# Task Contract Template Use this template for every future task before implementation starts. The contract exists to force review-first execution, foundation reuse, and explicit scope control. --- ## Task Information - Task ID: - Title: - Owner: - Requested by: - Date: - Related ticket / plan: ## Objective - Describe the business outcome, not just the code change. ## Business Context - Relevant domain background: - Why this task exists now: - Related ADRs: - Related business docs: ## Required Skills & Context - `AGENTS.md` - `docs/standards/task-catalog.md` - `docs/standards/project-foundations.md` - `docs/standards/architecture-rules.md` - `docs/standards/ui-ux-rules.md` - `docs/standards/task-review-checklist.md` - Relevant `docs/adr/**` - Relevant `docs/business/**` - Relevant `docs/security/**` - Existing feature and API references: - Historical task documents reviewed: ## Architecture Constraints - Frontend constraints: - Backend constraints: - Security constraints: - Reuse constraints: - Forbidden patterns: ## Reuse Existing Foundations - Foundations reviewed: - Existing services to extend: - Existing APIs to extend: - Existing query/mutation patterns to reuse: - Existing UI shells/components to reuse: - Existing audit patterns to reuse: - Why a new foundation is not required: ## Data Model Changes - Schema changes required: - Existing tables impacted: - Migration required: - Explicit non-changes: ## API Requirements - Route handlers involved: - Request/response contracts: - Service layer functions: - Validation rules: - Existing APIs reused or extended: ## UI Requirements - Routes / screens: - Page shell pattern: - Form / table / filter patterns: - Terminology requirements: - Empty / loading / error states: ## Report / Export Rules - Report foundation reviewed: - Shared filters reused: - Dataset layer reused: - Export path reused: - Revenue/pricing visibility rule: ## Permission Requirements - Required permissions: - Scope enforcement requirements: - Resolved access helper to use: - Server-side protection points: ## Audit Requirements - Entity type: - Actions: - Required payload: - Existing audit naming reused: ## Scope - In scope: ## Explicit Non-Scope - Out of scope: ## Security Verification Matrix | Scenario | Expected access | Enforcement point | | --- | --- | --- | | Admin | | | | Scoped user | | | | Unauthorized user | | | | Pricing-restricted user | | | ## Deliverables - Documentation deliverables: - Code deliverables: - Verification deliverables: ## Verification - Typecheck: - Lint: - Targeted tests: - Manual scenarios: ## Documentation - Docs to update: - ADR needed: - Task implementation note: ## Definition of Done - Review completed before implementation - Existing foundations reused or extension rationale documented - Security and audit requirements verified - Documentation updated - Verification evidence recorded