@hongmaple0820/scale-engine 0.17.0 → 0.19.0

package/dist/workflow/GovernanceTemplates.js

@@ -1,16 +1,18 @@
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
-import { join } from 'node:path';
+import { basename, join } from 'node:path';
 import { skillRoutingPolicyTemplate } from '../skills/routing/SkillPolicy.js';
 import { readGovernanceLock, writeGovernanceLock } from './GovernanceLock.js';
 import { resolveGovernanceTemplatePack, } from './GovernanceTemplatePacks.js';
 import { engineeringStandardsBaselineTemplate, engineeringStandardsPolicyTemplate, frameworksCatalogTemplate, } from './EngineeringStandards.js';
 import { resourceManifestTemplate, resourcePolicyTemplate } from './ResourceGovernance.js';
+import { toolPolicyTemplate } from '../tools/ToolPolicy.js';
+import { outputPolicyTemplate } from '../output/HTMLArtifactLayer.js';
 export function writeGovernanceTemplates(projectDir = process.cwd(), options = {}) {
     const mode = options.mode ?? 'standard';
     const projectName = options.projectName ?? 'Project';
     const pack = resolveGovernanceTemplatePack(options.pack);
     const packMode = pack.modeDefaults[mode];
-    const services = options.services ?? pack.defaultServices ?? [];
+    const services = options.services ?? pack.defaultServices ?? detectRootServices(projectDir, pack.id);
     const exclude = options.exclude ?? pack.exclude ?? ['node_modules', 'dist', 'tmp', 'vendor'];
     const result = { created: [], skipped: [] };
     const lockFiles = new Map();
@@ -32,6 +34,7 @@ export function writeGovernanceTemplates(projectDir = process.cwd(), options = {
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/security-review.md', governanceTemplateContent('security-review.md'));
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/db-change-plan.md', governanceTemplateContent('db-change-plan.md'));
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/e2e-plan.md', governanceTemplateContent('e2e-plan.md'));
+    writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/product-smoke.md', governanceTemplateContent('product-smoke.md'));
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/plan.md', governanceTemplateContent('plan.md'));
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/verification.md', governanceTemplateContent('verification.md'));
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/review.md', governanceTemplateContent('review.md'));
@@ -39,14 +42,19 @@ export function writeGovernanceTemplates(projectDir = process.cwd(), options = {
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/github-actions-scale-preflight.yml', githubActionsPreflightTemplate());
     writeTracked(result, lockFiles, projectDir, 'docs/workflow/templates/pre-push-scale-preflight.sh', prePushPreflightTemplate());
     writeTracked(result, lockFiles, projectDir, 'docs/worklog/metrics.md', metricsTemplate());
+    writeTracked(result, lockFiles, projectDir, 'scripts/qa/product-smoke.ps1', productSmokePowerShellScript());
+    writeTracked(result, lockFiles, projectDir, 'scripts/qa/product-smoke.sh', productSmokeShellScript());
     writeTracked(result, lockFiles, projectDir, '.scale/verification.json', verificationMatrixTemplate(mode, {
         services,
         exclude,
         artifactGate: packMode.artifactGate,
     }));
     writeTracked(result, lockFiles, projectDir, '.scale/skills.json', skillRoutingPolicyTemplate(mode));
+    writeTracked(result, lockFiles, projectDir, '.scale/tools.json', toolPolicyTemplate(toolModeFromGovernanceMode(mode)));
     writeTracked(result, lockFiles, projectDir, '.scale/resource-policy.json', resourcePolicyTemplate());
     writeTracked(result, lockFiles, projectDir, '.scale/assets.json', resourceManifestTemplate());
+    writeTracked(result, lockFiles, projectDir, '.scale/output-policy.json', outputPolicyTemplate());
+    writeTracked(result, lockFiles, projectDir, '.scale/product-smoke.json', productSmokeConfigTemplate(mode));
     writeTracked(result, lockFiles, projectDir, '.scale/engineering-standards.json', engineeringStandardsPolicyTemplate());
     writeTracked(result, lockFiles, projectDir, '.scale/engineering-standards-baseline.json', engineeringStandardsBaselineTemplate());
     writeTracked(result, lockFiles, projectDir, '.scale/frameworks.json', frameworksCatalogTemplate());
@@ -79,6 +87,7 @@ export function governanceTemplateContent(name) {
         case 'security-review.md': return securityReviewTemplate();
         case 'db-change-plan.md': return dbChangePlanTemplate();
         case 'e2e-plan.md': return e2ePlanTemplate();
+        case 'product-smoke.md': return productSmokeTemplate();
         case 'plan.md': return planTemplate();
         case 'verification.md': return verificationTemplate();
         case 'review.md': return reviewTemplate();
@@ -110,6 +119,38 @@ function writePackGeneratedFile(result, lockFiles, projectDir, packId, packVersi
     if (created)
         lockFiles.set(file.path, { path: file.path, owned: file.owned });
 }
+function detectRootServices(projectDir, packId) {
+    if (packId === 'moe-workspace' || packId === 'go-service-matrix')
+        return [];
+    if (existsSync(join(projectDir, 'package.json'))) {
+        return [{ name: detectNodeServiceName(projectDir), path: '.', type: 'node', required: true }];
+    }
+    if (existsSync(join(projectDir, 'go.mod'))) {
+        return [{ name: basename(projectDir) || 'app', path: '.', type: 'go', required: true }];
+    }
+    if (existsSync(join(projectDir, 'pyproject.toml')) ||
+        existsSync(join(projectDir, 'requirements.txt')) ||
+        existsSync(join(projectDir, 'setup.py'))) {
+        return [{ name: basename(projectDir) || 'app', path: '.', type: 'python', required: true }];
+    }
+    return [];
+}
+function detectNodeServiceName(projectDir) {
+    try {
+        const pkg = JSON.parse(readFileSync(join(projectDir, 'package.json'), 'utf-8'));
+        const raw = typeof pkg.name === 'string' ? pkg.name : '';
+        const normalized = raw
+            .replace(/^@[^/]+\//, '')
+            .replace(/[^a-zA-Z0-9_-]+/g, '-')
+            .replace(/^-+|-+$/g, '');
+        if (normalized)
+            return normalized;
+    }
+    catch {
+        // Fall back to the directory name when package.json is absent or malformed.
+    }
+    return basename(projectDir) || 'app';
+}
 function shouldUseGeneratedHeader(file) {
     return file.kind === 'doc' || file.kind === 'template' || file.kind === 'script';
 }
@@ -143,7 +184,11 @@ docs/worklog/tasks/<yyyy-mm-dd>-<task-slug>/
 ├── plan.md
 ├── verification.md
 ├── review.md
-└── summary.md
+├── summary.md
+├── artifact-manifest.json
+└── artifacts/
+    ├── index.html
+    └── release-report.html
 \`\`\`
 
 ## Verification
@@ -157,30 +202,40 @@ scale verify <task-id> --profile default
 scale verify <task-id> --service <service-name>
 scale verify <task-id> --artifact-gate warn
 scale verify <task-id> --artifact-gate block
-scale verify <task-id> --require-installed-skills
-scale task-artifacts check --dir docs/worklog/tasks/<task-dir> --level L
+scale verify <task-id> --require-installed-skills
+scale verify <task-id> --profile productSmoke
+scale task-artifacts check --dir docs/worklog/tasks/<task-dir> --level L
+scale artifact render --task-id <task-dir> --type release-report
+scale artifact doctor --task-id <task-dir>
 \`\`\`
 
-Keep \`.scale/verification.json\` as the source of truth for profiles and service commands.
-Keep \`.scale/skills.json\` as the source of truth for active skill routing policy.
-Keep \`.scale/resource-policy.json\` and \`.scale/assets.json\` as the source of truth for generated reports, temporary files, module documentation, media, reusable scripts, and Git retention policy.
-Keep \`.scale/engineering-standards.json\` and \`.scale/frameworks.json\` as the source of truth for logging, security, ORM, architecture, framework, UI/UX, testing, and coding standard checks.
-Keep \`.scale/engineering-standards-baseline.json\` as the temporary exception list for known legacy standards findings; it must not be used to hide new or changed-file problems.
-Use \`artifactGate: "warn"\` while introducing the workflow, then move M/L/CRITICAL work to \`"block"\` once templates and local gates are stable.
+Keep \`.scale/verification.json\` as the source of truth for profiles and service commands.
+Keep \`.scale/skills.json\` as the source of truth for active skill routing policy.
+Keep \`.scale/output-policy.json\` as the source of truth for derived HTML artifact types, source Markdown mapping, security policy, and Git retention behavior.
+Keep \`.scale/resource-policy.json\` and \`.scale/assets.json\` as the source of truth for generated reports, temporary files, module documentation, media, reusable scripts, and Git retention policy.
+Keep \`.scale/engineering-standards.json\` and \`.scale/frameworks.json\` as the source of truth for logging, security, ORM, architecture, framework, UI/UX, testing, and coding standard checks.
+Keep \`.scale/engineering-standards-baseline.json\` as the temporary exception list for known legacy standards findings; it must not be used to hide new or changed-file problems.
+Use \`artifactGate: "warn"\` while introducing the workflow, then move M/L/CRITICAL work to \`"block"\` once templates and local gates are stable.
 
-## Active Skill Routing
-
-SCALE plans required skills from task description, service selection, and changed files. UI/API work requires a Mini-PRD plus domain evidence such as \`ui-spec.md\`, \`visual-review.md\`, or \`api-contract.md\`. Security and database work require explicit review or rollback artifacts.
-
-Tool orchestration is part of the workflow contract:
-
-- UI/UX work requires \`frontend-design\` and \`ui-ux-pro-max\`, and should consider \`awesome-design-md\`, browser screenshots, responsive checks, and visual review evidence.
-- Web research, logged-in pages, and dynamic browser work require \`web-access\` evidence, source citations, and browser/network/console evidence when available.
-- Browser E2E work should combine \`webapp-testing\`, Playwright, Agent Browser, web-access, or Chrome DevTools MCP according to the target and record screenshots plus console/network findings.
-- Desktop or client-side GUI automation uses CUA/computer-use only with explicit operator-safety notes, desktop screenshots, and a side-effect boundary.
-- External agent or CLI orchestration such as Codex, Gemini CLI, OpenCode, WPS, or WeChat automation must record version checks, exact commands, output summaries, and dry-run or safe-mode evidence.
-
-When a task records \`servicesTouched\`, \`scale verify <task-id>\` uses those services automatically. You can still override selection with \`--service all\`, \`--service api\`, or \`--service api,gateway\`.
+## HTML Artifacts
+
+Markdown remains the editable source of truth for task artifacts. HTML artifacts are derived human-review surfaces for plan comparison, implementation plans, code reviews, status reports, incident reports, and release reports.
+
+Use HTML when a human needs to compare, review, or sign off. Keep source Markdown, manifest metadata, and safety checks in place so the derived HTML stays traceable and does not leak secrets or remote scripts.
+
+## Active Skill Routing
+
+SCALE plans required skills from task description, service selection, and changed files. UI/API work requires a Mini-PRD plus domain evidence such as \`ui-spec.md\`, \`visual-review.md\`, or \`api-contract.md\`. Security and database work require explicit review or rollback artifacts.
+
+Tool orchestration is part of the workflow contract:
+
+- UI/UX work requires \`frontend-design\` and \`ui-ux-pro-max\`, and should consider \`awesome-design-md\`, browser screenshots, responsive checks, and visual review evidence.
+- Web research, logged-in pages, and dynamic browser work require \`web-access\` evidence, source citations, and browser/network/console evidence when available.
+- Browser E2E work should combine \`webapp-testing\`, Playwright, Agent Browser, web-access, or Chrome DevTools MCP according to the target and record screenshots plus console/network findings.
+- Desktop or client-side GUI automation uses CUA/computer-use only with explicit operator-safety notes, desktop screenshots, and a side-effect boundary.
+- External agent or CLI orchestration such as Codex, Gemini CLI, OpenCode, WPS, or WeChat automation must record version checks, exact commands, output summaries, and dry-run or safe-mode evidence.
+
+When a task records \`servicesTouched\`, \`scale verify <task-id>\` uses those services automatically. You can still override selection with \`--service all\`, \`--service api\`, or \`--service api,gateway\`.
 
 Before M/L work, check whether required workflow skills are physically installed:
 
@@ -194,67 +249,69 @@ scale skill check --require-installed --json
 Before finishing an agent-created branch or deleting a temporary worktree, inspect root and child repository state:
 
 \`\`\`bash
-scale workspace status --json
-scale workspace finish --summary
-scale workspace finish --json
-scale workspace cleanup --dir <temporary-worktree> --dry-run --json
-scale workspace cleanup --dir <temporary-worktree> --apply --confirm <branch-or-head> --json
-\`\`\`
-
-Do not remove a temporary worktree while any submodule or nested repository has uncommitted or unpushed work. Child repositories must be committed and reviewed in their own remotes, then the root repository can record any required pointer or governance updates. Cleanup defaults to dry-run. Applying cleanup requires the reported confirmation token, normally the temporary branch name.
-
-Use \`scale ship <task-id>\` for governed commits. It checks MOE/submodule child repository state before staging reviewed root files, so dirty or unpushed child work cannot be hidden inside a root commit. Raw \`git add .\` is outside the governed path and must not be used for MOE releases.
-
-## Resource Governance
-
-Use asset scanning before committing generated reports, media, temporary scripts, or long-lived documentation changes:
-
-\`\`\`bash
-scale assets scan --json
-scale assets doctor --json
-scale assets settle --task-id <task-id> --artifact-dir docs/worklog/tasks/<task-dir>
-\`\`\`
-
-Default policy:
-
-- maintained module docs, standards, contracts, ADRs, reusable scripts: commit and keep current.
-- task worklog artifacts: review before commit; promote final truth to maintained docs when useful.
-- screenshots, videos, E2E reports, coverage, temporary scripts, and runtime logs: keep out of Git unless explicitly promoted.
-- large media: use Git LFS or external artifact storage instead of normal Git history.
-
-## Engineering Standards
-
-Use standards scanning before reviewing or shipping M/L/CRITICAL work:
-
-\`\`\`bash
-scale standards scan --json
-scale standards doctor --json
-scale standards doctor --changed --json
-scale standards doctor --changed-files src/example.ts,src/example.test.ts --json
-scale standards baseline --write --artifact-dir docs/worklog/tasks/<task-dir> --task-id <task-id> --json
-scale standards settle --task-id <task-id> --artifact-dir docs/worklog/tasks/<task-dir>
-scale preflight --preflight-profile full --json
-scale verify <task-id> --json
-\`\`\`
-
-Default policy:
-
-- ad-hoc console/output logging is allowed only for CLI/script paths.
-- sensitive fields such as token, password, secret, authorization, cookie, and credentials must not be logged.
-- hardcoded secret-like assignments are blocked before review or release.
-- SQL must use parameterized queries, ORM bind parameters, or safe query builders.
-- unsafe HTML sinks, dynamic code execution, empty catch blocks, and type suppressions require remediation before release.
-- framework and architecture rules live in \`.scale/frameworks.json\` and module standards docs.
-- \`.scale/frameworks.json > bannedImports\` blocks direct use of deprecated ORMs, unsafe SDKs, or off-system UI components.
+scale workspace status --json
+scale workspace finish --summary
+scale workspace finish --json
+scale workspace cleanup --dir <temporary-worktree> --dry-run --json
+scale workspace cleanup --dir <temporary-worktree> --apply --confirm <branch-or-head> --json
+\`\`\`
+
+Do not remove a temporary worktree while any submodule or nested repository has uncommitted or unpushed work. Child repositories must be committed and reviewed in their own remotes, then the root repository can record any required pointer or governance updates. Cleanup defaults to dry-run. Applying cleanup requires the reported confirmation token, normally the temporary branch name.
+
+Use \`scale ship <task-id>\` for governed commits. It checks MOE/submodule child repository state before staging reviewed root files, so dirty or unpushed child work cannot be hidden inside a root commit. Raw \`git add .\` is outside the governed path and must not be used for MOE releases.
+
+## Resource Governance
+
+Use asset scanning before committing generated reports, media, temporary scripts, or long-lived documentation changes:
+
+\`\`\`bash
+scale assets scan --json
+scale assets doctor --json
+scale assets settle --task-id <task-id> --artifact-dir docs/worklog/tasks/<task-dir>
+\`\`\`
+
+Default policy:
+
+- maintained module docs, standards, contracts, ADRs, reusable scripts: commit and keep current.
+- task worklog artifacts: review before commit; promote final truth to maintained docs when useful.
+- screenshots, videos, E2E reports, coverage, temporary scripts, and runtime logs: keep out of Git unless explicitly promoted.
+- large media: use Git LFS or external artifact storage instead of normal Git history.
+
+## Engineering Standards
+
+Use standards scanning before reviewing or shipping M/L/CRITICAL work:
+
+\`\`\`bash
+scale standards scan --json
+scale standards doctor --json
+scale standards doctor --changed --json
+scale standards doctor --changed-files src/example.ts,src/example.test.ts --json
+scale standards baseline --write --artifact-dir docs/worklog/tasks/<task-dir> --task-id <task-id> --json
+scale standards settle --task-id <task-id> --artifact-dir docs/worklog/tasks/<task-dir>
+scale preflight --preflight-profile full --json
+scale verify <task-id> --json
+\`\`\`
+
+Default policy:
+
+- ad-hoc console/output logging is allowed only for CLI/script paths.
+- sensitive fields such as token, password, secret, authorization, cookie, and credentials must not be logged.
+- hardcoded secret-like assignments are blocked before review or release.
+- SQL must use parameterized queries, ORM bind parameters, or safe query builders.
+- unsafe HTML sinks, dynamic code execution, empty catch blocks, and type suppressions require remediation before release.
+- framework and architecture rules live in \`.scale/frameworks.json\` and module standards docs.
+- \`.scale/frameworks.json > bannedImports\` blocks direct use of deprecated ORMs, unsafe SDKs, or off-system UI components.
 - \`.scale/frameworks.json > lastReviewedAt/reviewIntervalDays\` warns when module framework decisions need review.
 - \`.scale/engineering-standards.json > blockingRules\` promotes selected warning rule IDs to release-blocking findings.
 - \`.scale/engineering-standards.json > allowedFindingPatterns\` allows narrow rule/path/evidence exceptions without hiding unrelated findings in the same file.
 - \`.scale/engineering-standards-baseline.json\` may hold known legacy findings during rollout, but normal task gates should prefer \`--changed\` or \`--changed-files\` so new work is blocked without forcing a whole-repo cleanup.
 - \`.scale/verification.json > policy.engineeringStandardsGate\` controls whether preflight and task verification treat standards as \`off\`, \`warn\`, or \`block\`.
+- \`.scale/product-smoke.json\` defines real product-path probes. Use it to prove a routed user/business flow, not only build, unit tests, or \`/health\`.
+- \`.scale/verification.json > policy.productSmokeGate\` controls whether missing or failed product smoke evidence warns or blocks M/L/CRITICAL delivery.
 - Full standards scans are for release readiness, scheduled remediation, and architecture cleanup. Changed-file scans are the default for day-to-day feature and bug branches.
 - Use \`scale standards baseline --write\` only during an explicit rollout or remediation planning task. It writes the machine-readable baseline and a \`standards-legacy-debt.md\` classification report for staged cleanup.
-
-## Automation Templates
+
+## Automation Templates
 
 Optional automation templates are generated under \`docs/workflow/templates/\`:
 
@@ -353,23 +410,23 @@ function skillPlanTemplate() {
 
 - TBD
 
-## Required Verification Evidence
-
-- TBD
-
-## Tool Orchestration
-
-| Capability | Primary Tool Or Skill | Fallback | Required Evidence |
-| --- | --- | --- | --- |
-| UI/UX design | frontend-design, ui-ux-pro-max | awesome-design-md | design-system, ui-spec.md, visual-review.md |
-| Web research or logged-in pages | web-access | agent-browser, Chrome DevTools MCP | source citations, browser evidence |
-| Browser E2E | webapp-testing, Playwright | agent-browser, web-access | screenshot, console, network evidence |
-| Desktop GUI automation | CUA/computer-use | manual verification | desktop screenshot, operator-safety notes |
-| External agent CLI | codex/gemini/opencode CLI | manual review | version check, exact command output |
-
-## Skipped Skills
-
-| Skill | Reason | Fallback Evidence |
+## Required Verification Evidence
+
+- TBD
+
+## Tool Orchestration
+
+| Capability | Primary Tool Or Skill | Fallback | Required Evidence |
+| --- | --- | --- | --- |
+| UI/UX design | frontend-design, ui-ux-pro-max | awesome-design-md | design-system, ui-spec.md, visual-review.md |
+| Web research or logged-in pages | web-access | agent-browser, Chrome DevTools MCP | source citations, browser evidence |
+| Browser E2E | webapp-testing, Playwright | agent-browser, web-access | screenshot, console, network evidence |
+| Desktop GUI automation | CUA/computer-use | manual verification | desktop screenshot, operator-safety notes |
+| External agent CLI | codex/gemini/opencode CLI | manual review | version check, exact command output |
+
+## Skipped Skills
+
+| Skill | Reason | Fallback Evidence |
 | --- | --- | --- |
 |  |  |  |
 `;
@@ -377,34 +434,34 @@ function skillPlanTemplate() {
 function skillEvidenceTemplate() {
     return `# Skill Evidence
 
-## Planned Skills
-
-- TBD
-
-## Tool Selection Rationale
-
-TBD
-
-## Used Skills
-
-| Skill | Phase | Trigger | Evidence | Status |
-| --- | --- | --- | --- | --- |
-| skill-id | plan/build/verify/review | why it was selected | command, screenshot, report, or artifact path | executed/skipped/fallback |
-
-## Browser Or Web Evidence
-
-| Tool | Target | Evidence | Result |
-| --- | --- | --- | --- |
-| web-access/agent-browser/Chrome DevTools MCP | URL or local target | screenshot, console log, network finding, source URL | passed/failed/skipped |
-
-## Desktop Or External CLI Evidence
-
-| Tool | Scope | Safety Boundary | Evidence | Result |
-| --- | --- | --- | --- | --- |
-| cua/codex/gemini/opencode/wps/wechat | command or app target | read-only/dry-run/test account/manual approval | output summary, screenshot, or report path | passed/failed/skipped |
-
-## Skipped Skills
-
+## Planned Skills
+
+- TBD
+
+## Tool Selection Rationale
+
+TBD
+
+## Used Skills
+
+| Skill | Phase | Trigger | Evidence | Status |
+| --- | --- | --- | --- | --- |
+| skill-id | plan/build/verify/review | why it was selected | command, screenshot, report, or artifact path | executed/skipped/fallback |
+
+## Browser Or Web Evidence
+
+| Tool | Target | Evidence | Result |
+| --- | --- | --- | --- |
+| web-access/agent-browser/Chrome DevTools MCP | URL or local target | screenshot, console log, network finding, source URL | passed/failed/skipped |
+
+## Desktop Or External CLI Evidence
+
+| Tool | Scope | Safety Boundary | Evidence | Result |
+| --- | --- | --- | --- | --- |
+| cua/codex/gemini/opencode/wps/wechat | command or app target | read-only/dry-run/test account/manual approval | output summary, screenshot, or report path | passed/failed/skipped |
+
+## Skipped Skills
+
 | Skill | Reason | Fallback Evidence |
 | --- | --- | --- |
 | skill-id | why it could not run | manual review, alternate command, or explicit risk |
@@ -517,89 +574,96 @@ TBD
 - TBD
 `;
 }
+function toolModeFromGovernanceMode(mode) {
+    if (mode === 'critical')
+        return 'block';
+    if (mode === 'minimal')
+        return 'advisory';
+    return 'evidence-required';
+}
 function resourceImpactTemplate() {
-    return `# Resource Impact
-
-## Resources Created
-
-| Path | Type | Git Policy | Retention |
-| --- | --- | --- | --- |
-| TBD | canonical-doc/task-artifact/evidence-report/temporary/reusable-script/generated-media/contract/decision-record | commit/ignore/lfs/external/review | TBD |
-
-## Resources Updated
-
-- TBD
-
-## Resources Promoted To Maintained Docs
-
-- TBD
-
-## Resources To Delete Or Archive Before Finish
-
-- TBD
-
-## Source Of Truth Updates
-
-- [ ] .scale/resource-policy.json
-- [ ] .scale/assets.json
-- [ ] docs/modules/<module>/README.md
+    return `# Resource Impact
+
+## Resources Created
+
+| Path | Type | Git Policy | Retention |
+| --- | --- | --- | --- |
+| TBD | canonical-doc/task-artifact/evidence-report/temporary/reusable-script/generated-media/contract/decision-record | commit/ignore/lfs/external/review | TBD |
+
+## Resources Updated
+
+- TBD
+
+## Resources Promoted To Maintained Docs
+
+- TBD
+
+## Resources To Delete Or Archive Before Finish
+
+- TBD
+
+## Source Of Truth Updates
+
+- [ ] .scale/resource-policy.json
+- [ ] .scale/assets.json
+- [ ] docs/modules/<module>/README.md
 `;
 }
 function standardsImpactTemplate() {
-    return `# Standards Impact
-
-## Standards Checked
-
-- [ ] Logging and redaction
-- [ ] Architecture boundaries
-- [ ] ORM/database access
-- [ ] Framework/component conventions
-- [ ] UI/UX acceptance where user-facing
-- [ ] Test and verification rigor
-- [ ] Security-sensitive inputs and outputs
-
-## Findings
-
-| Severity | Rule | Path | Decision |
-| --- | --- | --- | --- |
-| TBD | TBD | TBD | fix/accept/escalate |
-
-## Policy Updates
-
-- [ ] .scale/engineering-standards.json
-- [ ] .scale/frameworks.json
-- [ ] docs/standards/
-
-## Settlement
-
-- Standards scan:
-- Standards doctor:
+    return `# Standards Impact
+
+## Standards Checked
+
+- [ ] Logging and redaction
+- [ ] Architecture boundaries
+- [ ] ORM/database access
+- [ ] Framework/component conventions
+- [ ] UI/UX acceptance where user-facing
+- [ ] Test and verification rigor
+- [ ] Security-sensitive inputs and outputs
+
+## Findings
+
+| Severity | Rule | Path | Decision |
+| --- | --- | --- | --- |
+| TBD | TBD | TBD | fix/accept/escalate |
+
+## Policy Updates
+
+- [ ] .scale/engineering-standards.json
+- [ ] .scale/frameworks.json
+- [ ] docs/standards/
+
+## Settlement
+
+- Standards scan:
+- Standards doctor:
 `;
 }
 function architectureReviewTemplate() {
-    return `# Architecture Review
-
-## Scope
-
-- Modules touched:
-- Public contracts touched:
-- Data flow touched:
-
-## Boundary Checks
-
-- [ ] API/controller layer does not bypass service/usecase layer
-- [ ] Domain layer is not coupled to infrastructure details
-- [ ] Repository/ORM usage follows project conventions
-- [ ] Shared framework components are reused instead of duplicated
-- [ ] New abstractions remove real complexity
-
-## Risks
-
-- TBD
-
-## Decision
-
-- Approved/changes required:
+    return `# Architecture Review
+
+## Scope
+
+- Modules touched:
+- Public contracts touched:
+- Data flow touched:
+
+## Boundary Checks
+
+- [ ] API/controller layer does not bypass service/usecase layer
+- [ ] Domain layer is not coupled to infrastructure details
+- [ ] Repository/ORM usage follows project conventions
+- [ ] Shared framework components are reused instead of duplicated
+- [ ] New abstractions remove real complexity
+
+## Risks
+
+- TBD
+
+## Decision
+
+- Approved/changes required:
 `;
 }
 function securityReviewTemplate() {
@@ -677,6 +741,70 @@ TBD
 TBD
 `;
 }
+function productSmokeTemplate() {
+    return `# Product Smoke
+
+## Real Product Path
+
+Describe the smallest end-to-end path that proves the change works through the real product boundary.
+
+Example:
+
+\`\`\`text
+UI or client -> gateway/router -> service -> database/storage/queue -> observable result
+\`\`\`
+
+Do not use a green health endpoint as the only proof when the user-facing path depends on routing, authentication, storage, async tasks, browser behavior, or third-party integration.
+
+## Quick Setup
+
+1. Open \`.scale/product-smoke.json\`.
+2. Replace the example command with one real product path command.
+3. Set that probe's \`enabled\` field to \`true\`.
+4. Run \`scale preflight --profile productSmoke --json\`.
+5. Run \`scale runtime final-check --level M --json\`.
+
+\`status: "skipped"\` means no real product path was exercised. It does not count as completion evidence.
+
+## Setup
+
+- Base URL:
+- Test user or tenant:
+- Required fixtures:
+- Services that must be running:
+
+## Smoke Commands
+
+| Command | Expected Result | Evidence Artifact |
+| --- | --- | --- |
+| TBD | TBD | TBD |
+
+## Runtime Evidence
+
+Record at least one runtime evidence item:
+
+\`\`\`bash
+scale runtime record \\
+  --kind command \\
+  --title "Product smoke: <flow>" \\
+  --status passed \\
+  --command "<exact smoke command>" \\
+  --exit-code 0 \\
+  --summary "<business result, task id, status, or observable output>" \\
+  --artifacts ".agent/logs/<service>/<smoke>.json" \\
+  --metadata-json '{"productSmoke":true,"realProductPath":true}'
+\`\`\`
+
+## Assertions
+
+- [ ] Request crossed the real product boundary, not only an isolated unit.
+- [ ] Authentication or user identity path was exercised when relevant.
+- [ ] Persistence/storage/queue side effect was verified when relevant.
+- [ ] Async task or eventual state was polled to terminal status when relevant.
+- [ ] Failure output is specific enough to diagnose the failing layer.
+- [ ] Runtime artifacts are ignored or deliberately promoted according to resource governance.
+`;
+}
 function planTemplate() {
     return `# Plan
 
@@ -804,6 +932,12 @@ function verificationMatrixTemplate(mode, options = {}) {
                 commands: {},
                 services: options.services?.filter(service => service.required !== false).map(service => service.name) ?? [],
             },
+            productSmoke: {
+                commands: {
+                    smoke: 'powershell -ExecutionPolicy Bypass -File scripts/qa/product-smoke.ps1',
+                },
+                services: options.services?.filter(service => service.required !== false).map(service => service.name) ?? [],
+            },
         },
         services: options.services ?? [],
         exclude: options.exclude ?? ['node_modules', 'dist', 'tmp', 'vendor'],
@@ -813,9 +947,170 @@ function verificationMatrixTemplate(mode, options = {}) {
             artifactGate: options.artifactGate ?? (mode === 'critical' ? 'block' : 'warn'),
             artifactGateLevels: ['M', 'L', 'CRITICAL'],
             engineeringStandardsGate: mode === 'minimal' ? 'warn' : 'block',
+            productSmokeGate: mode === 'critical' ? 'block' : 'warn',
+        },
+    }, null, 2) + '\n';
+}
+function productSmokeConfigTemplate(mode) {
+    return JSON.stringify({
+        version: 1,
+        gate: mode === 'critical' ? 'block' : 'warn',
+        requiredForLevels: ['M', 'L', 'CRITICAL'],
+        emptyProbeBehavior: 'block',
+        setupGuide: [
+            'Set probes[].enabled=true only after replacing the example command with a real product path.',
+            'Use a command that crosses the real boundary: client/UI -> gateway/router -> service -> persistence or observable result.',
+            'Run: scale preflight --profile productSmoke --json',
+            'Run: scale runtime final-check --level M --json',
+        ],
+        runtimeEvidence: {
+            requiredKind: 'command',
+            requiredStatus: 'passed',
+            requireArtifacts: true,
         },
+        probes: [
+            {
+                id: 'example-business-flow',
+                enabled: false,
+                description: 'Replace with a real user/product path such as UI -> gateway -> service -> database/storage.',
+                command: 'curl -fsS http://127.0.0.1:3000/health',
+                expected: {
+                    exitCode: 0,
+                    evidenceArtifact: '.agent/logs/product-smoke.json',
+                },
+            },
+        ],
     }, null, 2) + '\n';
 }
+function productSmokePowerShellScript() {
+    return `# Product smoke probe runner generated by scale-engine.
+$ErrorActionPreference = "Stop"
+
+$Root = (Resolve-Path (Join-Path $PSScriptRoot "..\\..")).Path
+$ConfigPath = Join-Path $Root ".scale\\product-smoke.json"
+$LogDir = Join-Path $Root ".agent\\logs"
+$LogPath = Join-Path $LogDir "product-smoke.json"
+
+New-Item -ItemType Directory -Force -Path $LogDir | Out-Null
+
+$NodeProgram = @'
+${productSmokeNodeProgram()}
+'@
+
+$TempFile = [System.IO.Path]::GetTempFileName() + ".js"
+Set-Content -Path $TempFile -Value $NodeProgram -Encoding UTF8
+try {
+  node $TempFile $ConfigPath $LogPath
+  exit $LASTEXITCODE
+} finally {
+  Remove-Item -Force $TempFile -ErrorAction SilentlyContinue
+}
+`;
+}
+function productSmokeShellScript() {
+    return `#!/usr/bin/env sh
+set -eu
+
+ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+CONFIG_PATH="$ROOT/.scale/product-smoke.json"
+LOG_DIR="$ROOT/.agent/logs"
+LOG_PATH="$LOG_DIR/product-smoke.json"
+
+mkdir -p "$LOG_DIR"
+
+node - "$CONFIG_PATH" "$LOG_PATH" <<'NODE'
+${productSmokeNodeProgram()}
+NODE
+`;
+}
+function productSmokeNodeProgram() {
+    return `const fs = require('fs');
+const cp = require('child_process');
+const path = require('path');
+
+const configPath = process.argv[2];
+const logPath = process.argv[3];
+
+function writeReport(report) {
+  fs.mkdirSync(path.dirname(logPath), { recursive: true });
+  fs.writeFileSync(logPath, JSON.stringify(report, null, 2) + '\\n', 'utf8');
+  process.stdout.write(JSON.stringify(report, null, 2) + '\\n');
+}
+
+if (!fs.existsSync(configPath)) {
+  writeReport({
+    version: 1,
+    status: 'failed',
+    verifiedAt: new Date().toISOString(),
+    message: 'Missing .scale/product-smoke.json',
+    results: []
+  });
+  process.exit(1);
+}
+
+const config = JSON.parse(fs.readFileSync(configPath, 'utf8').replace(/^\\uFEFF/, ''));
+const probes = Array.isArray(config.probes) ? config.probes.filter(probe => probe && probe.enabled === true) : [];
+
+if (probes.length === 0) {
+  const status = config.emptyProbeBehavior === 'block' ? 'failed' : 'skipped';
+  writeReport({
+    version: 1,
+    status,
+    verifiedAt: new Date().toISOString(),
+    message: 'No enabled product smoke probes. Enable probes in .scale/product-smoke.json after defining the real product path.',
+    results: []
+  });
+  process.exit(status === 'failed' ? 1 : 0);
+}
+
+const results = probes.map((probe) => {
+  const startedAt = new Date().toISOString();
+  const expectedExitCode = Number.isInteger(probe.expected && probe.expected.exitCode) ? probe.expected.exitCode : 0;
+  const command = String(probe.command || '');
+  if (!command.trim()) {
+    return {
+      id: String(probe.id || 'unnamed-probe'),
+      description: String(probe.description || ''),
+      command,
+      expectedExitCode,
+      exitCode: 1,
+      status: 'failed',
+      startedAt,
+      endedAt: new Date().toISOString(),
+      outputTail: 'Probe command is empty'
+    };
+  }
+  const result = cp.spawnSync(command, {
+    cwd: process.cwd(),
+    shell: true,
+    encoding: 'utf8',
+    timeout: Number(config.timeoutMs || 180000)
+  });
+  const output = String(result.stdout || '') + String(result.stderr || '') + String(result.error ? result.error.message : '');
+  const exitCode = typeof result.status === 'number' ? result.status : 1;
+  return {
+    id: String(probe.id || 'unnamed-probe'),
+    description: String(probe.description || ''),
+    command,
+    expectedExitCode,
+    exitCode,
+    status: exitCode === expectedExitCode ? 'passed' : 'failed',
+    startedAt,
+    endedAt: new Date().toISOString(),
+    outputTail: output.length > 2000 ? output.slice(-2000) : output
+  };
+});
+
+const failed = results.filter(result => result.status !== 'passed');
+writeReport({
+  version: 1,
+  status: failed.length === 0 ? 'passed' : 'failed',
+  verifiedAt: new Date().toISOString(),
+  results
+});
+process.exit(failed.length === 0 ? 0 : 1);
+`;
+}
 function packageVersion() {
     try {
         const pkg = JSON.parse(readFileSync(join(process.cwd(), 'package.json'), 'utf-8'));