2.9 KiB
2.9 KiB
Task Contract Template
Use this template for every future task before implementation starts.
The contract exists to force review-first execution, foundation reuse, and explicit scope control.
Task Information
- Task ID:
- Title:
- Owner:
- Requested by:
- Date:
- Related ticket / plan:
Objective
- Describe the business outcome, not just the code change.
Business Context
- Relevant domain background:
- Why this task exists now:
- Related ADRs:
- Related business docs:
Required Skills & Context
AGENTS.mddocs/standards/task-catalog.mddocs/standards/project-foundations.mddocs/standards/architecture-rules.mddocs/standards/ui-ux-rules.mddocs/standards/task-review-checklist.md- Relevant
docs/adr/** - Relevant
docs/business/** - Relevant
docs/security/** - Existing feature and API references:
- Historical task documents reviewed:
Architecture Constraints
- Frontend constraints:
- Backend constraints:
- Security constraints:
- Reuse constraints:
- Forbidden patterns:
Reuse Existing Foundations
- Foundations reviewed:
- Existing services to extend:
- Existing APIs to extend:
- Existing query/mutation patterns to reuse:
- Existing UI shells/components to reuse:
- Existing audit patterns to reuse:
- Why a new foundation is not required:
Data Model Changes
- Schema changes required:
- Existing tables impacted:
- Migration required:
- Explicit non-changes:
API Requirements
- Route handlers involved:
- Request/response contracts:
- Service layer functions:
- Validation rules:
- Existing APIs reused or extended:
UI Requirements
- Routes / screens:
- Page shell pattern:
- Form / table / filter patterns:
- Terminology requirements:
- Empty / loading / error states:
Report / Export Rules
- Report foundation reviewed:
- Shared filters reused:
- Dataset layer reused:
- Export path reused:
- Revenue/pricing visibility rule:
Permission Requirements
- Required permissions:
- Scope enforcement requirements:
- Resolved access helper to use:
- Server-side protection points:
Audit Requirements
- Entity type:
- Actions:
- Required payload:
- Existing audit naming reused:
Scope
- In scope:
Explicit Non-Scope
- Out of scope:
Security Verification Matrix
| Scenario | Expected access | Enforcement point |
|---|---|---|
| Admin | ||
| Scoped user | ||
| Unauthorized user | ||
| Pricing-restricted user |
Deliverables
- Documentation deliverables:
- Code deliverables:
- Verification deliverables:
Verification
- Typecheck:
- Lint:
- Targeted tests:
- Manual scenarios:
Documentation
- Docs to update:
- ADR needed:
- Task implementation note:
Definition of Done
- Review completed before implementation
- Existing foundations reused or extension rationale documented
- Security and audit requirements verified
- Documentation updated
- Verification evidence recorded