npm - @atlashub/smartstack-cli - Versions diffs - 4.74.0 → 4.75.0 - Mend

@atlashub/smartstack-cli 4.74.0 → 4.75.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

package/templates/skills/business-analyse/steps/step-04-consolidate.md CHANGED Viewed

@@ -14,7 +14,7 @@ next_step: none
 - ALWAYS validate permission coherence across modules
 - ALWAYS execute semantic validation checks
 - NEVER duplicate module content - work with summaries only
-- Single-module shortcut: auto-approve consolidation if only 1 module
+- ALWAYS ask for client approval, even for single-module projects (play devil's advocate)
 ## Context Recovery
@@ -50,98 +50,151 @@ IF status already "consolidated":
   STOP
 ```
-### 2. Cross-Module Interaction Analysis
-**2a. Load Module Index Files**
+### 1b. Analysis Quality Self-Assessment (MANDATORY)
-For each completed module, read `index.json` and discover granular files:
+> **Score the analysis quality BEFORE presenting to the client.**
+> This catches low-quality output before it reaches consolidation.
+#### 1b-i. Research Coverage
 ```javascript
-const moduleFiles = {
-  entities: "entities.json",
-  rules: "rules.json",
-  usecases: "usecases.json",
-  permissions: "permissions.json",
-  screens: "screens.json"
-};
-for (const module of completedModules) {
-  const index = ba-reader.readSection(module.code, "index");
-  module.files = index.files;
-  // Load only files needed for consolidation
-  module.entities = ba-reader.readSection(module.code, "entities");
-  module.permissions = ba-reader.readSection(module.code, "permissions");
+let researchScore = 0;
+if (domain_research?.source === "built-in-only") {
+  researchScore = 2;
+} else {
+  // +2 per application with Level 1 research
+  for (const app of applications) {
+    if (domain_research?.applications?.[app.code]) researchScore += 2;
+  }
+  // +1 per module with Level 2 research (cap at 4)
+  let moduleResearchCount = 0;
+  for (const module of completedModules) {
+    if (module.domainResearchSource !== "built-in-only") moduleResearchCount++;
+  }
+  researchScore += Math.min(moduleResearchCount, 4);
 }
+researchScore = Math.min(10, researchScore);
 ```
-**2b. Foreign Key References & Shared Entities**
-Build entity registry and validate cross-module references:
+#### 1b-ii. Module Completeness (per app)
 ```javascript
-const entityRegistry = {};
-for (const module of completedModules) {
-  entityRegistry[module.code] = {
-    entities: module.entities.map(e => ({
-      name: e.name,
-      attributes: e.attributes.map(a => a.name),
-      pk: e.attributes.find(a => a.name === "Id" || a.unique)?.name || "Id"
-    }))
-  };
+for (const app of applications) {
+  const archetype = loadArchetype(app.type); // from module-completeness-challenge.md
+  const corePresent = archetype.coreModules.filter(m => appHasModule(app, m)).length;
+  const coreTotal = archetype.coreModules.length;
+  app.completenessScore = (corePresent / coreTotal) * 10;
+  // Penalty if CORE excluded without justification
+  const unjustified = archetype.coreModules.filter(m =>
+    !appHasModule(app, m) && !isExplicitlyExcluded(app, m)
+  );
+  if (unjustified.length > 0) app.completenessScore -= 3;
 }
+const avgModuleScore = average(applications.map(a => a.completenessScore));
+```
-// Detect shared entities
-const sharedEntities = [];
+#### 1b-iii. Section Depth (per module)
+```javascript
 for (const module of completedModules) {
-  for (const entity of module.entities) {
-    for (const rel of entity.relationships || []) {
-      if (rel.target.includes(".")) {
-        const [targetModule, targetEntity] = rel.target.split(".");
-        if (!entityRegistry[targetModule]) {
-          BLOCKING_ERROR(`Module ${module.code}: references non-existent module "${targetModule}"`);
-        }
-        sharedEntities.push({
-          entity: targetEntity,
-          definedIn: targetModule,
-          referencedBy: module.code,
-          referenceType: rel.type
-        });
-      }
-    }
+  const sectionCount = module.anticipatedSections?.length || 0;
+  if (module.featureType === "workflow") {
+    if (sectionCount < 5) module.sectionScore = 4;
+    else if (sectionCount < 7) module.sectionScore = 7;
+    else module.sectionScore = 9;
+    // Bonus for contextual views
+    const hasContextual = module.anticipatedSections?.some(s =>
+      ["open-requests", "rejected", "history", "my-balance", "my-tasks", "overdue"].includes(s.code)
+    );
+    if (hasContextual) module.sectionScore = Math.min(10, module.sectionScore + 1);
+  } else {
+    module.sectionScore = sectionCount >= 3 ? 8 : sectionCount >= 2 ? 6 : 4;
   }
 }
+const avgSectionScore = average(completedModules.map(m => m.sectionScore));
 ```
-**2c. Detect Circular Dependencies**
+#### 1b-iv. Business Rule Depth (per module)
 ```javascript
-const cycles = detectCycles(dependencyGraph);
-if (cycles.length > 0) {
-  BLOCKING_ERROR("Circular dependencies detected:");
-  for (const cycle of cycles) {
-    ERROR(`  ${cycle.join(" → ")}`);
-  }
-  ACTIONS: Review dependencies, move shared entities to Core module, or use event-driven communication
-  STOP - DO NOT PROCEED
+for (const module of completedModules) {
+  const rules = module.rules || [];
+  const domainSpecific = rules.filter(r => r.domainSpecific === true || r.source === "domain-research").length;
+  const total = rules.length;
+  if (total === 0) { module.ruleScore = 0; continue; }
+  const genericRatio = (total - domainSpecific) / total;
+  if (genericRatio > 0.8) module.ruleScore = 3;       // >80% generic = poor
+  else if (genericRatio > 0.5) module.ruleScore = 6;   // 50-80% generic = acceptable
+  else module.ruleScore = 9;                           // <50% generic = excellent
 }
+const avgRuleScore = average(completedModules.map(m => m.ruleScore));
 ```
-**2d. Display Cross-Module Interaction Map**
+#### 1b-v. Global Quality Score
+```javascript
+const qualityScore = Math.round(
+  (researchScore + avgModuleScore + avgSectionScore + avgRuleScore) / 4
+);
+```
+Display:
 ```
-═══════════════════════════════════════════════════════════════
-  CROSS-MODULE INTERACTIONS VALIDATED
-═══════════════════════════════════════════════════════════════
+### Auto-evaluation qualite de l'analyse
-| Source Module | Target | Type | Status |
-|---------------|--------|------|--------|
-| Orders        | Customers.Customer | FK (N:1) | ✓ RESOLVED |
-| Invoices      | Customers.Customer | FK (N:1) | ✓ RESOLVED |
+| Dimension | Score | Detail |
+|-----------|-------|--------|
+| Recherche web | {researchScore}/10 | {N} apps recherchees, {M} modules recherches |
+| Completude modules | {avgModuleScore}/10 | {details per app} |
+| Profondeur sections | {avgSectionScore}/10 | {details per module} |
+| Profondeur regles metier | {avgRuleScore}/10 | {domainSpecific}/{total} regles specifiques domaine |
+| **GLOBAL** | **{qualityScore}/10** | |
+```
-Total: {count} cross-module references
-Shared entities: {count}
-═══════════════════════════════════════════════════════════════
 ```
+IF qualityScore < 7:
+  WARNING: "Score qualite inferieur a 7/10.
+    Recommandation : relancer les etapes deficientes avec WebSearch active."
+  Display: "Dimensions a ameliorer: {list dimensions < 7}"
+```
+Store in `validation.json` as `qualityAssessment`.
+### 1c. Business Process Coverage Validation (BLOCKING for multi-app)
+> **Verify that all identified business processes are covered by modules.**
+> A process step without a covering module = a GAP in the application.
+```javascript
+IF cadrage._preAnalysis?.businessProcesses?.length > 0:
+  const gaps = [];
+  for (const process of cadrage._preAnalysis.businessProcesses) {
+    for (const step of process.steps) {
+      if (!step.covered) {
+        gaps.push({ process: process.name, step: step.name, apps: process.apps });
+      }
+    }
+  }
+  Display:
+  ### Couverture des processus metier
+  | Processus | Etapes | Couvertes | Gaps |
+  |-----------|--------|-----------|------|
+  {for each process: name, steps.length, covered count, gap names}
+  IF gaps.length > 0:
+    WARNING: "{gaps.length} etapes de processus non couvertes."
+    // Not BLOCKING at consolidation (should have been caught in step-01/02)
+    // But display as warning for final visibility
+```
+Store in `validation.json` as `processCoverage`.
+### 2. Cross-Module Interaction Analysis
+→ **Load** `references/04-cross-module-validation.md` for FK validation rules, cycle detection, and interaction mapping.
+**Execution:**
+- Load module index files and granular JSON (entities, permissions)
+- Build entity registry and detect shared entities
+- Validate foreign key references across modules
+- Detect circular dependencies (blocking error if any found)
+- Display cross-module interaction map with validation status
 ### 3. Permission Coherence Check
@@ -184,45 +237,12 @@ const hierarchy = ["Admin", "Manager", "Contributor", "Viewer"];
 ### 4. Semantic Validation (MANDATORY)
-Execute 13 semantic checks per module:
-```javascript
-const semanticChecks = [
-  { check: "permission-orpheline", severity: "WARNING" },
-  { check: "uc-sans-fr", severity: "WARNING" },
-  { check: "entity-sans-endpoint", severity: "WARNING" },
-  { check: "uc-sans-scenario", severity: "WARNING" },
-  { check: "role-sans-permissions", severity: "WARNING" },
-  { check: "navigation-sans-traduction", severity: "ERROR" },
-  { check: "lifecycle-terminal", severity: "WARNING" },
-  { check: "schema-conformity", severity: "ERROR" },
-  { check: "wireframe-coverage", severity: "ERROR" },
-  { check: "entity-doublon", severity: "ERROR" },
-  { check: "permission-fantome", severity: "ERROR" },
-  { check: "dashboard-coverage", severity: "WARNING" },
-  { check: "permission-uc-alignment", severity: "WARNING" }
-];
-for (const module of completedModules) {
-  for (const check of semanticChecks) {
-    const result = executeSemanticCheck(module, check);
-    if (result.status === "ERROR") {
-      errors.push({module: module.code, check: check.check, details: result.details});
-    } else if (result.status === "WARNING") {
-      warnings.push({module: module.code, check: check.check, details: result.details});
-    }
-  }
-}
+→ **Load** `references/04-semantic-validation-matrix.md` and execute ALL semantic validation checks.
-// Blocking rule: 0 ERROR → PASS, ≥1 ERROR → BLOCK (ask user for each)
-if (errors.length > 0) {
-  BLOCKING_ERROR("Semantic validation failed");
-  for (const error of errors) {
-    ERROR(`  [${error.module}] ${error.check}: ${error.details}`);
-  }
-  STOP - User must fix before proceeding
-}
-```
+This includes:
+- 13 semantic checks per module (permission orphans, UC coverage, entity doubles, permission ghosts, etc.)
+- 5 contract verification checks (BR formulas, computed attributes, UC counts, permission counts, versioned attributes)
+- Blocking rule: 0 ERROR → PASS, ≥1 ERROR → BLOCK (user must fix before proceeding)
 ### 5. Data Model Consolidation
@@ -259,6 +279,138 @@ Display("Global Entity Count: {count}")
 Display("Global Relationships: {count}")
 ```
+### 5a. Cross-Module Contracts (MANDATORY)
+> **Generate explicit contracts for every cross-module FK dependency.**
+> These contracts ensure both producer and consumer modules agree on the data shape.
+> They prevent the #1 cross-module integration failure: wrong field type/name/nullability.
+```javascript
+const crossModuleContracts = [];
+for (const rel of globalRelationships) {
+  // Only for cross-module relationships
+  if (rel.sourceModule !== rel.targetModule) {
+    // Resolve the FK field from the source entity's attributes
+    const sourceEntity = findEntity(rel.sourceModule, rel.sourceEntity);
+    const fkField = sourceEntity.attributes.find(a =>
+      a.name.toLowerCase() === (rel.targetEntity.toLowerCase() + 'id') ||
+      a.description?.includes('FK vers ' + rel.targetEntity)
+    );
+    crossModuleContracts.push({
+      consumer: `${rel.sourceModule}.${rel.sourceEntity}`,
+      provider: `${rel.targetModule}.${rel.targetEntity}`,
+      field: fkField?.name || `${rel.targetEntity.charAt(0).toLowerCase() + rel.targetEntity.slice(1)}Id`,
+      type: fkField?.type || "guid",
+      required: fkField?.required || false,
+      nullable: !fkField?.required,
+      resolvedVia: `FK → ${rel.targetEntity}.Id`,
+      cardinality: rel.cardinality,
+      cascadeDelete: rel.cascadeDelete,
+      description: `${rel.sourceEntity} references ${rel.targetEntity} from ${rel.targetModule}`
+    });
+  }
+}
+```
+Display:
+```
+### Contrats cross-module ({crossModuleContracts.length})
+| Consumer | Provider | FK Field | Type | Required | Cascade |
+|----------|----------|----------|------|----------|---------|
+{for each contract: | {consumer} | {provider} | {field} | {type} | {required} | {cascadeDelete} |}
+```
+Store in `consolidation.json` as `crossModuleContracts[]`.
+> These contracts are consumed by `/business-analyse-handoff` and `/business-analyse-develop`
+> to ensure correct FK generation, DTO mapping, and navigation property creation across modules.
+### 5b. Mermaid Diagram Generation (MANDATORY)
+> Generate 3 types of Mermaid diagrams as text, stored in consolidation.json.
+> These diagrams are rendered in the interactive HTML and exported with handoff.
+#### 5b-i. ERD (Entity-Relationship Diagram)
+From `globalEntities` and `globalRelationships` built in section 5, generate Mermaid ERD:
+```javascript
+let erd = "erDiagram\n";
+for (const entity of globalEntities) {
+  erd += `  ${entity.name} {\n`;
+  for (const attr of entity.topAttributes) { // top 5-8 attributes
+    erd += `    ${attr.type} ${attr.name}\n`;
+  }
+  erd += "  }\n";
+}
+for (const rel of globalRelationships) {
+  const card = rel.cardinality === "1:N" ? "||--o{" :
+               rel.cardinality === "N:1" ? "}o--||" :
+               rel.cardinality === "N:M" ? "}o--o{" : "||--||";
+  erd += `  ${rel.sourceEntity} ${card} ${rel.targetEntity} : "${rel.description}"\n`;
+}
+```
+Store as `consolidation.mermaidDiagrams.erd` (string).
+#### 5b-ii. State Machine Diagrams (per entity lifecycle)
+For EACH `lifeCycle` found in all modules' `usecases.json`:
+```javascript
+let sm = "stateDiagram-v2\n";
+sm += `  [*] --> ${lifecycle.initialState}\n`;
+for (const transition of lifecycle.transitions) {
+  sm += `  ${transition.from} --> ${transition.to} : ${transition.action}\n`;
+}
+for (const state of lifecycle.states.filter(s => s.isTerminal)) {
+  sm += `  ${state.id} --> [*]\n`;
+}
+```
+Store as `consolidation.mermaidDiagrams.stateMachines[{entity}]` (string).
+#### 5b-iii. Sequence Diagrams (per E2E flow)
+For EACH e2eFlow identified in section 6:
+```javascript
+let seq = "sequenceDiagram\n";
+for (const step of flow.steps) {
+  seq += `  ${step.actor || step.module}->>+${step.targetModule || "System"}: ${step.action}\n`;
+  if (step.result) {
+    seq += `  ${step.targetModule || "System"}-->>-${step.actor || step.module}: ${step.result}\n`;
+  }
+}
+```
+Store as `consolidation.mermaidDiagrams.sequences[{flowName}]` (string).
+#### 5b-iv. Storage
+Write to `consolidation.json`:
+```json
+{
+  "mermaidDiagrams": {
+    "erd": "erDiagram\n  Employee {\n    guid id\n    string code\n    ...\n  }\n  ...",
+    "stateMachines": {
+      "Absence": "stateDiagram-v2\n  [*] --> Draft\n  Draft --> Submitted : submit\n  ...",
+      "Invoice": "stateDiagram-v2\n  [*] --> Draft\n  ..."
+    },
+    "sequences": {
+      "CycleCommercial": "sequenceDiagram\n  Commercial->>+CRM: Creer opportunite\n  ...",
+      "CycleFacturation": "sequenceDiagram\n  ..."
+    }
+  }
+}
+```
+Display diagrams as markdown Mermaid code blocks for the client to preview before approval (section 9).
 ### 6. E2E Flow Validation
 Identify business processes spanning multiple modules:
@@ -334,172 +486,15 @@ Les critères d'acceptation sont écrits dans `validation.json` au même niveau
 ### 7ter. Naming Audit (MANDATORY)
-> **Challenge all names before final approval.** Every code, label, and route generated
-> during the BA must be reviewed for coherence, convention compliance, and clarity.
-**7ter-a. Collect all names from the BA:**
-```javascript
-const namingRegistry = {
-  application: {
-    label: application_name,
-    code: applicationCode,              // PascalCase
-    route: toKebabCase(applicationCode)  // kebab-case
-  },
-  modules: completedModules.map(m => ({
-    label: m.name,
-    code: m.code,                        // PascalCase
-    route: toKebabCase(m.code)           // kebab-case
-  })),
-  entities: completedModules.flatMap(m =>
-    m.entities.map(e => ({
-      name: e.name,                      // PascalCase (C# class name)
-      module: m.code,
-      tableName: e.tableName || pluralize(e.name)  // Plural convention
-    }))
-  ),
-  permissionRoots: [...new Set(
-    permissionPaths.map(p => p.path.split('.').slice(0, 2).join('.'))
-  )]
-};
-```
-**7ter-b. Display naming recap table:**
-```
-═══════════════════════════════════════════════════════════════
-  NAMING AUDIT — {application_name}
-═══════════════════════════════════════════════════════════════
-APPLICATION
-| Label | Code (PascalCase) | Route (kebab-case) |
-|-------|-------------------|--------------------|
-| {application_name} | {applicationCode} | /{route} |
-MODULES
-| # | Label | Code (PascalCase) | Route (kebab-case) |
-|---|-------|-------------------|--------------------|
-{for each module: index | label | code | /app-route/module-route}
-ENTITIES
-| Entity (PascalCase) | Module | Table (plural) |
-|----------------------|--------|----------------|
-{for each entity: name | module | tableName}
-PERMISSION ROOTS
-{for each root: path}
-═══════════════════════════════════════════════════════════════
-```
-**7ter-c. Coherence checks:**
-```javascript
-const namingIssues = [];
-// 1. Duplicate entity names across modules
-const entityNames = namingRegistry.entities.map(e => e.name);
-const duplicates = entityNames.filter((n, i) => entityNames.indexOf(n) !== i);
-if (duplicates.length > 0) {
-  namingIssues.push({ severity: "ERROR", issue: `Duplicate entity names: ${[...new Set(duplicates)].join(', ')}` });
-}
-// 2. Module code vs label coherence (code should derive logically from label)
-for (const mod of namingRegistry.modules) {
-  if (!mod.code || mod.code.length < 2) {
-    namingIssues.push({ severity: "ERROR", issue: `Module "${mod.label}" has invalid code: "${mod.code}"` });
-  }
-}
-// 3. Permission root alignment with module codes
-for (const root of namingRegistry.permissionRoots) {
-  const [appSegment, moduleSegment] = root.split('.');
-  const matchingModule = namingRegistry.modules.find(m =>
-    m.code.toLowerCase() === moduleSegment.toLowerCase()
-  );
-  if (!matchingModule) {
-    namingIssues.push({ severity: "WARNING", issue: `Permission root "${root}" has no matching module code` });
-  }
-}
-// 4. Route collision detection
-const allRoutes = namingRegistry.modules.map(m =>
-  `/${namingRegistry.application.route}/${m.route}`
-);
-const routeDuplicates = allRoutes.filter((r, i) => allRoutes.indexOf(r) !== i);
-if (routeDuplicates.length > 0) {
-  namingIssues.push({ severity: "ERROR", issue: `Route collisions: ${routeDuplicates.join(', ')}` });
-}
-```
-**7ter-d. MCP validation:**
-```
-mcp__smartstack__validate_conventions({
-  checks: ["tables"],
-  context: {
-    applicationCode: applicationCode,
-    modules: namingRegistry.modules.map(m => m.code),
-    entities: namingRegistry.entities.map(e => e.name)
-  }
-})
-→ Merge MCP findings into namingIssues[]
-```
+→ **Load** `references/04-naming-audit-checks.md` for all naming validation rules and user interaction flows.
-**7ter-e. Present findings and confirm:**
-```
-IF namingIssues.length > 0:
-  Display issues table:
-  | # | Severity | Issue |
-  |---|----------|-------|
-  {for each issue}
-```
-Ask via AskUserQuestion:
-```
-question: "{language == 'fr'
-  ? 'Validez-vous les noms ci-dessus pour l\\'ensemble de l\\'application ?'
-  : 'Do you approve all the names above for the entire application?'}"
-header: "Naming Audit"
-options:
-  - label: "{language == 'fr' ? 'Approuvé' : 'Approved'}"
-    description: "{language == 'fr' ? 'Tous les noms sont corrects' : 'All names are correct'}"
-  - label: "{language == 'fr' ? 'Renommer certains éléments' : 'Rename some elements'}"
-    description: "{language == 'fr' ? 'Corriger des noms avant de finaliser' : 'Fix names before finalizing'}"
-```
-**IF "Renommer certains éléments":**
-Ask via AskUserQuestion (open-ended):
-```
-question: "{language == 'fr'
-  ? 'Quels éléments souhaitez-vous renommer ? (ex: \"Module Ventes → Commerce\", \"Entity Invoice → BillingDocument\")'
-  : 'Which elements do you want to rename? (e.g., \"Module Sales → Commerce\", \"Entity Invoice → BillingDocument\")'}"
-header: "Renaming"
-```
-Process user response:
-1. Parse rename instructions
-2. Update `applicationCode`, module codes, entity names, permission paths accordingly in JSON files via ba-writer
-3. Re-run 7ter-c and 7ter-d checks on updated names
-4. Re-display the naming recap table for final confirmation
-**IF "Approuvé":**
-→ Store naming audit result in `validation.json`:
-```javascript
-ba-writer.enrichSection({
-  featureId: {feature_id},
-  section: "namingAudit",
-  data: {
-    auditedAt: now(),
-    issues: namingIssues,
-    approved: true,
-    renames: []  // or list of applied renames
-  }
-});
-```
-→ Continue to section 8
+This includes:
+- Collect all application, module, entity, and permission names into a registry
+- Display naming recap table (application code, module routes, entity tables, permission roots)
+- Execute coherence checks (duplicate entities, route collisions, permission root alignment)
+- Run MCP `validate_conventions` on entity/module names
+- Present findings via AskUserQuestion with approval and rename options
+- Process rename instructions if needed, re-validate, and continue to section 8
 ### 8. Consolidation Summary Display
@@ -537,16 +532,10 @@ RISKS
 ### 9. Client Approval (BLOCKING)
-**Single-Module Mode:** Auto-approve (no cross-module concerns)
+**Toujours demander l'approbation** — meme pour un module unique, jouer l'avocat du diable :
+proposer au moins 1 cas non mentionne ou 1 question de completude avant validation.
-```
-IF completedModules.length === 1:
-  Display: "Module unique - consolidation automatique ✓"
-  approval = { approved: true, reason: "Single module", approvedAt: now() }
-  SKIP to section 10
-```
-**Multi-Module Mode:** Ask via AskUserQuestion:
+Ask via AskUserQuestion:
 ```
 question: "La consolidation est complète. Validez-vous l'ensemble ?"
@@ -568,6 +557,14 @@ IF "Modifier les interactions":
 ### 10. Write Consolidation Data
+→ **Load** `references/04-file-allocation.md` for strict data allocation rules.
+**MANDATORY:** Data must be written to correct files:
+- `consolidation.json`: crossModuleInteractions, sharedEntities, permissionCoherence, e2eFlows, decision
+- `validation.json`: semanticChecks, contractChecks, namingAudit, acceptanceCriteria, globalRiskAssessment
+Mixing contents across files = BLOCKING ERROR.
 ```javascript
 ba-writer.enrichSection({
   featureId: {feature_id},
@@ -594,10 +591,6 @@ ba-writer.enrichSection({
       warnings: []
     },
     e2eFlows: e2eFlows,
-    globalRiskAssessment: risks,
-    semanticChecks: [
-      { check: "permission-orpheline", status: "PASS|WARNING", details: "..." }
-    ],
     decision: {
       approved: approval.approved,
       reason: approval.reason,
@@ -607,6 +600,34 @@ ba-writer.enrichSection({
   }
 });
+// Write validation.json — quality/audit data for downstream skills (C1)
+ba-writer.enrichSection({
+  featureId: {feature_id},
+  section: "validation",
+  data: {
+    semanticChecks: semanticChecks.map(check => ({
+      check: check.check,
+      status: errors.some(e => e.check === check.check) ? "ERROR"
+            : warnings.some(w => w.check === check.check) ? "WARNING" : "PASS",
+      details: [...errors, ...warnings]
+        .filter(r => r.check === check.check)
+        .map(r => `[${r.module}] ${r.details}`)
+    })),
+    contractChecks: [...errors, ...warnings].filter(r =>
+      ["br-calc-sans-formula", "computed-sans-br-calc", "uc-count-critical",
+       "uc-count-low", "permission-count-low", "missing-versioned-attributes"].includes(r.check)
+    ),
+    namingAudit: {
+      auditedAt: now(),
+      issues: namingIssues,
+      approved: true,
+      renames: []
+    },
+    acceptanceCriteria: acceptanceCriteria,  // from section 7bis
+    globalRiskAssessment: risks              // from section 7
+  }
+});
 // Add changelog entry
 ba-writer.enrichSection({
   featureId: {feature_id},
@@ -681,7 +702,7 @@ BA workflow complete. Next steps:
 - ✓ Permission coherence validated
 - ✓ Semantic checks: 0 errors
 - ✓ Naming audit completed and approved
-- ✓ Client approval obtained (or auto-approved for single module)
+- ✓ Client approval obtained
 - ✓ Consolidation section written to validation.json
 - ✓ Status updated to "consolidated"
 - ✓ Workflow state saved for resume support