baldart 3.6.2

package/framework/.claude/skills/bug/SKILL.md

@@ -0,0 +1,200 @@
+---
+name: bug
+description: >
+  Structured bug investigation and resolution workflow (framework-agnostic; project-specific entry points are loaded from `.baldart/overlays/bug.md`).
+  Use when: the user says /bug, 'debug', 'c e un bug', 'non funziona', 'errore', 'broken',
+  'investigate', or reports unexpected behavior. Accepts optional bug description as argument.
+  Enforces a disciplined 5-phase debugging protocol that prevents blind guessing:
+  (1) Reproduce & observe, (2) Enhanced logging if stuck, (3) Data-driven analysis,
+  (4) Hypothesis & minimal fix, (5) Verify. Leverages Playwright MCP for browser capture,
+  codebase-architect for code path tracing, doc-rag for known patterns, git bisect for regressions.
+---
+
+# /bug — Structured Bug Investigation
+
+Argument: optional bug description (e.g., `/bug feature X is not saving`).
+
+## Project Context
+
+**Reads from `baldart.config.yml`:** `paths.design_system`, `paths.references_dir`.
+**Gated by features:** `features.has_design_system` (when `true`, Phase 4's design-system reads become BLOCKING for UI-touching bugs).
+**Overlay:** loads `.baldart/overlays/bug.md` if present — project-specific debug entry points (e.g. SWR debug switches, env summary helpers, error-code modules). The base skill stays generic; project-specific code paths live in the overlay.
+**On missing/empty keys:** ask the user; do not assume defaults. See `framework/agents/project-context.md` § 3.
+
+## ANTI-PATTERNS (NEVER DO)
+
+- NEVER change code before reproducing the bug
+- NEVER guess the root cause — form hypotheses from evidence only
+- NEVER skip logging escalation when first pass finds nothing
+- NEVER fix symptoms — trace to root cause
+- NEVER remove temporary debug code without grep verification
+
+## PHASE 0: TRIAGE (< 2 min)
+
+1. Parse the bug description from args (or ask user if missing)
+2. Classify the bug domain:
+   - **UI/Client** → Playwright MCP is primary tool
+   - **API/Server** → dev server logs + route handler analysis
+   - **Data/Firestore** → MCP Firestore tools + transaction tracing
+   - **Auth** → authMiddleware.ts + auth error codes
+   - **Build/Deploy** → Vercel logs + build output
+3. Launch `codebase-architect` agent to map the affected code paths — do NOT start debugging blind
+4. Search doc-rag for related patterns: `mcp__doc-rag__search_docs` with bug keywords
+   - always use `mode="hybrid"` (vector + knowledge graph) for richer context retrieval
+   - if results come from Obsidian, treat them as context only and verify runtime behavior against repo docs/code before fixing
+5. Check git history for recent changes in affected area:
+   ```
+   git log --oneline -20 --all -- <affected-files>
+   git log --oneline -10 --grep="<related-keyword>"
+   ```
+
+## PHASE 1: REPRODUCE & OBSERVE (mandatory before any code change)
+
+Goal: get a reliable reproduction that you can re-run after fixing.
+
+**For UI bugs:**
+1. Navigate with Playwright MCP: `browser_navigate` to the affected page
+2. Capture baseline: `browser_take_screenshot`
+3. Capture console state: `browser_console_messages`
+4. Capture network: `browser_network_requests`
+5. Reproduce the bug step-by-step, capturing after each action
+6. Record the exact sequence that triggers the bug
+
+**For API bugs:**
+1. Identify the route handler file from the URL pattern
+2. Read the handler code — understand the full flow before anything else
+3. Check the error propagation pattern: look for `throw new Error(JSON.stringify({code, status, message}))` — this is the domain error contract
+4. Test the endpoint directly if possible (curl or Playwright network capture)
+
+**For data bugs:**
+1. Use `mcp__plugin_firebase_firebase__firestore_get_document` to inspect the document state
+2. Check field values, timestamps, missing fields
+3. If collection query: use `firestore_query_collection` to verify query results
+
+**Outcome:** a clear, repeatable reproduction OR evidence that the bug is intermittent (in which case, skip to Phase 2 immediately).
+
+## PHASE 2: ENHANCED LOGGING (escalate if Phase 1 didn't reveal root cause)
+
+**This is the critical phase.** If you don't see the root cause within 5 minutes of Phase 1, escalate to enhanced logging IMMEDIATELY. Do NOT keep reading code hoping to find it.
+
+### Server-side logging injection
+
+Add temporary debug logs to suspected route handlers. ALL temporary logs MUST:
+- Use prefix `[DEBUG:<module>]` for easy grep
+- End the line with comment `// DEBUG:` marker
+- Include timestamps: `new Date().toISOString()`
+
+```typescript
+console.log(`[DEBUG:reservations] PATCH entry`, { // DEBUG:
+  id: params.id,
+  body: JSON.stringify(body).slice(0, 500),
+  user: req.user?.uid,
+  ts: new Date().toISOString(),
+}); // DEBUG:
+```
+
+For Firestore operations, wrap reads/writes:
+```typescript
+const t0 = Date.now(); // DEBUG:
+const snap = await firestore.collection('X').doc(id).get();
+console.log(`[DEBUG:fs] READ ${snap.ref.path} ${Date.now()-t0}ms exists=${snap.exists}`, snap.exists ? Object.keys(snap.data()!) : 'N/A'); // DEBUG:
+```
+
+For transactions, log attempt count:
+```typescript
+let attempt = 0; // DEBUG:
+await firestore.runTransaction(async (tx) => {
+  attempt++; // DEBUG:
+  console.log(`[DEBUG:tx] attempt=${attempt}`); // DEBUG:
+  // ... existing code
+});
+console.log(`[DEBUG:tx] done in ${attempt} attempts`); // DEBUG:
+```
+
+### Client-side logging (via Playwright MCP — zero code changes)
+
+Use `browser_evaluate` to inject runtime instrumentation:
+```javascript
+// Intercept all fetch calls
+const origFetch = window.fetch;
+window.fetch = async (...args) => {
+  const url = typeof args[0] === 'string' ? args[0] : args[0]?.url;
+  console.log('[DEBUG:fetch]', args[1]?.method || 'GET', url);
+  try {
+    const res = await origFetch(...args);
+    if (!res.ok) {
+      const clone = res.clone();
+      const text = await clone.text().catch(() => '');
+      console.error('[DEBUG:fetch] error', res.status, url, text.slice(0, 500));
+    }
+    return res;
+  } catch(e) {
+    console.error('[DEBUG:fetch] network error', url, e.message);
+    throw e;
+  }
+};
+```
+Then capture everything: `browser_console_messages` after reproducing.
+
+### Cache/data-fetch debug mode
+
+If the bug involves stale data and the project ships a cache provider with a debug switch (see `.baldart/overlays/bug.md` for the project-specific entry point — e.g. SWR/React Query/Apollo provider, env summary helper), enable it temporarily. Mark every temporary line with `// DEBUG:` so it can be grepped and reverted in Phase 5.
+
+### Environment check
+
+If the project exposes an env-summary helper (listed in `.baldart/overlays/bug.md`), call it to confirm env state. Otherwise, manually inspect the relevant `process.env` keys for the failing flow.
+
+## PHASE 3: DATA-DRIVEN ANALYSIS
+
+1. Reproduce the bug AGAIN with enhanced logging active
+2. Collect ALL output:
+   - Server terminal (grep for `[DEBUG:`)
+   - `browser_console_messages` from Playwright
+   - `browser_network_requests` from Playwright
+   - Screenshots before/after
+3. Analyze:
+   - **Timeline**: what happened in what order?
+   - **Divergence**: where does expected flow differ from actual?
+   - **Error codes**: match against the project's error-code module (listed in `.baldart/overlays/bug.md`).
+   - **Database state**: correct data returned? Transaction retries? (Storage tech depends on project.)
+   - **Network**: status codes? Request bodies?
+4. If regression, use git bisect:
+   ```
+   git bisect start HEAD <last-known-good> --
+   git bisect run sh -c "npx tsc --noEmit 2>/dev/null || exit 125; <test-command>"
+   ```
+5. Form a specific hypothesis: "The bug occurs because X at line Y in file Z causes W"
+
+## PHASE 4: HYPOTHESIS & FIX
+
+1. State hypothesis explicitly
+2. Verify consistency with ALL collected evidence
+3. **Design System SSOT (MANDATORY for UI/styling bugs, when `features.has_design_system: true`)**: if the bug is visual (layout, spacing, color, motion, theming, overlay z-index) or the fix touches a UI component, you MUST read `${paths.design_system}/INDEX.md` and the relevant `${paths.design_system}/components/<Name>.md` BEFORE proposing the fix. This prevents patching symptoms with hardcoded hex/shadow values while the real fix is a token or component prop. Theming bugs (when `features.multi_tenant_theming: true`) → read the project's theming pattern doc; motion/animation bugs → read the project's motion pattern doc (both listed in `.baldart/overlays/bug.md` and `.baldart/overlays/ui-design.md`).
+4. Implement MINIMAL fix — fewest lines possible
+5. Do NOT refactor, add features, or "improve" surrounding code
+
+## PHASE 5: VERIFY & CLEAN UP
+
+1. Reproduce original scenario — confirm fix
+2. Check regressions: `npx tsc --noEmit` + `npx eslint --max-warnings=0 <changed-files>`
+3. If tests exist: `npm run test`
+4. **REMOVE ALL DEBUG LOGGING:**
+   ```bash
+   grep -rn '// DEBUG:' src/ --include='*.ts' --include='*.tsx'
+   ```
+   Remove every line found. Run grep again to confirm zero results.
+5. Revert any temporary cache/data-fetch debug switches enabled in Phase 2
+6. Final Playwright screenshot to confirm visually
+
+## TOOLS QUICK REFERENCE
+
+| Tool | When | Purpose |
+|------|------|---------|
+| `codebase-architect` agent | Phase 0 | Map affected code paths |
+| `mcp__doc-rag__search_docs` | Phase 0 | Search known patterns/errors (`hybrid` mode — vector + knowledge graph; if MCP available) |
+| `mcp__playwright__browser_*` | Phase 1-5 | Navigate, screenshot, console, network |
+| Project DB MCP (if available) | Phase 1 | Inspect storage state (e.g. firestore/postgres tools) |
+| `git log/blame/bisect` | Phase 0, 3 | Find regression commits |
+| Project-specific entry points | various | Listed in `.baldart/overlays/bug.md` — error-code module, env-summary helper, cache debug switch |
+
+For detailed logging patterns, env vars, and storage debugging: see [references/logging-patterns.md](references/logging-patterns.md).

package/framework/.claude/skills/bug/references/logging-patterns.md

@@ -0,0 +1,174 @@
+# Logging Patterns & Debug Environment Reference
+
+## Next.js 16 Built-In Logging (next.config.ts)
+
+Add these to `next.config.ts` during debug sessions:
+
+```typescript
+logging: {
+  fetches: { fullUrl: true },            // logs all server-side fetch() with cache HIT/MISS
+  serverFunctions: true,                  // logs Server Actions with name + args + duration
+  browserToTerminal: true,                // forwards ALL client console.* to terminal with [browser] prefix
+  incomingRequests: {
+    ignore: [/\/api\/v1\/ping/, /\/_next/], // filter noise
+  },
+},
+```
+
+`browserToTerminal` (v16.2+) is the most powerful: it streams client-side `console.*` to the dev server terminal with file:line:col source location. No code changes needed.
+
+## Environment Variables for Debug Sessions
+
+Set in `.env.local` during investigation, remove after:
+
+```bash
+DEBUG_MODULES=reservations.patch,booking.schedule  # server-side module filter
+DEBUG_FIRESTORE=true                                # Firestore op tracing
+DEBUG_NETWORK=true                                  # request/response logging
+DEBUG_PROXY=true                                    # proxy/middleware logging
+NEXT_PUBLIC_DEBUG_COMPONENTS=booking.form,planner   # client component logs (rebuild required)
+NEXT_OTEL_VERBOSE=1                                 # verbose OpenTelemetry spans
+NEXT_TURBOPACK_TRACING=1                            # Turbopack bundler trace → .next/dev/trace-turbopack
+```
+
+## Debug Log Convention
+
+ALL temporary log lines MUST end with `// DEBUG:` comment marker.
+
+Cleanup command:
+```bash
+grep -rn '// DEBUG:' src/ --include='*.ts' --include='*.tsx'
+```
+
+Remove every line found. Run grep again. Zero results = clean.
+
+## Firestore-Specific Debugging
+
+### Transaction contention
+Firestore retries transactions silently up to 5 times. Only explicit attempt counting surfaces this:
+```typescript
+let attempt = 0; // DEBUG:
+await firestore.runTransaction(async (tx) => {
+  attempt++; // DEBUG:
+  console.log(`[DEBUG:tx] attempt=${attempt} path=${ref.path}`); // DEBUG:
+});
+```
+
+### Snapshot ambiguity
+`snapshot.empty === true` is AMBIGUOUS — could be security rules denial OR genuinely no documents. Check:
+- `snapshot.metadata.fromCache` — `true` = offline/cached, `false` = network response
+- `snapshot.metadata.hasPendingWrites` — pending optimistic writes
+
+### Query Explain (firebase-admin)
+```typescript
+// PLAN mode: no reads, just execution plan
+const plan = await query.explain({ analyze: false });
+// ANALYZE mode: runs query, returns stats
+const analysis = await query.explain({ analyze: true });
+// RED FLAG: readOperations >> resultsReturned = missing composite index
+```
+
+### Security Rules debugging
+`debug()` in Firestore rules works ONLY in the emulator, no-op in production.
+Use `@firebase/rules-unit-testing` (already in devDeps) for rule testing.
+
+## Playwright MCP Debug Patterns
+
+### Inject fetch interceptor (zero code changes)
+```javascript
+// browser_evaluate:
+const origFetch = window.fetch;
+window.fetch = async (...args) => {
+  const url = typeof args[0] === 'string' ? args[0] : args[0]?.url;
+  const method = args[1]?.method || 'GET';
+  console.log(`[DEBUG:fetch] ${method} ${url}`);
+  const start = Date.now();
+  try {
+    const res = await origFetch(...args);
+    console.log(`[DEBUG:fetch] ${res.status} ${url} ${Date.now()-start}ms`);
+    if (!res.ok) {
+      const clone = res.clone();
+      console.error(`[DEBUG:fetch] body:`, await clone.text().catch(() => ''));
+    }
+    return res;
+  } catch(e) {
+    console.error(`[DEBUG:fetch] FAIL ${url}`, e.message);
+    throw e;
+  }
+};
+```
+
+### Inject SWR mutation tracker
+```javascript
+// browser_evaluate:
+const origMutate = window.__SWR_MUTATE__;
+if (origMutate) {
+  window.__SWR_MUTATE__ = (...args) => {
+    console.log('[DEBUG:swr] mutate', args[0]);
+    return origMutate(...args);
+  };
+}
+```
+
+### HAR recording (for complex network analysis)
+In Playwright test context:
+```typescript
+const context = await browser.newContext({ recordHar: { path: 'debug.har', mode: 'full' } });
+```
+
+## CDP (Chrome DevTools Protocol) via Playwright
+
+For deep debugging beyond MCP tools:
+```typescript
+const session = await context.newCDPSession(page);
+await session.send('Runtime.enable');
+session.on('Runtime.consoleAPICalled', (event) => { /* raw console events */ });
+session.on('Runtime.exceptionThrown', (event) => { /* uncaught exceptions */ });
+await session.send('Network.enable');
+session.on('Network.requestWillBeSent', (event) => { /* all network + headers */ });
+```
+
+## Git Bisect Workflow
+
+```bash
+# Find the commit that introduced a regression
+git bisect start HEAD <last-known-good-tag> --
+git bisect run sh -c "npx tsc --noEmit 2>/dev/null || exit 125; <test-command>"
+git bisect reset
+
+# Tips:
+# - exit 125 = skip (untestable commit, e.g. npm install fails)
+# - --first-parent avoids false positives from broken merge branches
+# - Save session: git bisect log > session.log / replay: git bisect replay session.log
+# - Skip if deps fail: npm ci --silent 2>/dev/null || exit 125
+```
+
+## instrumentation.ts Hooks
+
+Next.js `instrumentation.ts` provides:
+- `onRequestError(error, request, context)` — fires on server errors
+- `context.routeType`: `'render' | 'route' | 'action' | 'proxy'` — distinguishes RSC vs handler vs Server Action
+- `error.digest` — stable error ID for Sentry correlation
+
+## Project Codebase Debug Tools
+
+The base skill is generic; project-specific debug entry points are listed in `.baldart/overlays/bug.md`. Typical entries:
+
+| Tool | Location | Purpose |
+|------|----------|---------|
+| Sandbox / write-interceptor | (project-specific) | Intercept writes during walkthrough/testing |
+| Sentry test endpoint | (project-specific) | Validate Sentry pipeline |
+| Env summary helper | (project-specific) | Safe env snapshot |
+| Auth bypass env var | (project-specific) | Emergency auth bypass |
+| Cache debug provider | (project-specific) | Cache/fetch logging (SWR / React Query / Apollo) |
+| Error boundaries | (project-specific) | Client error capture + Sentry |
+| Auth error map | (project-specific) | Auth-provider errors → typed codes |
+
+## Zustand State Debugging
+
+```typescript
+// In browser console:
+store.getState()  // point-in-time snapshot
+store.subscribe((state) => console.log('[DEBUG:zustand]', state))  // live changes
+// Zustand devtools (if enabled): visible in Redux DevTools extension
+```

package/framework/.claude/skills/capture/SKILL.md

@@ -0,0 +1,125 @@
+---
+name: capture
+description: Distilla una sintesi cross-document della conversazione recente in una synthesis page riusabile del wiki overlay (path da `paths.wiki_dir`/syntheses/ in `baldart.config.yml`). Usare quando l'utente invoca `/capture`, dice "capture synthesis", "salva sintesi", "distilla conversazione", "save this as wiki", "questa conversazione in wiki", o quando chiede di trasformare un ragionamento cross-document appena fatto in una pagina stabile. Due modalità — manual (sempre funzionante) e proactive (conditional sui candidati in `.claude/capture-queue/`). Implementa il loop query→wiki file-back di Karpathy.
+version: 0.1.0
+---
+
+# /capture — Synthesis Capture Skill
+
+Turns a recent multi-turn synthesis (cross-document reasoning done by the assistant) into a durable **synthesis page** under `${paths.wiki_dir}/syntheses/<slug>.md`. Part of the LLM wiki auto-learning loop — weak RAG queries and recurring synthesis patterns feed back into stable wiki pages so future agents can retrieve consolidated context instead of re-deriving it every time.
+
+## Project Context
+
+**Reads from `baldart.config.yml`:** `paths.wiki_dir`, `paths.references_dir`.
+**Gated by features:** `features.has_wiki_overlay` (skill REFUSES to run when `false` — the wiki overlay infrastructure must exist).
+**Overlay:** loads `.baldart/overlays/capture.md` if present — project-specific wiki-log helper path, domain vocabulary for the `domain:` frontmatter field.
+**On missing/empty keys:** ask the user; do not assume defaults. See `framework/agents/project-context.md` § 3.
+
+## Two Modes
+
+| Mode | When | How |
+|---|---|---|
+| **Manual** | User runs `/capture` explicitly | Skill reads pending queue (if any) + recent turns, proposes a synthesis. |
+| **Proactive** | `.claude/hooks/capture-detect.sh` triggers on `Stop` event and queues a candidate | Next `/capture` invocation surfaces the candidate first. |
+
+Manual mode always works. Proactive mode is a convenience layer.
+
+## Workflow
+
+Run these steps in order every time `/capture` is invoked.
+
+### Step 1 — Kill-switch check (soft)
+
+```bash
+if [ -f .claude/capture-queue/.disabled ]; then
+  echo "Proactive capture disabled (sentinel present). Running in manual-only mode for this turn."
+fi
+```
+
+Manual flow continues even when the sentinel exists; only proactive suggestion
+is suppressed.
+
+### Step 2 — Read pending candidates
+
+List up to **5** candidate files in `.claude/capture-queue/`:
+
+```bash
+ls -1 .claude/capture-queue/*.json 2>/dev/null | head -5
+```
+
+Ignore the sentinels: `.disabled`, `.gitkeep`, `.ingest-pending`. If the
+glob finds files, read the top 5 as JSON, extract `trigger`, `refs_mentioned`,
+and a short excerpt, and present them as numbered options:
+
+```
+1. [2026-04-23 14:02 UTC] Cross-doc reasoning on <topic>
+   refs: <path-to-source-1>, ${paths.references_dir}/<doc>.md
+   [Accept] [Reject] [Refine]
+2. ...
+```
+
+If no candidates AND the user did not provide an explicit synthesis hint, ask:
+
+> "What synthesis should I capture? Briefly describe the topic."
+
+### Step 3 — Draft the synthesis page
+
+1. Pick a short kebab-case slug (e.g., `<domain>-<topic>-rules`).
+2. Target path: `${paths.wiki_dir}/syntheses/<slug>.md`.
+3. Load the template: `references/synthesis-template.md`.
+4. Fill in each placeholder. Required frontmatter fields:
+
+   - `doc_type: synthesis`
+   - `domain: <inferred>` — choose from the project's domain vocabulary listed in `.baldart/overlays/capture.md`. If no overlay, infer a free-form short slug.
+   - `canonicality: derived`
+   - `owner: capture-skill`
+   - `source_refs: [<paths from conversation>]`
+   - `canonical_refs: [<SSOT paths this synthesis points back to>]`
+   - `freshness_status: fresh`
+   - `confidence: low | medium | high`
+   - `last_verified_from_code: YYYY-MM-DD` (today)
+
+5. Keep the body compact (≤120 lines). Prefer short sections:
+   Context → Synthesis → Caveats → See also.
+
+### Step 4 — Diff + confirm
+
+Show the user the proposed file (full content) and ask for explicit approval
+before writing. On rejection, skip Step 5 and go to Step 6 with the rejection
+reason.
+
+### Step 5 — Write + log (accepted)
+
+If the project ships a wiki-log helper, call it with an `entry_type='capture'` entry referencing the new synthesis file and the source refs. The exact import path is listed in `.baldart/overlays/capture.md` (typically `tools/<rag-impl>/wiki_log.py`). If no helper exists, append a markdown bullet to `${paths.wiki_dir}/log.md` by hand. Example:
+
+```bash
+python3 -c "import sys; sys.path.insert(0, 'tools/<rag-impl>'); \
+  from wiki_log import append_entry; \
+  append_entry(entry_type='capture', title='<slug>', \
+    agent='capture-skill', \
+    context={'mode': '<manual|proactive>', 'confidence': '<low|medium|high>'}, \
+    refs=['${paths.wiki_dir}/syntheses/<slug>.md', '<source ref 1>', '<source ref 2>'], \
+    outcome='created')"
+```
+
+If the synthesis was surfaced from the queue, delete (or move to
+`.processed/`) the candidate file after write.
+
+### Step 6 — Rejection
+
+Log the rejection (same helper as Step 5 with `outcome='rejected'`). Also
+delete the candidate file from the queue so it does not resurface.
+
+## Notes
+
+- **Queue hygiene**: unprocessed candidates older than ~7 days should be pruned
+  manually. (A future enhancement can add automatic expiry.)
+- **Kill switch**: `touch .claude/capture-queue/.disabled` stops proactive writes.
+  See `.claude/capture-queue/.disabled.example`.
+- **Anti-spam**: the detection hook refuses to write when ≥10 unprocessed
+  candidates already exist. See `.claude/hooks/capture-detect.sh`.
+
+## Related
+
+- Existing synthesis style: `${paths.wiki_dir}/syntheses/<slug>.md` examples in your project.
+- Template: `references/synthesis-template.md`

package/framework/.claude/skills/capture/references/synthesis-template.md

@@ -0,0 +1,42 @@
+---
+doc_type: synthesis
+domain: <pick from project's domain vocabulary in `.baldart/overlays/capture.md`>
+canonicality: derived
+owner: capture-skill
+status: active
+freshness_status: fresh
+confidence: <low|medium|high>
+last_verified_from_code: <YYYY-MM-DD>
+source_refs:
+  - <path/to/conversation/source/1>
+  - <path/to/conversation/source/2>
+canonical_refs:
+  - <${paths.references_dir}/...>
+---
+
+# <Synthesis Title>
+
+<One-sentence purpose of this page. Why does it exist, who benefits?>
+
+## Context
+
+<2–6 lines. What question or recurring topic triggered this synthesis?
+What prior knowledge is assumed? Link to the conversation or card.>
+
+## Synthesis
+
+<The reusable insight. Prefer short paragraphs, bullet lists, or a compact
+table. Keep it declarative — decisions, rules, or stable mappings that will
+not change on every run. Cite canonical sources inline when claiming runtime
+behavior.>
+
+## Caveats
+
+<When does this synthesis NOT apply? What assumptions is it built on?
+Note any freshness risks: "verified against <file> at <date>".>
+
+## See also
+
+- <canonical ref 1 — the SSOT this points back to>
+- <related synthesis page(s)>
+- <ADR or PRD, if any>