docs: Added docs/s07-uat.md to close S07 with imported acceptance-run e…

- "docs/s07-uat.md" - ".gsd/milestones/M001/slices/S07/tasks/T01-SUMMARY.md" GSD-Task: S07/T01
2026-03-27 09:36:39 +01:00
parent 48b24b4516
commit 8f0f9bae22
19 changed files with 859 additions and 35 deletions
@@ -0,0 +1,98 @@
+---
+id: S06
+parent: M001
+milestone: M001
+provides:
+  - A repeatable localhost preflight + seed + acceptance-run workflow for the M001 trust loop.
+  - A deterministic live acceptance fixture (`S06 Acceptance Labs` / `S06 Acceptance Backend Engineer`) that surfaces saved package state, recruiter-thread correspondence, follow-up readiness, and dashboard/reminder visibility.
+  - A recorded live acceptance artifact that downstream closure/UAT work can reference instead of reconstructing the environment from scratch.
+  - Fresh live proof that the manual-send boundary still holds in the real stack.
+requires:
+  - slice: S05
+    provides: The shared workflow-signal contract, integrated trust-loop regression, and manual-send-boundary behavior that S06 re-verified in the real environment.
+affects:
+  - S07
+key_files:
+  - scripts/s06-preflight.sh
+  - scripts/s06-acceptance-data.sh
+  - scripts/s06-acceptance-data.test.sh
+  - scripts/s06-acceptance-run.sh
+  - docs/s06-acceptance-run.md
+  - .gsd/DECISIONS.md
+  - .gsd/KNOWLEDGE.md
+  - .gsd/PROJECT.md
+key_decisions:
+  - D013: seed the acceptance fixture through the live API contract with deterministic identifiers so reruns are idempotent and prove real code paths.
+  - D014: allow the acceptance runner to mint a localhost-only admin JWT from checked-in dev JWT settings plus the local SQLite admin user when `AUTH_TOKEN` is absent.
+  - D015: treat `/api/auth/config` reachability plus an auth-limited `/api/admin/system` probe as a guided partial-pass, and never echo bearer tokens in preflight output.
+patterns_established:
+  - Use a preflight gate before browser UAT so backend/CORS/auth blockers fail fast with readable guidance instead of surfacing later as ambiguous frontend runtime errors.
+  - Seed live acceptance fixtures through the same authenticated HTTP endpoints the UI uses, with deterministic company/title/thread/message identifiers, so reruns prove the real contract and stay idempotent.
+  - Persist a single acceptance-run artifact (`docs/s06-acceptance-run.md`) that refreshes shell evidence without destroying the guided browser-observation section, so later slices can build on one stable handoff document.
+  - Record manual-send-boundary evidence as both UI observation and network evidence; for this slice, drafting may call `GET .../followup-draft` but must not trigger `POST .../send-followup` without an explicit human action.
+observability_surfaces:
+  - `scripts/s06-preflight.sh` console output for auth/db/gmailConfigured/ai readiness signals and clear failure guidance.
+  - `scripts/s06-acceptance-data.sh` seed summary output (`seed.result`, job/company ids, workflow action, readiness level, reminder state).
+  - `docs/s06-acceptance-run.md` plus `docs/artifacts/s06-acceptance/logs/*` for shell-step evidence and blocker guidance.
+  - Recorded browser artifacts referenced from the acceptance doc (jobs/workspace, follow-up draft, reminders/dashboard, trace, timeline).
+drill_down_paths:
+  - .gsd/milestones/M001/slices/S06/tasks/T01-SUMMARY.md
+  - .gsd/milestones/M001/slices/S06/tasks/T02-SUMMARY.md
+  - .gsd/milestones/M001/slices/S06/tasks/T03-SUMMARY.md
+duration: ""
+verification_result: passed
+completed_at: 2026-03-27T08:29:02.335Z
+blocker_discovered: false
+---
+
+# S06: Live environment stabilization and integrated acceptance rerun
+
+**Stabilized the live localhost stack with a repeatable preflight + seed + acceptance runner flow and re-proved the `/jobs` → workspace → reminders/dashboard loop with recorded manual-send-boundary evidence.**
+
+## What Happened
+
+S06 turned the previously fragile live environment into a repeatable acceptance target instead of a one-off debugging session. The slice added a preflight gate that checks the real API contract before UI work starts, an idempotent live-data seed that creates or refreshes a deterministic acceptance fixture through the same HTTP endpoints the app uses in normal operation, and a single acceptance runner that ties preflight, seeding, the integrated trust-loop regression, and the live evidence document together. The resulting live run now proves that the seeded job appears on `/jobs`, opens the real workspace with saved Tailored CV and package state, shows deterministic recruiter-thread correspondence, appears on `/reminders` with the expected `Follow up` / `Waiting 14d` signals, and contributes to `/dashboard` analytics without frontend runtime failures. The slice also re-proved the manual-send boundary in the actual stack: opening or regenerating the follow-up draft issued `GET /api/jobapplications/3/followup-draft` but no `POST /api/jobapplications/3/send-followup`, so drafting stayed assistive and did not cross into autonomous sending. The main remaining live gap is Gmail-connected continuity: the seeded correspondence is visible, but this localhost run did not have a connected Gmail session and therefore did not execute a linked-thread refresh request. That gap is now explicit in the acceptance artifact instead of being mistaken for a fully proven live Gmail refresh.
+
+## Verification
+
+Verified the assembled slice in the live worktree with the real backend and frontend running on the expected localhost origins. Commands run: `bash scripts/s06-preflight.sh` (exit 0, expected auth-limited partial-pass when `/api/admin/system` requires a token), `TEST_AUTH_TOKEN="$TOKEN" AUTH_TOKEN="$TOKEN" bash scripts/s06-acceptance-data.test.sh` (exit 0; missing-token, bad-token, and double-rerun cases all passed), `AUTH_TOKEN="$TOKEN" bash scripts/s06-acceptance-data.sh` (exit 0; `seed.result=success`, stable company/job fixture, `seed.workflow.action=follow-up`, `seed.readiness.level=Ready`, `seed.reminders=Waiting 14d`), and `bash scripts/s06-acceptance-run.sh && test -s docs/s06-acceptance-run.md` (exit 0). The recorded live browser evidence in `docs/s06-acceptance-run.md` confirms `/jobs`, workspace, `/reminders`, and `/dashboard` behavior plus the manual-send boundary and a clean dashboard reload with no console errors or failed requests.
+
+## Requirements Advanced
+
+- R008 — S06 re-proved the manual-send boundary in the live stack: follow-up drafting remained assistive, and the recorded network evidence showed no send endpoint call during draft review/regeneration.
+- R009 — S06 re-checked the individual-first loop in the real environment by proving one seeded job behaves coherently across `/jobs`, the per-job workspace, `/reminders`, and `/dashboard`.
+
+## Requirements Validated
+
+None.
+
+## New Requirements Surfaced
+
+None.
+
+## Requirements Invalidated or Re-scoped
+
+None.
+
+## Deviations
+
+Added two bounded implementation choices beyond the original plan to keep reruns repeatable in this real environment: a localhost-only JWT fallback inside the acceptance runner because the checked-in dev password no longer authenticates against the current SQLite snapshot, and an explicit preflight partial-pass path for the auth-limited `/api/admin/system` case so browser/UAT work is blocked only by true environment failures. Gmail continuity was recorded as not configured/not refreshed in this run rather than being overstated as a proven live success.
+
+## Known Limitations
+
+This slice does not prove a real Gmail-connected linked-thread refresh in the local environment. The seeded recruiter correspondence is present and the workspace loop is otherwise live, but the browser run did not expose connected Gmail state or issue `POST /api/gmail/refresh-linked-threads`. The acceptance data fixture is intentionally deterministic and single-user; it is suitable for localhost reruns, not for multi-user or production seeding.
+
+## Follow-ups
+
+S07 should turn this rerunnable acceptance flow into the final daily-loop UAT closure artifact, ideally in an environment where Gmail is actually connected so linked-thread refresh can be observed live. If the Gmail account remains unavailable locally, S07 should keep the limitation explicit rather than weakening the trust claim. If future slices rely on the S06 fixture, preserve the deterministic identifiers and rerun-safe update behavior instead of adding duplicate seed records.
+
+## Files Created/Modified
+
+- `scripts/s06-preflight.sh` — Provides the live API/auth/CORS preflight gate with readable failure guidance and an auth-limited partial-pass path.
+- `scripts/s06-acceptance-data.sh` — Seeds or refreshes the deterministic acceptance fixture through the live API and prints readiness/reminder output.
+- `scripts/s06-acceptance-data.test.sh` — Exercises missing-token, bad-token, and idempotent rerun cases for the acceptance seeding flow.
+- `scripts/s06-acceptance-run.sh` — Orchestrates preflight, seeding, the integrated trust-loop regression, log capture, and the acceptance document refresh.
+- `docs/s06-acceptance-run.md` — Records the live S06 acceptance rerun, browser observations, manual-send-boundary evidence, and the remaining Gmail continuity gap.
+- `.gsd/DECISIONS.md` — Captured S06 environment decisions, including live-API seeding, local JWT fallback, and preflight auth handling.
+- `.gsd/KNOWLEDGE.md` — Captured the auth-limited preflight behavior and the local admin/JWT rerun pattern for future agents.
+- `.gsd/PROJECT.md` — Updated project state to reflect S06 completion and the remaining S07 closure focus.
@@ -0,0 +1,209 @@
+# S06: Live environment stabilization and integrated acceptance rerun — UAT
+
+**Milestone:** M001
+**Written:** 2026-03-27T08:29:02.335Z
+
+# S06 UAT — Live environment stabilization and integrated acceptance rerun
+
+## Goal
+
+Prove that the real localhost environment can be started, preflighted, seeded with acceptance-ready data, and used to rerun the integrated daily loop for the deterministic acceptance fixture without crossing the manual-send boundary.
+
+The concrete fixture for this slice is:
+
+- Company: `S06 Acceptance Labs`
+- Job: `S06 Acceptance Backend Engineer`
+- Expected workflow state: `Follow up`, `Ready`, `Waiting 14d`
+
+## Preconditions
+
+1. Backend is running at `http://localhost:5202` and frontend is running at `http://localhost:3000`.
+2. The worktree contains the S06 scripts and `docs/s06-acceptance-run.md`.
+3. If running the seed script directly, a valid bearer token is available in `AUTH_TOKEN`.
+4. If running only `bash scripts/s06-acceptance-run.sh`, the default localhost dev JWT fallback is allowed to mint a local token from the checked-in dev JWT settings plus the local SQLite admin user.
+5. Do **not** click `Send And Log Email` unless outbound mail is intentionally pointed at a safe sink.
+
+---
+
+## Test Case 1 — Preflight catches the real environment state before browser work
+
+### Steps
+
+1. Run `bash scripts/s06-preflight.sh`.
+2. Review the printed readiness lines.
+
+### Expected
+
+- The script prints `Preflight target: http://localhost:5202/api`.
+- The script prints the required origin pair `UI http://localhost:3000 -> API http://localhost:5202/api`.
+- The script reports `auth.requireAuth=true` and the auth config surface is reachable.
+- If `/api/admin/system` is not called with an admin token, the script still exits successfully with the guided partial-pass message instead of failing ambiguously.
+
+### Edge checks
+
+- If the API is down or `API_BASE` is wrong, the script exits non-zero with a clear start-the-API hint.
+- If the API returns malformed JSON, the script prints the raw body and fails.
+
+---
+
+## Test Case 2 — Acceptance seeding produces the deterministic live fixture
+
+### Steps
+
+1. Export a valid token to `AUTH_TOKEN`.
+2. Run `bash scripts/s06-acceptance-data.sh`.
+3. Review the seed summary output.
+4. Run the script a second time.
+
+### Expected
+
+- The script prints `seed.result=success`.
+- The script prints stable `seed.company.id` / `seed.job.id` values and does not create duplicate jobs on rerun.
+- The script prints `seed.workflow.action=follow-up`.
+- The script prints `seed.readiness.level=Ready`.
+- The script prints `seed.reminders=Waiting 14d`.
+- The job has saved Tailored CV / package state and recruiter-thread correspondence prepared for later browser verification.
+
+### Edge checks
+
+- Running without `AUTH_TOKEN` fails immediately with guidance.
+- Running with a bad token fails clearly as an auth issue.
+- Re-running the seed does not create duplicate deterministic correspondence for the same external message id.
+
+---
+
+## Test Case 3 — The acceptance runner refreshes the artifact and keeps evidence on disk
+
+### Steps
+
+1. Run `bash scripts/s06-acceptance-run.sh`.
+2. Confirm `docs/s06-acceptance-run.md` exists and is non-empty.
+3. Open the generated markdown and review the shell summary table.
+
+### Expected
+
+- The runner reports `acceptance.result=pass`.
+- The runner records `Preflight`, `Seed acceptance data`, and `UI trust-loop test` as pass states.
+- The markdown contains a current run id, timestamp, auth-token-source category, and log paths under `docs/artifacts/s06-acceptance/logs/`.
+- The guided browser section remains present after rerun and is not overwritten by the shell refresh.
+
+### Edge checks
+
+- If preflight fails because the backend is unreachable, the runner exits non-zero and records the failure instead of proceeding.
+- If Gmail is not configured, the document calls that out as a live limitation rather than pretending Gmail continuity was proven.
+
+---
+
+## Test Case 4 — `/jobs` opens the seeded workspace with saved package state
+
+### Steps
+
+1. Open `http://localhost:3000/jobs` in the live app.
+2. Locate the row for `S06 Acceptance Labs • S06 Acceptance Backend Engineer`.
+3. Confirm the row shows `Follow up`, `CV ready`, and `Waiting` style signals.
+4. Open the job workspace from that row.
+5. Go to **Tailored CV**.
+
+### Expected
+
+- The workspace opens for the seeded job, not a different row.
+- The Tailored CV area contains the saved seeded text beginning `Saved acceptance tailored CV highlighting ASP.NET Core delivery...`.
+- The saved package state is visible in the real workspace rather than only in test data or logs.
+
+### Edge checks
+
+- Re-opening the same job should show the same saved package state; it should not disappear or duplicate on revisit.
+
+---
+
+## Test Case 5 — Follow-up drafting stays manual and does not auto-send
+
+### Steps
+
+1. From the same seeded job workspace, open **Follow up**.
+2. Wait for the draft to load or regenerate it if needed.
+3. Review the available actions.
+4. Inspect the network log if available.
+5. Stop **before** clicking `Send And Log Email`.
+
+### Expected
+
+- The follow-up draft loads successfully from the live backend.
+- The UI shows separate `Copy Draft` and `Send And Log Email` actions.
+- Draft loading/regeneration calls `GET /api/jobapplications/{id}/followup-draft`.
+- No `POST /api/jobapplications/{id}/send-followup` request occurs during draft review/regeneration alone.
+- The manual-send boundary remains explicit and intact.
+
+### Edge checks
+
+- Editing or regenerating the draft should not add a sent item to correspondence by itself.
+- If recruiter contact data is incomplete, drafting may still work while send remains the explicit guarded action.
+
+---
+
+## Test Case 6 — `/reminders` and `/dashboard` reflect the same seeded job coherently
+
+### Steps
+
+1. Open `http://localhost:3000/reminders`.
+2. Find the seeded job under the follow-up grouping.
+3. Confirm the job shows `Follow up`, `Waiting 14d`, and `Follow-up: 10/03/2026`.
+4. Open `http://localhost:3000/dashboard`.
+5. Confirm the dashboard analytics include the seeded job/company state.
+6. Reload `/dashboard` and review browser diagnostics.
+
+### Expected
+
+- `/reminders` shows the same seeded job that was opened from `/jobs`.
+- `/dashboard` includes `S06 Acceptance Labs` in the activity/company view.
+- The dashboard reload completes without console errors or failed network requests.
+- The app behaves as one coherent single-user loop across all three surfaces.
+
+### Edge checks
+
+- If the job is missing from `/reminders`, the seed dates may no longer be beyond the active follow-up threshold and should be rechecked.
+- If `/dashboard` loads but records failed requests, treat the slice as not stabilized.
+
+---
+
+## Test Case 7 — Gmail continuity status is reported honestly
+
+### Steps
+
+1. In the seeded job workspace, open **Correspondence**.
+2. Confirm the deterministic recruiter-thread message is present.
+3. Check whether the workspace exposes connected Gmail state and whether any linked-thread refresh request runs.
+4. Compare the observation with `docs/s06-acceptance-run.md`.
+
+### Expected
+
+- The recruiter-thread message seeded by S06 is visible.
+- If Gmail is connected in the environment, a linked-thread refresh can be observed and reported.
+- If Gmail is **not** connected, the acceptance artifact explicitly records that Gmail continuity was not proven live in this run.
+
+### Edge checks
+
+- Do not claim success for Gmail continuity merely because seeded correspondence is present.
+- Absence of `POST /api/gmail/refresh-linked-threads` in the live run means the slice only proved seeded correspondence visibility, not live Gmail refresh.
+
+---
+
+## Pass Criteria
+
+S06 passes when all of the following are true:
+
+- The localhost stack is startable on the expected UI/API origins.
+- Preflight provides a readable go/no-go result instead of failing with opaque CORS/runtime symptoms.
+- The deterministic acceptance fixture can be seeded repeatably without duplicate drift.
+- The seeded job appears coherently across `/jobs`, the workspace, `/reminders`, and `/dashboard`.
+- Follow-up drafting remains manual and does not auto-send.
+- `docs/s06-acceptance-run.md` contains current shell evidence and honest browser observations, including any remaining Gmail continuity limitation.
+
+## Failure Clues
+
+- `scripts/s06-preflight.sh` fails because the API is unreachable or returns malformed JSON.
+- Seeding creates duplicate fixture data or no longer lands in `follow-up` / `Waiting 14d` state.
+- `/jobs`, workspace, `/reminders`, and `/dashboard` disagree about the seeded job’s next action.
+- Opening or regenerating a follow-up draft triggers a send request.
+- The acceptance artifact hides Gmail configuration limitations instead of recording them.
+- Dashboard reload still produces console errors or failed requests.
@@ -0,0 +1,22 @@
+{
+  "schemaVersion": 1,
+  "taskId": "T03",
+  "unitId": "M001/S06/T03",
+  "timestamp": 1774599867411,
+  "passed": true,
+  "discoverySource": "task-plan",
+  "checks": [
+    {
+      "command": "bash scripts/s06-acceptance-run.sh",
+      "exitCode": 0,
+      "durationMs": 5549,
+      "verdict": "pass"
+    },
+    {
+      "command": "test -s docs/s06-acceptance-run.md",
+      "exitCode": 0,
+      "durationMs": 5,
+      "verdict": "pass"
+    }
+  ]
+}
@@ -1,6 +1,18 @@
 # S07: Daily-loop UAT artifact closure

-**Goal:** TBD
+**Goal:** Publish the executed daily-loop UAT closure artifact proving one seeded job stays coherent across /jobs, the job workspace, /reminders, and /dashboard using the existing S06 acceptance runner.
 **Demo:** After this: The overview-surface/browser validation is captured as a real executed UAT artifact instead of a placeholder, proving the same job behaves coherently across table, dashboard, reminders, and workspace entry.

 ## Tasks
+- [x] **T01: Added docs/s07-uat.md to close S07 with imported acceptance-run evidence for the seeded daily-loop job.** — Why: Give S07 its own UAT closure document that reuses the S06 acceptance runner as the evidence source and frames the daily-loop proof across /jobs → workspace → reminders → dashboard while preserving the manual-send and Gmail-continuity notes. Do: review docs/s06-acceptance-run.md and scripts/s06-acceptance-run.sh for generated/manual seams; create docs/s07-uat.md with sections for surfaces, job identity, manual-send boundary evidence, Gmail continuity status, rerun commands, and artifact links; note that evidence is imported from the acceptance run rather than duplicated. Done when docs/s07-uat.md exists with the sections above and references the seeded job (S06 Acceptance Backend Engineer) and acceptance artifact.
+  - Estimate: 45m
+  - Files: docs/s07-uat.md, docs/s06-acceptance-run.md
+  - Verify: test -s docs/s07-uat.md && grep -q "S06 Acceptance Backend Engineer" docs/s07-uat.md
+- [ ] **T02: Re-run acceptance flow and record browser evidence + manual-send boundary** — Why: Refresh the live acceptance evidence and capture the manual-send boundary plus Gmail continuity status for S07. Do: run `bash scripts/s06-preflight.sh`; run `bash scripts/s06-acceptance-run.sh` (with AUTH_TOKEN if needed) to regenerate docs/s06-acceptance-run.md and artifacts; confirm the seeded job identity and cross-surface observations, and extract artifact links (logs, trace, timeline, screenshots/debug bundle); update docs/s07-uat.md with the latest evidence, explicitly stating the manual-send boundary (GET followup-draft seen, no POST send-followup) and the Gmail continuity limitation observed in this run. Failure modes: backend/API down → note preflight failure; auth/token missing → use runner fallback guidance; browser/assertion failures → capture log paths; malformed artifact paths → rerun and repair links. Negative checks: ensure acceptance run did not issue send-followup, and Gmail refresh absence is recorded, not implied passing. Done when both docs are updated with current run evidence and links.
+  - Estimate: 1h
+  - Files: scripts/s06-preflight.sh, scripts/s06-acceptance-run.sh, docs/s06-acceptance-run.md, docs/s07-uat.md
+  - Verify: bash scripts/s06-preflight.sh && bash scripts/s06-acceptance-run.sh && test -s docs/s06-acceptance-run.md && grep -q "manual-send boundary" docs/s07-uat.md
+- [ ] **T03: Re-run focused daily-loop UI tests and fold results into UAT doc** — Why: Anchor the S07 UAT closure to the existing focused UI regressions that encode the cross-surface contract. Do: from job-tracker-ui/, run `CI=true npm test -- --runInBand --watch=false src/daily-control-loop.test.tsx src/workflow-trust-signals.test.tsx`; capture pass/fail summaries and note any flake; update docs/s07-uat.md with the test command, date/time, and results so the UAT doc cites both live run evidence and deterministic regression coverage. Failure modes: missing node modules → npm install; test failures → log failing test output and blockers in the doc. Negative tests: ensure the doc notes what happens if these tests fail (e.g., stop claiming UAT closure). Done when tests pass and docs/s07-uat.md reflects the run and command used.
+  - Estimate: 40m
+  - Files: job-tracker-ui/src/daily-control-loop.test.tsx, job-tracker-ui/src/workflow-trust-signals.test.tsx, docs/s07-uat.md
+  - Verify: CI=true npm --prefix job-tracker-ui test -- --runInBand --watch=false src/daily-control-loop.test.tsx src/workflow-trust-signals.test.tsx && grep -q "UI regression results" docs/s07-uat.md
@@ -0,0 +1,122 @@
+# S07 Research — Daily-loop UAT artifact closure
+
+## Summary
+
+This is **light/targeted** work, not a new subsystem. S06 already built the hard part: a repeatable localhost preflight + seed + acceptance runner, a deterministic acceptance fixture, and a live evidence doc at `docs/s06-acceptance-run.md`. S07’s missing artifact is the **planner-facing research artifact for this slice**, and the product-facing gap is narrower: convert the existing live rerun evidence into a durable **executed daily-loop UAT closure artifact** that explicitly proves one seeded job behaves coherently across `/jobs`, workspace entry, `/reminders`, and `/dashboard`.
+
+The codebase already has the acceptance data and most of the evidence:
+
+- `scripts/s06-acceptance-data.sh` seeds the deterministic fixture (`S06 Acceptance Labs` / `S06 Acceptance Backend Engineer`) through the live API and prints the expected workflow/readiness/reminder outputs.
+- `scripts/s06-acceptance-run.sh` runs preflight + seeding + one focused UI regression and rewrites the generated section of `docs/s06-acceptance-run.md` while **preserving** the guided browser section between `<!-- acceptance-run:browser:start -->` markers.
+- `docs/s06-acceptance-run.md` already contains the real browser observations, debug-bundle paths, trace path, timeline path, and the explicit manual-send / Gmail-continuity limitations from the latest live run.
+- `job-tracker-ui/src/daily-control-loop.test.tsx` and `job-tracker-ui/src/workflow-trust-signals.test.tsx` already encode the cross-surface contract that the same workflow signal should route `/jobs`, `/dashboard`, and `/reminders` into the same workspace semantics.
+
+So the natural S07 move is **not** to invent new acceptance data or new routing logic. It is to package the existing live run into the milestone’s final UAT closure shape and make the evidence chain easy to rerun and audit.
+
+## Requirement Focus
+
+Active requirements this slice supports:
+
+- **R008** — keep follow-up/reply assistance manual. S06 already captured the live manual-send proof; S07 must preserve that evidence in the final UAT closure artifact and avoid weakening the claim.
+- **R009** — keep the loop individual-first. The seeded fixture and the `/jobs -> workspace -> /reminders -> /dashboard` proof are all single-job, single-user checks; S07 should keep the UAT narrative framed around one person managing one role end to end.
+
+Validated requirements this slice is effectively re-demonstrating in executed-UAT form:
+
+- **R005 / R006 / R007 / R010** — the same job must appear and behave coherently across the overview surfaces and the individual workspace.
+
+## Skills Discovered
+
+Installed skills already directly relevant; no additional skill install is needed.
+
+- `agent-browser` — relevant for the executed browser/UAT pass. Two rules matter here:
+  - **navigate → snapshot → interact → re-snapshot** after DOM/navigation changes, because refs become stale after page changes.
+  - use explicit verification/diff evidence rather than prose-only confirmation.
+- `test` — relevant because S07 should continue to anchor the closure artifact to the existing focused UI regressions instead of expanding scope to a broad suite.
+- `react-best-practices` / `aspnet-core` exist, but S07 does not look like a React or backend architecture change first; it is mostly artifact/evidence closure on top of established behavior.
+
+## Recommendation
+
+Treat S07 as an **artifact-closure slice**, not a feature slice.
+
+Build/prove in this order:
+
+1. **Reuse the S06 acceptance fixture and runner as the source of truth.** Do not create a second seeded job, second seed script, or second acceptance data contract.
+2. **Add or refresh one final S07-owned UAT artifact** that references the latest executed run and records the exact browser evidence for:
+   - `/jobs` row signals
+   - workspace entry for that same job
+   - `/reminders` visibility and action routing
+   - `/dashboard` visibility/analytics presence
+   - manual-send boundary still holding
+   - Gmail continuity status reported honestly
+3. **Keep the shell-generated/live-browser split.** `scripts/s06-acceptance-run.sh` already has a good seam: generated shell summary vs preserved guided-browser section. Reuse that pattern instead of hand-editing a monolithic markdown file.
+4. **Lean on the existing focused UI tests as regression proof**, then use browser assertions/debug artifacts for the final live executed proof.
+
+The simplest successful version of S07 is likely one of these:
+
+- extend the existing S06 artifact flow so the executed browser observations become the final S07/UAT closure evidence, or
+- create a small S07-specific wrapper/doc that imports the current run metadata from `docs/s06-acceptance-run.md` and adds a final closure-oriented summary without duplicating the seeding/runtime logic.
+
+## Implementation Landscape
+
+### Files that already matter
+
+- `docs/s06-acceptance-run.md`
+  - Current live evidence artifact.
+  - Already contains the exact observations S07 needs: `/jobs`, workspace, `/reminders`, `/dashboard`, trace/timeline/debug paths, manual-send proof, and the honest Gmail limitation.
+  - Important detail: it is partially generated and partially hand-preserved.
+
+- `scripts/s06-acceptance-run.sh`
+  - Orchestrates preflight, seed, focused UI regression, and doc refresh.
+  - Preserves the browser-observation block between `<!-- acceptance-run:browser:start -->` markers.
+  - Natural seam if S07 wants a rerunnable final artifact instead of a one-off markdown edit.
+
+- `scripts/s06-acceptance-data.sh`
+  - Owns the deterministic fixture values and the expected follow-up/readiness state.
+  - If S07 references concrete labels or expected reminder badges, those should come from here rather than being duplicated by hand.
+
+- `.gsd/milestones/M001/slices/S06/S06-UAT.md`
+  - Already defines the manual test cases and pass criteria for the live acceptance rerun.
+  - Good source material for a final “executed results” closure artifact, but it is still a test-plan style document, not the final closure proof itself.
+
+- `job-tracker-ui/src/daily-control-loop.test.tsx`
+  - Best compact contract test for this slice’s user-facing claim.
+  - Proves `/jobs`, `/dashboard`, and `/reminders` route into the shared workspace flow.
+
+- `job-tracker-ui/src/workflow-trust-signals.test.tsx`
+  - Lower-level routing/readiness contract proof.
+  - Especially useful if S07 work changes route/query-param handling or the wording of action buttons.
+
+### Natural seams for task breakdown
+
+1. **Artifact-shape task**
+   - Decide whether S07 owns a new doc or reuses `docs/s06-acceptance-run.md` as the canonical executed artifact.
+   - Keep the generated/manual split if touching the runner.
+
+2. **Browser-evidence task**
+   - Re-run the live browser flow and capture explicit assertions/screenshots/debug bundles for the four overview/workspace surfaces.
+   - Record the same job identity consistently across all surfaces.
+
+3. **Regression/verification task**
+   - Re-run the focused frontend tests and the acceptance runner so the final artifact is backed by both live execution and deterministic regression output.
+
+## Constraints / Gotchas
+
+- **Do not over-claim Gmail continuity.** S06 explicitly recorded that seeded correspondence was visible but `POST /api/gmail/refresh-linked-threads` did not fire in the local run. S07 should preserve that honesty unless the environment actually exposes connected Gmail state.
+- **Do not break the deterministic fixture.** `scripts/s06-acceptance-data.sh` depends on backdated `followUpAt` and correspondence timestamps to keep the fixture in `follow-up` / `Waiting 14d` state.
+- **Do not replace the manual-send proof with looser prose.** The strongest current evidence is concrete network behavior: `GET .../followup-draft` seen, no `POST .../send-followup` during draft review/regeneration.
+- **Avoid duplicating fixture constants.** Company/job labels, dates, and expected reminder state already live in the seed script and UAT doc.
+
+## Verification
+
+Minimum verification stack for S07 planning/execution:
+
+- `bash scripts/s06-preflight.sh`
+- `bash scripts/s06-acceptance-run.sh`
+- `test -s docs/s06-acceptance-run.md`
+- from `job-tracker-ui/`: `CI=true npm test -- --runInBand --watch=false src/daily-control-loop.test.tsx src/workflow-trust-signals.test.tsx`
+
+For the live browser part, prefer explicit assertions/evidence capture over prose-only checks. The final executed artifact should point to screenshot/debug-bundle/trace/timeline outputs and state exactly which surface each artifact proves.
+
+## Planner Takeaway
+
+This slice should be planned as **documentation/evidence closure on top of S06’s existing live-run machinery**. The risky work is already done. The planner should avoid new backend or UI feature work unless the rerun shows a real gap. The likely deliverable is a small, deterministic extension of the current acceptance-run artifact flow that turns S06’s live observations into the final S07 executed UAT closure for the daily loop.
@@ -0,0 +1,22 @@
+---
+estimated_steps: 1
+estimated_files: 2
+skills_used: []
+---
+
+# T01: Shape S07 UAT doc around acceptance-run evidence seam
+
+Why: Give S07 its own UAT closure document that reuses the S06 acceptance runner as the evidence source and frames the daily-loop proof across /jobs → workspace → reminders → dashboard while preserving the manual-send and Gmail-continuity notes. Do: review docs/s06-acceptance-run.md and scripts/s06-acceptance-run.sh for generated/manual seams; create docs/s07-uat.md with sections for surfaces, job identity, manual-send boundary evidence, Gmail continuity status, rerun commands, and artifact links; note that evidence is imported from the acceptance run rather than duplicated. Done when docs/s07-uat.md exists with the sections above and references the seeded job (S06 Acceptance Backend Engineer) and acceptance artifact.
+
+## Inputs
+
+- ``docs/s06-acceptance-run.md``
+- ``scripts/s06-acceptance-run.sh``
+
+## Expected Output
+
+- ``docs/s07-uat.md``
+
+## Verification
+
+test -s docs/s07-uat.md && grep -q "S06 Acceptance Backend Engineer" docs/s07-uat.md
@@ -0,0 +1,76 @@
+---
+id: T01
+parent: S07
+milestone: M001
+provides: []
+requires: []
+affects: []
+key_files: ["docs/s07-uat.md", ".gsd/milestones/M001/slices/S07/tasks/T01-SUMMARY.md"]
+key_decisions: ["Reused docs/s06-acceptance-run.md as the canonical execution artifact and positioned docs/s07-uat.md as an imported-evidence closure document instead of duplicating generated run output."]
+patterns_established: []
+drill_down_paths: []
+observability_surfaces: []
+duration: ""
+verification_result: "Verified the task-plan must-have by confirming docs/s07-uat.md exists, is non-empty, and contains the seeded job identity string S06 Acceptance Backend Engineer."
+completed_at: 2026-03-27T08:36:36.287Z
+blocker_discovered: false
+---
+
+# T01: Added docs/s07-uat.md to close S07 with imported acceptance-run evidence for the seeded daily-loop job.
+
+> Added docs/s07-uat.md to close S07 with imported acceptance-run evidence for the seeded daily-loop job.
+
+## What Happened
+---
+id: T01
+parent: S07
+milestone: M001
+key_files:
+  - docs/s07-uat.md
+  - .gsd/milestones/M001/slices/S07/tasks/T01-SUMMARY.md
+key_decisions:
+  - Reused docs/s06-acceptance-run.md as the canonical execution artifact and positioned docs/s07-uat.md as an imported-evidence closure document instead of duplicating generated run output.
+duration: ""
+verification_result: passed
+completed_at: 2026-03-27T08:36:36.289Z
+blocker_discovered: false
+---
+
+# T01: Added docs/s07-uat.md to close S07 with imported acceptance-run evidence for the seeded daily-loop job.
+
+**Added docs/s07-uat.md to close S07 with imported acceptance-run evidence for the seeded daily-loop job.**
+
+## What Happened
+
+Reviewed the S07 task contract together with docs/s06-acceptance-run.md and scripts/s06-acceptance-run.sh to confirm the runner-generated/manual seam. Created docs/s07-uat.md as a slice-specific closure artifact that references the canonical S06 acceptance run instead of duplicating it, names the seeded job S06 Acceptance Backend Engineer, summarizes the /jobs → workspace → /reminders → /dashboard coherence proof, preserves the manual-send boundary evidence, records the Gmail continuity limitation explicitly, and includes rerun commands plus artifact links.
+
+## Verification
+
+Verified the task-plan must-have by confirming docs/s07-uat.md exists, is non-empty, and contains the seeded job identity string S06 Acceptance Backend Engineer.
+
+## Verification Evidence
+
+| # | Command | Exit Code | Verdict | Duration |
+|---|---------|-----------|---------|----------|
+| 1 | `test -s /home/pi/development/JobTracker/.gsd/worktrees/M001/docs/s07-uat.md && grep -q "S06 Acceptance Backend Engineer" /home/pi/development/JobTracker/.gsd/worktrees/M001/docs/s07-uat.md` | 0 | ✅ pass | 1ms |
+
+
+## Deviations
+
+None.
+
+## Known Issues
+
+None.
+
+## Files Created/Modified
+
+- `docs/s07-uat.md`
+- `.gsd/milestones/M001/slices/S07/tasks/T01-SUMMARY.md`
+
+
+## Deviations
+None.
+
+## Known Issues
+None.
@@ -0,0 +1,25 @@
+---
+estimated_steps: 1
+estimated_files: 4
+skills_used: []
+---
+
+# T02: Re-run acceptance flow and record browser evidence + manual-send boundary
+
+Why: Refresh the live acceptance evidence and capture the manual-send boundary plus Gmail continuity status for S07. Do: run `bash scripts/s06-preflight.sh`; run `bash scripts/s06-acceptance-run.sh` (with AUTH_TOKEN if needed) to regenerate docs/s06-acceptance-run.md and artifacts; confirm the seeded job identity and cross-surface observations, and extract artifact links (logs, trace, timeline, screenshots/debug bundle); update docs/s07-uat.md with the latest evidence, explicitly stating the manual-send boundary (GET followup-draft seen, no POST send-followup) and the Gmail continuity limitation observed in this run. Failure modes: backend/API down → note preflight failure; auth/token missing → use runner fallback guidance; browser/assertion failures → capture log paths; malformed artifact paths → rerun and repair links. Negative checks: ensure acceptance run did not issue send-followup, and Gmail refresh absence is recorded, not implied passing. Done when both docs are updated with current run evidence and links.
+
+## Inputs
+
+- ``scripts/s06-preflight.sh``
+- ``scripts/s06-acceptance-run.sh``
+- ``docs/s07-uat.md``
+
+## Expected Output
+
+- ``docs/s06-acceptance-run.md``
+- ``docs/s07-uat.md``
+- ``docs/artifacts/s06-acceptance/logs/``
+
+## Verification
+
+bash scripts/s06-preflight.sh && bash scripts/s06-acceptance-run.sh && test -s docs/s06-acceptance-run.md && grep -q "manual-send boundary" docs/s07-uat.md
@@ -0,0 +1,23 @@
+---
+estimated_steps: 1
+estimated_files: 3
+skills_used: []
+---
+
+# T03: Re-run focused daily-loop UI tests and fold results into UAT doc
+
+Why: Anchor the S07 UAT closure to the existing focused UI regressions that encode the cross-surface contract. Do: from job-tracker-ui/, run `CI=true npm test -- --runInBand --watch=false src/daily-control-loop.test.tsx src/workflow-trust-signals.test.tsx`; capture pass/fail summaries and note any flake; update docs/s07-uat.md with the test command, date/time, and results so the UAT doc cites both live run evidence and deterministic regression coverage. Failure modes: missing node modules → npm install; test failures → log failing test output and blockers in the doc. Negative tests: ensure the doc notes what happens if these tests fail (e.g., stop claiming UAT closure). Done when tests pass and docs/s07-uat.md reflects the run and command used.
+
+## Inputs
+
+- ``job-tracker-ui/src/daily-control-loop.test.tsx``
+- ``job-tracker-ui/src/workflow-trust-signals.test.tsx``
+- ``docs/s07-uat.md``
+
+## Expected Output
+
+- ``docs/s07-uat.md``
+
+## Verification
+
+CI=true npm --prefix job-tracker-ui test -- --runInBand --watch=false src/daily-control-loop.test.tsx src/workflow-trust-signals.test.tsx && grep -q "UI regression results" docs/s07-uat.md