Agentization cookbook

Example (Node/TS repo)

Example (Python)

(Optional) Make verify output machine-readable

If you want agents (or tools) to route failures correctly, make verify print a small JSON summary at the end. In this case, an agent can read the result without parsing text logs.

Rules:

• Keep human logs as usual.

• Print JSON as the last line (or to a separate file like artifacts/verify.json).

• CI should keep the JSON as an artifact when verify fails.

Minimum shape:

Example policy

• If a test flakes twice in 24h, quarantine it with a ticket + owner + “fix-by” date.

• Quarantined tests do not gate merges, but run in a separate job and are tracked.

Ephemeral environments (“ghost env” / CDE)

Use the same container setup to create an environment per task/branch, for example, in a cloud dev environment (CDE).

How to

1. Create AGENTS.md in repo root with this starter content (copy/paste):

   # AGENTS.md ## Purpose This repository uses an agent-assisted workflow. Agents may propose changes, but merges follow enforced gates. ## Workflow (high level) 1) Planner ensures a Task Brief is implementation-ready (creates/normalizes; decomposes if needed) 2) Implementer makes a scoped change on a branch and opens a PR 3) Reviewer checks scope + policy compliance 4) QA verifies (commands + tests) 5) Human (maintainer) merges after gates pass ## Roles (responsibilities, not artifacts) ### Planner Goal: make the task implementation-ready before coding starts. Responsibilities: - Create or normalize the Task Brief. - Decompose if the task is too broad. - Escalate when requirements are unclear. Restrictions: - Does NOT edit production code ### Implementer Responsibilities: - Implement only what is in the approved Task Brief. - Keep diffs small and scoped. - Add/update tests for behavior changes. ### Reviewer Responsibilities: - Block scope creep and policy violations. - Check maintainability and boundary discipline. ### QA Responsibilities: - Prove the change works by running verification. - Add missing tests or request them explicitly. ## Definition of Done (PR-ready criteria) - Change matches Task Brief scope (no unrelated edits) - Verification passes (CI + required checks) - Tests added/updated for behavior changes - PR includes risk note + rollback plan

2. (Claude Code only) Claude Code reads project instructions from CLAUDE.md. This file is tool-specific. AGENTS.md stays the source of truth.

   Create CLAUDE.md in repo root with:

   # CLAUDE.md - Governance rules: `AGENTS.md`

You now have one place that tells agents and humans “how we work here,” and it’s written in enforceable terms (roles, DoD, stop conditions).

How to

For example, this is how you can configure branch protection in GitHub:

1. Open Branch protection settings: Repo → Settings → Branches → Add branch protection rule.

2. Set Branch name pattern to main (or whatever your default branch is).

3. Turn on the minimum required toggles:

   • Require a pull request before merging

   • Require approvals

   • Dismiss stale approvals when new commits are pushed (recommended)

   • Require status checks to pass before merging

     • Select your check(s): typically your verify/CI job.

   • Restrict who can push to matching branches (so nobody can bypass PRs)

   • If you’re using CODEOWNERS and want owners to be mandatory reviewers, also enable Require review from Code Owners

4. GitHub only lets you select checks that have run successfully recently in the repo (the docs mention a 7-day window). If you can’t find your verify check, trigger the workflow once, then come back.

After this step, agents (and humans) can’t “accidentally” merge unreviewed or failing code because the platform blocks it.

How to

1. Create the file in one of the supported locations (pick one location, don’t create multiple):

   • .github/CODEOWNERS (most common)

   • CODEOWNERS (repo root)

   • docs/CODEOWNERS (less common)

2. Start with a small, coarse file, then iterate. Start with:

   • Default owners for *

   • A few “sensitive zones” (/auth, /infra, /migrations, /ci)

   For example:

   # Default owners for everything * @your-org/core # Sensitive areas /auth/ @your-org/security /infra/ @your-org/platform /.github/workflows/ @your-org/platform /db/migrations/ @your-org/backend # Frontend / Backend (if you split) /frontend/ @your-org/frontend /backend/ @your-org/backend # Docs /docs/ @your-org/docs

   Use either:

   • users: @username

   • teams: @org/team

   GitHub supports listing multiple owners per pattern.

3. Learn the two rules that matter:

   1. Last match wins – if multiple patterns match, the last matching rule takes precedence.

   2. Multiple owners must be on the same line – If you want two owners for one path, put them on the same line. If you split them across lines, only the last one applies.

   # Correct: both owners apply /auth/ @your-org/security @your-org/platform

4. Decide if “owner review” is required or just requested. CODEOWNERS always helps route review requests, but whether approval is mandatory depends on branch protection settings. GitHub’s branch protection rule has an option “ Require review from Code Owners”. When enabled, approval from a code owner is required for affected files. Also note a subtle behavior: if you don’t require code owner review, GitHub may convert a team request into individual requests based on org/team review settings.

Example (what “good enough” looks like in practice)

For most repos, “good enough” on day 1 is:

• * default owner (so every PR has an owner)

• protected owners for auth, security, infra, etc.

Example (how escalation may look)

Say the implementer hits a stop condition: “need new dependency.”

Escalation note:

• Goal: add feature X

• Blocker: requires library Y; currently, no dependency policy exists

• Options: (a) add Y, (b) implement minimal subset without Y, (c) use existing lib Z

• Recommendation: add Y because it reduces code and is actively maintained

• Need from human: approve adding dependency Y; confirm license is acceptable

How to

1. Decide on your baseline policy. Use this default unless you have a reason not to:

   • Allow - Safe, local, reversible actions (editing files).

   • Ask - Anything that can publish, destroy, or alter environments (shell commands, pushes, running containers).

   • Deny - Obviously dangerous or out-of-scope actions (deleting large paths, reading secrets directories).

   Claude Code’s permission model is explicitly built around this: allow, ask, and deny rules.

2. Put the rules in the repo (so the team shares them). Create a project-level config file .claude/settings.json. You can also manage these interactively via the /permissions command in Claude Code.

3. Start with a minimal, conservative configuration. Below is a starter configuration that biases toward safety:

   { "permissions": { "allow": [ "Edit" ], "ask": [ "Bash(*)" ], "deny": [ "Bash(rm -rf:*)", "Bash(sudo:*)", "Bash(curl:*)", "Bash(wget:*)" ] } }

   Notes:

   • Keep shell commands on “ask” until you trust the setup.

   • Don’t allow git push/deploy commands by default.

4. Gradually allow safe commands (only after you see good behavior). Once things are stable, you can move a few safe commands from ask to allow, for example:

   • Bash(git status:\*)

   • Bash(git diff:\*)

   • Bash(git commit:\*) (only if you’re comfortable)

   Anthropic explicitly gives examples of adding Edit and Bash(git commit:\*) to the allowlist. Do this gradually. One command family at a time.

Example

What this looks like in practice:

• Day 1: The agent can edit files without prompts, but every shell command prompts (ask).

• Day 3: You allowlist a couple of read-only git commands.

• Later: You still keep git push, container runs, network fetches, and deployment commands on ask or deny.

This keeps the workflow usable while preventing irreversible accidents.

Default role set

This guide assumes you have already adopted the default roles in AGENTS.md:

• Planner: turns an incoming task into an implementation-ready Task Brief (and decomposes it if needed).

• Implementer: changes code on a branch/PR according to the Task Brief.

• Reviewer: checks the PR against scope and repo rules.

• QA: proves the change works (verification + tests).

Keep this set unless you have a specific failure mode you want to prevent. It is the smallest set that provides separation of concerns.

Customizing roles

You can customize roles in two ways:

• Change who performs the role (human vs agent) without changing the role model.

• Add new roles only when they enforce a real gate or produce a required output.

Rule for adding a role: If the role does not block a merge and does not produce an artifact, do not add it.

Possible additional roles:

• Tech Writer – Docs gate. Add when changes are user-facing, and documentation is part of “done”. This prevents the common failure: “code shipped, docs later”.

  This is how it may look in AGENTS.md:

  ### Tech Writer (optional) Use when: - The Task Brief includes doc changes in scope, or the change is user-facing. Responsibility: - Ensure required docs/examples are updated and correct. Merge gate: - If docs are required by the Task Brief, the PR cannot be approved until docs changes are present and reviewed.

• Security – Risk gate. Add when tasks touch auth/permissions/crypto/secrets.

• Release – Rollout gate. Add when merges affect deployment, migrations, feature flags, or backwards compatibility constraints.

How to

1. Create a shared template for task status updates. For example, at docs/agent/templates/task-status.md. Add the following content to it:

   # <task-id> status ## Current State: planning / implementing / verifying / reviewing / blocked / ready-for-pr Next: <one line> ## Iteration log ### <YYYY-MM-DD HH:MM> - QA Commands: - `scripts/verify.sh` Result: PASS/FAIL Notes: ... ### <YYYY-MM-DD HH:MM> - Review Verdict: PASS/FAIL Findings: - ... Required changes (if FAIL): - ...

2. Create a shared template for PR evidence. For example, at docs/agent/templates/pr-evidence.md:

   Task Brief: - `docs/agent/tasks/<task-id>.md` Summary: - ... Verification (commands run): - `scripts/verify.sh` - <other commands> Result: PASS/FAIL Risk: low / medium / high Rollback: - <1-2 lines>

3. Add a rule to AGENTS.md that points to these templates:

   ## Execution outputs (required) After working on a task, the Implementer must leave durable evidence: 1) A branch or PR with the code change. 2) A task status file: - Create/update: `docs/agent/tasks/<task-id>.status.md` - Use template: `docs/agent/templates/task-status.md` 3) PR evidence: - Add the PR evidence section to the PR description. - Use template: `docs/agent/templates/pr-evidence.md`

4. (GitHub only, optional) Add PR evidence to the PR template.

   If you use GitHub, copy the content of docs/agent/templates/pr-evidence.md into .github/pull_request_template.md.

Example

After the agent finishes work on YT-3812, you should have:

• docs/agent/tasks/YT-3812.status.md created from docs/agent/templates/task-status.md

• PR description includes the section from docs/agent/templates/pr-evidence.md

How to

1. Create a handoff rules section in AGENTS.md:

   ## Handoffs (shared artifacts) Agents coordinate through repo artifacts (files/PR), not chat history. Shared artifacts: - Task Brief: `docs/agent/tasks/<task-id>.md` - Task status: `docs/agent/tasks/<task-id>.status.md` - PR description: must include PR evidence - Escalations: `docs/agent/escalations/<date>-<topic>.md` Rule: If a decision matters, record it in the Task Brief, PR, or escalation note (not only in chat).

2. (Optional) Clarify who updates what. Keep it short.

   If you want explicit ownership, add this under the section above:

   Ownership: - Planner updates: Task Brief (+ subtasks/child briefs) - Implementer updates: code, task status, PR evidence - Reviewer/QA update: PR review/comments (and tests if needed)

Example

• Planner writes/updates docs/agent/tasks/YT-3812.md.

• Implementer updates docs/agent/tasks/YT-3812.status.md and fills PR evidence in the PR description.

• Reviewer/QA leave review notes in the PR and request fixes if needed.

How to

1. Create the following folder structure:

   docs/agent/ CONTEXT.md commands.md architecture.md

2. Add the following content to CONTEXT.md:

   # Agent context (tool-agnostic) ## What this repo is <1-3 sentences> ## Golden rules (repo-specific) - <rule 1> - <rule 2> ## Where things are - `<dir>`: <what it contains> - `<dir>`: <what it contains> ## What is risky / protected - `/auth` - `/infra` - `/db/migrations` (Adjust to your repo) ## Where to look first - Commands: `docs/agent/commands.md` - Architecture/boundaries: `docs/agent/architecture.md` - Governance rules: `AGENTS.md`

3. Add the following content to commands.md:

   # Commands (source of truth) ## Install - `<command>` ## Verify (must pass before PR) - `scripts/verify.sh` (or `<command>`) ## Test - `<command>` ## Lint - `<command>` ## Typecheck (if applicable) - `<command>` ## Build - `<command>` ## Run locally - `<command>`

4. Add the following content to architecture.md:

   # Architecture & boundaries (minimal map) ## System shape (in plain words) - <Example: The frontend calls the backend API. The backend reads/writes the database> - <Example: A background worker processes queued jobs> ## Main modules - `/frontend`: <what it does> - `/backend`: <what it does> - `/db`: <what it does> - `/infra`: <what it does> (protected) ## Dependencies (what calls what) - `<module A>` depends on `<module B>` because <reason> - `<module C>` must not depend on `<module D>` because <reason> ## Protected paths (high risk) - `/auth` -- <why protected> - `/infra` -- <why protected> - `/db/migrations` -- <why protected>

How skills are different from the context pack

• The context pack (docs/agent/*) is repo facts that apply to almost every task: commands, module boundaries, conventions.

• Skills are how-to playbooks for specific tasks: coding standards, patterns, review checklists, doc style, migration rules. Keeping these as Skills prevents the context pack from turning into a wiki.

How agents use Skills

Some agents can find and load Skills automatically (for example, Claude Code and GitHub Copilot). In that case, you can simply tell the agent: “Use the coding-standards skill”. Other agents do not automatically load Skills. In that case, you point the agent to the file path in the prompt or task brief: “Read skills/coding-standards/SKILL.md and follow it.”

Essentials (the minimum)

Start with:

• a skills/ directory

• 1–3 skills that you repeat often (do not create 20 skills on day one)

• each skill contains:

  • SKILL.md (required)

  • optional references/ or templates/ only if you really need them

The spec defines the minimal structure as “one folder per skill, containing at minimum SKILL.md”, with optional supporting directories like scripts/, references/, assets/. For example, this is how coding standard skills might look (see below).

How to

1. Create a similar folder structure for required skills:

   skills/ coding-standards/ SKILL.md examples.md

2. Add content to SKILL.md. For example:

   --- name: Coding standards description: Repo-specific coding rules and examples. Follow this for all code changes. --- ## Naming - Classes: `PascalCase` - Functions/methods: `camelCase` - Constants: `UPPER_SNAKE_CASE` - Files: `<your rule here>` ## Formatting - Use the formatter: `<command>` (do not hand-format) - Max line length: <number> - Imports: <sorted/how> ## Patterns (do / don't) ### Object creation Do: - Prefer factories for complex objects: `Foo.create(...)` Don't: - Don't call constructors with 6+ params directly ### Errors Do: - Use typed errors / error codes: `<example>` Don't: - Don't throw raw strings ## Examples See: - `skills/coding-standards/examples.md`

3. Add content to examples.md. For example:

   # Coding standards: examples ## Naming ### Good ~~~ts const createdAtMs = Date.now(); function isAdult(user: User): boolean { return user.age >= 18; } ~~~ ### Bad ~~~ts const d = Date.now(); function f(u: any) { return u.a >= 18; } ~~~ ## Object creation ### Good (factory + named params) ~~~ts const user = User.create({ id, email, roles: ["admin"], }); ~~~ ### Bad (long constructor argument list) ~~~ts const user = new User(id, email, true, false, "admin", Date.now()); ~~~ ## Errors ### Good (typed error with context) ~~~ts throw new ValidationError("Email is invalid", { email }); ~~~ ### Bad (throw raw string) ~~~ts throw "invalid email"; ~~~ ## Functions ### Good (small function, single responsibility) ~~~ts function formatUserLabel(user: User): string { return `${user.firstName} ${user.lastName}`.trim(); } ~~~ ### Bad (does too much, unclear intent) ~~~ts function doStuff(u: any) { const s = u.f + " " + u.l; if (!u.e) throw "no email"; return s; } ~~~

How to

1. Add an MCP spec file:

   • docs/agent/mcp.md (tool list + parameters + output format)

2. Add an MCP server implementation in the repo (code + start command). Requirement: the repo must provide one canonical way to start it:

   • ./scripts/mcp-start.sh (recommended), or

   • docker compose up mcp, or

   • npm run mcp:start/pnpm mcp:start

3. Define a minimal tool set (start small):

   • verify(mode?, scope?)
     Runs the canonical verify entrypoint (scripts/verify.sh).

   • run_tests(target?, pattern?, changed_only?)
     Runs a subset of tests.

   Optional (only if useful for your repo):

   • build(target?)

   • lint(scope?)

   • typecheck(scope?)

Rules

• Treat tool names + parameters as an API (stable, reviewed).

• Tools must call canonical entrypoints (do not re-implement logic).

• Tool outputs must be machine-readable (JSON summary + logs).

• Keep the file-based context pack (docs/agent/*) as the fallback when MCP is not available.

Minimum input principle

For most teams, you need two templates:

• Bug report that includes:

  • Steps to reproduce

  • Expected vs actual

  • Relevant info: environment, version, logs, etc.

• Feature/change request that includes:

  • What problem do we solve and for whom

  • Acceptance criteria

  • Constraints (what we must not change)

How to

Do this in your issue tracking system. For example:

• YouTrack: There is no “issue form YAML” in the repo, so you enforce minimum input in YouTrack itself:

  • Add the fields you need as custom fields, and mark the critical ones as mandatory (required) for the project.

  • If you need “templates”, use Issue Template URLs (pre-filled new issue form) and share/bookmark them.

• GitHub Issues: Add Issue Templates / Issue Forms under .github/ISSUE_TEMPLATE/. GitHub supports both Markdown templates and YAML issue forms with required fields. 

• Jira: Create matching fields in your issue type(s) or use a template app/automation (the exact mechanics depend on your Jira setup).

For example, for GitHub Issues, you can create two files:

• .github/ISSUE_TEMPLATE/bug.yml

  name: Bug report description: Report a reproducible bug body: - type: textarea id: repro attributes: label: Steps to reproduce description: Exact steps. Include inputs and links if needed. validations: required: true - type: textarea id: expected attributes: label: Expected result validations: required: true - type: textarea id: actual attributes: label: Actual result validations: required: true - type: textarea id: env attributes: label: Environment description: Version, OS, browser, logs, config, etc. validations: required: false

• .github/ISSUE_TEMPLATE/feature.yml

  name: Feature / change description: Request a feature or a change body: - type: textarea id: problem attributes: label: Problem description: What problem are we solving and for whom? validations: required: true - type: textarea id: acceptance attributes: label: Acceptance criteria description: Bullet list. What must be true for this to be "done"? validations: required: true - type: textarea id: constraints attributes: label: Constraints / non-goals description: What must not change? What is explicitly out of scope? validations: required: false

How to

Note: Definition of Ready (DoR) and Definition of Done (DoD) are different things. DoR is a pre-work gate for the Task Brief. DoD is a pre-merge gate for the change. DoR requires a verification plan; DoD requires executed verification and resulting evidence.

Add a DoR checklist to AGENTS.md (or to the Task Brief template itself). Use it as a hard rule: if any item is missing, the task goes back for clarification.

Human-written ticket

Task Brief file

How to

Read the Task Brief and answer: “Can this be delivered as one small PR with a clear verification step?”

• If yes, do not decompose. Start implementation.

• If no, decompose before implementation.

Option 1: One Task Brief + Subtasks section

(inside docs/agent/tasks/YT-3812.md)

Option 2: Multiple Task Brief files

In the parent brief (YT-3812.md), add:

This is how YT-3812-2-fix.md may look:

Inner-loop goal

The inner loop ends when the change meets Definition of Done as far as it can be proven locally:

• Scope matches Task Brief.

• Verification plan executed locally (scripts/verify.sh and task-specific checks).

• Tests added/updated where behavior changed.

• PR evidence prepared (risk + rollback + commands/results).

• CI/required checks are validated in the outer loop after opening the PR.

How artifacts evolve across iterations

• Task Brief (docs/agent/tasks/<task-id>.md): stays intact on new iterations. Maybe overwritten if new details are required.

• Status (docs/agent/tasks/<task-id>.status.md): appended per iteration (this is a run log).

• PR evidence (docs/agent/tasks/<task-id>.pr.md): overwritten on each iteration (this is the latest PR description text).

• Escalations: new file per escalation (docs/agent/escalations/...).

1. (Optional) Phase 1 – Planner

   1. Start with the Planner to create the Task Brief.
      Important: Skip this step if the Task Brief is already approved and stable.
      Prompt example:

      Act as Planner. Read: - AGENTS.md - docs/agent/CONTEXT.md, docs/agent/commands.md, docs/agent/architecture.md Input task: - <paste the raw ticket text here> OR "Use tracker ticket <id>" (if your setup has tracker access) Task: - Create the Task Brief at docs/agent/tasks/<task-id>.md so it meets Definition of Ready. - If the task is too broad, add `## Subtasks` or propose child Task Brief files. - If requirements are unclear, add "Open questions" and stop. Output: Only the Task Brief markdown (or child briefs content if you split). Do not edit production code.

   2. Commit the Task Brief before implementation with:

      git add docs/agent/tasks/<task-id>.md git commit -m "<task-id>: task brief"

      If your policy allows the agent to run git commits, it may perform this step instead.

2. Phase 2 – Implementer

   1. Start the Implementer. Prompt example:

      Act as Implementer. Read: - AGENTS.md - docs/agent/tasks/<task-id>.md Implement exactly what the Task Brief requires on the current branch. Follow stop conditions. Outputs required: - Update task status in docs/agent/tasks/<task-id>.status.md using docs/agent/templates/task-status.md as a template. - Create/update docs/agent/tasks/<task-id>.pr.md with PR text using docs/agent/templates/pr-evidence.md as a template. Fill it with real commands/results (initially may be partial until QA runs).

   2. Commit work as usual (your team’s commit style). For example:

      git add -A git commit -m "<task-id>: implement"

      If your policy allows the agent to run git commits, it may perform this step instead.

3. Phase 3 – QA

   1. Run verification. Prompt example:

      Act as QA. Read: - AGENTS.md - docs/agent/tasks/<task-id>.md Task: Run the verification defined in the Task Brief (at minimum scripts/verify.sh). If verification fails: - Fix only if the fix is clearly within scope. - Otherwise, escalate. Update: - Append commands run and PASS/FAIL to docs/agent/tasks/<task-id>.status.md.\ Update docs/agent/tasks/<task-id>.pr.md with final commands/results.

   2. Commit the status:

      git add docs/agent/tasks/<task-id>.status.md git commit -m "<task-id>: QA"

      If your policy allows the agent to run git commits, it may perform this step instead.

4. Phase 4 – Reviewer

   1. Run self-review. The Reviewer writes its verdict to docs/agent/tasks/<task-id>.status.md. Prompt example:

      Act as Reviewer. Read: - AGENTS.md - docs/agent/tasks/<task-id>.md - docs/agent/tasks/<task-id>.status.md - the current git diff Task: Review the current diff against: - Task Brief scope + acceptance criteria - AGENTS.md policies, including Definition of Done (PR-ready criteria) Update: Append a "Review" entry to docs/agent/tasks/<task-id>.status.md: - Verdict: PASS/FAIL - Findings: bullets - Required changes (if FAIL): bullets

   2. Commit the review:

      git add docs/agent/tasks/<task-id>.status.md git commit -m "<task-id>: review"

      If your policy allows the agent to run git commits, it may perform this step instead.

5. Phase 5 – Iterate
   Iterate if any of these is true:

   1. Reviewer requested changes

   2. QA verification failed

   3. Task Brief open questions were resolved

   4. You made additional commits after review

   To iterate, rerun all the phases with the same prompts as before.

   Iteration rules

   • If Reviewer requested changes, rerun Implementer, then QA, then Reviewer.

   • If QA failed verification, rerun Implementer to fix, then QA (and Reviewer if the fix changed behavior/scope).

   • If you changed the Task Brief (scope/criteria), rerun Planner (to update it), commit it, then rerun Implementer.

   Exit condition (PR-ready)

   Stop the inner loop when:

   • QA PASS is recorded in status.md (latest iteration)

   • Reviewer PASS is recorded in status.md (latest iteration)

   • The change meets DoD locally (scope, tests, verification evidence, risk + rollback)

   Then open a PR (step 4) and let CI/required checks run in the outer loop.

Automated PR-based iteration (agent runs from PR comments)

Use this if your agent is integrated with your PR system (example: GitHub Copilot coding agent).

Flow:

1. Reviewer leaves feedback on the PR (batch comments if possible).

2. A trigger (e.g., review status) triggers the agent to iterate (for GitHub Copilot: mention it in PR comments).

3. Agent pushes follow-up commits to the same PR branch.

4. Checks rerun automatically on new commits; repeat until approved and green.

Manual iteration (human runs agent locally using review/check output)

Use this if your agent is local (CLI/IDE) and does not “see” PR comments / CI logs.

Flow:

1. Reviewer finishes and you collect the feedback (review comments + failing check output).

2. You run the agent manually on the PR branch and provide the feedback as input.

3. Agent makes fixes, you push commits, checks rerun, repeat until approved and green.

Minimum input you provide to the agent (copy/paste):

• PR link

• Reviewer feedback (bullets)

• Failing check output (error summary + key logs)

• Reminder: “stay within Task Brief scope”

Merge condition (common to both modes)

Merge when:

• Required checks are green (branch protection)

• Review requirements are satisfied

• status.md ends with latest QA PASS + Review PASS

• pr.md reflects the final verification + rollback