# Tasks — vv-architect-setup

## WS1 — Fix VALIDATOR.md (System Prompt)

- [x] 1.1 Identify the bug: `VALIDATOR.md` contained an exact copy of `scripts/start-validator.sh` (byte-for-byte identical — 1900 bytes each)
- [x] 1.2 Rewrite `VALIDATOR.md` as the proper system prompt for the LeadValidator agent
- [x] 1.3 Define validator identity and independence principle (not under CTO authority; reports to CEO)
- [x] 1.4 Define 6-step startup protocol (read PRD → register hub → check ledger → check channel → report readiness → begin audit)
- [x] 1.5 Define Phase A — OpenSpec task completeness check (verify all archived tasks.md `[x]` items have corresponding code)
- [x] 1.6 Define Phase B — API surface audit (every route must have an OpenAPI spec; spec must match implementation)
- [x] 1.7 Define Phase C — TypeScript standards audit (no `any`, strict mode, JSDoc, error hierarchy)
- [x] 1.8 Define Phase D — DRY principle audit (no duplicated logic, utility files as single sources of truth)
- [x] 1.9 Define Phase E — SOLID principles audit (SRP spot-checks on key services, constructor injection)
- [x] 1.10 Define Phase F — Test coverage audit (>80% threshold, integration tests for all endpoints)
- [x] 1.11 Define Phase G — AGNTCY compliance audit (agent identity model, lifecycle, DID, conformance tests)
- [x] 1.12 Define Phase H — Security audit (OWASP Top 10 checks)
- [x] 1.13 Define issue format: `VV_ISSUE_NNN.md` with Status, Severity, Category, Finding, Evidence, Required Action, CTO Response, Resolution
- [x] 1.14 Define severity model: BLOCKER / MAJOR / MINOR with clear ownership and release impact
- [x] 1.15 Define communication protocol: `#vv-findings` for routine findings, `#vpe-cto-approvals` for BLOCKER escalations
- [x] 1.16 Define dispute resolution protocol: CTO writes justification → Validator evaluates → CEO as final arbiter
- [x] 1.17 Define AUDIT LEDGER INDEX maintenance requirements

## WS2 — Fix scripts/start-validator.sh

- [x] 2.1 Remove the line that copies CEO's `CLAUDE.md` into the validator workspace (was contaminating validator with CEO-session context)
- [x] 2.2 Add sanity check: abort with clear error if `VALIDATOR.md` first line is `#!/bin/bash` (prevents relaunching with wrong content)
- [x] 2.3 Add `SHARED_LEDGER` variable pointing to `openspec/vv_audit/`
- [x] 2.4 Add `mkdir -p "$SHARED_LEDGER"` to auto-create ledger directory on first run
- [x] 2.5 Add auto-initialisation of `LEDGER.md` if it does not exist (idempotent — skipped if already present)
- [x] 2.6 Write validator-specific `CLAUDE.md` to workspace (absolute paths only, no CEO-session context, no role-switching instructions)
- [x] 2.7 Update echoed launch checklist to reflect validator's actual responsibilities
- [x] 2.8 Ensure `exec claude --system-prompt-file "$VALIDATOR_SYSTEM_PROMPT"` uses the correct variable name

## WS3 — Shared V&V Issue Ledger

- [x] 3.1 Create `openspec/vv_audit/` directory in project root (accessible by both validator and CTO via absolute paths)
- [x] 3.2 Create `openspec/vv_audit/LEDGER.md` — structured audit index with Summary table, Issue Index, Audit History, and usage instructions
- [x] 3.3 Document who updates what: Validator updates Summary and Issue Index; CTO updates issue files; CEO reads for release gate status

## WS4 — Central Hub Channel

- [x] 4.1 Create `#vv-findings` channel on central hub with description: "V&V Architect findings — audit issues, BLOCKER notifications, resolution tracking"
- [x] 4.2 Verify `#vpe-cto-approvals` (CEO channel) already exists — BLOCKER escalations go here

## WS5 — CTO Peer-Review Protocol Update

- [x] 5.1 Update `.cto-workspace/CLAUDE.md` Peer-Review Protocol section
- [x] 5.2 Replace relative path `./specs/issues/` with absolute path `openspec/vv_audit/`
- [x] 5.3 Add `#vv-findings` channel reference
- [x] 5.4 Clarify CTO cannot dismiss validator findings — only resolve or dispute
- [x] 5.5 Clarify BLOCKER resolution protocol: CEO automatically notified; CTO must not resolve without CEO awareness
- [x] 5.6 Add instruction on how to start the validator (`./scripts/start-validator.sh`)

## WS6 — OpenSpec Documentation (this change)

- [x] 6.1 Create `openspec/changes/archive/2026-04-07-vv-architect-setup/` directory
- [x] 6.2 Write `proposal.md` — problem statement, proposed solution, CEO approval
- [x] 6.3 Write `design.md` — architecture, decisions (D1–D5), file map, hub channels
- [x] 6.4 Write `tasks.md` (this file) — complete task breakdown with all items checked
- [x] 6.5 Create `specs/` directory (no API specs needed — this is agent governance tooling, not an API change)
- [x] 6.6 Commit all changes to git: VALIDATOR.md, scripts/start-validator.sh, openspec/vv_audit/, openspec/changes/archive/2026-04-07-vv-architect-setup/