Lay down the project foundation before Sprint 1 implementation:
- SPEC.md enriched with a "Décisions techniques" section that pins
down 3-role auth (admin super-user / redteam / soc), JWT bearer,
single-container Flask+React topology, minimal Engagement model,
local MITRE STIX bundle, and the Makefile target list.
- .claude/agents/ defines the 6 sub-agents per SPEC.md § Team:
backend-builder, frontend-builder, spec-reviewer (project override
covering plan-vs-spec + code-vs-spec), code-reviewer, test-verifier,
devil-advocate.
- tasks/todo.md holds the full Sprint 1 plan (Auth + CRUD Engagement)
validated by spec-reviewer on 2026-05-26 after one round of fixes.
- CHANGELOG.md and tasks/lessons.md scaffolded.
- .gitignore covers Python, Node, Playwright, secrets, build artifacts
and Claude Code worktrees.
No application code is shipped in this commit — Sprint 1 will be a
separate branch and PR.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
