# Build Loop Done Criteria Agents may claim the overnight loop is done only when this file is satisfied. ## Done Means The loop is done only when all of these are true: - the app starts locally - the UI opens - MCP tools respond - authenticated UI login works, or auth gap is clearly documented - local dev identity can be selected in the UI - MCP calls map to a developer identity - MCP task mutation is scoped to the owning developer - MCP workstream and referenced-note mutation is scoped to the owning developer - active MCP tokens can be listed and revoked after refresh - local companion setup installs MCP and Claude Code hook config without storing raw tokens - installable companion package smoke passes in a clean external repo - local companion status distinguishes hard setup failures from server reachability warnings - local companion snapshot records dirty and unpushed repo state without file contents - local companion watch can repeat snapshots, telemetry inbox flushes, and optional session heartbeats - local companion snapshot warns agents about overlapping dirty or unpushed files from other sessions - duplicate-work warning works - duplicate warning is sent back to the agent - stored warnings and blocks can be retrieved by the agent - overlap start is blocked without confirmation - block response tells the agent what to do next - overlap start succeeds with confirmation - demo scenario does not leave demo MCP tokens in inventory - structured events are stored - usage events are stored - session/task timing fields exist - planned work is visible before start - planned tasks cannot bypass check-before-start - abandoned work can be cancelled with a reason and activity event - blockers and decisions are visible without generating a summary - long-running sessions support heartbeat and stale status - session heartbeat/end is scoped to the owning developer - metrics show sessions, usage, warnings, and completed work - Workstreams shows active and planned work - Activity shows completed work and result summaries - Activity shows events - Weekly Summary produces a draft - Weekly Summary exposes structured payload data - UI summary generation does not create MCP tokens - the accuracy gate for overlap recall/precision and Performance read-models passes - tests pass, or failures are clearly listed - security checks pass, or failures are clearly listed with severity - hosted deployment artifact, hosted canary, and strict handoff command exist - morning report exists ## Not Done Means The loop is not done if: - only the UI exists - only the MCP exists - data is stored only in Markdown - overlap warnings are not enforced by the server - warnings only appear in the UI and are not returned to the agent - MCP calls do not save usage events - MCP calls are not tied to a developer identity - auth is ignored without a clear reason - the weekly summary is missing - tests were not run - `npm run check:accuracy` was not run or failed - no browser/user-flow test was attempted - security checks were not run - the morning report is missing - any source file is over 300 lines - documentation is stale - deferred feature code is present ## Morning Report At the end of the loop, agents must write `reports/morning-report.md`. The report should say: - what was built - what works - what tests passed - what tests failed - what security checks passed or failed - what was not finished - what decisions were made - what files changed - what a human should try first - what auth provider was chosen and why - whether agent logging was verified - whether agent feedback/blocking was verified - whether the accuracy gate passed ## Manual QA Instructions The loop must leave instructions for a human to try the app. The instructions must include: - how to install dependencies - how to start the server - how to run `npm run setup` to initialize PostgreSQL and run the local doctor - where to open the UI - how to connect an MCP client - how to use the hosted companion install command, optionally override it, and run `npm exec -- covibe-local setup --base-url `, manual `snapshot --base-url `, and `watch --base-url ` - how to create or configure a developer MCP token - how to run the duplicate-work scenario - how to generate the weekly summary - how to run `npm run readiness:handoff -- https://...` after deploy