**`, `frontend/**`, `deploy/**`, or `scripts/**`, or through manual dispatch
+  - autopilot loop controls now cover queue/capture/mixed paths with capture-triage flags for inbox-flow demonstration
+  - autopilot deterministic replay supports `--rng-seed` (with `--seed` backward compatibility) and emits trace events for artifact summarization
+  - JSON scenarios now support `runOps` steps for seeded Ops evidence inside scenario runs
+  - advanced/diagnostic nav surfaces now default off via feature flags (`Activity`, `Ops`, `Access`, `Archive`)
+  - `Automations` nav now defaults to proposals review path instead of queue path
+  - queue composer now defaults to instruction-first request type with guided helper text and board-context guardrails for board-scoped instructions
+  - Automation Chat now exposes explicit provider-health truth (`/api/llm/chat/health`) so operators and tests can see whether the surface is using a live provider, mock provider, or a degraded/unavailable path; `?probe=true` sends a minimal completion to verify reachability; degraded responses now carry `messageType: "degraded"` with `degradedReason` instead of embedding failure text in normal response content
+  - opt-in live-provider chat verification now exists at `frontend/taskdeck-web/tests/e2e/live-llm.spec.ts` (gated by `TASKDECK_RUN_LIVE_LLM_TESTS=1`), with headed local entry points in `npm run test:e2e:audit:headed` and `npm run test:e2e:live-llm:headed`
+- Shared maintainability utilities:
+  - `buildQueryString` for API query construction across filter-driven endpoints
+  - `getErrorMessage` for consistent API/store error extraction
+
+## Platform Expansion Wave (2026-04-09, PRs `#796`–`#805`, 10 issues)
+
+Ten parallel worktree agents delivered platform hardening, testing infrastructure, ops documentation, and PWA readiness across 10 PRs with two rounds of adversarial review per PR. All CRITICAL and HIGH findings were resolved.
+
+**Architecture & Platform:**
+- **PLAT-01 SQLite-to-PostgreSQL migration strategy** (`#84`/`#801`): ADR-0023 recommends PostgreSQL as production target; migration runbook at `docs/platform/SQLITE_TO_POSTGRES_MIGRATION_RUNBOOK.md` with dependency-ordered export/import, FTS5 blocker warning, rollback procedure; 20 provider compatibility tests in `DatabaseProviderCompatibilityTests.cs` covering CRUD, DateTimeOffset, GUID, collation, Unicode; adversarial review caught phantom ApiKeys table, 5 missing tables, FTS5 crash risk
+- **PLAT-02 Distributed caching** (`#85`/`#805`): ADR-0024 documents cache-aside pattern; `ICacheService` interface in Application layer; `InMemoryCacheService` (ConcurrentDictionary + sweep timer + 10K cap), `RedisCacheService` (lazy reconnect, safe degradation), `NoOpCacheService`; board list caching with 60s TTL and write-through invalidation; `CacheSettings` config binding; 32 tests; adversarial review removed stale board-detail cache (columns mutated by non-cache-aware services), fixed permanent Redis disable on transient failure, added eviction and timer safety
+- **PLAT-03 SignalR scale-out** (`#105`/`#803`): ADR-0025 documents Redis backplane strategy; conditional `AddTaskdeckSignalR` extension with `SignalR:Redis:ConnectionString` toggle; `RedisBackplaneHealthCheck` with 30s cache and three-state reporting (NotConfigured/Healthy/Unhealthy); runbook at `docs/platform/SIGNALR_SCALEOUT_RUNBOOK.md`; 14 tests; adversarial review replaced per-probe ConnectionMultiplexer with singleton lazy connection, fixed thread-unsafe cache fields, corrected ADR Degraded/Unhealthy mismatch
+
+**Testing Infrastructure:**
+- **TST-02 Cross-browser E2E matrix** (`#87`/`#800`): Playwright config expanded with Firefox, WebKit, mobile-chrome (Pixel 7), mobile-safari (iPhone 14) projects; `@smoke`/`@cross-browser`/`@mobile`/`@quarantine` tagging strategy; 5 cross-browser + 4 mobile viewport tests with shared `boardUiHelpers.ts`; `reusable-e2e-cross-browser.yml` wired into nightly/extended CI; flaky test policy at `docs/testing/FLAKY_TEST_POLICY.md`; adversarial review fixed CI gate timeout, extracted duplicated helpers, removed conditional assertions
+- **TST-03 Visual regression harness** (`#88`/`#797`): Playwright visual comparison via `toHaveScreenshot()` with dedicated `playwright.visual.config.ts` (1280x720, animations disabled, 0.5% threshold); 7 visual tests across board, command palette, archive, inbox, home views; `reusable-visual-regression.yml` with diff artifact upload; policy at `docs/testing/VISUAL_REGRESSION_POLICY.md`; adversarial review fixed wrong command palette placeholder (would fail all palette tests), double `.png.png` extensions, added CI baseline generation
+- **TST-05 Mutation testing pilot** (`#90`/`#796`): Stryker.NET config targeting `Taskdeck.Domain` (60/80/0 thresholds); frontend Stryker JS config targeting `captureStore`/`boardStore` + board submodules (~1400 lines) with vitest runner; `mutation-testing.yml` weekly schedule + manual dispatch (non-blocking); policy at `docs/testing/MUTATION_TESTING_POLICY.md`; adversarial review removed broken schema URL, invalid config properties, fixed CI shellcheck violations, corrected concurrency over-subscription
+- **TST-06 Ephemeral DBs via Testcontainers** (`#91`/`#804`): new `Taskdeck.Integration.Tests` project with `Testcontainers.PostgreSql` 4.11.0; `PostgresContainerFixture` with per-test database isolation via counter-based `CREATE DATABASE`; `DockerAvailableCheck` with `SkippableFact` for graceful skip without Docker; 20 integration tests across Board CRUD, Card operations, Proposal lifecycle, cross-class isolation, parallel execution; `reusable-container-integration.yml` wired into extended CI; guide at `docs/testing/TESTCONTAINERS_GUIDE.md`; adversarial review fixed race condition (shared DbContext across tasks), deadlock in Docker check, container disposal on partial start
+
+**PWA & Offline:**
+- **UX-09 PWA/offline readiness** (`#95`/`#802`): VitePWA integration with `prompt` registerType, `navigateFallback` with `/api/`+`/mcp` denylist, `NetworkFirst` API caching + `CacheFirst` static assets; `useOnlineStatus` composable with reactive `navigator.onLine` tracking; `OfflineBanner` component with ARIA `role="status"`; `SwUpdatePrompt` component via `virtual:pwa-register` for controlled SW update lifecycle; offline behavior doc at `docs/platform/PWA_OFFLINE_BEHAVIOR.md`; 18 tests (11 composable + 7 component); adversarial review eliminated duplicate SW lifecycle handlers (double-reload race), fixed misleading sync text, corrected opaque response caching and SVG icon sizes
+
+**Ops & Architecture Documentation:**
+- **OPS-12 Cloud cost observability** (`#104`/`#798`): ADR-0026 documents proactive cost observability decision; framework at `docs/ops/CLOUD_COST_OBSERVABILITY.md` (6 cost dimensions, 3-tier alerts at 70/90/100%, monthly review workflow, Terraform budget template); hotspot registry at `docs/ops/COST_HOTSPOT_REGISTRY.md` (6 features with per-request LLM costs, monthly projections at 4 usage levels); breach runbook at `docs/ops/BUDGET_BREACH_RUNBOOK.md` (5-phase playbook); adversarial review fixed phantom config keys, wrong API endpoint, incorrect JSON payload, compute instance types
+- **OPS-14 Cloud topology ADR** (`#111`/`#799`): ADR-0027 documents container-based ECS Fargate topology; autoscaling policy (CPU 65%/25%, 1000 req/min, 500 WS connections); health checks (liveness/readiness/startup); SLO targets (99.5% availability, p95 read <300ms, write <800ms); cost estimate ~$147-152/month; reference architecture at `docs/ops/CLOUD_REFERENCE_ARCHITECTURE.md` (VPC layout, ECS tasks, CI/CD pipeline, DR strategy); adversarial review fixed cost inconsistency, missing worker service, latency alarm gap, health check endpoint accuracy, connection pooling risk
+
+**ADR numbering note**: All 5 PRs that created ADRs originally used ADR-0023. The canonical numbering is ADR-0023 (SQLite migration) through ADR-0027 (cloud topology). PR branches need ADR file renames during merge to match this index.
+
+## Feature, Security, and Ops Expansion Wave (2026-04-09, PRs `#806`–`#813`, 8 issues)
+
+Eight parallel worktree agents delivered new features, security infrastructure, ops tooling, and developer experience improvements across 8 PRs. Each PR received two rounds of adversarial review (original self-review + independent cold review). The independent round caught 9 CRITICAL and 11 HIGH findings — all resolved before merge.
+
+**Features:**
+- **UX-08 Calendar/timeline views** (`#94`/`#810`): `WorkspaceService.GetCalendarAsync` with board-access-scoped date-range card query (90-day cap, 500-result limit); `CardRepository.GetByDueDateRangeAsync`; `GET /api/workspace/calendar?from=&to=` endpoint defaulting to current month; frontend `CalendarView.vue` with grid mode (monthly calendar, color-coded due-date cards, overflow "+N more") and timeline mode (chronological date-grouped list); month navigation, status indicators (on-track/overdue/blocked), drill-down to board/card; loading/error/empty states; ARIA grid roles; sidebar nav item; 8 backend + 20+ frontend tests; adversarial review fixed UTC timezone mismatch, overdue logic inconsistency, and unbounded query results
+- **INT-05 Note-style import and web clip intake** (`#334`/`#809`): `NoteImportService` with markdown heading-based section splitting and web clip metadata intake; `CaptureSource.MarkdownImport` and `CaptureSource.WebClip` enum values; `NoteImportController` with `POST /api/import/notes/markdown` and `POST /api/import/notes/webclip` (auth + rate limiting); all imported content routes through `ICaptureService.CreateAsync` (GP-06 compliant — no silent board mutations); provenance via `ExternalRef` (filename/URL) and `TitleHint`; frontend markdown upload and web clip paste tabs in `ExportImportView`; security: path traversal validation, URL scheme restriction (http/https only), no outbound requests (no SSRF), content as plain text (no XSS); 38 backend + 6 frontend tests; adversarial review fixed silent success on all-sections-fail and ExternalRef overflow
+- **AGT-03 Agents/Runs surfaces** (`#338`/`#808`): `AgentsView.vue` (profile list with status badges), `AgentRunsView.vue` (run list per agent with proposal linkage), `AgentRunDetailView.vue` (vertical event timeline with human-readable labels, JSON payload display, proposal navigation); `agentStore` Pinia store with 3 data slices; `agentApi` HTTP client with enum normalization for backend integer serialization; 3 lazy-loaded routes under `/workspace/agents` gated to `agent` workspace mode; sidebar nav item with `primaryModes: ['agent']`; loading/error/empty states throughout; 42 frontend tests; adversarial review confirmed clean (no CRITICAL/HIGH)
+- **UI-12 Storybook baseline** (`#251`/`#807`): Storybook 10.3.5 (`@storybook/vue3-vite`) configured for Vue 3 + Vite 8; stories for all 17 Td* UI primitives (TdButton, TdIconButton, TdInput, TdTextarea, TdSelect, TdFieldWrapper, TdDialog, TdDropdown, TdPopover, TdTooltip, TdToast, TdInlineAlert, TdSpinner, TdSkeleton, TdBadge, TdTag, TdEmptyState) showing key state variants; design token CSS import + obsidian theme background; `viteFinal` hook strips PWA plugin for storybook builds; `npm run storybook` (dev server :6006) and `npm run storybook:build` scripts; adversarial review confirmed clean
+
+**Security & Auth:**
+- **SEC-07 SSO/OIDC with MFA** (`#82`/`#813`): configurable OIDC provider support (Microsoft Entra ID, Google, generic OIDC) via `IOidcProviderFactory` with pluggable registration; OIDC is config-gated and disabled by default; OIDC login/callback/exchange endpoints with open-redirect protection and short-lived single-use authorization codes; TOTP-based MFA (RFC 6238) with setup (secret + QR URI + 8 recovery codes), confirm, verify, and disable endpoints; recovery codes bcrypt-hashed at rest; constant-time comparison and replay protection; `MfaPolicy` configuration (`EnableMfaSetup`, `RequireMfaForSensitiveActions`) gating password change and account deletion; frontend OIDC login buttons on LoginView (config-gated), `MfaSetup.vue` settings component, `MfaChallengeModal.vue` for protected actions; no auto-linking by email (prevents account takeover); ADR-0029 documents design decisions; 30+ backend tests; adversarial review fixed dead MFA enforcement code, permanent user lockout via DisableAsync, and OIDC endpoint routing
+- **CLD-03 OAuth PKCE and account linking** (`#676`/`#812`): DB-backed auth code store replacing in-memory `ConcurrentDictionary` — `OAuthAuthCode` entity with EF migration, `IOAuthAuthCodeRepository` with atomic `TryConsumeAtomicAsync` (raw SQL `UPDATE WHERE IsConsumed = 0 AND ExpiresAt > now`); PKCE support via `UsePkce = true` in ASP.NET Core 8 OAuth middleware; account linking endpoints (`POST /api/auth/github/link`, `DELETE /api/auth/github/link`, `GET /api/auth/linked-accounts`) with conflict detection and session verification; frontend Linked Accounts section in `ProfileSettingsView` with Link/Unlink buttons and avatar display; 24+ backend tests; adversarial review fixed CSRF on account linking, TOCTOU in expiry check, JWT plaintext in DB, DoS via full-table load, and unbounded table growth
+
+**Ops & Observability:**
+- **OPS-09 Staged deployment workflow** (`#101`/`#806`): ADR-0028 documents blue/green + canary deployment strategy with rollback criteria; `docs/ops/DEPLOYMENT_WORKFLOW.md` canonical 4-phase workflow (build verification → staging → production canary → production promotion) with rollback procedures, database migration safety, emergency hotfix override, and ownership/escalation model; `docs/ops/RELEASE_CHECKLIST.md` versioned smoke verification (7 pre-deploy + 9 automated staging + 7 manual staging + 7 canary + 6 post-promotion + 5 post-release checks) with failure response matrix; `scripts/deploy/smoke-test.sh` portable smoke test (9 automated checks: health, API, auth, board auth gate, frontend, SignalR, static assets, security headers, container restart detection); `.github/workflows/cd-staging-gate.yml` with `production` environment manual approval gate; adversarial review fixed script injection in CI workflow and unscoped container checks
+- **OBS-02 Error tracking and product analytics** (`#549`/`#811`): config-gated Sentry SDK for backend (`Sentry.AspNetCore` with `BeforeSend` PII scrubbing for emails/JWTs, `ServerName` blanked) and frontend; opt-in product telemetry service (`TelemetryEventService`) aligned with `docs/product/TELEMETRY_TAXONOMY.md` — property key allowlist (15 safe keys), max 10 properties, 200-char value truncation; `TelemetryController` with anonymous config endpoint and authenticated events endpoint; Plausible/Umami analytics script injection (`useAnalyticsScript`) with HTTPS-only URL validation; Pinia `telemetryStore` with consent management, event buffering, and flush; DNT/GPC privacy signal detection prevents auto-restore of consent; telemetry consent toggle in `ProfileSettingsView`; `docs/ops/OBSERVABILITY_SETUP.md` configuration guide; all telemetry opt-in and disabled by default; 38 backend + 25 frontend tests; adversarial review fixed Sentry PII leak, arbitrary properties injection, XSS via script URL, and DNT non-compliance
+
+## Phase Progress (Reconciled)
+
+Progress is tracked against `filesAndResources/taskdeck_technical_design_document.md`.
+
+1. Phase 1 - Core Data Model and API: COMPLETE (100%)
+2. Phase 2 - Basic Web UI: COMPLETE (100%)
+3. Phase 3 - UX Improvements: COMPLETE (100%)
+4. Phase 4 - Advanced Features: IN PROGRESS (97%)
+
+Completed in Phase 4:
+- CI gate split and matrix hardening
+- authn/authz infrastructure baseline
+- boards controller family retrofit to claims-derived identity (`[Authorize]` + owner-scoped board operations)
+- claims-first retrofit for columns/cards/labels/export-import/queue/board-access (actor identity derived from claims; caller actor query/body IDs removed)
+- export/import board JSON flow
+- audit and queue service/API slices
+- automation proposal lifecycle + diff + execute flow
+- archive recovery flow
+- chat + ops + logs + worker/health stack
+- frontend integration for automations/chat/ops/archive
+- archive lifecycle coherence for boards across board settings and archive workspace flows
+- drag/edit interaction safety guardrails via explicit card/column drag handles and non-handle drag blocking
+- collaborative presence/conflict policy (`#73`): SignalR-backed board/card presence snapshots with editor markers, optimistic stale-write conflict handling, and conflict-audit capture with actor identity
+- collaborative comments/mentions workflow (`#74`): board-scoped threaded card comments (create/list/reply/edit/delete), mention-to-user linking, mention notification publication, and authz-safe moderation boundaries
+- maintainability refactor across API/controller error handling and frontend API/store utilities (PR #23)
+- CI hardening follow-up: workflow concurrency cancellation, frontend typecheck/build parity, TRX artifacts, caching
+- mechanical checks added: docs governance CI checks (`check-docs-governance` + `check-github-ops-governance`) and architecture boundary test project
+- API integration harness additions for authz assertions (`AssertUnauthorized`, `AssertForbidden`, `AssertNotFoundOrForbidden`, `AssertCrossUserIsolation`)
+- SEC-04 API error-contract assertions for key auth/validation paths, including middleware-level `401/403` payload normalization
+- starter-pack manifest foundation (`PACK-01`): versioned manifest schema doc plus deterministic backend parsing/validation tests
+- starter-pack apply backend (`PACK-02`): idempotent apply endpoint with dry-run conflict reporting and integration coverage for success/re-apply/conflict flows
+- starter-pack frontend catalog (`PACK-03`): board-scoped catalog modal with search, preview (dry-run), and one-click apply flow with frontend interaction tests
+- starter-pack first-party catalog (`PACK-04`): API-backed first-party pack catalog (label/column/blueprint packs) consumed by board starter-pack UI
+- starter-pack deterministic fixture packs (`PACK-05`): Playwright bootstrap helpers and manifest-backed small/medium/edge deterministic E2E fixture coverage
+- DEBT-01 nullability reduction (`#52`): domain `CS8618` warnings eliminated with EF-safe non-null initialization defaults
+- DEBT-02 log-query scalability pass (`#53`): repository-filtered query flow replaces full-table scans and command-run log N+1 composition
+- DEBT-03 database export/import (`#54`): sandbox-gated SQLite file export/import endpoints with payload signature/size validation and file-replacement rollback guardrails
+
+Remaining for Phase 4 completion:
+- UX/operator hardening for remaining keyboard/accessibility/discoverability gaps (WCAG baseline delivered, conversational refinement `#576` delivered, calendar views `#94` delivered, agent surfaces `#338` delivered)
+- product-legibility hardening so the app teaches the `capture -> review -> board` loop without relying on demo scripts or internal docs
+
+## Future Expansion Backlog Snapshot (2026-02-18)
+
+Backlog seeding was expanded from near-horizon only to a staged future roadmap grounded in `docs/WIP` research PDFs.
+
+- New future-expansion issues created: `#67` to `#111`
+- Wave index issue: `#107` (`OPS-13`)
+- Priority-label rollout completed across every issue (open and closed):
+  - `Priority I`: current Phase 4 completion path
+  - `Priority II`: post-Phase-4 foundation tranche
+  - `Priority III`: analytics/security/compliance expansion tranche
+  - `Priority IV`: platform, UX, testing, docs maturity tranche
+  - `Priority V`: low-urgency/meta/historical tracking
+
+Current open backlog is now split into:
+- Phase-4 completion tranche (`#33` to `#57`, `Priority I`)
+- Future expansion tranche (`#72` to `#111`, `Priority II` to `Priority V`)
+
+## Analysis Follow-through Wave (2026-02-21)
+
+To convert the 2026-02-21 repository scan into executable work, a dedicated issue wave was seeded:
+- umbrella tracker: `#151`
+- engineering hardening issues: `#152` to `#157`
+- hotspot refactor issues: `#158` to `#167`
+- CI/workflow topology expansion issue: `#168`
+
+Priority distribution for this wave:
+- `Priority I`: `#152`
+- `Priority II`: `#151`, `#153`, `#154`, `#155`, `#157`, `#168`
+- `Priority III`: `#156`
+- `Priority IV`: `#158` to `#167`
+
+Analysis record:
+- `docs/analysis/2026-02-21_repo-scan-analysis.md`
+- `docs/analysis/2026-02-21_ci-github-actions-expansion-plan.md`
+
+## Demo Expansion Migration Wave (2026-03-02)
+
+A dedicated staged migration wave was seeded to port external demo-expansion assets into the current repository with compatibility guardrails.
+
+Seeded issues:
+- tracker: `#297`
+- batches: `#298` to `#302` (`v0` baseline -> `v3` director -> integration hardening)
+
+Execution constraints:
+- all wave issues are labeled `Priority I`
+- strict dependency order (`#298` -> `#299` -> `#300` -> `#301` -> `#302`)
+- one branch per batch issue using suggested branch names embedded in issue bodies
+- file-scoped commit preference for review/rollback safety
+
+Implementation delivery (shipped in this context):
+- `#298` Batch A (`v0`): baseline demo seeding command + first-run UX defaults + seeded playbook promotion
+- `#299` Batch B (`v1`): reusable demo harness scripts (`demo:run`, `demo:autopilot`), scenario modules, API walkthrough asset, stakeholder opt-in recorder spec, and expanded demo/dogfooding/user docs
+- `#300` Batch C (`v2`): JSON scenario runner + schema/sample scenarios, `demo:run` JSON-first flags (`--list`, `--skip-llm`, `--continue-on-error`), capture-aware autopilot loop modes (`queue|capture|mixed`), capture helper library additions, and scenario authoring docs (`docs/product/SCENARIOS.md`)
+- `#301` Batch D (`v3`): demo director + snapshot scripts (`demo:director`, `demo:snapshot`), trace-aware scenario/autopilot/runtime events, `runOps` scenario step support, and director-mode stakeholder recorder bootstrap with artifact logs/snapshots
+- `#302` Batch E: integration hardening delivered with explicit demo CI policy (`TASKDECK_RUN_DEMO=0` in default Playwright lanes), opt-in `demo-director-smoke` workflow wiring in `ci-extended.yml`, deterministic smoke command (`npm run demo:director:smoke`) with isolated smoke DB reset + forced fresh servers, automatic free-port fallback for local API startup, actionable explicit-port remediation hints, and docs/index/runtime-precondition consolidation for the migrated demo tooling
+
+## Saul-Facing Demo Reconciliation (2026-03-26)
+
+`docs/WIP/Taskdeck_Demo_Capability_Specification.md` was reconciled against shipped code, canonical docs, and the active GitHub backlog in `docs/analysis/2026-03-26_saul-demo-capability-reconciliation.md`.
+
+Current state:
+- already shipped: capture triage, review-first proposal gating, board-centered follow-through, provenance links, and deterministic seed/director/scenario tooling
+- delivered in the demo wave: dedicated client-onboarding starter pack/scenario (`#354`), trust-first review wording hardening (demo-critical `#326` subset), and in-app hero-path/demo-board cues (demo-critical `#330` subset)
+- rehearsal contract is now delivered (`#355`); GTM baseline (demo script, landing copy, beta intake workflow) is now delivered (`#216`)
+- demo rehearsal runtime issues (2026-03-27): seed idempotency blocker (`#387`), scenario `--skip-llm` blocker (`#389`), DX friction (`#388`, `#390`), narrative mismatch (`#394`), and polish (`#391`, `#392`, `#393`) — tracked in `#395`
+
+Targeted follow-through seeded:
+- `#354` `PACK-08`: Saul-facing client-onboarding starter pack and deterministic demo scenario
+- `#355` `TST-24`: Saul-facing demo rehearsal contract, acceptance checklist, and artifact guide (delivered)
+- `#356` `DEMO-00`: Saul-facing demo alignment tracker
+
+Existing reused anchors:
+- `#175` for broader starter-pack expansion beyond the pre-demo slice
+- `#216` for broader demo script / public framing (delivered: `DEMO_SCRIPT.md`, `LANDING_COPY.md`, `BETA_INTAKE_WORKFLOW.md`)
+- `#326` for proposal readability and trust-cue hardening (demo-critical subset)
+- `#330` for in-app demoability and hero-board presentation quality (demo-critical subset); nav badges now show pending triage and review counts on Inbox and Review nav items
+- post-epic follow-through is now tracked in `#311` for continued demo/runtime/test hardening without reopening the migration batches
+
+## Manual Product Audit Follow-through Wave (2026-03-26)
+
+The headed runtime audit in `docs/analysis/2026-03-26_manual-product-audit.md` was reconciled into a focused follow-through wave rather than left as a standalone artifact.
+
+Canonical follow-through record:
+- `docs/analysis/2026-03-26_manual-product-audit-followthrough.md`
+
+Seeded issues:
+- `#363` tracker
+- `#364` realtime hub CORS/SignalR health
+- `#365` Inbox triage freshness
+- `#366` Workbench/nav/docs truth alignment
+- `#367` board-history semantic alignment
+- `#368` chat live-provider status and first-turn fidelity — degraded message type, probe health, verified UI state
+- `#369` headed manual-audit Playwright pack (`Priority IV` by design)
+
+Reused existing anchor:
+- `#326` proposal readability — affected entity labels now show named targets instead of raw IDs, correlation IDs truncated in UI
+
+## Future Testing and Hardening Strategy Analysis (2026-03-29)
+
+TST-08 (`#143`) delivered a gap analysis of the current testing/hardening posture across MCP integrations, deployment/container runtime, operational reliability, and security checks.
+
+Analysis record:
+- `docs/analysis/2026-03-29_testing-hardening-strategy.md`
+
+Key findings:
+- Current posture is strong (1400+ automated tests, comprehensive CI topology, established security baselines)
+- Highest-ROI gaps are CI automation of existing manual validation (MCP, Terraform, drills, container runtime) and supply-chain security scanning (SAST, secrets, image CVEs)
+- 15 proposed follow-up issues across 4 priority tiers with acceptance criteria and execution sequencing
+
+Proposed issue summary:
+- Priority I (SEC-20 to SEC-22): SAST, secret scanning, container image scanning
+- Priority II (SEC-23, OPS-21 to OPS-24): dependency blocking gate, container smoke, drill/MCP/Terraform CI wiring
+- Priority III (TST-27 to TST-29, SEC-24): repository tests, board sub-store tests, router tests, DAST
+- Priority IV (TST-30, TST-31, OPS-25, SEC-25): OpenAPI snapshots, shutdown tests, CSP reporting, HTTP client tests
+
+## Post-Merge Wave (2026-03-29)
+
+Windows Git hardening (`#121`):
+- `scripts/check-git-env.sh` validates Git for Windows resolution (not Cygwin/MSYS2) and detects stale `.git/index.lock` with worktree awareness
+- `CLAUDE.md` and `AGENTS.md` updated with script reference and PATH remediation guidance
+
+Dependency update automation (`#148`):
+- `.github/dependabot.yml` active for NuGet, npm, and GitHub Actions with weekly cadence and grouped minor/patch updates
+- `docs/ops/DEPENDENCY_UPDATE_POLICY.md` covers triage SLAs, escalation, and policy boundaries
+
+Headed manual-audit Playwright pack (`#369`):
+- `frontend/taskdeck-web/tests/e2e/manual-audit.spec.ts` covers core `Home -> Inbox/Capture -> Review -> Board` audit loop with 18 screenshots
+- gated behind `TASKDECK_RUN_AUDIT` env var; live LLM probes opt-in via `TASKDECK_RUN_LIVE_LLM_TESTS`
+- usage documented in `docs/testing/MANUAL_AUDIT_PACK.md`
+
+Manual validation checklists (`#130`, `#131`):
+- Slice A (`#130`): 22 step-indexed scenarios (A-01 to A-22) in `docs/testing/manual-validation-a-workspace-board-ux.md` covering workspace shell, board lifecycle, keyboard UX, and escape behavior stack
+- Slice B (`#131`): 175 step-indexed checks (B-01 to B-175) in `docs/testing/manual-validation-b-authz-contracts.md` covering all 28 controllers with two-user isolation matrix
+
+## Post-Merge Wave 2 (2026-03-29)
+
+AppShell premium reskin (`#499`):
+- Shell sidebar, topbar, command palette, and keyboard help components reskinned from hardcoded Tailwind/rgba values to `--td-*` design token system
+- Added focus-visible accessibility rings throughout shell layer
+- Glass morphism and smooth transitions for premium visual feel
+
+Board/card surface polish (`#501`):
+- Board canvas, toolbar, action rail, column lanes, and card components reskinned to design token system
+- Standardized card visual states (hover, focus, selected, disabled, dragging) with token-based styling
+- Fixed combined selected+focus-visible keyboard navigation specificity conflict
+- Replaced hardcoded font sizes with token references in filter count badges
+
+AGT-02 tool registry, policy evaluator, and first bounded template (`#337`, PR `#502`):
+- Added domain primitives: `ToolScope`, `ToolRiskLevel` enums, `ITaskdeckTool`, `ITaskdeckToolRegistry` interfaces, `PolicyDecision` value object
+- Added `TaskdeckToolRegistry` (thread-safe in-memory registry), `AgentPolicyEvaluator` (allowlist + risk-level gating), and `InboxTriageAssistant` (bounded template that creates proposals, never direct board mutations)
+- DI registration: singleton tool registry with `inbox.triage` pre-registered, scoped policy evaluator and triage assistant
+- Default policy is review-first for all risk levels; auto-apply is opt-in only for low-risk tools
+- 42 backend tests covering registry, policy evaluation, and inbox triage assistant
+
+Demo director reporting, assertions, presets, and soak mode (`#331`, PR `#500`):
+- Added `demo-director-presets.mjs` with named preset system for common demo modes (happy-path-capture, review-approve-flow, error-recovery-demo, soak-baseline)
+- Added `demo-trace-assertions.mjs` for exact and structural trace comparison
+- Added `demo-report-html.mjs` for self-contained HTML report generation with embedded screenshots
+- Added `demo-soak.mjs` for long-run director scenario loops with cumulative metrics
+- 63 frontend tests covering presets, assertions, reports, soak mode, and integration
+
+Incident rehearsal and recovery program (`#150`, PR `#503`):
+- Added `docs/ops/INCIDENT_REHEARSAL_CADENCE.md` (monthly lightweight + quarterly deep drill schedule)
+- Added `docs/ops/EVIDENCE_TEMPLATE.md` (standardized rehearsal outcome format)
+- Added `docs/ops/REHEARSAL_BACKOFF_RULES.md` (finding-to-issue workflow with severity SLAs)
+- Added 4 rehearsal scenario templates: degraded-api-health, missing-telemetry-signal, mcp-server-startup-regression, deployment-readiness-failure
+- Added first execution evidence: `docs/ops/rehearsals/2026-03-29_degraded-api-health.md`
+- Cross-linked from `TESTING_GUIDE.md` and `MANUAL_TEST_CHECKLIST.md`
+
+## Post-Merge Wave 3 (2026-03-30 to 2026-03-31)
+
+Chat-to-proposal NLP gap fix (`#570`, PR `#602`):
+- Added `NaturalLanguageInstructionExtractor` to bridge the intent classification-to-parsing gap: translates natural language into structured instructions the regex parser can consume
+- MockLlmProvider now produces `Instructions` when the classifier detects actionable intent
+- OpenAI and Gemini provider fallback paths also use the extractor when LLM-based JSON extraction fails
+- 38 unit tests for the extractor
+
+Multi-instruction batch parsing (`#574`, PR `#591`):
+- Added `ParseBatchInstructionAsync` to `IAutomationPlannerService` interface
+- `ChatService` now routes multi-instruction messages through batch parsing to generate multiple proposals from a single chat message
+- Backend + frontend tests for batch instruction parsing
+
+Board-context LLM prompting (`#575`, PR `#589`):
+- Added `BoardContextBuilder` to construct bounded board context (columns, card titles, labels) for LLM system prompts
+- Added `LlmSystemPromptBuilder` for centralized system prompt composition
+- OpenAI and Gemini providers now append board context to system prompts via the builder
+- Backend tests for board context builder and ChatService integration
+
+Board keyboard card movement (`#248`, PR `#590`):
+- Added Alt+Arrow keyboard shortcuts for card movement within and across columns in BoardView
+- Added move-to action menu on CardItem for click-based column moves
+- Card Movement section added to keyboard shortcuts help dialog
+- Frontend unit tests for keyboard movement and ColumnLane coverage
+
+Transcript capture source (`#218`, PR `#592`):
+- Added `TranscriptFile` capture source with transcript-specific size limits
+- Added transcript paste/file capture mode to CaptureModal frontend
+- Backend validation tests and frontend interaction tests
+
+Contact card YAML parser (`#264`, PR `#588`):
+- Added `ContactCardYamlParser` with parse/serialize and field validation for card-first outreach CRM use case
+- Added `ContactCardFrontMatter` model with `YamlDotNet` dependency
+- Static serializer/deserializer caching for performance
+- Backend unit tests
+
+Global search and quick-action launcher (`#93`, PR `#603`):
+- Added `SearchService` and `/api/search?q=` endpoint for cross-board search respecting authorization boundaries
+- Enhanced `ShellCommandPalette` (Ctrl+K) with live search results alongside command navigation
+- Added `searchApi` client, `useGlobalSearch` composable with 200ms debounce and abort-on-supersede
+- Grouped results display (Commands, Boards, Cards) with keyboard-first navigation
+- Frontend tests for composable and command palette search integration
+
+Developer portal and OpenAPI (`#99`, PR `#605`):
+- Added OpenAPI annotations (`[ProducesResponseType]`, XML doc summaries) to Boards, Cards, Columns, Capture, Chat, Auth, and Webhooks controllers
+- Enhanced Swagger configuration with API metadata, JWT Bearer security definition, and XML comment inclusion
+- Added developer portal docs (`docs/api/`): `QUICKSTART.md`, `AUTHENTICATION.md`, `BOARDS.md`, `CAPTURE.md`, `CHAT.md`, `WEBHOOKS.md`, `ERROR_CONTRACTS.md`
+- Added developer portal CI workflow and local OpenAPI export script
+
+SBOM and release provenance (`#103`, PR `#606`):
+- Added reusable workflow (`.github/workflows/reusable-sbom-provenance.yml`) for CycloneDX JSON SBOMs (backend + frontend) and SLSA v1-style provenance manifest
+- Wired into `ci-release.yml` (replacing placeholder) and `release-security.yml`
+- Added `docs/ops/SBOM_RELEASE_PROVENANCE.md` documentation
+- Updated dependency vulnerability policy to reference SBOM artifacts
+
+Batch triage and suggestion editing (`#220`, PR `#607`):
+- Added `POST /api/capture/items/batch-triage` endpoint with per-item actions (triage/ignore/cancel), 200/207/422 response semantics, and batch size limit (50)
+- Added `PUT /api/capture/items/{id}/suggestion` for editing capture text before triage with state-transition guards
+- Added multi-select checkboxes, select-all toggle, batch action bar, and inline suggestion editing in InboxView
+- Backend + frontend tests for batch triage and suggestion editing
+
+Property-based and fuzz testing pilot (`#89`, PR `#601`):
+- Added FsCheck property-based testing packages to Domain and Application test projects
+- Added property-based tests for Board, Card, Column, Label entity invariants and AutomationProposal state machine
+- Added fuzz tests for StarterPackManifestValidator, LlmIntentClassifier regex safety, and export/import DTO serialization roundtrip contracts
+
+Accessibility audit and WCAG remediation (`#92`, PR `#604`):
+- Added skip-to-content link, `sr-only` utility class, and `eslint-plugin-vuejs-accessibility` with tuned rules
+- WCAG improvements across BoardView, HomeView, TodayView, ReviewView, InboxView, CaptureModal, and ToastContainer
+- Added Playwright axe-core E2E tests for 6 core views (Home, Today, Inbox, Review, Boards, Login) plus skip-link test
+- `role=presentation` on virtual scroller wrappers in InboxView
+
+Dependency updates (PRs `#593`–`#600`):
+- `@eslint/js` 9.39.4 → 10.0.1 (with ESLint v10 rule violation fixes in demo scripts and playwright config)
+- `@types/node` 24.10.1 → 25.5.0
+- GitHub Actions group bump (5 updates)
+- `Microsoft.NET.Test.Sdk` 17.14.1 → 18.3.0
+- `Swashbuckle.AspNetCore` 6.9.0 → 10.1.7 (with OpenApi v2.x compatibility fix); exported OpenAPI artifact needs regeneration (`#609`)
+- `Microsoft.IdentityModel.Tokens` and `System.IdentityModel.Tokens.Jwt` upgraded to 8.17.0
+- `xunit.runner.visualstudio` 2.8.2 → 3.1.5
+
+Follow-through issues seeded from changelog audit (`docs/analysis/2026-03-31_changelog-audit.md`):
+- `#608` OPS-26: require `ci-extended` pass for workflow and infrastructure PRs (`Priority II`)
+- `#609` DOC-04: regenerate and validate OpenAPI spec artifact after Swashbuckle 10 upgrade (`Priority III`)
+- `#610` UX-16: add cursor pagination to global search endpoint (`Priority IV`)
+
+## MVP Expansion Planning Integration (2026-03-07)
+
+New review packages under `docs/InReview/MVP_EXPANSION/` were cross-read against the current repo state and backlog:
+
+- `MINIMAL/`: near-horizon execution filter
+- `EXPANDED/`: staged product and architecture roadmap
+
+Planning conclusion adopted into canonical docs:
+
+- demoability improved faster than self-serve product clarity
+- near-horizon work should prioritize product legibility before adding broad new capability families
+- preferred sequence is:
+  1. novice-first shell and entry clarity (`Home`, `Review`, workspace modes, empty/help states, board selectors)
+  2. board-centered daily workflow (`Today`, proposal readability, board action rails, deep links, onboarding)
+  3. docs/help/testing coherence
+  4. agent substrate
+  5. knowledge/integrations surface
+
+Backlog implication:
+
+- existing overlap and reuse anchors are partial (`#96`, `#93`, `#77`, `#75`, `#98`, `#216`, `#218`, `#219`, `#311`)
+- the novice-first productization wave is now shipped through docs/help follow-through for `#318`, `#320`, `#322`, `#324`, `#326`, `#96`, `#100`, and `#328`; the first-run smoke and launch-criteria guardrail now lives as a deterministic Playwright contract on the shipped `Home -> capture -> review -> execute -> board` loop
+- `#320` is now shipped: durable `UserPreference` workspace mode persistence, `/api/workspace/home` + `/api/workspace/preferences`, `Home` default routing, and mode-aware shell navigation
+- `#322` is now shipped: `/workspace/review` is the canonical automation route, legacy proposals URLs redirect compatibly, queue/chat/ops/access are explicitly framed as advanced surfaces, board access/chat common flows prefer selectors over raw board IDs, and primary empty states now point users toward concrete next steps
+- `#324` is now shipped: `/workspace/today` aggregates review, triage, overdue, due-today, and blocked work into one agenda, while Home/Today share a persisted onboarding loop with setup replay/dismiss and first-use starter-board creation
+- `#326` is now shipped: proposal cards expose plain-language summaries, impact/risk/source cues, and affected-entity headlines from an application-layer presentation contract, while board pages now expose a board action rail (`Capture here`, `Ask assistant`, `Review proposals`, `Add card`) and board context now travels across inbox/review/chat/notifications/provenance links; affected entity labels now show named targets from operation parameters instead of raw IDs, and correlation IDs are truncated in the review UI
+- `#96` is now shipped: novice-first contextual help is now present on the key workflow surfaces (`Home`, `Today`, `Review`, `Inbox`, board action flow, and selector-heavy activity`) with dismiss/replay persistence that keeps guidance discoverable without forcing it on experienced users
+- the lower-priority secondary follow-through wave is now seeded as `#329` to `#334`, subordinate to Wave P, covering in-app demoability/product evidence, harness/report maturity, saved-view productivity follow-through, and broader note/clip intake follow-through
+- the remaining expanded-blueprint architecture wave is now seeded as `#335` to `#341`, subordinate to both Wave P and Wave Q, covering agent substrate, knowledge/search, supervised connector architecture, and explicit `R1` / `R2` / `R3` launch-gate framing
+- planned-but-not-shipped concepts now explicitly tracked in roadmap docs include:
+  - broader telemetry and release-gate follow-through remain tracked in `#341`
+  - `Agents`, `Runs`, `Knowledge`, and `Integrations` product surfaces
+  - `Demo Tools`, guided narrative/demo-tour flow, HTML report/assertions, and saved views
+  - explicit release framing for `R1` novice-first beta, `R2` agent foundation alpha, and `R3` knowledge/integrations alpha
+- active docs root is now curated as a living-doc spine only; stable reference material is organized under `docs/product`, `docs/manual`, `docs/ops`, `docs/platform`, `docs/security`, and `docs/tooling`
+
+## Capture Realignment Wave (2026-02-23)
+
+Realignment packs (now archived for traceability) were reviewed and reconciled into active backlog seeding:
+- automation realignment pack:
+  - `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/2026-02-21_capture-automation_realignment_pack/`
+- security/performance addendum:
+  - `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/2026-02-21_capture-security-performance-addendum/`
+
+Seeded issue wave:
+- umbrella tracker: `#199`
+- capture delivery sequence: `#200` to `#211`
+- linked hardening/performance follow-through: `#212` (delivered), `#213` (delivered)
+- existing rate-limit issue updated with capture scope (no duplicate issue): `#81`
+- deferred capture follow-ons seeded: `#218`, `#219`, `#220`
+- adjacent go-to-market and research execution seeds: `#216`, `#217`
+
+Implementation delivery (shipped):
+- `#200` CAP-01 delivered and regression-tested:
+  - queue-wrapper capture model locked (`LlmRequest` + `inbox.capture.v1`)
+  - capture source/status contracts and transition policy added
+  - capture payload invariants enforced (schema version, text limits, actor-field rejection)
+  - provenance linkage fields added to support `capture item -> triage run -> proposal`
+- `#201` CAP-02 capture API slice delivered and regression-tested:
+  - added authenticated `/api/capture/items` endpoints (create/list/detail/ignore/cancel)
+  - create now returns `201` and uses queue-wrapper persistence with capture payload normalization
+  - list is user-scoped and excerpt-only (full text returned only by detail endpoint)
+  - ignore/cancel paths are idempotent for already-ignored items and enforce cross-user `403`
+- `#202` CAP-03 queue provenance fix delivered and regression-tested:
+  - planner now accepts explicit proposal source metadata overrides
+  - queue worker now creates proposals with `SourceType = Queue`
+  - queue worker forwards `SourceReferenceId` and `CorrelationId` using queue item id for traceability
+- `#203` CAP-04 triage enqueue/state transitions delivered and regression-tested:
+  - added authenticated triage enqueue endpoint: `POST /api/capture/items/{id}/triage` (`202 Accepted`)
+  - triage enqueue now returns deterministic capture state with idempotent `already triaging` behavior
+  - invalid transition attempts now fail with stable `Conflict` error contract payloads
+  - generic queue processing now skips `inbox.capture.v1` pending items so capture triage remains explicit
+- `#204` CAP-05 worker triage path delivered and regression-tested:
+  - queue worker now routes `inbox.capture.*` triaging items through a dedicated capture-triage proposal path (separate from generic instruction parsing)
+  - deterministic extraction baseline now converts checklist/bullet/numbered capture text into proposal operations with stable idempotency keys
+  - triage outcomes now persist capture provenance linkage (`capture item -> triage run -> proposal`) and surface `ProposalCreated` status when linkage exists
+  - invalid capture triage inputs (for example boardless capture triage) now fail deterministically without direct board mutation and remain bounded by existing worker retry policy
+- `#205` CAP-06 strict triage schema/prompt versioning delivered and regression-tested:
+  - added strict capture triage output contract (`capture-triage-output.v1`) with machine-validated schema and contract tests
+  - triage pipeline now enforces schema version + prompt version invariants before proposal generation
+  - triage provenance now persists prompt version `triage.v1` per triage run for capture item linkage/audit visibility
+  - added golden and negative fixture coverage for schema validation failures (missing tasks, wrong prompt version, unknown properties)
+- `#212` SEC-14 logging redaction guardrails delivered and regression-tested:
+  - published `docs/security/SECURITY_LOGGING_REDACTION.md` and linked it from active security docs
+  - invalid capture-source validation now returns generic messages without echoing caller-controlled values
+  - unexpected middleware/provider/worker failures now log sanitized exception summaries instead of raw exception objects on sensitive paths
+  - queue and webhook failure persistence now redacts or generalizes sensitive exception text before storage, and ASP.NET Core trace auto-exception recording is disabled to keep raw exception events out of default telemetry
+- `#206` CAP-07 inbox frontend route/list/detail delivered and regression-tested:
+  - added workspace inbox route (`/workspace/inbox`) with shell navigation integration
+  - inbox list now renders excerpt-first capture summaries and loads full text only on explicit detail open
+  - inbox detail now supports deterministic ignore/cancel actions with refreshed state from capture API
+  - keyboard-first navigation (`ArrowUp`/`ArrowDown`/`Enter`) and escape-stack compliant detail close behavior are now regression-tested
+- `#207` CAP-08 capture modal + command palette/hotkey integration delivered and regression-tested:
+  - added keyboard-first quick-capture modal with deterministic submit (`Ctrl+Enter`) and close (`Escape`) behavior
+  - command palette now includes capture action entry and retains inbox navigation access
+  - added global quick-capture hotkey (`Ctrl+Shift+C`) with escape-stack compliant modal close ordering
+  - successful capture submission now provides immediate feedback by routing to inbox with the new item rendered in list state
+- `#208` CAP-09 inbox triage trigger + proposal-linking UX delivered and regression-tested:
+  - inbox detail now includes deterministic triage enqueue action with explicit in-progress/completion button state semantics
+  - capture detail contract now surfaces provenance metadata (`capture item -> triage run -> proposal`) so proposal linkage is visible to UI consumers
+  - inbox detail now renders direct proposal-review navigation when triage yields a linked proposal
+  - capture store/api regression tests now cover triage enqueue success/failure behavior and proposal-link rendering
+- `#209` CAP-10 card/proposal provenance UX delivered and regression-tested:
+  - cards API now exposes capture provenance contract for capture-created cards (`GET /api/boards/{boardId}/cards/{cardId}/provenance`)
+  - triage create-card operations now persist deterministic card target ids so provenance lookup remains stable after proposal execution
+  - card modal now shows explicit capture-origin marker with direct capture/proposal links and triage-run metadata when provenance exists
+  - automations proposal surface now shows capture-linked context (capture artifact link + triage run reference), with frontend/backend regression coverage
+- `#210` CAP-11 capture loop E2E regression delivered and regression-tested:
+  - added dedicated Playwright regression (`tests/e2e/capture-loop.spec.ts`) covering capture create -> triage -> proposal approve/execute -> card provenance verification
+  - coverage validates proposal-first review gate behavior (no direct board mutation from triage output before explicit approve/execute)
+  - coverage validates provenance deep-links (`Open Capture`, `Open Proposal`) and triage-run metadata visibility from resulting card surfaces
+  - full Playwright suite now includes capture-loop verification in the default regression path
+- `#211` CAP-12 canonical docs promotion delivered:
+  - updated canonical docs (`STATUS`, `IMPLEMENTATION_MASTERPLAN`, `TESTING_GUIDE`, `MANUAL_TEST_CHECKLIST`) to reflect shipped capture runtime behavior and verification posture
+  - promoted capture validation and manual-run guidance into active docs as baseline expectations
+  - marked the original in-review capture pack READMEs as historical/stale after promotion to canonical docs
+
+Execution intent:
+- preserve proposal-first trust posture (no direct model auto-apply)
+- keep claims-first identity and `401/403/404` policy semantics
+- require deterministic schema/error handling and provenance visibility for capture-generated changes
+
+Reconciliation record:
+- `docs/analysis/2026-02-23_capture-realignment-synthesis.md`
+- `docs/analysis/2026-02-23_inreview-extraction-audit.md`
+- `docs/analysis/2026-02-23_capture-model-decision.md`
+
+## LLM Provider Expansion Track (2026-02-24)
+
+`#232` AUTO-03 is now delivered:
+
+- provider runtime supports `OpenAI` + `Gemini` with deterministic config/environment-aware `Mock` fallback
+- live-provider misconfiguration degrades safely without request crashes
+- capture triage provenance now persists `provider` + `model` alongside `promptVersion`
+- provider adapter coverage now includes Gemini success/failure/invalid-response/cancellation and chat integration coverage with a non-mock provider stub
+
+`#236` SEC-16 is now delivered:
+
+- chat provider requests now carry server-derived attribution (`userId`, correlation ID, source surface, board/session scope) through `ChatCompletionRequest`
+- provider adapters now receive standardized attribution headers (`x-taskdeck-*`) and OpenAI now gets a pseudonymous `user` token mapping
+- capture queue provenance now persists managed-key attribution metadata (`requestedByUserId`, `correlationId`, `sourceSurface`, scope IDs) for audit and abuse-triage workflows
+- regression coverage now includes attribution propagation, spoofing rejection, and chat API provider-stub attribution assertions
+
+Documentation baseline for this track:
+
+- `docs/platform/LLM_PROVIDER_SETUP_GUIDE.md`
+
+## Managed-Key Abuse-Control Track (2026-02-23)
+
+To capture the security and operational risk of letting users consume model calls via a platform-managed provider key, a dedicated control wave was seeded. Identity attribution foundation is now delivered via `#236`; user-facing usage policy is now delivered via `#240`. Remaining controls stay in this wave:
+
+- `#235` tracker: managed-key threat model and control sequencing
+- `#236` identity attribution contract for managed-key requests (`Priority II`) -- delivered
+- `#237` quota/budget/kill-switch guardrails (`Priority II`) -- pending
+- `#238` SEC-18 abuse detection + automated containment (`Priority III`) -- **operator tooling + domain groundwork delivered**: `AbuseActor`/`AbuseEvent` entities, `AbuseDetectionService` (4-state Observe→Suspicious→Restricted→Blocked model), operator evaluation/quarantine/unquarantine/block API; live-traffic automated containment wiring is a follow-up slice
+- `#239` SEC-19 incident response + key rotation drills (`Priority III`) -- **delivered**: `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` + `docs/security/SECRETS_MANAGEMENT_BASELINE.md` + `scripts/drills/` (5 failure-injection drill scripts + orchestrator)
+- `#240` user-facing fair-use and abuse consequence policy (`Priority III`) -- delivered: `docs/security/MANAGED_KEY_USAGE_POLICY.md`
+
+## Frontend Premium UI Wave (2026-02-23)
+
+Commit `0aef077f6d46262a844eb796cb9e95f83132ca09` introduced a premium UI planning pack (archived for traceability) under:
+
+- `docs/InReview/HUMAN/07_FRONTEND_PREMIUM_UI_OVERVIEW.md`
+- `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/2026-02-23_frontend-premium-ui-pack/`
+
+Issue seeding and reconciliation completed:
+
+- tracker: `#242` (UI-00 frontend premium UI wave)
+- net-new wave issues: `#243` to `#251`
+- explicit reuse (no duplicate issue creation): `#154`, `#88`, `#92`, `#213`
+
+Execution posture:
+
+- foundations-first sequencing is mandatory (`#243`, `#245`, `#244` before screen reskins)
+- no broad global reskin until shared primitives and token contracts are established
+- accessibility/keyboard and visual/performance quality gates remain explicit dependencies
+
+Reconciliation record:
+
+- `docs/analysis/2026-02-23_frontend-premium-ui-synthesis.md`
+
+## Testing Harness Improvement Wave (2026-02-23)
+
+Commit `909db0d` introduced a testing-harness improvement pack (archived for traceability) under:
+
+- `docs/archive/2026-02-25_inreview-repo-pack/REPO_PACK/docs/analysis/taskdeck_testing_harness_improvement_pack_2026-02-23/`
+
+Issue seeding and reconciliation completed:
+
+- tracker: `#254` (TST-15 testing harness wave)
+- net-new wave issues: `#255` to `#260`
+- existing seeds updated with extracted pack guidance: `#89`, `#90`, `#106`, `#168`
+- explicit non-duplicate mapping to already-covered scenarios:
+  - WIP limit enforcement tests already present (`CardServiceTests`, `CardsApiTests`, `tests/e2e/smoke.spec.ts`)
+  - sandbox gate behavior already present (`ExportApiTests`)
+  - starter-pack idempotency/conflict safety already present (`StarterPacksApiTests`)
+
+Delivery posture:
+
+- `#255` removed residual wall-clock flake patterns and centralized E2E polling helpers
+- `#256` added high-signal drag/drop persistence coverage after full reload
+- `#257` expanded representative API error-contract coverage
+- `#258`, `#259`, and `#260` added non-blocking CI guardrails (OpenAPI generation/validation, golden principles enforcement, nightly quality artifacts)
+
+Reconciliation record:
+
+- `docs/analysis/2026-02-23_testing-harness-synthesis.md`
+
+Recent follow-through (2026-02-24):
+- `#260` adds `.github/workflows/nightly-quality.yml` (scheduled + manual) to collect non-blocking quality telemetry artifacts on `main`
+- workflow now publishes backend (Domain/Application) coverage artifacts, frontend coverage artifacts, and dependency/security signal artifacts (`dotnet list package --vulnerable`, `npm audit`)
+- dependency/security signal handling is now policy-backed (`#106`): reusable normalized summaries, PR/manual opt-in `ci-extended` scan lane, nightly scheduled signal collection, release-lane enforcement option, severity SLAs, and expiry-bound exception rules are documented in `docs/security/SECURITY_DEPENDENCY_VULNERABILITY_POLICY.md`
+- workflow surfaces signal exits in step summary/warnings while keeping required PR CI path unchanged (reporting-first nightly lane)
+- `#259` adds `docs/GOLDEN_PRINCIPLES.md` as a concise invariant baseline and cross-links it from canonical active docs/index and contributor guidance
+- governance lane now runs `scripts/check-golden-principles.mjs` and docs-governance now requires/validates the golden-principles document alongside canonical active docs
+- `#258` adds a reusable OpenAPI guardrail lane (`reusable-openapi-guardrail.yml`) wired into `ci-extended` (PR/manual) and `ci-nightly`
+- guardrail now generates `artifacts/openapi/taskdeck-api.json`, validates JSON/top-level contract shape, and uploads artifact/log outputs for inspection
+- snapshot/diff gating remains explicitly deferred to follow-up work; current scope is generation + parse-validation + artifact publication
+- `#257` expanded `ApiErrorContractApiTests` with representative `400/401/403/404/409` coverage in one suite
+- representative error-path tests now assert `X-Request-Id` echo behavior alongside stable JSON error-contract shape assertions
+
+## Outreach CRM Deferred Expansion Track (2026-02-23)
+
+New in-review outreach CRM planning docs were added under:
+
+- `docs/InReview/outreach-crm/`
+
+Issue seeding and reconciliation completed:
+
+- tracker: `#262` (OUT-00 outreach CRM deferred wave)
+- net-new wave issues: `#263` to `#268`
+- explicit reuse (no duplicate issue creation): `#75`, `#77`, `#175`, `#107`
+
+Execution posture:
+
+- keep outreach CRM expansion in Priority IV until higher-priority active tracks complete
+- sequence foundational modeling/UX slices before dashboard/runtime drafting slices
+- keep execution-mode behavior configurable (draft/manual default, connector expansion separately gated)
+
+Reconciliation record:
+
+- `docs/analysis/2026-02-23_outreach-crm-synthesis.md`
+
+## Test Status (Executed)
+
+Verification Date: 2026-03-31 (recertified after PRs #588–#607 merge wave)
+
+### Backend (Executed)
+
+Command:
+- `dotnet test backend/Taskdeck.sln -c Release -m:1`
+
+Result:
+- Domain: 357/357 passing
+- Application: 1193/1193 passing
+- API integration: 413/413 passing
+- CLI contract: 4/4 passing
+- Architecture boundaries: 8/8 passing
+- Backend Total: 1975/1975 passing
+
+### Frontend Unit + Build (Executed)
+
+Commands:
+- `cd frontend/taskdeck-web && npm run lint`
+- `cd frontend/taskdeck-web && npx vitest --run`
+- `cd frontend/taskdeck-web && npm run typecheck`
+- `cd frontend/taskdeck-web && npm run build`
+
+Result:
+- Frontend unit: 1491/1491 passing (134 test files) — **stale**: post-wave count is 1592/1592 (~125 files); see `docs/TESTING_GUIDE.md` for latest estimates
+- Typecheck: passing
+- Production build: passing
+
+### Frontend E2E (Last Successful Run)
+
+Command:
+- `cd frontend/taskdeck-web && npx playwright test`
+
+Result:
+- default required E2E lane remains the smoke + automation/ops + capture loop + starter-pack fixture flow
+- opt-in/manual coverage now also includes `stakeholder-demo.spec.ts` (`TASKDECK_RUN_DEMO=1`) and `live-llm.spec.ts` (`TASKDECK_RUN_LIVE_LLM_TESTS=1`)
+- 2026-03-06 local rerun still passes after frontend E2E startup hardening:
+  - Playwright frontend port resolution now auto-falls back (`5173` -> `4173` -> `5001`) with deterministic runner/worker convergence.
+  - local reuse mode only reuses already-listening ports when the listener is identity-verified as Taskdeck frontend; CI mode prefers bindable ports so stale listeners do not break startup.
+  - first fallback resolution is now persisted in-process so worker config imports stay pinned to the runner-selected frontend port during CI execution.
+  - backend Playwright startup stays on deterministic `Mock` provider mode unless the run is an explicit demo flow that injects live-provider overrides.
+  - Investigation record remains at `docs/analysis/2026-02-25_frontend-gate-port-bind-and-cors-blockers.md`.
+- 2026-03-26 manual audit confirmed the previously published raw API/E2E counts were stale; the next full end-to-end suite recertification should refresh discovery/pass totals rather than continuing to repeat the older 2026-03-06 figures.
+
+### Demo Director Smoke
+
+Command:
+- `cd frontend/taskdeck-web && npm run demo:director:smoke`
+
+Result:
+- deterministic demo smoke: passing
+- isolated smoke DB reset (`taskdeck.demo.ci.db`) and fresh backend/frontend startup both verified
+
+### Total
+
+- Combined automated total (backend + frontend unit/build + default frontend E2E): ~4600+ passing (backend ~2990+ + frontend unit 1592 + E2E)
+- Note: backend totals are estimates after three 2026-04-04 delivery waves; full-suite recertification needed. See `docs/TESTING_GUIDE.md` for detailed breakdown.
+
+## CI Status
+
+Required workflow: `.github/workflows/ci-required.yml`
+
+- `docs-governance` (Ubuntu)
+- `backend-architecture` (Ubuntu)
+- `backend-unit` (Ubuntu/Windows)
+- `api-integration` (Ubuntu/Windows)
+- `frontend-unit` (Ubuntu/Windows)
+  - lint + typecheck + build + unit tests
+- `container-images` (Ubuntu)
+- `e2e-smoke` (Ubuntu, depends on prior jobs)
+
+Extended/non-blocking workflow: `.github/workflows/ci-extended.yml`
+
+- `workflow-lint` (Actionlint for workflow YAML drift)
+- `dependency-review` (PR dependency risk check)
+- label/manual-triggered backend solution + E2E smoke lanes (`testing` label or `workflow_dispatch`) for PRs that touch `.github/workflows/**`, `backend/**`, `frontend/**`, `deploy/**`, or `scripts/**`
+- label/manual-triggered demo director smoke lane (`automation` label or `workflow_dispatch`) via `.github/workflows/reusable-demo-director-smoke.yml`; docs-only PRs still need manual dispatch because `ci-extended.yml` path filters do not watch `docs/**`
+- label/manual-triggered load/concurrency harness lane via `.github/workflows/reusable-load-concurrency-harness.yml`
+- label/manual-triggered cross-browser E2E matrix lane via `.github/workflows/reusable-e2e-cross-browser.yml` (5-project parallel matrix: Chromium, Firefox, WebKit, mobile-chrome, mobile-safari)
+- label/manual-triggered visual regression lane via `.github/workflows/reusable-visual-regression.yml` (Playwright `toHaveScreenshot()` with diff artifact upload; `testing`/`visual` label)
+- label/manual-triggered container integration lane via `.github/workflows/reusable-container-integration.yml` (Testcontainers PostgreSQL; `testing` label)
+
+Mutation testing workflow: `.github/workflows/mutation-testing.yml`
+
+- Weekly schedule (Sunday 04:00 UTC) + manual dispatch
+- Backend Stryker.NET (Domain) + Frontend Stryker JS (captureStore/boardStore)
+- Non-blocking; HTML/JSON reports uploaded as 30-day artifacts
+
+Release workflow: `.github/workflows/ci-release.yml`
+
+- SBOM/provenance generation via `.github/workflows/reusable-sbom-provenance.yml` (CycloneDX SBOMs for backend + frontend, SLSA v1-style provenance manifest)
+- Container image build/export artifacts
+
+Security workflow: `.github/workflows/release-security.yml`
+
+- Dependency inventory/vulnerability reporting
+- SBOM/provenance generation alongside existing security scans
+
+Developer portal workflow: `.github/workflows/reusable-developer-portal.yml`
+
+- OpenAPI spec export and developer portal generation
+
+Nightly workflow: `.github/workflows/ci-nightly.yml`
+
+- scheduled/manual backend solution regression
+- scheduled/manual E2E smoke (reuses `.github/workflows/reusable-e2e-smoke.yml`)
+- scheduled/manual load/concurrency harness (reuses `.github/workflows/reusable-load-concurrency-harness.yml`)
+- scheduled/manual container image regression
+
+Dependency update automation: `.github/dependabot.yml`
+
+- weekly Dependabot PRs for NuGet, npm, and GitHub Actions ecosystems
+- minor/patch grouped; major NuGet/npm individual; Actions fully grouped
+- security updates follow severity-based triage SLAs in `docs/ops/DEPENDENCY_UPDATE_POLICY.md`
+- no auto-merge; all dependency PRs require human review and `ci-required.yml` gate pass
+
+Release/security deep workflow: `.github/workflows/release-security.yml`
+
+- release/tag/manual dependency inventory + vulnerability signal artifacts
+- optional strict frontend audit enforcement for manual runs
+- container image artifact/checksum lane reused from container baseline workflow
+
+Nightly quality signals workflow: `.github/workflows/nightly-quality.yml`
+
+- scheduled/manual backend coverage (domain + application)
+- scheduled/manual frontend coverage
+- dependency and security signal scan (reuses `.github/workflows/reusable-dependency-security-signals.yml`)
+
+CI workflow topology is documented in the header comment of `.github/workflows/ci-required.yml`.
+Workflow ownership is enforced via `CODEOWNERS` (`.github/workflows/` requires maintainer review).
+
+## Known Gaps and Risks
+
+Security and identity:
+- claims-first identity is now aligned for boards/columns/cards/labels/export/queue/board-access
+- claims-first identity is now aligned for audit/users as well (including self-scoped user/audit history flows)
+- remaining security convergence work is concentrated on consistent cross-user policy enforcement breadth
+- policy decision is now explicit: cross-user authenticated access failures should return `403`; remaining work is consistent enforcement across all families/tests
+
+Automation and data:
+- active LLM provider policy supports explicit mock vs live-provider switching (`OpenAI`/`Gemini`) with safe defaults for development/test environments
+- managed-key shared-token controls are now more broadly shipped: identity attribution baseline (`#236`), user-facing usage policy (`#240`, `docs/security/MANAGED_KEY_USAGE_POLICY.md`), secrets/config management baseline (SEC-10, `docs/security/SECRETS_MANAGEMENT_BASELINE.md`), incident runbook + drill scripts (SEC-19, `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` + `scripts/drills/`), and abuse detection domain groundwork + operator API (`#238` SEC-18, `AbuseActor`/`AbuseEvent`/`AbuseDetectionService` with 4-state model) are all delivered; remaining automated live-traffic containment and quota enforcement remain tracked in `#237` (kill-switch budget guardrails) and the SEC-18 follow-through slice for live wiring
+- planner extraction remains rule/regex-based with deterministic validation and expanded board/column operation coverage
+- database-level export/import now exists as a minimal safe implementation and is restricted to Development sandbox mode
+- database import is file-replacement based and can fail when the SQLite file is actively locked by other operations; run imports during quiescent windows when possible
+- capture inbox pipeline and canonical docs promotion are now shipped (`#200` to `#211`); logging redaction follow-through is delivered in `#212`, and remaining capture-linked scalability follow-through is tracked in `#213`
+- premium UI foundations are delivered (`#243` UI-02 shared primitives, `#245` UI-03 stack spike, `#250` PERF-08 budgets); appshell premium reskin (`#499`) and board/card surface polish (`#501`) are now shipped with design-token-based styling across shell sidebar/topbar/command-palette/keyboard-help and board canvas/toolbar/action-rail/column-lane/card components; remaining premium UI items are tracked in `#244`, `#246` to `#249`, and optional `#251`
+- testing-harness wave guardrails are shipped through `#255` to `#260`; follow-up improvements now belong to normal hardening work rather than the original wave
+- outreach CRM deferred expansion is not shipped; tracked in `#262` to `#268` with reuse links to delivered `#75` (import adapters) plus `#77` and `#175`
+
+Observability and scalability:
+- frontend/CI baseline is now Node 24.13.1 (LTS) to align with Vite 7 engine requirements and longer support runway
+- containerized deployment baseline is now shipped (`#69`): backend/frontend Dockerfiles, compose profile, reverse proxy compression/security headers posture, and CI image artifacts
+- Terraform IaC baseline is now shipped (`#102`): reusable AWS single-node environment templates (`dev`/`staging`/`prod`), host bootstrap for the existing Docker workload layer, JWT secret retrieval from a pre-created SecureString SSM parameter instead of raw EC2 user-data injection, a dedicated persistent EBS data volume for `/var/lib/taskdeck`, instance replacement on bootstrap changes without discarding the SQLite path, stop-before-detach protection for planned data-volume attachment changes, protected data-volume destroy defaults for `staging`/`prod`, backup-bucket noncurrent-version expiry with explicit versioning dependency, and an operator drift-check workflow
+- multi-tenancy strategy ADR is now documented (`#71`) with shared-schema + `TenantId` as the default rollout target; tenant isolation implementation slices remain pending
+- local developer MCP posture now includes a Docker Marketplace server bundle with a stable default gateway set (`docker,docker-docs,openapi,time,jetbrains,filesystem,SQLite,terraform`) and optional integrations staged behind credentials/config (`postman`, `dockerhub`, `kubernetes`, `semgrep`)
+- MCP operations runbook and helper scripts are now available for credential wiring and repeatable baseline/optional MCP dry-run verification
+- MCP regression harness now provides actionable optional prerequisite diagnostics and CI-friendly status output modes (`PASS`, `PASS_WITH_WARNINGS`, `FAIL`)
+- out-of-code/platform execution is now tracked, but not yet fully shipped:
+  - production DB migration strategy (`#84`) and distributed cache strategy (`#85`)
+  - backup/restore disaster-recovery playbook (`#86`)
+  - staged rollout policy (`#101`), SBOM/provenance (`#103`), cost guardrails (`#104`)
+  - ~~cost guardrails (`#104`)~~ **delivered** (2026-04-09): cloud cost observability framework with six cost dimensions (compute, storage, LLM API, logging, network, CI/CD), three-tier budget alert thresholds (70%/90%/100%), monthly cost review workflow with checklist, feature cost hotspot registry covering 6 high-variance features (LLM API, logging, database, SignalR, CI/CD, MCP transport), budget breach runbook with detection-triage-mitigation-review phases, Terraform budget alert template, and ADR-0026
+  - cloud target topology and autoscaling ADR (`#111`, delivered - ADR-0023 defines ECS Fargate topology, autoscaling policy, SLO targets, health check contract, and cost estimates; companion reference architecture at `docs/ops/CLOUD_REFERENCE_ARCHITECTURE.md`)
+UX and operability (reconciled from product notes):
+- escape behavior now follows a top-surface-first contract; maintain regression coverage as new overlays and panels are introduced
+- primary product gap is now telemetry and release-gate follow-through rather than missing route teaching: the product legibility wave has shipped the main shell, route guidance, docs baseline, and the first-run smoke guardrail, while `#341` carries the remaining telemetry/release-gate framing
+- review/proposal flow now includes readable proposal summaries, impact/risk/source cues, affected-entity headlines, board-centered action rails, and deep links across inbox/review/chat/notifications/provenance (delivered in `#326`); remaining polish is incremental rather than structural
+- `docs/START_HERE.md`, `docs/USER_MANUAL.md`, `docs/manual/*`, and the new product help guides now complement the shipped `Home` / `Today` onboarding path and key-route contextual help with a navigation-shaped help-center stack; the first-run smoke and launch-criteria guardrail is now delivered in `#328`, while broader telemetry and release-gate follow-through stays tracked in `#341`
+
+Security/compliance hardening backlog added from research cross-check:
+- OWASP/security headers + CSRF/XSS baseline (`#80`, delivered)
+- API abuse/rate-limiting policy (`#81`, delivered)
+- SSO/OIDC + optional MFA (`#82`)
+- data portability/deletion workflow (`#83`)
+- secrets/configuration management baseline (`#110`)
+
+## Recently Resolved (This Cycle)
+
+- Unified API error-response shape and HTTP error-code mapping in shared backend helpers.
+- Reduced duplicated frontend API/store logic by extracting shared query and error utilities.
+- Reconciled active docs and test totals after PR #23 merge.
+- Delivered development CORS configurability: default localhost origins remain allowed, development fallback localhost dev ports (`4173`, `5001`) are included for restricted-port workflows, and development-only configured origins (`Cors:DevelopmentAllowedOrigins`) are merged into the API allowlist with deterministic integration coverage.
+- Archived stale note artifacts (`personalNotes.txt`, `notesFromManualTesting.txt`) and archived `docs/InReview/REPO_PACK` into dated `docs/archive/` bundles with updated canonical cross-links.
+- Resolved local frontend E2E gate blocker by hardening Playwright frontend port resolution to avoid runner/worker `baseURL` drift when fallback ports are used; investigation retained in `docs/analysis/2026-02-25_frontend-gate-port-bind-and-cors-blockers.md`.
+- Hardened local frontend manual startup (`npm run dev`) with deterministic port fallback (`5173` -> `4173` -> `5001`), bind-first occupied-port skipping for new Vite processes, and strict-port startup so restricted `5173` environments no longer fail or drift through implicit Vite port auto-increment.
+- Resolved frontend container-image `npm ci` policy blockers by keeping SignalR-compatible `ws@7.5.10` via vendored local tarball dependency (`file:vendor/ws-7.5.10.tgz`) and moving `p-limit` override to compatible `3.0.2`, removing forbidden registry tarball fetches while avoiding cross-major override drift.
+- Archived `REFACTOR_AUDIT_AND_ACTION_PLAN_2026-02-13.md` into `docs/archive/2026-02-13_phase4-doc-consolidation/audits-and-history/`.
+- Added CI hardening parity updates: concurrency cancellation, frontend typecheck/build enforcement, TRX/JUnit failure artifacts, and package/browser caches.
+- Delivered OPS-19 CI topology first pass (`#168`): migrated required pipeline entrypoint to `.github/workflows/ci-required.yml` and extracted docs-governance lane into reusable workflow `.github/workflows/reusable-docs-governance.yml`.
+- Delivered OPS-19 CI topology second pass (`#168`): extracted backend architecture and frontend unit lanes into reusable workflows (`.github/workflows/reusable-backend-architecture.yml`, `.github/workflows/reusable-frontend-unit.yml`) and routed `ci-required.yml` through them.
+- Delivered OPS-19 CI topology API-integration extraction (`#168`): extracted API integration lane into reusable workflow `.github/workflows/reusable-api-integration.yml` and routed `ci-required.yml` through it while preserving Ubuntu/Windows matrix behavior.
+- Delivered OPS-19 CI topology third pass (`#168`): added `merge_group` trigger parity to `.github/workflows/ci-required.yml` so merge-queue evaluation runs the same required checks as PR/push.
+- Delivered OPS-19 CI topology fourth pass (`#168`): extracted backend-unit lane into reusable workflow `.github/workflows/reusable-backend-unit.yml` and routed `ci-required.yml` through it while preserving Ubuntu/Windows matrix behavior and domain/application/CLI split coverage.
+- Delivered OPS-19 CI topology fifth pass (`#168`): extracted container image and E2E smoke lanes into reusable workflows (`.github/workflows/reusable-container-images.yml`, `.github/workflows/reusable-e2e-smoke.yml`) and routed `ci-required.yml` through them while preserving required-gate dependencies and artifact behavior.
+- Delivered OPS-19 CI topology sixth pass (`#168`): added non-blocking and scheduled orchestrator workflows (`.github/workflows/ci-extended.yml`, `.github/workflows/ci-nightly.yml`) plus release/security orchestration (`.github/workflows/release-security.yml`) and reusable full backend regression lane (`.github/workflows/reusable-backend-solution.yml`) to make nightly and release topology explicit.
+- Delivered OPS-19 CI topology completion (`#168`): added `ci-release.yml` release build-verification lane with SBOM/provenance placeholder, added comprehensive workflow topology documentation to `ci-required.yml` header, added topology reference comments to all orchestrator workflows, added `CODEOWNERS` for `.github/workflows/` governance, and updated CI Status section in `STATUS.md` to reflect the full topology including `nightly-quality.yml`.
+- Added docs governance script and architecture boundary tests as CI invariants.
+- Added GitHub operations governance script to enforce issue-template label hygiene and project-automation doc invariants in CI.
+- Retrofitted boards controller family to claims-first authz with integration coverage for 401/403/cross-user/happy path.
+- Retrofitted columns/cards/labels/export/queue/board-access to claims-first identity and removed caller-supplied actor query/body IDs.
+- Added request-correlation middleware and propagated request IDs into Ops command correlation IDs.
+- Added lightweight timing/result diagnostics for log queries and automation proposal execution.
+- Recorded cross-user existence policy decision: use `403` for authenticated-but-unauthorized access, reserve `404` for true missing resources.
+- Aligned active docs cross-links/date stamps across `STATUS`, `IMPLEMENTATION_MASTERPLAN`, `TESTING_GUIDE`, and `MANUAL_TEST_CHECKLIST`.
+- Confirmed GitHub Project operational safety view as `No Status` (`no:status`) and documented release/weekly safety checks.
+- Enforced `[Authorize]` on remaining legacy controllers (columns/cards/labels/export/audit/llm-queue/board-access/users) with expanded API integration `401` coverage.
+- Retrofitted audit/users families to claims-first actor identity and self-scoped access with cross-user `403` coverage.
+- Expanded authz regression matrix tests across legacy + advanced protected controllers for explicit `401/403/404` policy assertions.
+- Advanced SEC-11 cross-user convergence (`#152`) with proposal-scope authorization enforcement in automation proposal lifecycle endpoints (`get/approve/reject/execute/diff`) and expanded API integration policy coverage for automation/logs/starter-pack protected routes.
+- Advanced SEC-11 cross-user convergence (`#152`) with archive read-path authorization hardening: archive item list/detail/entity-lookup endpoints now enforce board-read permissions for the authenticated caller (`403` for cross-user unauthorized, `404` for true missing), with expanded application/API regression coverage.
+- Advanced SEC-11 cross-user convergence (`#152`) with audit entity-history authorization hardening: `GET /api/audit/entities/{entityType}/{entityId}` now resolves board-scoped entities (`Board`/`Column`/`Card`/`Label`) and enforces board-read permissions (`403` cross-user unauthorized, `404` true missing), with expanded API regression matrix coverage.
+- Advanced SEC-11 cross-user convergence (`#152`) with LLM queue board-scope authorization hardening: `POST /api/llm-queue` now enforces board-read permissions when `boardId` is provided (`403` cross-user unauthorized, `404` true missing board), with expanded application/API regression matrix coverage.
+- Advanced SEC-11 cross-user convergence (`#152`) with final API coverage sweep: added explicit cross-user `403` assertions for board update, board-access management endpoints (`list/grant/update/revoke`), and chat session/message endpoints; added explicit chat `404` assertions for true missing session IDs.
+- Delivered API-06 centralized exception/fallback error-contract hardening (`#153`): added global unhandled-exception middleware returning deterministic `ApiErrorResponse` (`UnexpectedError`) without internal exception leakage, standardized unknown-result fallback `500` mapping to the same contract shape, and added fault-injection API integration coverage asserting fallback payload shape plus correlation header expectations.
+- Delivered SEC-06 API rate-limiting hardening (`#81`): added partitioned fixed-window rate limiting policies (auth per-IP, capture write per-user, hot-path per-user), deterministic `429` `ApiErrorResponse` contract with retry metadata headers (`Retry-After`, `X-RateLimit-Policy`), endpoint-level policy application across auth/capture/chat/llm queue paths, and regression coverage for burst throttling, reset-window recovery, and cross-user false-positive boundaries.
+- Delivered SEC-06 forwarded-header trust follow-through (`#81`): rate-limit partitioning now supports trusted forwarded-header processing behind explicit proxy/network allowlists plus configurable forwarded-hop depth (`ForwardedHeaders:ForwardLimit`), keeps safe no-trust defaults when allowlists are unset, hardens `OnRejected` write-order guardrails for started responses, adds regression coverage for trusted multi-hop forwarded-client partition behavior, and documents emergency kill-switch + proxy-topology smoke-check operations.
+- Delivered SEC-05 OWASP baseline hardening (`#80`): added API security-header middleware with environment-aware HSTS behavior, added API integration coverage for security-header presence on success/auth-failure responses and HTTPS HSTS emission posture, and published `docs/security/SECURITY_OWASP_BASELINE.md` to document CSRF/XSS posture and tracked follow-up gaps.
+- Delivered TST-14 architecture-guard expansion (`#157`): added deterministic architecture invariants for source-layer purity (forbidden namespace imports in Domain/Application), controller boundary rules (`ControllerBase` direct inheritance restricted to auth/health controllers), and protected-controller `[Authorize]` declaration enforcement.
+- Delivered AUTH-06 register/login hardening (`#174`) by preventing inactive-candidate short-circuit lockout in identifier-collision login paths, adding actionable duplicate-registration guidance, and expanding backend/frontend regression coverage for duplicate-register-then-login flow plus account-state vs invalid-credentials contract behavior.
+- Delivered TST-01 load/concurrency regression harness (`#70`): added k6 board-heavy API profile with thresholds and diagnostics, added Playwright multi-session concurrency scenarios, and wired reusable load harness workflow into `ci-extended`/`ci-nightly` with artifact uploads.
+- Delivered ARCH-01 multi-tenancy strategy ADR (`#71`): documented option tradeoffs (`database-per-tenant`, `schema-per-tenant`, `shared-schema + TenantId`), selected phased target model, and published tenant-isolation readiness + test strategy checklist.
+- Delivered FE-11 frontend lint baseline + CI gate (`#154`): added Vue 3 + TypeScript ESLint baseline (`.eslintrc.cjs`), introduced `npm run lint` with zero-warning enforcement, integrated lint into reusable frontend CI workflow, and documented lint suppression guidance in active testing docs.
+- Delivered FE-12 frontend coverage threshold gate (`#155`): enforced global + critical-surface Vitest coverage thresholds (`src/api`, `src/store`, `src/composables`, `src/utils`, `src/components/board`), switched required frontend CI lane to thresholded coverage execution, and standardized JUnit+coverage artifact upload for triage.
+- Delivered COL-02 notification framework (`#72`): added notification domain/persistence + preferences model, shipped authenticated inbox/preferences/read-state APIs with preference-aware deduped event publication for mention/assignment/proposal-outcome families, integrated frontend inbox/preferences routes + stores, and expanded backend/frontend regression coverage.
+- Delivered COL-04 card comments/mentions workflow (`#74`): added threaded card comments with reply constraints and moderation-aware edit/delete policy, integrated mention parsing with board-scope user linking and notification publication, shipped board/card comment APIs + frontend modal interactions, and expanded backend/frontend regression coverage.
+- Delivered INT-01 external import adapters foundation (`#75`): added board-scoped external import endpoint with provider-registry orchestration, shipped CSV adapter path with outreach-contact mapping and deterministic dedupe-key ordering (`linkedin_url` -> `email` -> normalized `display_name+company`), added dry-run/apply create-update-skip/conflict reporting and rollback-safe apply semantics, enforced CSV payload/row guardrails plus archived-board import rejection behavior, and documented mapping guidance in `docs/platform/IMPORT_ADAPTERS_GUIDE.md`.
+- Delivered INT-02 webhook integration security model (`#76`): added board-scoped outbound webhook subscription/delivery runtime with endpoint + event-filter + secret-rotation/revocation controls, signed delivery dispatch, atomic claim/reload worker processing, and retry/dead-letter handling for non-success dispatch outcomes.
+- Standardized middleware-level auth failures to emit `ApiErrorResponse` payloads and added SEC-04 API integration assertions for auth + validation contract stability.
+- Aligned board archive lifecycle UX/API contract: board settings archive action now reflects soft-delete semantics, archive workspace lists/restores archived boards, and API integration covers archive-to-restore roundtrip.
+- Delivered UX-02 drag/edit interaction safety guardrails: card/column drag now starts from explicit handles only, and non-handle drag gestures are blocked with unit + E2E regression coverage.
+- Delivered UX-03 command palette keyboard model: shell command palette now supports keyboard-first item filtering, selection, and activation with unit + E2E regression coverage.
+- Delivered UX-04 activity selector discoverability: activity workflows now use selector-first board/entity/user exploration with ID copy affordance and unit + E2E regression coverage.
+- Delivered UX-04 shared input-assist scaffolding: shared combobox/listbox input-assist is now integrated into Ops template selection and automation chat board targeting with keyboard-first option navigation and dedicated unit coverage.
+- Delivered UX-05 escape behavior contract: Escape now closes only the top-most transient surface per key press, board routes exit to `/workspace/boards` when clean, and regression coverage spans shell/unit and board keyboard-flow E2E paths.
+- Delivered AUTO-01 provider strategy: deterministic environment-aware `ILlmProvider` selection now gates OpenAI usage behind explicit config while keeping mock default safety, with policy + provider tests for switching behavior.
+- Delivered AUTO-03 provider-agnostic runtime (`#232`): expanded `ILlmProvider` runtime support to `OpenAI` + `Gemini` with deterministic config validation fallback to `Mock`, added Gemini provider adapter + policy/test coverage, and extended capture/chat integration assertions for provider/model provenance and non-mock provider stubs.
+- Delivered SEC-16 managed-key identity attribution baseline (`#236`): added server-derived chat provider attribution contract (`userId`, correlation ID, source surface, board/session scope), standardized provider attribution header mapping with pseudonymous provider user-token usage, persisted capture provenance attribution metadata for audit follow-through, and expanded backend regression coverage for attribution propagation and spoofing rejection.
+- Delivered AUTO-02 planner/executor hardening: expanded deterministic planner instruction coverage (board/column intents), hardened executor parameter validation and partial-failure semantics, and improved audit entity attribution with new regression coverage.
+- Delivered MVP-01 chat-to-project bootstrap: canonical Markdown checklist paste now creates a proposal-first board bootstrap plan in chat, with one-click approve+execute path and regression coverage for happy path + key validation failures.
+- Delivered PACK-01 starter-pack manifest foundation: added v1 manifest schema documentation and deterministic backend validator/test coverage for parsing, compatibility rules, and cross-reference validation.
+- Delivered PACK-02 starter-pack apply backend: added `/api/boards/{boardId}/starter-packs/apply` with idempotent apply semantics, dry-run actionable conflict reporting, and API integration coverage for apply success/re-apply/conflict paths.
+- Delivered PACK-03 starter-pack frontend catalog: added board-level starter pack catalog UI with search, preview (dry-run), and one-click apply flow, plus frontend API/component interaction tests.
+- Delivered PACK-04 first-party starter packs v1: added API-backed first-party starter-pack catalog with common labels, common column flow, and 3 board blueprints, plus backend/frontend coverage for catalog usability and validity.
+- Delivered PACK-05 deterministic fixture packs: added Playwright starter-pack fixture bootstrap helpers with manifest-backed small/medium/edge scenarios and dedicated E2E regression coverage.
+- Delivered PACK-07 warning-first starter-pack apply UX (`#176`): non-blocking seed-card conflicts now return warning severity (not hard-stop `409`), apply now proceeds when only warnings exist, and the starter-pack modal now surfaces explicit applied/skipped/blocked/warning outcomes with updated backend/frontend regression coverage.
+- Delivered OPS-20 ops role discoverability and permission guidance (`#179`): Ops console now surfaces current role + runnable-template context, restricted template failures now return actionable role-escalation guidance with runnable fallback lists, profile settings now expose role/capability posture, and operator/manual docs now document the role-assignment workflow.
+- Delivered UX-11 archive lifecycle control refinement (`#177`): board settings now use a single lifecycle action (archive/restore) instead of duplicated archive controls, archive workspace now supports hide/unhide behavior for archived boards with explicit hidden-board reveal toggles, and regression coverage now includes API lifecycle transitions plus archive visibility filtering behavior.
+- Delivered DEBT-01 nullability reduction: removed current domain `CS8618` warnings using EF-safe non-null default initialization patterns and verified backend regression suite pass.
+- Delivered DEBT-02 log-query scalability pass: replaced broad in-memory + command-run N+1 log composition with repository-filtered query paths while preserving logs API behavior and contracts.
+- Delivered COL-01 realtime board updates (`#67`): added authz-safe SignalR board subscriptions, app-layer mutation event publishing, frontend realtime lifecycle with polling fallback, and regression coverage across API/unit/E2E suites.
+- Delivered OBS-01 observability baseline (`#68`): added OpenTelemetry tracing/metrics wiring, worker/queue/heartbeat telemetry emission, correlation-to-trace tagging, and versioned runbook/alert threshold documentation.
+- Delivered OPS-07 containerized deployment baseline (`#69`): added production-oriented backend/frontend Dockerfiles, compose-based proxy stack with gzip/security header posture, CI image artifact packaging, and deployment runbook coverage.
+- Delivered OPS-16 deployment/container hardening verification matrix (`#142`): added `scripts/deploy/Verify-TaskdeckDeploymentHardening.ps1` to automate secret-enforcement, proxy-header, unauthorized-path, and startup/restart/shutdown checks; published pass/fail matrix criteria in `docs/ops/DEPLOYMENT_HARDENING_MATRIX.md`; and extended testing/manual/deployment runbooks with the new verification path.
+- Expanded local Docker MCP Marketplace setup: enabled additional Docker catalog servers (including SQLite/JetBrains/Postman candidates), configured Docker gateway defaults in project Codex config, and documented optional credential-gated integrations.
+- Added MCP operator runbook + scripts (`Set-MarketplaceMcpCredentials.ps1`, `Test-DockerMcpProfile.ps1`) for daily/weekly workflow integration and deterministic optional-server verification.
+- Delivered TST-07 MCP integration smoke/regression harness (`#141`): optional-server prerequisite diagnostics are now explicit, strict/warning/skip policies are codified, and CI-friendly deterministic status output is documented and shipped.
+- Seeded capture realignment wave issues (`#199` to `#213`), updated the wave index (`#107`) with a dedicated capture wave, and extended SEC-06 rate-limiting scope (`#81`) to include capture endpoints.
+- Seeded future-expansion backlog issues (`#67` to `#111`) and added execution-wave index (`#107`).
+- Applied `Priority I` through `Priority V` labels to every repository issue.
+- Seeded testing-harness wave issues (`#254` to `#260`) and updated in-review extraction records with duplicate prevention notes.
+- Seeded outreach CRM deferred-wave issues (`#262` to `#268`) and reconciled overlapping scope into existing issues (`#75`, `#77`, `#175`, `#107`).
+- Delivered TST-CODEX-01 to TST-CODEX-15 unit test coverage wave (`#415` to `#429`, PRs `#436` to `#448`): added frontend API/composable/store tests and backend domain entity/application service/API tests across 13 PRs, with adversarial review fixes for tautological assertions, missing guard branches, modifier-key coverage, and edge-case gaps.
+- Delivered AGT-01 follow-up (PR `#453`): removed `FromSqlInterpolated` raw-SQL SQLite branch from `AgentRunRepository`; now uses pure LINQ path for all agent-run queries.
+- Delivered KNOW-01 follow-up (PR `#454`): `KnowledgeChunkRepository.DeleteByDocumentIdAsync` now uses `ExecuteDeleteAsync` for a single-roundtrip server-side delete; `KnowledgeFtsSearchService` GUID lookups use `.ToUpperInvariant()` to match EF Core uppercase storage; `SourceType` column typed as `int?`; application-managed FTS sync via `UpdateFtsIndexAsync`/`DeleteFtsIndexAsync` replaces broken trigger pattern; `SanitizeFtsQuery` internal method added for FTS5 query safety.
+- Delivered UI-01 follow-up (PR `#455`): DRY accent-color refactor in `design-tokens.css` — 9 hardcoded hex values replaced with `--_td-light-accent` and `--_td-light-accent-hover` CSS variables; single source of truth for the primary action accent.
+- Delivered TST-26 knowledge service tests (PR `#456`): 32 new backend tests across `KnowledgeServiceChunkContentTests`, `KnowledgeFtsSearchServiceSanitizeTests`, `KnowledgeServiceAuthorizationTests`, and `KnowledgeApiTests`; includes EF Core migration with proper Designer snapshot, SQLite DateTimeOffset ORDER BY fix via `FromSqlInterpolated`, and FTS5 trigger-removal migration.
+- Delivered UI-03 primitive stack decision spike (PR `#457`): `docs/analysis/ui-primitive-stack-decision-spike.md` documents the selection of shadcn-vue over Reka UI direct and Headless UI across 6 evaluation criteria (component count, ARIA baseline, copy-paste ownership, accessibility maturity, Vue 3 compatibility, ecosystem trajectory).
+- Delivered DOC-05 / SEC-17 managed-key usage policy (PR `#458`): `docs/security/MANAGED_KEY_USAGE_POLICY.md` — user-facing fair-use limits, prohibited patterns (scraping, bulk operations, key extraction), enforcement ladder (warn → restrict → suspend → ban), and appeals process; linked from active security docs.
+- Delivered SEC-10 secrets and configuration management baseline (PR `#459`): `docs/security/SECRETS_MANAGEMENT_BASELINE.md` with secret inventory, per-environment storage model, and rotation runbooks; `deploy/docker-compose.yml` updated to wire `Llm__EnableLiveProviders`, `Llm__Provider`, `Llm__OpenAi__ApiKey`, and `Llm__Gemini__ApiKey` env vars through to the API container.
+- Delivered SEC-19 incident response drills (PR `#460`): `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md` covering 4-stage incident lifecycle (detect → contain → eradicate → recover) with identity-scope quarantine accuracy note (caller-self only); `scripts/drills/` with 5 failure-injection drill scripts (`drill-api-auth-failure.sh`, `drill-api-rate-limit-exhaustion.sh`, `drill-budget-threshold-breach.sh`, `drill-mcp-config-validation.sh`, `drill-provider-degradation.sh`) and `run-all-drills.sh` orchestrator.
+- Delivered ActivityView decomposition (PR `#461`): `ActivityView.vue` reduced from ~735 → ~117 lines via extracted `useActivityQuery` composable (API fetching/filtering state), `ActivitySelector.vue` (board/entity/user picker UI), and `ActivityResults.vue` (result list rendering); unit + component tests added for each piece.
+- Delivered PERF-08 frontend latency budgets (PR `#462`): `usePerformanceMark` composable with `performance.mark()`/`performance.measure()` API and reactive `duration`/`overBudget` refs; `PERF_BUDGETS` constants; 16 workspace route views converted to lazy `() => import()` for route splitting; `docs/PERFORMANCE_BUDGETS.md` with 7 documented latency thresholds; CaptureModal instrumented.
+- Delivered BoardView decomposition (PR `#463`): `BoardView.vue` reduced from ~771 → ~270 lines via `useBoardDragDrop` (column/card DnD logic), `useBoardKeyboardNav` (j/k/h/l keyboard selection), `BoardToolbar.vue` (header, presence, filter, settings actions), `BoardActionRail.vue` (board-context action strip), `BoardCanvas.vue` (column DnD scaffold + ColumnLane), `BoardDialogHost.vue` (all modal/overlay hosting); unit + component tests added.
+- Delivered UI-02 shared UI primitives foundation (PR `#464`): 15 shared primitive components in `src/components/ui/` — `TdButton`, `TdIconButton`, `TdInput`, `TdTextarea`, `TdSelect`, `TdFieldWrapper`, `TdDialog`, `TdDropdown`, `TdPopover`, `TdTooltip`, `TdToast`, `TdInlineAlert`, `TdSkeleton`, `TdSpinner`, `TdBadge`, `TdTag`, `TdEmptyState`; built on Reka UI via shadcn-vue copy-paste ownership; WAI-ARIA keyboard foundation throughout.
+- Delivered OUT-01 JSON manifest import tab (PR `#465`): `StarterPackCatalogModal.vue` gains a JSON Import tab with paste/file-upload, validate→dry-run→apply flow; JSON payload parsed against the v1 manifest schema with actionable error display before apply.
+- Delivered SEC-12 session-token storage hardening (PR `#466`): `utils/tokenStorage.ts` centralizes all JWT token/session key access behind `getToken`/`setToken`/`clearAll`; `isValidJwtStructure` validates base64url segment count AND decodes the payload as JSON (rejecting structurally invalid tokens like `aaa.bbb.ccc`); `router/index.ts` and `sessionStore` migrated to tokenStorage abstraction; CSP `unsafe-inline` removed from `script-src`; OWASP baseline doc updated with CSP note; session-token storage ADR at `docs/analysis/session-token-storage-adr.md`.
+- Delivered StarterPack service decomposition (PR `#467`): `StarterPackManifestValidator` extracted into `StarterPackSchemaValidator` (structure/field/collection validation), `StarterPackSemanticValidator` (content/cross-reference constraints), `StarterPackConflictDetector` (dry-run board-state conflict detection), and `StarterPackIdempotencyChecker` (re-apply idempotency logic); duplicate null-collection validation bug fixed in self-review.
+- Delivered SEC-18 abuse detection operator tooling + domain groundwork (PR `#468`): `AbuseActor.cs` + `AbuseEvent.cs` domain entities with 4-state containment model (Observe → Suspicious → Restricted → Blocked); `AbuseDetectionService` with signal evaluation, state-machine transitions, operator quarantine/unquarantine/block/list API groundwork; live-traffic wiring is an explicit follow-up slice.
+- Delivered ArchiveRecovery service decomposition (PR `#469`): `ArchiveRecoveryService` extracted into `ArchiveConflictDetector` (pre-restore board-name/column/label conflict detection), `RestorePlanner` (produces ordered restore operations), and `RestoreExecutor` (applies restore operations transactionally).
+- Delivered AutomationExecutor pipeline decomposition (PR `#470`): `AutomationExecutorService` extracted into `OperationParameterParser` (type-safe parameter extraction), `ExecutionAuditRecorder` (per-operation audit emission), and `OperationHandlerRegistry` (handler dispatch table); each piece unit-tested independently.
+- Delivered deploy/MCP failure injection drills (PR `#471`): `scripts/drills/` with 5 shell scripts covering API auth failure, rate-limit exhaustion, budget threshold breach, MCP config validation/unknown-server handling, and provider degradation scenarios; `run-all-drills.sh` orchestrator with pass/fail summary; corrected drill-mcp scope to config validation (not credential injection) in self-review.
+
+## Canonical Documentation Policy
+
+Authoritative docs:
+- `docs/STATUS.md`
+- `docs/IMPLEMENTATION_MASTERPLAN.md`
+- `docs/TESTING_GUIDE.md`
+- `docs/MANUAL_TEST_CHECKLIST.md`
+
+Audience-first product docs:
+- `docs/START_HERE.md`
+- `docs/USER_MANUAL.md`
+- `docs/product/DEMO_PLAYBOOK.md`
+
+Historical/spec detail material:
+- `docs/archive/` (latest consolidation bundle: `docs/archive/2026-02-13_phase4-doc-consolidation/`)
+
+Rule:
+- If archive content conflicts with active docs, active docs win.
diff --git a/docs/decisions/ADR-0026-cloud-cost-observability.md b/docs/decisions/ADR-0026-cloud-cost-observability.md
new file mode 100644
index 00000000..655bf6f0
--- /dev/null
+++ b/docs/decisions/ADR-0026-cloud-cost-observability.md
@@ -0,0 +1,71 @@
+# ADR-0026: Cloud Cost Observability and Budget Guardrails
+
+- **Status**: Accepted
+- **Date**: 2026-04-09
+- **Deciders**: Project maintainers
+
+## Context
+
+Taskdeck is transitioning from a purely local-first SQLite tool to a cloud-hosted deployment model (see ADR-0014, platform expansion strategy). Cloud hosting introduces ongoing variable costs that do not exist in local-first operation: compute instances, LLM API calls, storage growth, logging/telemetry volume, network egress, and DNS/domain hosting.
+
+Three characteristics make proactive cost observability essential:
+
+1. **LLM API calls are high-variance**: A single user session with tool-calling can generate 5+ provider round-trips. OpenAI GPT-4o-mini and Gemini 2.5 Flash have different pricing structures, so they must be tracked separately rather than treated as equivalent. The GPT-4o-mini reference model in SPIKE_618 cost roughly $0.00088 per 3-round conversation, but that estimate is only a baseline.
+
+2. **Local-first heritage means no existing cloud cost discipline**: The team has never operated cloud infrastructure at scale. Without explicit budget guardrails, cost surprises are likely during the v0.2.0 cloud launch.
+
+3. **Several features have high-variance cost scaling**: LLM token consumption grows faster than request count when tool-calling multiplies per-message cost, logging volume scales with request count and verbosity configuration, and database storage grows continuously with audit trail accumulation. Even linearly-scaling features like SignalR connections become cost-relevant at scale.
+
+Issue #104 (OPS-12) requires establishing cost visibility, budget alerting, and mitigation playbooks before cloud deployment begins.
+
+## Decision
+
+Establish a proactive cloud cost observability framework with three layers:
+
+1. **Cost telemetry and dashboards**: Define cost dimensions (compute, storage, LLM API, logging, network, CI/CD), track them through cloud provider billing APIs and application-level metrics, and maintain a monthly cost review workflow.
+
+2. **Budget alert thresholds**: Implement tiered alerting at 70% (warning), 90% (critical), and 100% (hard cap) of monthly budget. Alerts route to documented owners with escalation paths.
+
+3. **Feature-level cost hotspot registry**: Maintain a living document mapping high-variance features to their cost drivers, scaling behavior, mitigation levers, and action owners. This registry is reviewed monthly alongside the cost dashboard.
+
+Supporting artifacts:
+- `docs/ops/CLOUD_COST_OBSERVABILITY.md` - framework, dimensions, review workflow
+- `docs/ops/COST_HOTSPOT_REGISTRY.md` - feature-level cost risk tracking
+- `docs/ops/BUDGET_BREACH_RUNBOOK.md` - detection-to-resolution playbook
+
+## Alternatives Considered
+
+- **Reactive-only cost management**: Wait for cost surprises and address them as incidents. Rejected because LLM API costs can spike rapidly (a bug enabling unbounded tool-calling loops could exhaust a monthly budget in hours), and cloud provider billing is typically delayed 4-24 hours.
+
+- **Third-party cost management platform (e.g., Kubecost, Vantage, CloudHealth)**: Adds operational complexity and cost. The current single-node deployment (see `docs/ops/DEPLOYMENT_TERRAFORM_BASELINE.md`) does not justify a dedicated cost management tool. Revisit when multi-node or multi-cloud deployment is in scope.
+
+- **Cloud provider native budgets only (AWS Budgets)**: Necessary but insufficient. AWS Budgets alone cannot correlate application-level behavior (e.g., which feature or user is driving LLM cost) with billing data. The framework uses provider budgets as the alerting backbone while adding application-level cost attribution.
+
+- **Hard spending caps with automatic shutdown**: Too aggressive for a product with active users. The framework uses graduated mitigation (rate-limit, degrade, scale-down) rather than hard shutdown, preserving non-LLM functionality during cost incidents.
+
+## Consequences
+
+**Positive**:
+- Cost surprises during v0.2.0 cloud launch are caught early through tiered alerts.
+- Monthly review cadence creates institutional knowledge about cost trends before they become emergencies.
+- Feature owners have explicit accountability for cost-impacting decisions.
+- Budget breach runbook reduces mean-time-to-mitigate for cost incidents.
+
+**Negative**:
+- Monthly review workflow adds operational overhead (estimated 30-60 minutes per review).
+- Cost estimates in the hotspot registry are approximations that require calibration against real production data.
+- Alert thresholds may need tuning during initial cloud operation - too sensitive causes alert fatigue, too loose defeats the purpose.
+
+**Neutral**:
+- Cost observability artifacts become part of the ops documentation surface that must be maintained alongside infrastructure changes.
+- The framework is cloud-provider-aware (AWS-focused given the Terraform baseline) but the principles are portable.
+
+## References
+
+- Issue: #104 (OPS-12: Cloud cost observability and budget-guardrail automation)
+- Terraform baseline: `docs/ops/DEPLOYMENT_TERRAFORM_BASELINE.md` (#102)
+- Observability baseline: `docs/ops/OBSERVABILITY_BASELINE.md` (#68)
+- LLM cost context: `docs/spikes/SPIKE_618_COMPLETED.md` (tool-calling cost model)
+- Managed-key quota policy: `docs/security/MANAGED_KEY_USAGE_POLICY.md` (#240)
+- Platform expansion strategy: ADR-0014
+- Disaster recovery runbook: `docs/ops/DISASTER_RECOVERY_RUNBOOK.md` (#86)
diff --git a/docs/decisions/INDEX.md b/docs/decisions/INDEX.md
index 9b0089da..23567b8e 100644
--- a/docs/decisions/INDEX.md
+++ b/docs/decisions/INDEX.md
@@ -5,29 +5,29 @@
 | [0001](ADR-0001-clean-architecture-layering.md) | Clean Architecture Layering | Accepted | 2025 |
 | [0002](ADR-0002-claims-first-identity.md) | Claims-First Identity Model | Accepted | 2026-01 |
 | [0003](ADR-0003-proposal-first-automation.md) | Proposal-First Automation (Review-First Safety) | Accepted | 2026-02-23 |
-| [0004](ADR-0004-multi-tenancy-shared-schema.md) | Multi-Tenancy — Shared Schema + TenantId | Accepted | 2026-02-22 |
-| [0005](ADR-0005-capture-model-queue-wrapper.md) | Capture Model — Queue-Wrapper MVP | Accepted | 2026-02-23 |
-| [0006](ADR-0006-llm-provider-mock-default.md) | LLM Provider — Mock-Default with Config-Gated Live Providers | Accepted | 2026-02 |
+| [0004](ADR-0004-multi-tenancy-shared-schema.md) | Multi-Tenancy - Shared Schema + TenantId | Accepted | 2026-02-22 |
+| [0005](ADR-0005-capture-model-queue-wrapper.md) | Capture Model - Queue-Wrapper MVP | Accepted | 2026-02-23 |
+| [0006](ADR-0006-llm-provider-mock-default.md) | LLM Provider - Mock-Default with Config-Gated Live Providers | Accepted | 2026-02 |
 | [0007](ADR-0007-stable-error-contracts.md) | Stable Error Contracts (ApiErrorResponse) | Accepted | 2026-01 |
 | [0008](ADR-0008-novice-first-product-legibility.md) | Novice-First Product Legibility Before Breadth | Accepted | 2026-03-07 |
-| [0009](ADR-0009-session-token-storage.md) | Session Token Storage — localStorage with Mitigations | Accepted | 2026-03-28 |
-| [0010](ADR-0010-frontend-primitive-stack-shadcn-vue.md) | Frontend Primitive Stack — shadcn-vue | Accepted | 2026-03-28 |
-| [0011](ADR-0011-design-tokens-obsidian-ember.md) | Design Token System — Obsidian & Ember Theme | Accepted | 2026-02-23 |
+| [0009](ADR-0009-session-token-storage.md) | Session Token Storage - localStorage with Mitigations | Accepted | 2026-03-28 |
+| [0010](ADR-0010-frontend-primitive-stack-shadcn-vue.md) | Frontend Primitive Stack - shadcn-vue | Accepted | 2026-03-28 |
+| [0011](ADR-0011-design-tokens-obsidian-ember.md) | Design Token System - Obsidian & Ember Theme | Accepted | 2026-02-23 |
 | [0012](ADR-0012-signalr-realtime-with-polling-fallback.md) | SignalR Realtime with Polling Fallback | Accepted | 2026-02 |
-| [0013](ADR-0013-ci-topology-reusable-workflows.md) | CI Topology — Reusable Workflow Decomposition | Accepted | 2026-03 |
-| [0014](ADR-0014-platform-expansion-four-pillars.md) | Platform Expansion — Four Pillars | Proposed | 2026-03-29 |
-| [0015](ADR-0015-starter-pack-idempotent-apply.md) | Starter Pack — Idempotent Apply with Conflict Detection | Accepted | 2026-02 |
+| [0013](ADR-0013-ci-topology-reusable-workflows.md) | CI Topology - Reusable Workflow Decomposition | Accepted | 2026-03 |
+| [0014](ADR-0014-platform-expansion-four-pillars.md) | Platform Expansion - Four Pillars | Proposed | 2026-03-29 |
+| [0015](ADR-0015-starter-pack-idempotent-apply.md) | Starter Pack - Idempotent Apply with Conflict Detection | Accepted | 2026-02 |
 | [0016](ADR-0016-security-logging-redaction.md) | Security Logging Redaction for Sensitive Flows | Accepted | 2026-02-23 |
-| [0017](ADR-0017-agent-tool-registry-review-first.md) | Agent Tool Registry — Review-First by Default | Accepted | 2026-03 |
-| [0018](ADR-0018-llm-tool-calling-custom-over-semantic-kernel.md) | LLM Tool-Calling — Custom Implementation over Semantic Kernel | Accepted | 2026-04-01 |
-| [0019](ADR-0019-mcp-server-official-sdk-embedded-hosting.md) | MCP Server — Official SDK with Embedded Hosting | Accepted | 2026-04-01 |
+| [0017](ADR-0017-agent-tool-registry-review-first.md) | Agent Tool Registry - Review-First by Default | Accepted | 2026-03 |
+| [0018](ADR-0018-llm-tool-calling-custom-over-semantic-kernel.md) | LLM Tool-Calling - Custom Implementation over Semantic Kernel | Accepted | 2026-04-01 |
+| [0019](ADR-0019-mcp-server-official-sdk-embedded-hosting.md) | MCP Server - Official SDK with Embedded Hosting | Accepted | 2026-04-01 |
 | [0020](ADR-0020-plugin-extension-architecture.md) | Plugin/Extension Architecture RFC and Sandboxing Constraints | Proposed | 2026-04-01 |
-| [0021](ADR-0021-jwt-invalidation-user-active-middleware.md) | JWT Invalidation — User-Active Middleware over Token Blocklist | Accepted | 2026-04-03 |
-| [0022](ADR-0022-analytics-export-csv-first-pdf-deferred.md) | Analytics Export — CSV First, PDF Deferred | Accepted | 2026-04-08 |
+| [0021](ADR-0021-jwt-invalidation-user-active-middleware.md) | JWT Invalidation - User-Active Middleware over Token Blocklist | Accepted | 2026-04-03 |
+| [0022](ADR-0022-analytics-export-csv-first-pdf-deferred.md) | Analytics Export - CSV First, PDF Deferred | Accepted | 2026-04-08 |
 | [0023](ADR-0023-sqlite-to-postgresql-migration-strategy.md) | SQLite-to-PostgreSQL Migration Strategy | Accepted | 2026-04-09 |
-| [0024](ADR-0024-distributed-caching-cache-aside.md) | Distributed Caching — Cache-Aside with Redis/InMemory Fallback | Accepted | 2026-04-09 |
-| [0025](ADR-0025-signalr-scaleout-redis-backplane.md) | SignalR Scale-Out — Redis Backplane | Accepted | 2026-04-09 |
+| [0024](ADR-0024-distributed-caching-cache-aside.md) | Distributed Caching - Cache-Aside with Redis/InMemory Fallback | Accepted | 2026-04-09 |
+| [0025](ADR-0025-signalr-scaleout-redis-backplane.md) | SignalR Scale-Out - Redis Backplane | Accepted | 2026-04-09 |
 | [0026](ADR-0026-cloud-cost-observability.md) | Cloud Cost Observability and Budget Guardrails | Accepted | 2026-04-09 |
 | [0027](ADR-0027-cloud-target-topology-autoscaling.md) | Cloud Target Topology and Autoscaling Reference Architecture | Accepted | 2026-04-09 |
-| [0028](ADR-0028-staged-deployment-bluegreen-canary.md) | Staged Deployment — Blue/Green with Canary Verification | Accepted | 2026-04-09 |
+| [0028](ADR-0028-staged-deployment-bluegreen-canary.md) | Staged Deployment - Blue/Green with Canary Verification | Accepted | 2026-04-09 |
 | [0029](ADR-0029-oidc-mfa-pluggable-identity.md) | OIDC/SSO Integration with Optional TOTP MFA | Accepted | 2026-04-09 |
diff --git a/docs/ops/BUDGET_BREACH_RUNBOOK.md b/docs/ops/BUDGET_BREACH_RUNBOOK.md
new file mode 100644
index 00000000..7728ed12
--- /dev/null
+++ b/docs/ops/BUDGET_BREACH_RUNBOOK.md
@@ -0,0 +1,218 @@
+# Budget Breach Runbook
+
+Last Updated: 2026-04-09
+Issue: `#104` OPS-12 Cloud cost observability and budget-guardrail automation
+Parent: `docs/ops/CLOUD_COST_OBSERVABILITY.md`
+
+---
+
+## Purpose
+
+Step-by-step playbook for responding to cloud cost budget breaches. Covers detection, triage, mitigation, and post-incident review. This runbook is triggered when budget alerts fire at the Critical (90%) or Hard Cap (100%) tier.
+
+---
+
+## Severity Definitions
+
+| Severity | Trigger | Response time | Owner |
+|---|---|---|---|
+| Warning | 70% of monthly budget reached | Next business day | Cost dimension owner |
+| Critical | 90% of monthly budget reached | Within 4 hours | On-call + cost dimension owner |
+| Hard cap | 100% of monthly budget reached | Within 1 hour | On-call + all stakeholders |
+
+---
+
+## Phase 1: Detection
+
+Budget breach alerts arrive through one of these channels:
+
+1. **AWS Budgets SNS notification** — email or integration (Slack/PagerDuty) when infrastructure spend crosses a threshold.
+2. **Application-level LLM quota alert** — log warning when daily aggregate LLM token spend exceeds the projected daily share of the monthly budget. Treat this as a warning heuristic and compare it against month-to-date trend before escalation because bursty usage can create false positives.
+3. **Manual discovery** — spotted during monthly cost review or ad-hoc billing console check.
+
+### Detection Checklist
+
+- [ ] Confirm the alert is genuine (not a test or duplicate)
+- [ ] Identify the severity tier (Warning / Critical / Hard Cap)
+- [ ] Identify which cost dimension triggered the alert (Compute, Storage, LLM, Logging, Network, CI/CD)
+- [ ] Record the alert timestamp and current spend amount
+- [ ] Notify the cost dimension owner (see `CLOUD_COST_OBSERVABILITY.md` alert owners table)
+
+---
+
+## Phase 2: Triage
+
+Goal: Determine the root cause and assess ongoing impact within the response time window.
+
+### Triage Decision Tree
+
+```
+Is the cost spike from LLM API usage?
+├── Yes → Go to "LLM Cost Triage"
+├── No
+    Is the cost spike from logging/telemetry?
+    ├── Yes → Go to "Logging Cost Triage"
+    ├── No
+        Is the cost spike from compute?
+        ├── Yes → Go to "Compute Cost Triage"
+        ├── No
+            Is the cost spike from storage?
+            ├── Yes → Go to "Storage Cost Triage"
+            └── No → Go to "General Cost Triage"
+```
+
+### LLM Cost Triage
+
+1. Check `ILlmQuotaService` usage data for the current period:
+   - Which users are the top token consumers?
+   - Which surface (Chat, CaptureTriage, Worker) is generating the most usage?
+   - Are tool-calling round counts abnormally high?
+2. Check for runaway patterns:
+   - Is a single user or automated integration consuming >30% of total LLM spend?
+   - Are there tool-calling loops (same tool called repeatedly with identical arguments)?
+   - Is the `ClarificationDetector` being bypassed, causing extra rounds?
+3. Check for configuration drift:
+   - Was `LlmToolCalling:Enabled` disabled, or did a code change lower `ToolCallingChatOrchestrator.MaxRounds`?
+   - Was `LlmQuota:GlobalBudgetCeilingTokens` raised or removed?
+   - Was a more expensive model configured (e.g., GPT-4o instead of GPT-4o-mini)?
+4. Check LLM provider dashboard (OpenAI/Gemini) for independent cost confirmation.
+
+### Logging Cost Triage
+
+1. Check CloudWatch / OTLP backend ingestion volume for the current period.
+2. Identify the top log sources by volume (which service, endpoint, or component).
+3. Check if log level was changed (e.g., DEBUG enabled in production).
+4. Check if trace sampling rate was reduced (capturing 100% of traces).
+5. Look for noisy error loops generating repeated log entries.
+
+### Compute Cost Triage
+
+1. Check if the instance type was changed or a larger instance provisioned.
+2. Check CPU and memory utilization — is the instance right-sized?
+3. Check if additional instances were spun up (manual or auto-scaling drift).
+4. Check for zombie processes or stuck background workers consuming resources.
+
+### Storage Cost Triage
+
+1. Check EBS volume size and utilization.
+2. Check S3 bucket size — is the noncurrent version expiry policy working?
+3. Check SQLite database file size — has it grown unexpectedly?
+4. Check for large export artifacts or backup files accumulating.
+
+### General Cost Triage
+
+1. Check AWS Cost Explorer for the top spending services.
+2. Compare current-month daily spend to the previous month's daily average.
+3. Identify any new AWS resources that were not part of the baseline.
+4. Check for data transfer spikes (large export downloads, API abuse).
+
+---
+
+## Phase 3: Mitigation
+
+Apply the minimum effective mitigation for the identified root cause. Prefer graduated response over hard shutdown.
+
+### LLM Cost Mitigation Actions
+
+Listed from least disruptive to most disruptive:
+
+| Priority | Action | Impact | How to execute |
+|---|---|---|---|
+| 1 | Tighten global rate limits | All users get stricter quotas | Reduce `LlmQuota:RequestsPerHour` or `LlmQuota:TokensPerDay` globally (these are global config keys, not per-user); individual abusive users can be blocked entirely via per-user Identity kill-switch (`POST /api/llm/killswitch` with `scope: Identity`) |
+| 2 | Reduce tool-calling rounds | Fewer tool calls per conversation, less capable but cheaper | Disable tool-calling via `LlmToolCalling:Enabled = false`; `MaxRounds` is a compile-time constant (`ToolCallingChatOrchestrator.MaxRounds = 5`) and cannot be changed at runtime -- lowering it requires a code change and redeployment |
+| 3 | Switch to cheaper model | Potentially lower quality responses | Change `Llm:OpenAi:Model` to a cheaper variant |
+| 4 | Activate surface kill-switch | One LLM surface disabled (e.g., Chat only) | `POST /api/llm/killswitch` with `{ "scope": "Surface", "target": "Chat", "enabled": true, "reason": "Cost emergency" }` -- **Note:** Currently returns 403 until admin roles are implemented; use `LlmKillSwitch:SurfaceKills:<SurfaceName>` config as fallback |
+| 5 | Activate per-user kill-switch | Specific abusive user blocked from LLM | `POST /api/llm/killswitch` with `{ "scope": "Identity", "target": "<userId>", "enabled": true, "reason": "Cost emergency" }` -- users can only set this for themselves; admin-scoped cross-user blocking requires admin roles (not yet implemented) |
+| 6 | Activate global kill-switch | All LLM features disabled; non-LLM features unaffected | `POST /api/llm/killswitch` with `{ "scope": "Global", "target": null, "enabled": true, "reason": "Cost emergency" }` -- **Note:** Currently returns 403 until admin roles are implemented; use `LlmKillSwitch:GlobalKill=true` config as fallback |
+| 7 | Switch all users to Mock provider | LLM features return deterministic mock responses | Set `Llm:Provider` to `Mock`, restart API |
+
+### Logging Cost Mitigation Actions
+
+| Priority | Action | Impact | How to execute |
+|---|---|---|---|
+| 1 | Reduce log retention | Older logs deleted sooner | Set CloudWatch log group retention to 7-14 days |
+| 2 | Increase log level to Warning | INFO logs no longer ingested | Set `Logging:LogLevel:Default` to `Warning` in appsettings |
+| 3 | Enable trace sampling | Fewer traces captured | Configure OTLP trace sampling rate (e.g., 10%) |
+| 4 | Exclude noisy endpoints | Health checks and high-frequency endpoints stop generating traces | Add endpoint filter to OpenTelemetry configuration |
+| 5 | Disable OTLP exporter | No traces or metrics exported | Set `Observability:EnableOpenTelemetry` to `false` |
+
+### Compute Cost Mitigation Actions
+
+| Priority | Action | Impact | How to execute |
+|---|---|---|---|
+| 1 | Right-size the instance | May reduce performance headroom | Change `instance_type` in Terraform and apply |
+| 2 | Stop non-critical services | Reduced functionality | Stop staging environment if not in active use |
+| 3 | Switch to reserved instances | Commitment required, ~30-60% savings | Purchase reserved instance via AWS console |
+
+### Storage Cost Mitigation Actions
+
+| Priority | Action | Impact | How to execute |
+|---|---|---|---|
+| 1 | Run SQLite VACUUM | Reclaims space from deleted records; requires exclusive lock and temporarily doubles disk usage during execution — schedule during low-traffic window | `sqlite3 /var/lib/taskdeck/taskdeck.db "VACUUM;"` |
+| 2 | Reduce S3 version retention | Fewer backup versions kept | Lower noncurrent version expiry from 90 days |
+| 3 | Delete old export artifacts | Users lose access to old exports | Implement S3 lifecycle rule for export objects |
+| 4 | Archive old data | Audit trail or chat history moved to cold storage | Implement data archival pipeline (future work) |
+
+---
+
+## Phase 4: Stabilization
+
+After mitigation is applied:
+
+1. **Verify the mitigation is effective**: Monitor the cost dimension for 1-2 hours to confirm the spend rate has decreased.
+2. **Communicate the change**: Notify affected users if features were degraded (e.g., LLM kill-switch, reduced log retention).
+3. **Document what happened**: Record the incident in a brief post-incident note:
+   - What triggered the breach?
+   - What was the root cause?
+   - What mitigation was applied?
+   - What was the estimated cost impact?
+   - What is the plan to prevent recurrence?
+4. **Set a review date**: Schedule a follow-up within 1 week to assess whether the mitigation can be relaxed or needs to become permanent.
+
+---
+
+## Phase 5: Post-Incident Review
+
+Conduct within 5 business days of the incident.
+
+### Review Checklist
+
+- [ ] Was the alert timely? Did the team respond within the target window?
+- [ ] Was the triage process effective? Did we identify the root cause quickly?
+- [ ] Was the mitigation proportionate? Did we apply the minimum necessary disruption?
+- [ ] What configuration or architectural change would prevent this class of breach?
+- [ ] Does the monthly budget need adjustment (was it set too low, or is usage genuinely growing)?
+- [ ] Does the hotspot registry need updating with new data?
+- [ ] Are there new mitigation levers that should be documented?
+
+### Outputs
+
+- Updated `COST_HOTSPOT_REGISTRY.md` with actual cost data from the incident
+- Budget adjustment proposal if the current budget is unrealistic
+- Action items for preventive changes (filed as GitHub issues)
+- Updated alert thresholds if the current ones are too sensitive or too loose
+
+---
+
+## Quick Reference: Emergency Actions
+
+For use when immediate action is needed and there is no time for full triage:
+
+| Scenario | Immediate action | Command / Config |
+|---|---|---|
+| LLM cost runaway | Activate global kill-switch | Set `LlmKillSwitch:GlobalKill=true` in config and restart API (the `POST /api/llm/killswitch` endpoint with `scope: Global` returns 403 until admin roles are implemented) |
+| Logging cost spike | Raise log level to Error | Set `Logging:LogLevel:Default` to `Error`, restart API |
+| Storage filling up | Identify and remove large files | `du -sh /var/lib/taskdeck/*` then assess |
+| Unknown cost source | Check AWS Cost Explorer | AWS Console → Billing → Cost Explorer → Group by Service |
+
+---
+
+## References
+
+- Cloud cost observability framework: `docs/ops/CLOUD_COST_OBSERVABILITY.md`
+- Feature cost hotspot registry: `docs/ops/COST_HOTSPOT_REGISTRY.md`
+- Disaster recovery runbook: `docs/ops/DISASTER_RECOVERY_RUNBOOK.md`
+- Managed-key incident runbook: `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md`
+- Managed-key usage policy: `docs/security/MANAGED_KEY_USAGE_POLICY.md`
+- LLM provider setup guide: `docs/platform/LLM_PROVIDER_SETUP_GUIDE.md`
+- Observability baseline: `docs/ops/OBSERVABILITY_BASELINE.md`
diff --git a/docs/ops/CLOUD_COST_OBSERVABILITY.md b/docs/ops/CLOUD_COST_OBSERVABILITY.md
new file mode 100644
index 00000000..17bed5fa
--- /dev/null
+++ b/docs/ops/CLOUD_COST_OBSERVABILITY.md
@@ -0,0 +1,283 @@
+# Cloud Cost Observability Framework
+
+Last Updated: 2026-04-09
+Issue: `#104` OPS-12 Cloud cost observability and budget-guardrail automation
+ADR: ADR-0026
+
+---
+
+## Purpose
+
+Define the cost telemetry dimensions, budget alert thresholds, monthly review workflow, and anomaly triage process for Taskdeck cloud deployments. This framework applies once Taskdeck moves beyond local-first operation into hosted environments (v0.2.0+).
+
+---
+
+## Cost Telemetry Dimensions
+
+Cloud costs are tracked across six dimensions. Each dimension maps to a billing line item, an application-level metric (where applicable), and a dashboard panel.
+
+### 1. Compute (EC2 / Container Hosting)
+
+| Attribute | Value |
+|---|---|
+| Billing source | AWS EC2 on-demand or reserved instance hours |
+| Current baseline | Single `t3.small` (dev), `t3.medium` (staging), `t3.large` (prod) per `DEPLOYMENT_TERRAFORM_BASELINE.md` |
+| Application metric | None (infrastructure-level only) |
+| Estimated monthly cost | $15-70 (single-node, on-demand: ~$15 t3.small, ~$30 t3.medium, ~$60 t3.large) |
+| Scaling driver | User concurrency, background worker load |
+
+### 2. Storage (EBS + S3)
+
+| Attribute | Value |
+|---|---|
+| Billing source | EBS volume (gp3) + S3 backup bucket |
+| Current baseline | 20-50 GB EBS for SQLite, S3 with 90-day noncurrent version expiry |
+| Application metric | Database file size (via health endpoint), S3 object count |
+| Estimated monthly cost | $5-15 (EBS) + $1-5 (S3) |
+| Scaling driver | Board/card/audit data volume, backup frequency, export artifact retention |
+
+### 3. LLM API Calls (OpenAI / Gemini)
+
+| Attribute | Value |
+|---|---|
+| Billing source | Provider API usage (OpenAI, Google Gemini) |
+| Application metric | Persisted `ILlmQuotaService` usage records and quota summaries |
+| Current baseline | GPT-4o-mini: ~$0.15/1M input tokens, ~$0.60/1M output tokens (reference baseline; verify against current OpenAI pricing). Gemini 2.5 Flash pricing differs and should be verified separately against current Google pricing. |
+| Estimated monthly cost | $5-50 (light usage, 10-50 active users) to $200-500 (heavy usage, 100+ users with tool-calling) |
+| Scaling driver | Chat messages per user, tool-calling rounds per message (max 5), capture triage volume |
+
+LLM costs are the highest-variance dimension. See `docs/ops/COST_HOTSPOT_REGISTRY.md` for detailed breakdown.
+
+### 4. Logging and Telemetry
+
+| Attribute | Value |
+|---|---|
+| Billing source | CloudWatch Logs ingestion/storage, or OTLP-compatible backend (Grafana Cloud, Datadog) |
+| Application metric | Log bytes per request (estimated from `Observability:*` config) |
+| Current baseline | OpenTelemetry traces + metrics via OTLP or console exporter |
+| Estimated monthly cost | $5-30 (low-volume, structured logging) to $100-300 (verbose logging, high request volume) |
+| Scaling driver | Request volume, log verbosity level, trace sampling rate, metric cardinality |
+
+### 5. Network (Data Transfer)
+
+| Attribute | Value |
+|---|---|
+| Billing source | AWS data transfer out, inter-AZ traffic (if multi-AZ), Route 53 hosted zones and DNS queries |
+| Application metric | Response payload sizes (approximated from API metrics) |
+| Estimated monthly cost | $1-10 (single-AZ, moderate traffic) + ~$0.50/hosted zone/month for DNS |
+| Scaling driver | API response volume, SignalR WebSocket traffic, export downloads, DNS query volume |
+
+### 6. CI/CD and Artifact Storage
+
+| Attribute | Value |
+|---|---|
+| Billing source | GitHub Actions minutes, container registry storage |
+| Application metric | None (CI platform-level) |
+| Estimated monthly cost | $0 (free tier) to $20-50 (heavy CI, private runners) |
+| Scaling driver | PR volume, test suite duration, Docker image size and retention |
+
+---
+
+## Budget Alert Thresholds
+
+Budget alerts use a three-tier model. The monthly budget target is set per environment and reviewed quarterly.
+
+| Tier | Threshold | Severity | Action |
+|---|---|---|---|
+| Warning | 70% of monthly budget | Low | Notification to cost-owner; review current spend trajectory |
+| Critical | 90% of monthly budget | High | Escalation to on-call; begin mitigation assessment |
+| Hard cap | 100% of monthly budget | Critical | Execute mitigation actions from `BUDGET_BREACH_RUNBOOK.md` |
+
+### Suggested Initial Monthly Budgets
+
+These are starting points for a small-team deployment. Adjust after the first 2-3 months of production data.
+
+| Environment | Monthly budget | Rationale |
+|---|---|---|
+| Dev | $50 | Disposable, minimal usage |
+| Staging | $100 | Test workloads, occasional load testing |
+| Prod | $300 | 10-50 active users, moderate LLM usage |
+
+### Alert Configuration
+
+**AWS Budgets** (primary alerting mechanism for infrastructure costs):
+
+- Create one AWS Budget per environment with the monthly target above.
+- Configure SNS notifications at 70%, 90%, and 100% thresholds.
+- Route SNS to email (initially) or PagerDuty/Slack (when available).
+
+**Application-level LLM cost alerts** (supplementary):
+
+- The existing `ILlmQuotaService` tracks per-user token consumption.
+- Add a daily aggregate warning heuristic: if total LLM token spend across all users exceeds the projected daily share of the monthly budget on any single day, emit a warning log and optional webhook notification. Compare the spike against month-to-date trend before escalating because bursty usage can create false positives.
+- The `LlmQuota:GlobalBudgetCeilingTokens` config key provides a hard daily ceiling (see `docs/security/MANAGED_KEY_USAGE_POLICY.md`).
+
+### Alert Owners
+
+**For the current solo-operator deployment, the operator owns all cost dimensions directly.** The table below applies when the team scales to multiple roles:
+
+| Cost dimension | Primary owner | Escalation |
+|---|---|---|
+| Compute | Infrastructure lead | Project maintainers |
+| Storage | Infrastructure lead | Project maintainers |
+| LLM API | Product/backend lead | Project maintainers |
+| Logging/telemetry | Infrastructure lead | Project maintainers |
+| Network | Infrastructure lead | Project maintainers |
+| CI/CD | DevOps lead | Project maintainers |
+
+---
+
+## Monthly Cost Review Workflow
+
+Cadence: First working day of each month (or within 3 business days).
+
+### Pre-Review Checklist
+
+- [ ] Pull current-month billing summary from cloud provider console
+- [ ] Pull LLM token usage summary from `ILlmQuotaService` / application logs
+- [ ] Compare actual spend against budget for each dimension
+- [ ] Note any dimensions exceeding 70% of their allocation
+- [ ] Pull previous month's review notes for trend comparison
+
+### Review Agenda
+
+1. **Budget vs. actual**: Review each dimension. Flag any >10% month-over-month increase.
+2. **LLM cost deep-dive**: Review per-user and per-feature token consumption. Identify top-5 token consumers. Check tool-calling round counts for anomalies.
+3. **Storage growth**: Check SQLite database size trend. Review S3 backup object count and total size. Verify noncurrent version expiry is working.
+4. **Logging volume**: Review CloudWatch / OTLP ingestion volume. Check for noisy log sources (e.g., verbose middleware, high-cardinality trace attributes).
+5. **Anomaly review**: Investigate any alerts fired during the month. Were they true anomalies or expected spikes?
+6. **Hotspot registry update**: Review `docs/ops/COST_HOTSPOT_REGISTRY.md`. Update estimates with actual data. Add new hotspots if discovered.
+7. **Action items**: Document mitigation actions, budget adjustments, or configuration changes needed.
+
+### Post-Review Outputs
+
+- Updated cost trend notes (inline in this document or in a linked tracking issue)
+- Updated hotspot registry if estimates changed
+- Budget adjustment proposals for next quarter (if needed)
+- Action items assigned to specific owners with deadlines
+
+---
+
+## Anomaly Triage Process
+
+An anomaly is any cost spike that exceeds 150% of the expected daily spend for a dimension, or any alert at the Critical (90%) tier or above.
+
+### Triage Steps
+
+1. **Identify the dimension**: Which cost category spiked? (Compute, LLM, Storage, Logging, Network, CI/CD)
+2. **Correlate with application events**: Check deployment logs, feature flag changes, traffic patterns, and user activity for the same time window.
+3. **Check for known causes**:
+   - Was there a load test or demo?
+   - Was a new feature deployed that increases LLM usage?
+   - Did log verbosity change?
+   - Is there a runaway background worker?
+4. **Assess impact**: Is the spike ongoing or a one-time event? What is the projected monthly impact if it continues?
+5. **Decide on action**:
+   - **Expected and acceptable**: Document in monthly review, adjust budget if needed.
+   - **Expected but excessive**: Apply mitigation (see `BUDGET_BREACH_RUNBOOK.md`).
+   - **Unexpected**: Investigate root cause, apply immediate mitigation, file an incident.
+
+### Escalation Path
+
+| Severity | Response time | Escalation |
+|---|---|---|
+| Warning (70%) | Next business day | Cost owner reviews spend trajectory |
+| Critical (90%) | Within 4 hours | On-call begins mitigation assessment |
+| Hard cap (100%) | Within 1 hour | Execute runbook, notify all stakeholders |
+
+---
+
+## Cost Dashboard
+
+### Recommended Dashboard Panels
+
+Deploy alongside the existing observability dashboard (see `docs/ops/OBSERVABILITY_BASELINE.md`).
+
+1. **Monthly spend by dimension** — stacked bar chart, one bar per dimension per month.
+2. **Daily spend trend** — line chart showing daily total spend with 70%/90% budget threshold lines.
+3. **LLM token consumption** — line chart of daily token usage (input + output), broken down by provider (OpenAI, Gemini, Mock).
+4. **LLM cost per user (top 10)** — horizontal bar chart of top token consumers.
+5. **Storage growth** — line chart of database file size and S3 total object size over time.
+6. **Logging ingestion volume** — line chart of daily log bytes ingested.
+
+### Implementation Path
+
+Phase 1 (v0.2.0 launch): AWS Budgets + manual monthly review using AWS Cost Explorer.
+Phase 2 (post-launch): Grafana dashboard pulling from CloudWatch Metrics and application-level metrics via OTLP.
+Phase 3 (scale-out): Integrate cost attribution tags into Terraform resources for per-feature cost allocation.
+
+---
+
+## Terraform Budget Alert Template
+
+A sample AWS Budget resource for use in the Terraform baseline:
+
+```hcl
+resource "aws_budgets_budget" "taskdeck_monthly" {
+  name         = "taskdeck-${var.environment}-monthly"
+  budget_type  = "COST"
+  limit_amount = var.monthly_budget_limit
+  limit_unit   = "USD"
+  time_unit    = "MONTHLY"
+
+  time_period_start = "2026-04-01_00:00"
+  time_period_end   = "2099-12-31_23:59"
+
+  # Optional: scope budget to specific resources using cost filters.
+  # Uncomment and adapt if the AWS account hosts non-Taskdeck resources.
+  # cost_filter {
+  #   name   = "TagKeyValue"
+  #   values = ["user:Project$taskdeck-${var.environment}"]
+  # }
+
+  notification {
+    comparison_operator       = "GREATER_THAN"
+    threshold                 = 70
+    threshold_type            = "PERCENTAGE"
+    notification_type         = "ACTUAL"
+    subscriber_email_addresses = var.budget_alert_emails
+  }
+
+  notification {
+    comparison_operator       = "GREATER_THAN"
+    threshold                 = 90
+    threshold_type            = "PERCENTAGE"
+    notification_type         = "ACTUAL"
+    subscriber_email_addresses = var.budget_alert_emails
+  }
+
+  notification {
+    comparison_operator       = "GREATER_THAN"
+    threshold                 = 100
+    threshold_type            = "PERCENTAGE"
+    notification_type         = "ACTUAL"
+    subscriber_email_addresses = var.budget_alert_emails
+  }
+}
+
+variable "monthly_budget_limit" {
+  description = "Monthly budget limit in USD"
+  type        = string
+  default     = "300"
+}
+
+variable "budget_alert_emails" {
+  description = "Email addresses for budget alert notifications"
+  type        = list(string)
+}
+```
+
+This template can be added to the existing Terraform module at `deploy/terraform/aws/modules/single_node/` when budget alerting is wired into the infrastructure baseline.
+
+---
+
+## References
+
+- ADR-0026: Cloud Cost Observability and Budget Guardrails
+- Feature cost hotspot registry: `docs/ops/COST_HOTSPOT_REGISTRY.md`
+- Budget breach runbook: `docs/ops/BUDGET_BREACH_RUNBOOK.md`
+- Observability baseline: `docs/ops/OBSERVABILITY_BASELINE.md`
+- Terraform deployment baseline: `docs/ops/DEPLOYMENT_TERRAFORM_BASELINE.md`
+- Managed-key usage policy: `docs/security/MANAGED_KEY_USAGE_POLICY.md`
+- LLM provider setup guide: `docs/platform/LLM_PROVIDER_SETUP_GUIDE.md`
+- LLM tool-calling cost model: `docs/spikes/SPIKE_618_COMPLETED.md`
diff --git a/docs/ops/COST_HOTSPOT_REGISTRY.md b/docs/ops/COST_HOTSPOT_REGISTRY.md
new file mode 100644
index 00000000..80b33f77
--- /dev/null
+++ b/docs/ops/COST_HOTSPOT_REGISTRY.md
@@ -0,0 +1,184 @@
+# Feature Cost Hotspot Registry
+
+Last Updated: 2026-04-09
+Issue: `#104` OPS-12 Cloud cost observability and budget-guardrail automation
+Parent: `docs/ops/CLOUD_COST_OBSERVABILITY.md`
+
+---
+
+## Purpose
+
+Track features with high-variance or superlinear cost scaling. Each entry documents the cost driver, estimated cost range, scaling behavior, mitigation levers, and action owner. This registry is reviewed during the monthly cost review (see `CLOUD_COST_OBSERVABILITY.md`).
+
+---
+
+## Hotspot Entry Format
+
+Each hotspot follows this structure:
+
+- **Feature**: Name and brief description
+- **Cost dimension**: Which billing category is affected
+- **Estimated cost range**: Low/high monthly estimate for the expected user base
+- **Scaling behavior**: How cost grows relative to users/usage
+- **Current guardrails**: What controls already exist
+- **Mitigation levers**: Actions available to reduce cost
+- **Action owner**: Who is responsible for monitoring and mitigation
+- **Risk level**: Low / Medium / High / Critical
+
+---
+
+## Hotspot 1: LLM API Usage (Chat and Capture Triage)
+
+| Attribute | Detail |
+|---|---|
+| Feature | Automation Chat (`ChatService`), capture triage (`LlmQueueToProposalWorker`), tool-calling orchestrator |
+| Cost dimension | LLM API (OpenAI / Gemini) |
+| Estimated cost range | $5-50/month (10-50 users, light chat) to $200-500/month (100+ users, heavy tool-calling) |
+| Scaling behavior | **Superlinear** — each chat message may trigger 1-5 tool-calling rounds, each round is a full API call with growing context window. A single complex conversation can cost 5-10x a simple one. Capture triage adds per-item LLM cost. |
+| Current guardrails | Per-user rate limit: 60 req/60s. Per-user token limit: 100K tokens/day. Global budget ceiling config (`LlmQuota:GlobalBudgetCeilingTokens`). Tool-calling loop cap: 5 rounds, 60s total timeout, 30s per-round timeout. Tool result truncation: 8KB max. Kill-switch (global/surface/per-user). Mock provider default (zero cost). |
+| Mitigation levers | 1. Lower global `LlmQuota:RequestsPerHour` or `LlmQuota:TokensPerDay` defaults. 2. Block abusive users entirely via per-user kill-switch. 3. Switch high-volume users to Mock provider. 4. Activate surface-level kill-switch for Chat or CaptureTriage. 5. Reduce context window size (`BoardContextBuilder` budget). 6. Switch from GPT-4o-mini to a cheaper model. 7. Enable clarification detection to reduce wasted rounds (`ClarificationDetector`). |
+| Action owner | Product/backend lead |
+| Risk level | **High** — highest variance cost component with no natural ceiling per conversation |
+
+### Per-Request Cost Estimates (as of 2026-04)
+
+| Scenario | Input tokens | Output tokens | Estimated cost (GPT-4o-mini) |
+|---|---|---|---|
+| Simple chat (no tools) | ~500 | ~200 | ~$0.00020 |
+| Chat with 1 read tool | ~1,200 | ~400 | ~$0.00042 |
+| Chat with 3 tool rounds | ~3,000 | ~800 | ~$0.00093 |
+| Chat with 5 tool rounds (max) | ~5,500 | ~1,200 | ~$0.00155 |
+| Capture triage (per item) | ~300 | ~150 | ~$0.00014 |
+
+These estimates assume approximate GPT-4o-mini pricing ($0.15/1M input, $0.60/1M output) as a reference baseline. Gemini 2.5 Flash pricing differs and should be checked against current Google pricing. All provider prices should be verified against the current pricing pages at deployment time — LLM pricing changes frequently. Actual costs depend on conversation length, board context size, and tool result sizes.
+
+### Monthly Projections
+
+| Usage level | Users | Messages/user/day | Tool rounds/msg | Monthly LLM cost |
+|---|---|---|---|---|
+| Light | 10 | 5 | 1.5 avg | ~$8 |
+| Moderate | 50 | 10 | 2.0 avg | ~$85 |
+| Heavy | 100 | 15 | 2.5 avg | ~$350 |
+| Peak (with triage) | 100 | 15 + 20 triage | 2.5 avg | ~$430 |
+
+---
+
+## Hotspot 2: Logging and Telemetry Volume
+
+| Attribute | Detail |
+|---|---|
+| Feature | OpenTelemetry traces/metrics, application logs, request correlation |
+| Cost dimension | Logging / telemetry (CloudWatch, Grafana Cloud, or OTLP backend) |
+| Estimated cost range | $5-30/month (structured, sampled) to $100-300/month (verbose, unsampled) |
+| Scaling behavior | **Linear to superlinear** — log volume scales with request count. Verbose logging (DEBUG level) or high-cardinality trace attributes can cause 10-50x volume increase. Tool-calling conversations generate multiple log entries per round. |
+| Current guardrails | Configurable log level. Security logging redaction baseline (sanitized exceptions, generic error messages). Configurable OTLP exporter. Metric export interval configurable. |
+| Mitigation levers | 1. Set log level to `Warning` or `Error` in production. 2. Enable trace sampling (e.g., 10% of requests). 3. Increase metric export interval. 4. Increase `Observability:MetricExportIntervalSeconds` (for example, from 30 to 120). 5. Set CloudWatch log retention to 14-30 days (not indefinite). 6. Exclude health-check endpoints from trace collection. 7. Cap log line length for tool-call results. |
+| Action owner | Infrastructure lead |
+| Risk level | **Medium** — predictable at low volume but can spike with verbose config or traffic surges |
+
+### Retention Policy Recommendations
+
+| Log type | Retention | Rationale |
+|---|---|---|
+| Application logs (INFO+) | 30 days | Sufficient for operational debugging |
+| Application logs (DEBUG) | 7 days | Only enabled during active investigation |
+| Trace data | 14 days | Covers typical incident investigation window |
+| Metrics | 90 days | Supports monthly trend analysis |
+| Audit trail (application-level) | Indefinite (in SQLite) | Compliance and provenance requirements |
+
+---
+
+## Hotspot 3: Database Storage Growth (SQLite / EBS)
+
+| Attribute | Detail |
+|---|---|
+| Feature | SQLite database (boards, cards, audit trail, chat history, proposals, notifications) |
+| Cost dimension | Storage (EBS volume) |
+| Estimated cost range | $5-15/month (20-50 GB gp3 EBS) |
+| Scaling behavior | **Sublinear initially, linear long-term** — audit trail and chat history grow with every operation. Without archival, database size grows indefinitely. SQLite VACUUM can reclaim space from deletions. |
+| Current guardrails | S3 backup with 90-day noncurrent version expiry. EBS destroy protection on staging/prod. Account deletion anonymizes PII but does not reclaim space. |
+| Mitigation levers | 1. Implement periodic SQLite VACUUM (reclaim deleted space). 2. Archive old audit trail entries to cold storage (S3 Glacier). 3. Set chat history retention limit (e.g., 90 days). 4. Compress old export artifacts. 5. Monitor EBS usage and resize proactively. 6. Enable WAL checkpointing to control WAL file growth. |
+| Action owner | Infrastructure lead |
+| Risk level | **Low** — predictable growth, but uncapped audit trail could become significant over years |
+
+### Growth Estimates
+
+| Data type | Estimated size per record | Records/user/month | 100 users, 12 months |
+|---|---|---|---|
+| Cards | ~2 KB | 50 | ~120 MB |
+| Audit entries | ~500 bytes | 200 | ~120 MB |
+| Chat messages | ~1 KB | 150 | ~180 MB |
+| Proposals | ~1 KB | 30 | ~36 MB |
+| Notifications | ~500 bytes | 100 | ~60 MB |
+| **Total estimate** | | | **~516 MB** |
+
+SQLite overhead and indexes add approximately 30-50%, bringing the estimated 12-month database size for 100 users to approximately 700 MB - 1 GB.
+
+---
+
+## Hotspot 4: SignalR Connection Overhead
+
+| Attribute | Detail |
+|---|---|
+| Feature | SignalR WebSocket connections for realtime board collaboration |
+| Cost dimension | Compute (memory per connection), network (WebSocket frames) |
+| Estimated cost range | Negligible at current scale ($0-5/month additional compute) |
+| Scaling behavior | **Linear** — each connected user maintains one persistent WebSocket. Memory: ~50-100 KB per connection. Network: minimal for idle connections, increases with board mutation frequency. |
+| Current guardrails | Single-node in-process SignalR (no external backplane). Board-scoped subscription authorization. Polling fallback when WebSocket unavailable. |
+| Mitigation levers | 1. Implement idle connection timeout (disconnect after N minutes of inactivity). 2. Batch board mutation events (debounce rapid-fire updates). 3. Move to Azure SignalR Service or Redis backplane for scale-out (cost shifts from compute to managed service). 4. Rate-limit SignalR event frequency per board. |
+| Action owner | Backend lead |
+| Risk level | **Low** — negligible cost at single-node scale; becomes relevant at 500+ concurrent connections |
+
+---
+
+## Hotspot 5: CI/CD Pipeline and Artifact Storage
+
+| Attribute | Detail |
+|---|---|
+| Feature | GitHub Actions CI (`ci-required.yml`, `ci-nightly.yml`, `ci-extended.yml`), Docker image builds |
+| Cost dimension | CI/CD (GitHub Actions minutes, container registry) |
+| Estimated cost range | $0/month (free tier, public repo) to $20-50/month (private repo, heavy CI) |
+| Scaling behavior | **Step function** — cost jumps when exceeding free-tier minutes (2,000 min/month for free, 3,000 for Pro). Docker image storage grows with image count and tag retention. |
+| Current guardrails | CI-required is the PR gate (lightweight). CI-extended auto-triggers on infrastructure changes. CI-nightly runs extended checks. |
+| Mitigation levers | 1. Prune old Docker images (keep last N tags). 2. Use GitHub Actions caching for dependency restore. 3. Reduce nightly CI frequency if cost is a concern. 4. Use smaller runners for doc-only PRs. 5. Set container registry retention policies. |
+| Action owner | DevOps lead |
+| Risk level | **Low** — predictable and within free-tier for most open-source projects |
+
+---
+
+## Hotspot 6: MCP HTTP Transport and API Key Usage
+
+| Attribute | Detail |
+|---|---|
+| Feature | MCP HTTP endpoint (`/mcp`), API key authentication, external tool integrations |
+| Cost dimension | Compute (request processing), LLM API (if MCP tools trigger LLM calls) |
+| Estimated cost range | $0-10/month (direct compute cost negligible); LLM cost depends on tool usage patterns |
+| Scaling behavior | **Linear with external integration frequency** — each MCP tool call is an HTTP request. Write tools that produce proposals may trigger LLM downstream. Rate limited at 60 req/60s per API key. |
+| Current guardrails | API key rate limiting (60 req/60s). Write tools produce proposals (no direct board mutation). `approve_proposal` intentionally excluded from MCP. |
+| Mitigation levers | 1. Reduce per-key rate limit. 2. Revoke unused API keys. 3. Disable MCP HTTP transport when not needed. 4. Audit API key usage patterns monthly. |
+| Action owner | Product/backend lead |
+| Risk level | **Low** — rate-limited and proposal-gated; indirect LLM cost is covered by Hotspot 1 |
+
+---
+
+## Review Schedule
+
+This registry is reviewed during the monthly cost review (first working day of each month).
+
+Updates required when:
+- A new feature with potential cost impact is shipped
+- Actual costs significantly deviate from estimates (>50% delta)
+- Mitigation levers are exercised (document what was changed and the effect)
+- New cost dimensions are identified (e.g., DNS, CDN, managed database)
+
+---
+
+## References
+
+- Cloud cost observability framework: `docs/ops/CLOUD_COST_OBSERVABILITY.md`
+- Budget breach runbook: `docs/ops/BUDGET_BREACH_RUNBOOK.md`
+- LLM tool-calling cost model: `docs/spikes/SPIKE_618_COMPLETED.md`
+- Managed-key usage policy: `docs/security/MANAGED_KEY_USAGE_POLICY.md`
+- Managed-key incident runbook: `docs/security/MANAGED_KEY_INCIDENT_RUNBOOK.md`
+- Observability baseline: `docs/ops/OBSERVABILITY_BASELINE.md`
+- Terraform deployment baseline: `docs/ops/DEPLOYMENT_TERRAFORM_BASELINE.md`