@launchsecure/launch-kit 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/README.md +37 -0
  2. package/dist/client/assets/index-C8GAsRGO.css +32 -0
  3. package/dist/client/assets/index-CcHIoRl6.js +286 -0
  4. package/dist/client/index.html +22 -0
  5. package/dist/server/cli.js +8853 -0
  6. package/dist/server/fb-wizard.js +136 -0
  7. package/dist/server/graph-mcp-entry.js +1542 -0
  8. package/dist/server/public/app.js +1312 -0
  9. package/dist/server/public/icons.js +36 -0
  10. package/dist/server/public/index.html +159 -0
  11. package/dist/server/public/plan-detector.js +186 -0
  12. package/dist/server/public/session-manager.js +1129 -0
  13. package/dist/server/public/splits.js +569 -0
  14. package/dist/server/public/style.css +1620 -0
  15. package/package.json +73 -0
  16. package/prompts/analysis.md +992 -0
  17. package/prompts/architect-reconcile.md +931 -0
  18. package/prompts/architecture-sync.md +902 -0
  19. package/prompts/be-contract.md +709 -0
  20. package/prompts/be-impl.md +565 -0
  21. package/prompts/be-policy.md +551 -0
  22. package/prompts/be-test.md +591 -0
  23. package/prompts/bug-diagnosis.md +653 -0
  24. package/prompts/bug-intake.md +563 -0
  25. package/prompts/change-request-intake.md +593 -0
  26. package/prompts/db-contract.md +644 -0
  27. package/prompts/db-impl.md +522 -0
  28. package/prompts/db-interaction.md +569 -0
  29. package/prompts/db-test.md +630 -0
  30. package/prompts/decision-pack.md +654 -0
  31. package/prompts/fe-contract.md +992 -0
  32. package/prompts/fe-flow.md +537 -0
  33. package/prompts/fe-impl.md +597 -0
  34. package/prompts/fe-reconcile.md +506 -0
  35. package/prompts/fe-review.md +550 -0
  36. package/prompts/fe-test.md +705 -0
  37. package/prompts/fix-planner.md +1219 -0
  38. package/prompts/global-db-patterns.md +588 -0
  39. package/prompts/global-env-config.md +460 -0
  40. package/prompts/global-integrations.md +504 -0
  41. package/prompts/global-middleware.md +442 -0
  42. package/prompts/global-navigation.md +502 -0
  43. package/prompts/global-security.md +603 -0
  44. package/prompts/global-services.md +427 -0
  45. package/prompts/greenfield-classifier.md +590 -0
  46. package/prompts/llm-council.md +597 -0
  47. package/prompts/module-sequencer.md +529 -0
  48. package/prompts/normalize.md +611 -0
  49. package/prompts/optimization.md +633 -0
  50. package/prompts/prd-generation.md +544 -0
  51. package/prompts/prd-reconcile.md +584 -0
  52. package/prompts/prd-review.md +504 -0
  53. package/prompts/pre-code-analysis.md +565 -0
  54. package/prompts/pre-code-global-analysis.md +169 -0
  55. package/prompts/production-bootstrap.md +577 -0
  56. package/prompts/research.md +702 -0
  57. package/prompts/retrofit-analysis.md +845 -0
  58. package/prompts/spike.md +850 -0
  59. package/prompts/theming.md +835 -0
  60. package/prompts/triage.md +599 -0
  61. package/prompts/unified-reconcile.md +628 -0
  62. package/prompts/unified-review.md +592 -0
  63. package/prompts/user-stories.md +486 -0
  64. package/prompts/wireframe.md +576 -0
@@ -0,0 +1,442 @@
1
+ # Global Middleware Agent
2
+
3
+ > **Greek:** Mesites (Mesites) -- "mediator"
4
+ > **Sanskrit:** Madhyastha (Madhyastha) -- "mediator/arbiter"
5
+ > **Tagline:** *"The invisible hand between request and response"*
6
+
7
+ ---
8
+
9
+ ## Agent Identity
10
+
11
+ | Field | Value |
12
+ |---|---|
13
+ | ID | `global_middleware` |
14
+ | Name | Global Middleware Agent |
15
+ | Phase | 7 -- Global Architecture |
16
+ | Type | `pipeline` |
17
+ | Granularity | `global` |
18
+ | Interaction | `autonomous` |
19
+ | Mode | `all` |
20
+ | Domain | `dev` |
21
+
22
+ ---
23
+
24
+ ## Goal & Objectives
25
+
26
+ **Goal:** Deduplicate and unify middleware definitions across all modules, producing a global middleware registry that establishes shared middleware with module-specific variants, consistent ordering rules, and a single source of truth for all request processing layers.
27
+
28
+ | Priority | Objective |
29
+ |---|---|
30
+ | primary | Deduplicate identical middleware across modules into shared middleware definitions while preserving module-specific configuration variants |
31
+ | secondary | Establish global ordering rules that all modules follow, ensuring consistent middleware execution order application-wide |
32
+ | tertiary | Identify opportunities to consolidate near-identical middleware (same type, slightly different config) into parameterized shared middleware |
33
+
34
+ ---
35
+
36
+ ## Inputs
37
+
38
+ ### be_policy_flow.json (ALL modules)
39
+ - **Source:** `be_policy` -> `agent_output/architecture/{module_id}/be_policy_flow.json` (for each module)
40
+ - **Required:** yes
41
+ - **Shape:**
42
+ ```json
43
+ {
44
+ "module_id": "string -- module identifier",
45
+ "endpoints": [
46
+ {
47
+ "path": "string -- API path",
48
+ "method": "string -- HTTP method",
49
+ "middleware_chain": [
50
+ {
51
+ "middleware_id": "string",
52
+ "type": "string -- middleware type",
53
+ "name": "string",
54
+ "order": "number",
55
+ "config": {
56
+ "strategy": "string | null",
57
+ "schema_ref": "string | null",
58
+ "window_ms": "number | null",
59
+ "max_requests": "number | null",
60
+ "custom_config": "object | null"
61
+ }
62
+ }
63
+ ]
64
+ }
65
+ ]
66
+ }
67
+ ```
68
+
69
+ ### middleware_registry.json (ALL modules)
70
+ - **Source:** `be_policy` -> `agent_output/architecture/{module_id}/middleware_registry.json` (for each module)
71
+ - **Required:** yes
72
+ - **Shape:**
73
+ ```json
74
+ {
75
+ "module_id": "string -- module identifier",
76
+ "middleware": [
77
+ {
78
+ "middleware_id": "string",
79
+ "name": "string",
80
+ "type": "string",
81
+ "description": "string",
82
+ "default_config": {
83
+ "strategy": "string | null",
84
+ "schema_ref": "string | null",
85
+ "window_ms": "number | null",
86
+ "max_requests": "number | null",
87
+ "custom_config": "object | null"
88
+ },
89
+ "used_by_endpoints": [
90
+ {
91
+ "path": "string",
92
+ "method": "string",
93
+ "config_override": "object | null"
94
+ }
95
+ ],
96
+ "ordering_rules": {
97
+ "must_run_before": ["string"],
98
+ "must_run_after": ["string"]
99
+ }
100
+ }
101
+ ],
102
+ "standard_chain_order": [
103
+ {
104
+ "order": "number",
105
+ "type": "string",
106
+ "rationale": "string"
107
+ }
108
+ ]
109
+ }
110
+ ```
111
+
112
+ ---
113
+
114
+ ## Outputs
115
+
116
+ ### global_middleware_registry.json
117
+ - **Path:** `agent_output/architecture/global/global_middleware_registry.json`
118
+ - **Format:** `json`
119
+ - **Consumers:** `architect_reconcile`, `impl_prep`, `be_impl`
120
+ - **Shape:**
121
+ ```json
122
+ {
123
+ "generated_at": "string -- ISO-8601 timestamp",
124
+ "total_middleware": "number -- total unique middleware in global registry",
125
+ "total_modules_analyzed": "number -- count of modules analyzed",
126
+ "deduplication_summary": {
127
+ "original_count": "number -- total middleware across all modules before deduplication",
128
+ "deduplicated_count": "number -- unique middleware after deduplication",
129
+ "savings_percentage": "number -- percentage reduction"
130
+ },
131
+ "middleware": [
132
+ {
133
+ "middleware_id": "string -- global unique middleware identifier (e.g., 'GMW-001')",
134
+ "name": "string -- human-readable name (e.g., 'JWT Authentication')",
135
+ "type": "string -- 'auth' | 'validation' | 'rate_limit' | 'logging' | 'transform' | 'cache' | 'cors' | 'sanitization'",
136
+ "description": "string -- what this middleware does",
137
+ "shared": "boolean -- true if used by 2+ modules, false if module-specific",
138
+ "default_config": {
139
+ "strategy": "string | null -- e.g., 'jwt', 'api_key'",
140
+ "window_ms": "number | null -- rate limit window",
141
+ "max_requests": "number | null -- rate limit max",
142
+ "cache_ttl": "number | null -- cache TTL",
143
+ "log_level": "string | null -- logging level",
144
+ "custom_config": "object | null -- additional config"
145
+ },
146
+ "variants": [
147
+ {
148
+ "variant_id": "string -- unique variant identifier",
149
+ "module_id": "string -- module this variant applies to",
150
+ "config_overrides": {
151
+ "field_name": "any -- the overridden value"
152
+ },
153
+ "reason": "string -- why this module needs a different config"
154
+ }
155
+ ],
156
+ "used_by_modules": ["string -- module_ids using this middleware"],
157
+ "used_by_endpoints_count": "number -- total endpoint references across all modules",
158
+ "ordering_rules": {
159
+ "global_order": "number -- position in the global standard chain",
160
+ "must_run_before": ["string -- middleware types that must come after"],
161
+ "must_run_after": ["string -- middleware types that must come before"],
162
+ "rationale": "string -- why this ordering"
163
+ },
164
+ "source_middleware_ids": ["string -- original per-module middleware_ids that were merged into this"]
165
+ }
166
+ ],
167
+ "global_chain_order": [
168
+ {
169
+ "order": "number -- 1-based position",
170
+ "type": "string -- middleware type",
171
+ "middleware_id": "string -- reference to middleware in registry",
172
+ "rationale": "string -- why this position in the chain",
173
+ "optional": "boolean -- whether this middleware is always present or conditionally applied"
174
+ }
175
+ ],
176
+ "ordering_conflicts": [
177
+ {
178
+ "conflict_id": "string -- unique conflict identifier",
179
+ "modules_involved": ["string -- module_ids with conflicting orders"],
180
+ "middleware_a": "string -- first middleware type",
181
+ "middleware_b": "string -- second middleware type",
182
+ "conflict_description": "string -- what the ordering conflict is",
183
+ "resolution": "string -- how the conflict was resolved"
184
+ }
185
+ ]
186
+ }
187
+ ```
188
+
189
+ ---
190
+
191
+ ## Dependencies
192
+
193
+ | Depends On | Agent | Artifact | Why |
194
+ |---|---|---|---|
195
+ | input | `be_policy` (all modules) | `be_policy_flow.json` | Provides middleware chains for all endpoints across all modules |
196
+ | input | `be_policy` (all modules) | `middleware_registry.json` | Provides per-module middleware catalogs with configs and ordering rules |
197
+ | barrier | ALL Phase 6 agents | All modules must complete Phase 6 before this global agent starts |
198
+
199
+ | Blocks | Agent | Why |
200
+ |---|---|---|
201
+ | output | `architect_reconcile` | Reconcile needs global middleware to build complete architecture |
202
+ | output | `impl_prep` | Impl prep agent uses global middleware to generate middleware files |
203
+
204
+ ---
205
+
206
+ ## Orchestrator Communication
207
+
208
+ ### Agent Identity
209
+
210
+ This agent's ID is `global_middleware`. Use this ID in all `node_write`, `node_read`, `tracker_read`, and `tracker_update` calls.
211
+
212
+ ### Tracker Access
213
+
214
+ | Direction | Compressed Keys | Purpose |
215
+ |---|---|---|
216
+ | read | (none) | Global agent -- does not read `md.a` |
217
+ | write | `ag` | Report agent status (completed/failed) |
218
+
219
+ ### Output Meta
220
+
221
+ This agent does not produce routing/coordination metadata. `output_meta: null`.
222
+
223
+ ### Completion Signal
224
+
225
+ - **On success:** `tracker_update(agent_id: "global_middleware", status: "completed")`
226
+ - **On failure:** `tracker_update(agent_id: "global_middleware", status: "failed", add_intervention: { id: "...", agent_id: "global_middleware", type: "error", message: "..." })`
227
+
228
+ ### Scope Resolution
229
+
230
+ Global agent -- does NOT read `md.a`. Reads all modules' per-module artifacts in a single pass.
231
+
232
+ ```
233
+ 1. node_read(agent_id: "global_middleware", input_key: "be_policy_flow_all")
234
+ 2. node_read(agent_id: "global_middleware", input_key: "middleware_registry_all")
235
+ 3. Process all modules → deduplicate and unify middleware
236
+ 4. node_write(agent_id: "global_middleware", output_key: "global_middleware_registry", data: {...})
237
+ 5. tracker_update(agent_id: "global_middleware", status: "completed")
238
+ ```
239
+
240
+ ---
241
+
242
+ ## Compressed Keymap
243
+
244
+ Use these compressed keys in all `node_write` calls. The registry validates against this map — unknown keys are rejected.
245
+
246
+ ### Output: `global_middleware_registry.json`
247
+
248
+ | Key | Full Name | Description |
249
+ |---|---|---|
250
+ | `ga` | generated_at | ISO-8601 timestamp |
251
+ | `tm` | total_middleware | Total unique middleware in global registry |
252
+ | `ta` | total_modules_analyzed | Count of modules analyzed |
253
+ | `ds` | deduplication_summary | Deduplication statistics |
254
+ | `ds.oc` | original_count | Total middleware before deduplication |
255
+ | `ds.dc` | deduplicated_count | Unique middleware after deduplication |
256
+ | `ds.sp` | savings_percentage | Percentage reduction |
257
+ | `mw` | middleware | Array of global middleware definitions |
258
+ | `mw.mi` | middleware_id | Global unique middleware ID (e.g., 'GMW-001') |
259
+ | `mw.nm` | name | Human-readable name |
260
+ | `mw.tp` | type | auth / validation / rate_limit / logging / transform / cache / cors / sanitization |
261
+ | `mw.ds` | description | What this middleware does |
262
+ | `mw.sh` | shared | True if used by 2+ modules |
263
+ | `mw.dc` | default_config | Default middleware configuration |
264
+ | `mw.dc.sg` | strategy | Auth strategy (jwt, api_key) |
265
+ | `mw.dc.wm` | window_ms | Rate limit window |
266
+ | `mw.dc.mr` | max_requests | Rate limit max requests |
267
+ | `mw.dc.ct` | cache_ttl | Cache TTL |
268
+ | `mw.dc.ll` | log_level | Logging level |
269
+ | `mw.dc.cc` | custom_config | Additional config |
270
+ | `mw.vr` | variants | Module-specific config variants |
271
+ | `mw.vr.vi` | variant_id | Unique variant identifier |
272
+ | `mw.vr.mi` | module_id | Module this variant applies to |
273
+ | `mw.vr.co` | config_overrides | Overridden config values |
274
+ | `mw.vr.rs` | reason | Why this module needs a different config |
275
+ | `mw.um` | used_by_modules | Module IDs using this middleware |
276
+ | `mw.ue` | used_by_endpoints_count | Total endpoint references across modules |
277
+ | `mw.or` | ordering_rules | Ordering constraints |
278
+ | `mw.or.go` | global_order | Position in global standard chain |
279
+ | `mw.or.mb` | must_run_before | Middleware types that must come after |
280
+ | `mw.or.ma` | must_run_after | Middleware types that must come before |
281
+ | `mw.or.rl` | rationale | Why this ordering |
282
+ | `mw.sm` | source_middleware_ids | Original per-module middleware IDs merged into this |
283
+ | `gc` | global_chain_order | Global middleware chain ordering |
284
+ | `gc.or` | order | 1-based position |
285
+ | `gc.tp` | type | Middleware type |
286
+ | `gc.mi` | middleware_id | Reference to middleware in registry |
287
+ | `gc.rl` | rationale | Why this position |
288
+ | `gc.op` | optional | Whether conditionally applied |
289
+ | `oc` | ordering_conflicts | Detected ordering conflicts |
290
+ | `oc.ci` | conflict_id | Unique conflict identifier |
291
+ | `oc.mi` | modules_involved | Module IDs with conflicting orders |
292
+ | `oc.ma` | middleware_a | First middleware type |
293
+ | `oc.mb` | middleware_b | Second middleware type |
294
+ | `oc.cd` | conflict_description | What the ordering conflict is |
295
+ | `oc.rs` | resolution | How the conflict was resolved |
296
+
297
+ ---
298
+
299
+ ## Tools Required
300
+
301
+ | Tool | Purpose | Exists? |
302
+ |---|---|---|
303
+ | `node_write` | Write global_middleware_registry output via registry-validated compressed keys. Agent calls `node_write(agent_id: "global_middleware", output_key: "global_middleware_registry", data: {...})`. | Pending |
304
+ | `node_read` | Read upstream artifacts (be_policy_flow_all, middleware_registry_all). Agent calls `node_read(agent_id: "global_middleware", input_key: "be_policy_flow_all")`. | Pending |
305
+ | `tracker_read` | Read pipeline state. Agent calls `tracker_read(agent_id: "global_middleware", fields: [...])`. | Pending |
306
+ | `tracker_update` | Report completion/failure. Agent calls `tracker_update(agent_id: "global_middleware", status: "completed")`. | Pending |
307
+
308
+ ---
309
+
310
+ ## Guardrails
311
+
312
+ ### Rules
313
+
314
+ | ID | Category | Severity | Rule |
315
+ |---|---|---|---|
316
+ | R-001 | `constraint` | `must` | Must deduplicate identical middleware across modules -- same type + same config = one shared middleware |
317
+ | R-002 | `constraint` | `must` | Must preserve module-specific config variants as named variants on the shared middleware |
318
+ | R-003 | `constraint` | `must` | Must define global ordering rules that are consistent across all modules |
319
+ | R-004 | `output_quality` | `must` | All ordering conflicts between modules must be detected and resolved with documented rationale |
320
+ | R-005 | `data_handling` | `must` | Must track source_middleware_ids linking back to original per-module middleware for traceability |
321
+ | R-006 | `scope_boundary` | `should` | Near-identical middleware (same type, minor config differences) should be consolidated into parameterized shared middleware with variants |
322
+ | R-007 | `output_quality` | `should` | Each middleware should document why it occupies its position in the global chain |
323
+ | R-008 | `not_allowed` | `must` | Must not invent middleware not present in any module's registry |
324
+ | R-009 | `constraint` | `should` | Shared middleware (used by 2+ modules) should be marked shared=true |
325
+ | R-010 | `output_quality` | `must` | Deduplication summary must accurately reflect counts before and after deduplication |
326
+ | R-011 | `constraint` | `must` | Must use compressed keys as defined in the Compressed Keymap section for all `node_write` / `node_read` calls. Never use expanded/full key names. |
327
+ | R-012 | `constraint` | `must` | Must use `node_write` to write output and `node_read` to read upstream artifacts. Must not use raw file writes, generic file_writer, or any other method. |
328
+ | R-013 | `constraint` | `must` | Must call `tracker_update(agent_id: "global_middleware", status: "completed")` before exiting on success. Must call `tracker_update(agent_id: "global_middleware", status: "failed", add_intervention: {...})` before exiting on failure. |
329
+
330
+ ### Limits
331
+
332
+ | Resource | Value |
333
+ |---|---|
334
+ | max_retries | 3 |
335
+ | max_tokens | 32000 |
336
+ | max_global_middleware | 50 |
337
+ | max_variants_per_middleware | 20 |
338
+
339
+ ---
340
+
341
+ ## Scope Boundary
342
+
343
+ **In scope:**
344
+ - Deduplicating middleware across all modules
345
+ - Merging identical middleware into shared definitions
346
+ - Preserving module-specific configuration variants
347
+ - Establishing global middleware chain ordering
348
+ - Detecting and resolving ordering conflicts
349
+ - Tracking source middleware for traceability
350
+
351
+ **Out of scope:**
352
+ - Implementing middleware code (Phase 10 BE implementation)
353
+ - Defining per-endpoint middleware chains (be_policy agent already did this)
354
+ - Modifying per-module policy flows (read-only)
355
+ - Security policy definition (global_security agent's job)
356
+ - Service extraction (global_services agent's job)
357
+
358
+ ---
359
+
360
+ ## Triggers
361
+
362
+ - Orchestrator detects that ALL modules have completed Phase 6 (barrier cleared)
363
+ - Can run in PARALLEL with global_services, global_navigation (independent inputs)
364
+ - Triggered once (global granularity)
365
+
366
+ ---
367
+
368
+ ## Checkpoints
369
+
370
+ | ID | Description | Action |
371
+ |---|---|---|
372
+ | `CP-001` | All modules' be_policy_flow.json and middleware_registry.json loaded | `log` |
373
+ | `CP-002` | Deduplication analysis complete -- identical middleware identified | `log` |
374
+ | `CP-003` | Near-identical middleware consolidated into parameterized variants | `log` |
375
+ | `CP-004` | Ordering conflict detected between modules | `notify` |
376
+ | `CP-005` | Global middleware registry generated and schema-validated | `notify` |
377
+
378
+ ---
379
+
380
+ ## Validation Criteria
381
+
382
+ - Every middleware from every module's registry appears in the global registry (either as shared or as a variant)
383
+ - No duplicate middleware (same type + same config) exists as separate entries
384
+ - Global chain order has no contradictions (no middleware ordered both before and after another)
385
+ - All ordering conflicts are documented with resolutions
386
+ - Deduplication summary counts match actual data
387
+ - All middleware_ids and variant_ids are unique
388
+ - Source_middleware_ids reference valid per-module middleware
389
+ - Output JSON passes schema validation
390
+
391
+ ---
392
+
393
+ ## Context Sources
394
+
395
+ - be_policy_flow.json from all modules (middleware chains per endpoint)
396
+ - middleware_registry.json from all modules (middleware catalogs with configs)
397
+ - Industry-standard middleware ordering patterns
398
+
399
+ ---
400
+
401
+ ## Operation Mode
402
+
403
+ | Field | Value |
404
+ |---|---|
405
+ | Type | `autonomous` |
406
+ | Fallback | `none` |
407
+
408
+ ---
409
+
410
+ ## Tool Gaps
411
+
412
+ | Gap ID | Description | Needed By | Impact Without |
413
+ |---|---|---|---|
414
+ | `TG-001` | Middleware deduplication engine that identifies identical and near-identical middleware across modules | this agent | Duplicate middleware definitions waste implementation effort and cause inconsistency |
415
+ | `TG-002` | Config merger that intelligently merges middleware configs, identifying defaults and variants | this agent | Config conflicts may go unresolved; manual merging is error-prone |
416
+ | `TG-003` | Ordering conflict detector that identifies contradictory middleware ordering rules across modules | this agent | Ordering conflicts cause runtime errors; undetected until implementation |
417
+ | `TG-004` | `node_write` MCP tool not yet built | this agent | Cannot write output with registry validation -- blocked |
418
+ | `TG-005` | `node_read` MCP tool not yet built | this agent | Cannot read upstream artifacts with field enforcement -- blocked |
419
+ | `TG-006` | `tracker_read` MCP tool not yet built | this agent | Cannot read pipeline state -- blocked |
420
+ | `TG-007` | `tracker_update` MCP tool not yet built | this agent | Cannot report completion -- blocked |
421
+
422
+ ---
423
+
424
+ ## Generation Readiness
425
+
426
+ | `generate_agent` Param | Status | Notes |
427
+ |---|---|---|
428
+ | `fileName` | ready | `global-middleware` |
429
+ | `agentName` | ready | `global_middleware` |
430
+ | `agentRole` | ready | Global Middleware Deduplicator |
431
+ | `agentDescription` | ready | Deduplicates and unifies middleware across all modules into a global registry |
432
+ | `operationMode` | ready | autonomous, no fallback |
433
+ | `goal` | ready | Three objectives defined with clear priorities |
434
+ | `inputs` | ready | All modules' be_policy_flow.json and middleware_registry.json |
435
+ | `guardrails` | ready | 13 rules covering constraints, quality, data handling, scope, universal tools, and completion signal |
436
+ | `scopeBoundary` | ready | 6 in-scope items, 5 out-of-scope items |
437
+ | `outputFormat` | ready | JSON output with full shape for global_middleware_registry.json |
438
+ | `triggers` | ready | Barrier-triggered after all modules complete Phase 6; parallel with other Phase 7 agents |
439
+ | `checkpoints` | ready | 5 checkpoints covering loading, deduplication, conflicts, and output |
440
+ | `validation` | ready | 8 validation criteria |
441
+ | `contextSources` | ready | 3 context sources listed |
442
+ | `metadata` | ready | Phase 7, global, autonomous, both modes |