@appsforgood/next-supabase-kit 0.1.5 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/DOGFOOD.md +40 -0
- package/README.md +246 -43
- package/REPOSITORY_SETTINGS.md +7 -3
- package/SUPPLY_CHAIN.md +5 -5
- package/UPGRADE.md +2 -1
- package/antigravity/commands/accessibility-pass.toml +16 -0
- package/antigravity/commands/browser-qa.toml +18 -0
- package/antigravity/commands/distinctiveness-pass.toml +16 -0
- package/antigravity/commands/frontend.toml +5 -4
- package/antigravity/commands/layout-cleanup.toml +16 -0
- package/antigravity/commands/responsive-cleanup.toml +16 -0
- package/antigravity/commands/review.toml +16 -0
- package/antigravity/commands/screenshot-critique.toml +16 -0
- package/antigravity/commands/spec.toml +17 -0
- package/antigravity/commands/test.toml +17 -0
- package/antigravity/commands/ui-audit.toml +17 -0
- package/antigravity/commands/ui-polish.toml +17 -0
- package/antigravity/plugin.json +13 -1
- package/assistant-adapters/antigravity.md +7 -0
- package/checklists/ui-acceptance-rubric.md +58 -0
- package/checklists/ui-detectors.md +75 -0
- package/dist/index.js +796 -458
- package/dist/index.js.map +1 -1
- package/dist/studio/office/assets/office.css +109 -28
- package/dist/studio/office/assets/office.js +14 -63
- package/dist/studio/wizard/assets/wizard.css +105 -26
- package/dist/studio/wizard/assets/wizard.js +22 -85
- package/examples/next-supabase-installed/.agent-kit/agent-roster.json +53 -14
- package/examples/next-supabase-installed/.agent-kit/manifest.json +12 -12
- package/examples/next-supabase-installed/audit-output.json +380 -375
- package/package.json +21 -5
- package/prompts/lifecycle-command-index.md +180 -0
- package/prompts/ui-command-index.md +124 -0
- package/rosters/next-supabase-default-council.json +53 -14
- package/runtime-skills/ui-improvement-harness/SKILL.md +12 -0
- package/skills/ui-improvement-harness.md +96 -0
- package/templates/next-supabase/AGENT_ROSTER.md +6 -3
- package/templates/next-supabase/ASSISTANT_ADAPTERS.md +3 -1
- package/templates/next-supabase/DECISIONS.md +14 -0
- package/templates/next-supabase/DESIGN.md +3 -0
- package/templates/next-supabase/DOCS.md +5 -1
- package/templates/next-supabase/QUALITY_GATES.md +4 -2
- package/templates/next-supabase/SKILLS.md +14 -0
- package/templates/next-supabase/SPEC.md +5 -1
- package/templates/next-supabase/STYLE_GUIDE.md +3 -1
- package/templates/next-supabase/TESTING.md +4 -0
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
name = "screenshot-critique"
|
|
2
|
+
description = "Critique desktop, mobile, state, and authenticated screenshots against design and detector rules."
|
|
3
|
+
|
|
4
|
+
prompt = """
|
|
5
|
+
Run the screenshot critique workflow.
|
|
6
|
+
|
|
7
|
+
Canonical sources: DESIGN.md, STYLE_GUIDE.md, TESTING.md, QUALITY_GATES.md, .agent-kit/agent-roster.json, .agent-kit/skills/ui-improvement-harness.md, .agent-kit/checklists/ui-detectors.md, .agent-kit/checklists/ui-acceptance-rubric.md, .agent-kit/prompts/screenshot-review.md, and .agent-kit/prompts/ui-command-index.md.
|
|
8
|
+
|
|
9
|
+
Workflow:
|
|
10
|
+
1. Name each screenshot, viewport, route, auth state, data state, and UI state.
|
|
11
|
+
2. Run screenshot review, detector checklist, and accessibility risk scan.
|
|
12
|
+
3. Compare against DESIGN.md, STYLE_GUIDE.md, and selected creative direction.
|
|
13
|
+
4. Return concrete fixes and missing screenshot evidence.
|
|
14
|
+
|
|
15
|
+
Required outputs: screenshot inventory, blockers, high-value fixes, accepted areas, missing screenshots, release verdict.
|
|
16
|
+
"""
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
name = "spec"
|
|
2
|
+
description = "Define or update SPEC.md with acceptance criteria before implementation."
|
|
3
|
+
|
|
4
|
+
prompt = """
|
|
5
|
+
Run the spec workflow.
|
|
6
|
+
|
|
7
|
+
Canonical sources: SPEC.md, AGENTS.md, AGENT_ROSTER.md, .agent-kit/agent-roster.json, .agent-kit/project-context.md, .agent-kit/corrections/project-rules.json, QUALITY_GATES.md, and .agent-kit/prompts/lifecycle-command-index.md.
|
|
8
|
+
|
|
9
|
+
Workflow:
|
|
10
|
+
1. Route through Planner and Documentation Maintainer.
|
|
11
|
+
2. Read project context and active correction rules before drafting or updating the spec.
|
|
12
|
+
3. Capture goal, user/workflow, acceptance criteria, preserved behavior, non-goals, and docs impact.
|
|
13
|
+
4. Map affected layers: data, business logic, presentation, auth, deployment, and tests.
|
|
14
|
+
5. Record decision, risk, and next handoff with `agent-kit session ...` when a session is active.
|
|
15
|
+
|
|
16
|
+
Required outputs: spec delta or draft, acceptance criteria, preserved capabilities, non-goals, verification plan, next handoff.
|
|
17
|
+
"""
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
name = "test"
|
|
2
|
+
description = "Add or run tests and produce acceptance evidence per TESTING.md and QUALITY_GATES.md."
|
|
3
|
+
|
|
4
|
+
prompt = """
|
|
5
|
+
Run the test workflow.
|
|
6
|
+
|
|
7
|
+
Canonical sources: TESTING.md, QUALITY_GATES.md, AGENTS.md, .agent-kit/agent-roster.json, .agent-kit/skills/testing-qa.md, and .agent-kit/prompts/lifecycle-command-index.md.
|
|
8
|
+
|
|
9
|
+
Workflow:
|
|
10
|
+
1. Route through QA Engineer.
|
|
11
|
+
2. Name unit, regression, smoke, and visual QA gaps for the change scope.
|
|
12
|
+
3. Prioritize auth and data mutation paths.
|
|
13
|
+
4. Run project test commands and capture results.
|
|
14
|
+
5. Record verification with `agent-kit session verify` when a session is active.
|
|
15
|
+
|
|
16
|
+
Required outputs: test plan, commands run, pass/fail summary, coverage gaps, skipped-test rationale.
|
|
17
|
+
"""
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
name = "ui-audit"
|
|
2
|
+
description = "Run a deterministic UI audit with severity-based detector findings and release evidence."
|
|
3
|
+
|
|
4
|
+
prompt = """
|
|
5
|
+
Run the UI audit workflow.
|
|
6
|
+
|
|
7
|
+
Canonical sources: DESIGN.md, STYLE_GUIDE.md, TESTING.md, QUALITY_GATES.md, .agent-kit/agent-roster.json, .agent-kit/skills/ui-improvement-harness.md, .agent-kit/checklists/ui-detectors.md, .agent-kit/checklists/ui-acceptance-rubric.md, and .agent-kit/prompts/ui-command-index.md.
|
|
8
|
+
|
|
9
|
+
Workflow:
|
|
10
|
+
1. Identify target route, component, workflow, auth state, data state, and risk tier.
|
|
11
|
+
2. Load product/design context and relevant design brief.
|
|
12
|
+
3. Review desktop and mobile evidence, or state which evidence must still be captured.
|
|
13
|
+
4. Run the UI detector checklist and classify blockers, majors, minors, passes, and not-applicable items.
|
|
14
|
+
5. Return required fixes, accepted exceptions, preserved capabilities, and pass/fail verdict.
|
|
15
|
+
|
|
16
|
+
Required outputs: target surface, risk tier, detector findings by severity, missing evidence, release verdict.
|
|
17
|
+
"""
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
name = "ui-polish"
|
|
2
|
+
description = "Improve UI hierarchy, spacing, state feedback, and visual finish through detector-guided polish."
|
|
3
|
+
|
|
4
|
+
prompt = """
|
|
5
|
+
Run the UI polish workflow.
|
|
6
|
+
|
|
7
|
+
Canonical sources: DESIGN.md, STYLE_GUIDE.md, TESTING.md, QUALITY_GATES.md, .agent-kit/agent-roster.json, .agent-kit/skills/ui-improvement-harness.md, .agent-kit/checklists/ui-detectors.md, .agent-kit/checklists/ui-acceptance-rubric.md, and .agent-kit/prompts/ui-command-index.md.
|
|
8
|
+
|
|
9
|
+
Workflow:
|
|
10
|
+
1. Start from detector findings, screenshots, or a named target surface.
|
|
11
|
+
2. Preserve product behavior, auth boundaries, copy claims, data contracts, and existing component patterns.
|
|
12
|
+
3. Improve hierarchy, spacing, density, alignment, component states, and interaction feedback.
|
|
13
|
+
4. Remove decorative clutter and generic SaaS or AI-site defaults.
|
|
14
|
+
5. Re-run detector and screenshot critique after the scoped polish pass.
|
|
15
|
+
|
|
16
|
+
Required outputs: polish goals, changes made or proposed, detector deltas, screenshot evidence, residual risks.
|
|
17
|
+
"""
|
package/antigravity/plugin.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"schemaVersion": 1,
|
|
3
3
|
"name": "agent-kit-next-supabase",
|
|
4
4
|
"displayName": "Agent Kit Next/Supabase",
|
|
5
|
-
"version": "0.1.
|
|
5
|
+
"version": "0.1.7",
|
|
6
6
|
"description": "Runtime commands and portable skills for the Agent Kit Next/Supabase council workflow.",
|
|
7
7
|
"homepage": "https://github.com/lukey662/agentsandskills",
|
|
8
8
|
"sourceOfTruth": [
|
|
@@ -17,10 +17,21 @@
|
|
|
17
17
|
],
|
|
18
18
|
"commands": [
|
|
19
19
|
{ "name": "setup", "path": "commands/setup.toml" },
|
|
20
|
+
{ "name": "spec", "path": "commands/spec.toml" },
|
|
20
21
|
{ "name": "audit", "path": "commands/audit.toml" },
|
|
21
22
|
{ "name": "plan", "path": "commands/plan.toml" },
|
|
22
23
|
{ "name": "handoff", "path": "commands/handoff.toml" },
|
|
23
24
|
{ "name": "frontend", "path": "commands/frontend.toml" },
|
|
25
|
+
{ "name": "ui-audit", "path": "commands/ui-audit.toml" },
|
|
26
|
+
{ "name": "ui-polish", "path": "commands/ui-polish.toml" },
|
|
27
|
+
{ "name": "layout-cleanup", "path": "commands/layout-cleanup.toml" },
|
|
28
|
+
{ "name": "responsive-cleanup", "path": "commands/responsive-cleanup.toml" },
|
|
29
|
+
{ "name": "accessibility-pass", "path": "commands/accessibility-pass.toml" },
|
|
30
|
+
{ "name": "distinctiveness-pass", "path": "commands/distinctiveness-pass.toml" },
|
|
31
|
+
{ "name": "screenshot-critique", "path": "commands/screenshot-critique.toml" },
|
|
32
|
+
{ "name": "browser-qa", "path": "commands/browser-qa.toml" },
|
|
33
|
+
{ "name": "test", "path": "commands/test.toml" },
|
|
34
|
+
{ "name": "review", "path": "commands/review.toml" },
|
|
24
35
|
{ "name": "security", "path": "commands/security.toml" },
|
|
25
36
|
{ "name": "copy", "path": "commands/copy.toml" },
|
|
26
37
|
{ "name": "ship", "path": "commands/ship.toml" },
|
|
@@ -38,6 +49,7 @@
|
|
|
38
49
|
{ "name": "frontend-distinctiveness-benchmark", "path": "../runtime-skills/frontend-distinctiveness-benchmark/SKILL.md" },
|
|
39
50
|
{ "name": "frontend-product-quality-rubric", "path": "../runtime-skills/frontend-product-quality-rubric/SKILL.md" },
|
|
40
51
|
{ "name": "landing-page-copy", "path": "../runtime-skills/landing-page-copy/SKILL.md" },
|
|
52
|
+
{ "name": "ui-improvement-harness", "path": "../runtime-skills/ui-improvement-harness/SKILL.md" },
|
|
41
53
|
{ "name": "nextjs-app-router", "path": "../runtime-skills/nextjs-app-router/SKILL.md" },
|
|
42
54
|
{ "name": "onboarding-empty-state-copy", "path": "../runtime-skills/onboarding-empty-state-copy/SKILL.md" },
|
|
43
55
|
{ "name": "owasp-security-review", "path": "../runtime-skills/owasp-security-review/SKILL.md" },
|
|
@@ -40,15 +40,22 @@ If the `agy` CLI is available, teams may additionally run its native plugin vali
|
|
|
40
40
|
Commands expose short runtime entrypoints:
|
|
41
41
|
|
|
42
42
|
- `/setup`
|
|
43
|
+
- `/spec`
|
|
43
44
|
- `/audit`
|
|
44
45
|
- `/plan`
|
|
45
46
|
- `/handoff`
|
|
46
47
|
- `/frontend`
|
|
48
|
+
- `/test`
|
|
49
|
+
- `/review`
|
|
47
50
|
- `/security`
|
|
48
51
|
- `/copy`
|
|
49
52
|
- `/ship`
|
|
50
53
|
- `/upgrade`
|
|
51
54
|
|
|
55
|
+
UI harness commands (`/ui-audit`, `/ui-polish`, `/layout-cleanup`, `/responsive-cleanup`, `/accessibility-pass`, `/distinctiveness-pass`, `/screenshot-critique`, `/browser-qa`) are documented in `.agent-kit/prompts/ui-command-index.md`.
|
|
56
|
+
|
|
57
|
+
Delivery lifecycle commands are documented in `.agent-kit/prompts/lifecycle-command-index.md`.
|
|
58
|
+
|
|
52
59
|
Each command must load project context and correction rules when present, select the appropriate roster workflow, record required outputs with `agent-kit session output`, and render sessions when evidence changes.
|
|
53
60
|
|
|
54
61
|
## Security
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# UI Acceptance Rubric
|
|
2
|
+
|
|
3
|
+
Use this rubric after the UI detector checklist, screenshot critique, accessibility pass, and browser QA loop.
|
|
4
|
+
|
|
5
|
+
## Pass/Fail
|
|
6
|
+
|
|
7
|
+
| Verdict | Criteria |
|
|
8
|
+
| --- | --- |
|
|
9
|
+
| fail | Any blocker remains, required screenshot evidence is missing, or authenticated screens were not reviewed when auth is required |
|
|
10
|
+
| conditional | No blockers remain, but major findings need documented owner, rationale, or follow-up before high-risk release |
|
|
11
|
+
| pass | No blockers remain, major findings are fixed or explicitly accepted, and evidence covers viewports, states, and auth needs |
|
|
12
|
+
| strong | Pass criteria plus clear product specificity, accessible keyboard flow, responsive resilience, and state coverage for the workflow |
|
|
13
|
+
|
|
14
|
+
## Required Evidence
|
|
15
|
+
|
|
16
|
+
- Target surface: route, component, flow, or screenshot set.
|
|
17
|
+
- Product context source: `DESIGN.md`, `STYLE_GUIDE.md`, design brief, or documented override.
|
|
18
|
+
- Viewports: desktop and mobile dimensions.
|
|
19
|
+
- Auth state: public, signed-in, role, tenant, permission, or explicit not-applicable.
|
|
20
|
+
- Data state: realistic, empty, loading, error, or fixture notes.
|
|
21
|
+
- Screenshots: first viewport, primary workflow, mobile, and highest-risk state.
|
|
22
|
+
- Checks: detector checklist, accessibility pass, screenshot critique, and visual QA tier.
|
|
23
|
+
|
|
24
|
+
## Release Blocking Rules
|
|
25
|
+
|
|
26
|
+
- Block release for any blocker detector.
|
|
27
|
+
- Block high-risk UI release when desktop or mobile screenshot evidence is missing.
|
|
28
|
+
- Block authenticated workflow release when no signed-in or permission-state evidence exists.
|
|
29
|
+
- Block acceptance when loading, empty, error, disabled, success, permission, or focus states are relevant but omitted without rationale.
|
|
30
|
+
- Block best-practice claims when product specificity, accessibility, or source safety is weak.
|
|
31
|
+
|
|
32
|
+
## Risk Tiers
|
|
33
|
+
|
|
34
|
+
| Tier | Use When | Minimum Evidence |
|
|
35
|
+
| --- | --- | --- |
|
|
36
|
+
| low | Copy-only or isolated cosmetic change to a stable component | Targeted screenshot or component evidence plus detector review |
|
|
37
|
+
| medium | Layout, responsive, or state changes on a user-facing surface | Desktop and mobile screenshots plus relevant state evidence |
|
|
38
|
+
| high | Authenticated workflow, checkout, data mutation, admin, onboarding, or shared component system | Desktop, mobile, auth/permission, error/empty/loading, keyboard/focus, and smoke evidence |
|
|
39
|
+
|
|
40
|
+
## Exception Rules
|
|
41
|
+
|
|
42
|
+
Exceptions are allowed only when:
|
|
43
|
+
|
|
44
|
+
- The finding is not a blocker.
|
|
45
|
+
- The rationale names product or technical constraints.
|
|
46
|
+
- The owner and follow-up path are documented.
|
|
47
|
+
- The exception does not weaken auth, accessibility, data integrity, or source safety.
|
|
48
|
+
|
|
49
|
+
## Output Format
|
|
50
|
+
|
|
51
|
+
Return:
|
|
52
|
+
|
|
53
|
+
1. Verdict: fail, conditional, pass, or strong.
|
|
54
|
+
2. Risk tier and target surface.
|
|
55
|
+
3. Evidence reviewed.
|
|
56
|
+
4. Blockers, majors, minors, and accepted exceptions.
|
|
57
|
+
5. Required fixes before release.
|
|
58
|
+
6. Follow-up work after release.
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
# UI Detector Checklist
|
|
2
|
+
|
|
3
|
+
Use this deterministic checklist for UI audit, polish, layout cleanup, responsive cleanup, screenshot critique, and browser QA. Mark each item as `blocker`, `major`, `minor`, `pass`, or `not-applicable`.
|
|
4
|
+
|
|
5
|
+
## Severity
|
|
6
|
+
|
|
7
|
+
| Severity | Meaning |
|
|
8
|
+
| --- | --- |
|
|
9
|
+
| blocker | Prevents release because a user cannot complete the workflow, the UI is inaccessible, or required evidence is missing |
|
|
10
|
+
| major | Degrades comprehension, trust, responsiveness, or state handling enough that high-risk UI should not ship without a fix or accepted exception |
|
|
11
|
+
| minor | Polish issue that should be fixed when nearby but does not block normal release |
|
|
12
|
+
| pass | Checked and acceptable for the target surface |
|
|
13
|
+
| not-applicable | The detector does not apply to this surface or state |
|
|
14
|
+
|
|
15
|
+
## Layout And Hierarchy
|
|
16
|
+
|
|
17
|
+
| Detector | Blocker Signal | Major Signal |
|
|
18
|
+
| --- | --- | --- |
|
|
19
|
+
| Crowded layout | Primary workflow cannot be identified or completed | Too many competing sections, controls, badges, or panels |
|
|
20
|
+
| Weak hierarchy | Primary action or current state is hidden | Headings, labels, and actions do not establish clear priority |
|
|
21
|
+
| Inconsistent spacing | Spacing causes overlap or unusable controls | Density, gaps, padding, or alignment shift without system logic |
|
|
22
|
+
| Card-within-card | Nested containers obscure the workflow or trap scroll | Decorative nested panels add visual noise without information value |
|
|
23
|
+
| Poor grouping | Related controls are separated or unrelated items are grouped | Scan path is unclear or section boundaries are arbitrary |
|
|
24
|
+
|
|
25
|
+
## Responsive And Mobile
|
|
26
|
+
|
|
27
|
+
| Detector | Blocker Signal | Major Signal |
|
|
28
|
+
| --- | --- | --- |
|
|
29
|
+
| Poor tap targets | Critical control is too small, overlapped, or unreachable | Repeated controls feel cramped or hard to tap |
|
|
30
|
+
| Truncation or overflow | Text, inputs, tables, or controls clip essential content | Labels wrap badly, overflow horizontally, or push layout off-screen |
|
|
31
|
+
| Mobile hierarchy | Mobile first screen hides the primary task or action | Desktop order collapses into a confusing mobile sequence |
|
|
32
|
+
| Sticky or fixed UI | Fixed header/footer covers content or controls | Sticky UI consumes too much viewport or causes awkward scrolling |
|
|
33
|
+
| Orientation and narrow widths | Page breaks at common mobile widths | Responsive behavior is untested below tablet width |
|
|
34
|
+
|
|
35
|
+
## States And Feedback
|
|
36
|
+
|
|
37
|
+
| Detector | Blocker Signal | Major Signal |
|
|
38
|
+
| --- | --- | --- |
|
|
39
|
+
| Missing loading state | User can trigger duplicate or unsafe action while waiting | Loading state exists but does not preserve layout or context |
|
|
40
|
+
| Missing empty state | Empty data leaves a dead end | Empty state lacks next action or domain-specific guidance |
|
|
41
|
+
| Missing error state | Failure is silent or blocks recovery | Error is vague, unactionable, or visually disconnected |
|
|
42
|
+
| Missing disabled state | Disabled action looks enabled or loses explanation | Disabled state lacks affordance, label, or contrast |
|
|
43
|
+
| Missing success feedback | User cannot tell whether action completed | Success message is too subtle, transient, or ambiguous |
|
|
44
|
+
| Missing permission state | Protected UI leaks actions or fails without explanation | Permission limitation is not clear to the affected role |
|
|
45
|
+
| Weak interaction feedback | Focus, selected, hover, pressed, or active state is absent on critical controls | State feedback is inconsistent across similar controls |
|
|
46
|
+
|
|
47
|
+
## Accessibility
|
|
48
|
+
|
|
49
|
+
| Detector | Blocker Signal | Major Signal |
|
|
50
|
+
| --- | --- | --- |
|
|
51
|
+
| Keyboard path | Critical workflow cannot be completed by keyboard | Tab order is confusing or focus moves unexpectedly |
|
|
52
|
+
| Focus visibility | Focus indicator is absent on interactive controls | Focus is low contrast or inconsistent |
|
|
53
|
+
| Semantic structure | Heading, landmark, form, table, or button semantics block assistive tech use | Semantics are mostly present but incomplete |
|
|
54
|
+
| Labels and errors | Inputs or controls lack accessible names or error association | Labels exist but are vague, duplicate, or visually disconnected |
|
|
55
|
+
| Contrast | Text or critical controls fail WCAG 2.1 AA contrast | Secondary text or state colors are borderline |
|
|
56
|
+
| Motion | Motion prevents comprehension or ignores reduced-motion need | Motion distracts from workflow or feels inconsistent |
|
|
57
|
+
|
|
58
|
+
## Distinctiveness And Source Safety
|
|
59
|
+
|
|
60
|
+
| Detector | Blocker Signal | Major Signal |
|
|
61
|
+
| --- | --- | --- |
|
|
62
|
+
| Generic SaaS styling | First screen could fit another product by changing logo and headline | Visual direction relies on common cards, gradients, fake dashboards, or vague claims |
|
|
63
|
+
| Missing content fingerprint | UI hides missing product decisions behind placeholders | Real nouns, records, actions, or edge cases are too sparse |
|
|
64
|
+
| Weak visual identity | No product-specific density, typography, imagery, or interaction point of view | Direction is coherent but category-generic |
|
|
65
|
+
| Unsafe reference use | Copy, assets, layout signature, or brand identity appear copied | References are cited without lessons and anti-copy notes |
|
|
66
|
+
| Fake or unsupported proof | Fake metrics or claims imply unavailable capability | Proof exists but is not tied to actual product behavior |
|
|
67
|
+
|
|
68
|
+
## Evidence Requirements
|
|
69
|
+
|
|
70
|
+
- Desktop screenshot reviewed.
|
|
71
|
+
- Mobile screenshot reviewed.
|
|
72
|
+
- Highest-risk state screenshot reviewed.
|
|
73
|
+
- Authenticated or permission-state screenshot reviewed when applicable.
|
|
74
|
+
- Browser route, viewport, data fixture, and user role named.
|
|
75
|
+
- Detector exceptions documented with rationale and owner.
|