diff --git a/.agents/prompts/reviewer-code.md b/.agents/prompts/reviewer-code.md index 82841b8..e921908 100644 --- a/.agents/prompts/reviewer-code.md +++ b/.agents/prompts/reviewer-code.md @@ -29,6 +29,10 @@ Scope — verify these guards: - GR-UI-A11Y: accessibility (if UI touched) - GR-UI-I18N: i18n completeness (if visible text touched) - GR-UI-REUSE: reuse-first (if JS/CSS added) +- GR-UI-TAXONOMY: status taxonomy consistency (if status enums/labels touched) +- GR-CORE-LAYERS: architecture layer isolation +- GR-CORE-META: agent and codex system integrity (if .agents/ touched) +- GR-CORE-MODULE: module boundary isolation (if modules touched) Rules: - findings MUST reference a guard or gate ID diff --git a/.agents/prompts/reviewer-security.md b/.agents/prompts/reviewer-security.md index c475bec..b455db0 100644 --- a/.agents/prompts/reviewer-security.md +++ b/.agents/prompts/reviewer-security.md @@ -24,6 +24,7 @@ Scope — verify these guards: - GR-SEC-007: API must not start sessions - GR-SEC-008: server-side authorization enforced - GR-SEC-009: server-side tenant scope enforced +- GR-SEC-010: output escaping in views (e() required, raw echo only with // raw-html-ok marker) Rules: - findings MUST reference a GR-SEC-* guard ID diff --git a/README.md b/README.md index 346c7fe..0433a3b 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ Der Fokus liegt auf klarer Rollen-/Rechtestruktur, Tenant-Scope und einer konsis - Mail-Versand (SMTP/PHPMailer) inkl. Mail-Log - Onboarding-PDF fuer Zugangsdaten (Single inline, Bulk als ZIP) - Passwort-Reset und Remember-Login-Tokens +- Geplante Aufgaben (Scheduler mit Ausfuehrungshistorie) ## Tech Stack