# AI Editor RSP — Product Owner Repair Contract - task_id: t_c08e5544 - role: moce / 墨策 / Owner feedback product repair contract - production_url: https://aieditorrsp.net - repo: /root/projects/aieditorrsp - generated_at_utc: 2026-06-03T10:39:34Z - current_commit_sha: 59d12935f4bd5b3236a3b8cacab8c87275066ea5 - current_deployment_source_commit: 59d12935f4bd5b3236a3b8cacab8c87275066ea5 - source_brief: /root/.hermes/reports/aieditorrsp-hero-optimization-20260603/owner-repair-brief-20260603.md - prior_rejected_gate: t_b05228f6 - prior_final_reqa: t_be0625aa - contract_verdict: REPAIR_CONTRACT_GO / LAUNCH_BLOCKED_UNTIL_FRESH_GATES ## 0. 结论 当前站点不能按上一轮 `QA_GO` 上线或公开推广。Owner 已拒绝 preview-disabled/free-preview 质量线,本轮必须按 launch-quality repair 重跑。 本合同把 5 条 owner 反馈升级为 P0/P1/P2 验收断点: 1. 登录/支付不能再用“preview-disabled 足够”收口:要么真实可用并有生产/测试安全证据,要么作为明确 P0 external blocker,不得伪装支持。 2. `/editor`、`/library`、`/templates` 必须进入统一主站体验;当前生产这些短路由返回 404,不能忽略。 3. 公共产品页不得继续使用破坏阅读和可用空间的 app/dashboard 侧栏;宁可删除侧栏,也不能保留被遮罩、截断、割裂的版本。 4. footer 必须是页面最后一个可见 section;footer 后出现正文/SEO 内容为 P0 视觉结构阻断。 5. 旧 Final QA 的 P1/P2 不再作为“上线后再说”:duplicate H1、short meta、edge viewport、GA4/Clarity、LCP/perf 必须在本轮 repair 后重新验收。 ## 1. Scope mode - launch_mode_target: `real_auth_payment_or_explicit_blocker` - old_allowed_mode: `preview-disabled / paid-disabled` - old_mode_status: `rejected_by_owner` - launch/public_promotion: `blocked` - old QA_GO: `stale` - fresh gates required: Backend/Auth-Payment → Visual Route Repair → Frontend Integration/P1P2 → SEO Recheck → Compliance Recheck → Product Acceptance → Final QA → Owner Review Gate ## 2. P0 / P1 / P2 ### P0 — launch blockers | ID | Requirement | Owner source | Product decision | Acceptance breakpoint | Primary owner | |---|---|---|---|---|---| | P0-AUTH-001 | Login entry must be real or explicitly blocked | “Login/payment are not actually supported” | `Login with Google` / account entry cannot appear as normal supported feature unless OAuth actually redirects, callbacks, session, logout, return_to flow work. If Google Console/client secret/redirect is missing, backend must block with exact owner action. | `/api/auth/login?return_to=/pricing` returns real redirect/session flow OR explicit blocker report with required Google Console redirect URI and env names redacted. No fake success. | moshu t_f90fce3d | | P0-PAY-001 | Payment/checkout must be real or explicitly blocked | “Preview-disabled mode is not acceptable as final launch quality” | Stripe Checkout, webhook entitlement, credits, refund/legal copy, pricing CTA must match real mode. If Stripe/Tax/webhook cannot be verified, paid UI must be disabled and task must block with exact external action. | Checkout test/live-safe flow evidence OR blocker. Evidence must include Stripe mode, plan mapping, automatic_tax enabled, billing address required, tax_id_collection enabled, webhook event entitlement, `/api/credits` post-purchase state. Secrets redacted. | moshu t_f90fce3d | | P0-ROUTE-001 | Owner-facing `/editor`, `/library`, `/templates` cannot 404 | Owner names these pages directly | Current production check: `/editor`, `/library`, `/templates` return 404; existing canonical routes are `/ai-photo-prompt-editor` and `/prompt-library`. Add real pages or 308 redirects, and decide canonical/index policy. | `GET /editor`, `/library`, `/templates` all 200 or 308→canonical. If redirect, canonical target must be clear and no broken internal nav. | mojie t_0110a5c7 / t_614049b0 | | P0-VIS-001 | `/editor` readable, tool not clipped, no destructive sidebar | `/editor` heavy overlay; tool clipped; sidebar makes page worse | Public editor is a marketing/product page, not app shell. Remove public app sidebar unless it passes space/readability tests. Background art must be subtle only. | At 1366x768, 1440x900, 1280x800, 390x844, 430x932: no horizontal clipping; core tool card fully readable; primary CTA visible; no large opaque overlay; no sidebar consuming critical width. | moying t_c3548a9f + mojie t_0110a5c7 | | P0-VIS-002 | `/templates` unified with main site | same split/overlay/sidebar problem; header inconsistent | Templates route must use same header/nav/CTA/footer system as homepage/editor/library. No stitched prototype fragmentation. | Same header component/visual tokens as main site; no app sidebar unless useful; tool/template grid readable; mobile nav consistent. | moying + mojie | | P0-VIS-003 | `/library` footer must be terminal section | content appears below footer | Footer after-body content is a structural fail. Move any SEO/body blocks above footer or remove. | DOM/order and visual screenshot prove footer is the last visible page section; no cards/text/SEO section after footer. | mojie t_0110a5c7 | | P0-TRUTH-001 | Pricing, credits, CTA, legal must match actual backend mode | Auth/payment criteria | No pricing/CTA/legal copy may imply supported checkout, subscriptions, credit packs, receipt storage, Pro unlock, provider/export success unless backend proves it. | Route scan + copy scan + API scan all match. `/api/credits` truth state equals visible pricing/CTA state. | moshu + mojie + modun | | P0-GATE-001 | Old QA_GO cannot be reused | Owner rejected t_b05228f6 | All downstream gates must treat prior QA_GO as stale. | Fresh PM_GO/COMPLIANCE_GO/SEO_GO/QA_GO after repairs, plus owner confirmation. | all downstream | ### P1 — must fix before fresh PM/QA GO unless formally waived | ID | Requirement | Acceptance breakpoint | Owner | |---|---|---|---| | P1-SEO-001 | Remove duplicate H1 on `/ai-photo-prompt-editor`, `/chatgpt-photo-editing-prompts`, `/ai-photo-editing-prompts` | Each indexable page has exactly one H1 in production DOM. If an alias route exists, it must not create duplicate H1 or duplicate indexable content. | mojie / moyin | | P1-SEO-002 | Meta descriptions should reach 140–160 chars where practical | Homepage and indexable SEO/support pages have useful meta descriptions; any <140 has explicit waiver. | mojie / moyin | | P1-VP-001 | Edge viewport Generate below fold | 1024x768, 360x800, 320x568 no longer hide/borderline-hide Generate in first task flow, or QA records explicit accepted waiver. | mojie | | P1-ANALYTICS-001 | GA4/Clarity runtime verification | Production network/runtime evidence proves configured analytics load or explicit `not configured` blocker is reported. Cookie/legal copy must match. | mojie / motest | | P1-PERF-001 | Lighthouse/LCP regression if still present | Run Lighthouse/PageSpeed-equivalent on production. LCP target: no known severe regression; image/background/overlay bloat reduced. | mojie / motest | | P1-FLOW-001 | Template → editor handoff | Applying/copying a template from `/templates` or canonical library lands user in editor with prompt state preserved or clearly copied. | mojie | ### P2 — polish / non-blocking after P0/P1 pass | ID | Requirement | Acceptance breakpoint | |---|---|---| | P2-COPY-001 | Explain launch mode without scaring users | If auth/payment blocked, copy should be honest but not dominate the main task. | | P2-NAV-001 | Short and SEO route naming consistency | Nav can show simple labels: Editor, Templates, Pricing, Contact. Canonical URLs may remain SEO-friendly if redirects are clean. | | P2-VIS-001 | Decorative background quality | Background can preserve AI/editor mood but must not reduce contrast or readability. | | P2-SEO-001 | Prompt-library word floor/content richness | If `/prompt-library` remains indexable, raise useful content above 800 words or provide waiver/noindex rationale. | ## 3. Route matrix | User-facing route | Current production status checked in this task | Required behavior | Canonical / index policy | Product notes | |---|---:|---|---|---| | `/` | 200 | Main landing + hero editor; remains primary homepage | canonical `/`, index | Must keep first-screen task clear; no paid/auth overclaim unless real. | | `/editor` | 404 | Must not 404. Prefer 308 to `/ai-photo-prompt-editor` or implement a clean public editor page. | If 308: noindex alias, canonical target `/ai-photo-prompt-editor`; if page: self canonical only if unique enough. | Owner explicitly said `/editor`; short route should work for human review. | | `/ai-photo-prompt-editor` | 200 | Public editor page; readable and unclipped; no destructive sidebar. | index; exactly one H1 | Existing SEO page may remain canonical editor target. | | `/library` | 404 | Must not 404. Prefer 308 to `/prompt-library` unless a distinct library route is built. | alias noindex/308 to `/prompt-library` | Owner explicitly said `/library`. | | `/templates` | 404 | Must not 404. Either 308 to `/prompt-library` or build a templates page using same UI system. | alias noindex/308 to `/prompt-library` OR canonical self if distinct template page | Header/nav/CTA must match main site. | | `/prompt-library` | 200 | Canonical library/templates experience; footer terminal; filters/cards readable. | index if content >= floor and no duplicate H1 | Can be canonical target for both `/library` and `/templates`. | | `/pricing` | 200 | Must reflect real auth/payment mode. No checkout CTA unless backend proves Stripe. | index | If paid blocked, CTA should be “Join waitlist / Contact” and state exact limitation. | | `/contact` | 200 | External blocker/paid access contact fallback | index or support page canonical | Used only if paid/login not ready. | | `/privacy`, `/terms`, `/refund`, `/cookie-policy` | 200 | Legal copy must match analytics/payment/credits/provider truth. | index acceptable | No receipt/refund/tax claims unless actual checkout mode supports them. | | `/api/credits` | 200 prior evidence | Must expose true mode only | API noindex / not in sitemap | State must match pricing and UI. | | `/api/auth/login?return_to=...` | 503 prior evidence | Real OAuth or explicit blocker, never fake success | API noindex | Must include safe owner action if blocked. | | `/api/checkout/stripe?plan=monthly/yearly/credit_pack` | 503 prior evidence | Real Stripe checkout or explicit blocker, never fake redirect | API noindex | Tax settings evidence required if enabled. | ## 4. Acceptance breakpoints by owner feedback ### Feedback 1 — Login/payment unsupported Fresh PM/QA may only pass one of these two states: A. Real-supported state: - Google OAuth login starts from public CTA and returns to intended route after callback. - Session state is visible and reversible: logged-in/out state, logout, protected CTA behavior. - Stripe Checkout opens for valid plan IDs and returns success/cancel safely. - Webhook entitlement updates credits/subscription state. - Stripe Tax evidence: `automatic_tax.enabled=true`, `billing_address_collection=required`, `tax_id_collection.enabled=true` in Checkout Session creation. - `/api/credits` reflects entitlement truth. - Legal/refund/pricing copy reflects paid mode. B. Exact-blocker state: - Backend task blocks or completes with `verdict=AUTH_PAYMENT_BLOCKED_EXTERNAL_INPUT` and exact owner action. - UI does not claim login/payment are supported. - Pricing CTA does not pretend checkout works. - Product Acceptance returns `PM_NO_GO` for launch-quality if owner required real support and external blocker remains. Not allowed: - “Preview disabled” as final launch quality. - Fake success pages. - Checkout links that 503 after marketing says paid is available. - Login CTA that appears live but always fails without explicit blocker framing. ### Feedback 2 — `/editor` visual overlay/sidebar/clipping Required: - Remove or radically simplify the public editor sidebar. - Remove large/dark/blur overlay over content; use subtle decorative background only. - Ensure editor workbench has enough width and height at required viewports. - Keep upload, prompt edit, template choice, Generate, validation/result state visible and readable. - Screenshots required: `/editor` or canonical editor at 1366x768, 1440x900, 1280x800, 390x844, 430x932. No-go examples: - Text under translucent artwork. - Tool panel horizontally clipped. - Sidebar consumes width while not materially helping the task. - Different header/nav from homepage. ### Feedback 3 — `/library` footer order Required: - Footer component appears once and after all page body content. - No SEO paragraph, cards, filter UI, CTA, or body content after footer. - DOM order and screenshot both verify footer is terminal. - If global layout renders footer, page content must not render additional content outside `
` after it. ### Feedback 4 — `/templates` split/overlay/sidebar/header inconsistency Required: - `/templates` route exists or redirects cleanly. - If it renders a page: use main-site header/nav/CTA/footer, same visual tokens as `/`, `/editor`, `/library`. - No app/dashboard sidebar in public template browsing by default. - Template cards and filters are usable on mobile without clipping. - Template → editor flow works or copy/click behavior is explicit. ### Feedback 5 — prior P1/P2 must be fixed before launch Required: - SEO duplicate H1 fixed on the three named pages. - Meta descriptions reviewed and expanded unless explicit waiver. - Edge viewport Generate issue fixed or explicitly waived by PM + QA with evidence. - GA4/Clarity runtime verified or copy/config changed to match absence. - Lighthouse/LCP checked after visual overlay/background cleanup. ## 5. Downstream implementation input ### To moshu / Backend auth-payment repair (`t_f90fce3d`) Deliverable: `/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/backend-auth-payment-repair.md` Must decide and prove one of: 1. `AUTH_PAYMENT_READY` - real Google OAuth flow verified; - real Stripe Checkout/session/webhook entitlement verified; - tax settings verified; - `/api/credits` truth state verified; - commit/push/deploy same commit. 2. `AUTH_PAYMENT_BLOCKED_EXTERNAL_INPUT` - exact missing Google Console/Stripe/secret/resource item; - exact redirect URI: `https://aieditorrsp.net/api/auth/callback/google` if Google OAuth remains blocker; - exact Stripe item needed: price IDs, webhook endpoint/secret, Tax/product tax code, domain/return URLs, or env vars, but secrets redacted as `[REDACTED]`; - UI mode required for frontend: disabled/contact/waitlist copy. Do not write real secrets to reports/Kanban/chat. ### To moying / Design repair contract (`t_c3548a9f`) Required design constraints: - Unified public-site shell: same header/nav/CTA/footer across homepage, editor, library/templates, pricing/legal. - Public pages are not dashboard pages. - Sidebar default: remove. Re-add only if it passes “does not steal critical task space” evidence. - Overlay default: remove. Background art must be behind clear cards with WCAG-readable contrast. - Footer terminal rule. - Screenshot checklist must include desktop and mobile for editor/library/templates or their canonical targets. ### To mojie / Frontend visual route repair (`t_0110a5c7`) Required implementation: - Add `/editor`, `/library`, `/templates` as 308 redirects or real pages; no 404. - Repair canonical editor/library/template routes per design contract. - Remove public app sidebar unless proven useful. - Ensure footer is terminal. - Fix tool clipping at required viewports. - Produce production screenshots for `/editor`, `/library`, `/templates` or redirect targets at 1366x768 and 390x844 minimum. - Release invariant: clean git, lint/typecheck/build/verify, commit, push, deploy same commit. ### To mojie / Frontend auth/payment integration + P1/P2 (`t_614049b0`) Required implementation: - UI must consume/backend-reflect auth/payment truth state, not hardcode optimism. - Pricing/credits/CTA/legal pages must align with backend verdict. - Fix duplicate H1, short meta, analytics runtime hooks, edge viewport, and perf regressions. - If backend blocked externally, implement safe disabled/contact mode and mark PM launch blocker. - Release invariant: verify/seo:audit/build, commit, push, deploy same commit. ### To moyin / SEO recheck (`t_cedb79ee`) Required SEO checks: - `/editor`, `/library`, `/templates` alias/canonical/noindex rules do not create duplicate content. - duplicate H1 fixed. - meta descriptions audited. - sitemap includes only canonical indexable routes. - robots/canonical/JSON-LD still valid. - no paid/provider/export overclaim in indexable copy. ### To modun / Compliance recheck (`t_7507ce87`) Required compliance checks: - OAuth/Stripe/Tax/entitlement evidence or explicit blocker. - Legal/refund/privacy/cookie/pricing copy matches actual state. - No fake login/checkout/provider/export claims. - No secrets in reports; use `[REDACTED]`. ### To moce / Product Acceptance after repair (`t_b9a6056a`) PM may output `PM_GO` only if: - Auth/payment is real-supported OR there is explicit owner-accepted external blocker mode. If owner still requires support and blocker remains, PM must be `PM_NO_GO`. - `/editor`, `/library`, `/templates` do not 404 and feel unified. - Footer terminal rule passes. - P1/P2 from owner list are fixed or explicitly waived with evidence. - Fresh compliance/SEO evidence exists. ### To motest / Final QA Final QA must not inherit old `QA_GO`. It must run fresh against the final deployed commit and cover: - route status and redirects; - auth/payment/API truthfulness; - visual screenshots at target breakpoints; - footer terminal order; - no clipping/horizontal overflow; - SEO basics; - analytics/runtime/perf checks; - source/deploy commit parity. ## 6. Fresh Product Acceptance JSON schema Downstream Product Acceptance should output: ```json { "pm_verdict": "PM_GO | PM_CONDITIONAL_GO | PM_NO_GO", "competitive_minimum_verdict": "pass | fail | partial", "owner_feedback_verdict": { "login_payment": "pass | blocker | fail", "editor_visual": "pass | fail", "library_footer": "pass | fail", "templates_unified": "pass | fail", "prior_p1p2": "pass | partial | fail" }, "route_matrix_verdict": "pass | fail", "verified_user_tasks": [ "open /editor or alias and complete upload/prompt/template/generate validation path", "open /library and confirm footer is terminal", "open /templates and apply/copy a template into editor", "start login/payment flow or see explicit blocker without fake success", "verify pricing/credits/API/legal state consistency" ], "scope_gaps": [], "blocker_count": 0, "next_gate": "motest_final_qa_owner_repair" } ``` ## 7. Release invariants Any code/deploy worker must include: - `commit_sha` - `pushed_branch` - `deployment_source_commit` - `deploy_url` - `git_status_after` - tests/checks run: - lint or equivalent - typecheck or build - `npm run verify` - `npm run seo:audit` - production route/API spot checks - if Cloudflare Worker/Pages deployment is used: deployment ID/version and source commit evidence. If deployed production differs from pushed commit, block as `source-not-synced`. ## 8. Residual risk 1. This contract is not a PM_GO for production launch; it is a repair contract. 2. Auth/payment may still depend on external console/secrets. If so, the correct outcome is a precise blocker, not simulated support. 3. Short aliases `/editor`, `/library`, `/templates` are currently 404; downstream must either add redirects/pages or Product Acceptance must fail route matrix. 4. Existing SEO route names are valuable; redirects should preserve canonical SEO routes unless a deliberate migration is made. 5. Visual repair and backend repair can proceed in parallel, but final PM/QA must fan-in both. ## 9. Checks run for this contract - `kanban_show(t_c08e5544)` - `skill_view(kanban-worker)` - `skill_view(product-definition-prd)` - Telegram `[START]` sent: message_id=7991 - read owner repair brief: `/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/owner-repair-brief-20260603.md` - read prior final Re-QA: `/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/final-re-qa-after-compliance-remediation.md` - read owner review gate: `/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/owner-review-gate-after-reqa.md` - read product recheck after remediation: `/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/product-recheck-after-compliance-remediation.md` - read SEO recheck after remediation: `/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/seo-recheck-after-compliance-remediation.md` - inspected downstream task graph: `t_c3548a9f`, `t_f90fce3d`, `t_0110a5c7`, `t_614049b0`, `t_7507ce87`, `t_b9a6056a` - git evidence: `HEAD=59d12935f4bd5b3236a3b8cacab8c87275066ea5`, `git status=## main...origin/main` - production route status check: `/editor=404`, `/library=404`, `/templates=404`, `/ai-photo-prompt-editor=200`, `/prompt-library=200` ## 10. Machine-readable handoff ```json { "project_slug": "aieditorrsp", "production_url": "https://aieditorrsp.net", "verdict": "REPAIR_CONTRACT_GO", "launch_status": "LAUNCH_BLOCKED_UNTIL_FRESH_GATES", "old_qa_go_status": "stale_rejected_by_owner", "artifact_paths": [ "/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/product-owner-repair-contract.md", "/root/.hermes/reports/aieditorrsp-hero-optimization-20260603/owner-repair-brief-20260603.md" ], "commit_sha": "59d12935f4bd5b3236a3b8cacab8c87275066ea5", "deployment_source_commit": "59d12935f4bd5b3236a3b8cacab8c87275066ea5", "p0_blockers_defined": [ "real-or-blocked login", "real-or-blocked Stripe payment/Tax/webhook entitlement", "no 404 for /editor /library /templates", "editor/templates visual readability and no destructive sidebar/overlay", "library footer terminal section", "pricing/credits/CTA/legal truthfulness", "fresh gates required" ], "p1_required_before_launch": [ "duplicate H1 fix", "meta description repair/waiver", "edge viewport Generate visibility fix/waiver", "GA4/Clarity runtime verification", "Lighthouse/LCP performance check", "template-to-editor handoff" ], "route_status_checked": { "/editor": 404, "/library": 404, "/templates": 404, "/ai-photo-prompt-editor": 200, "/prompt-library": 200 }, "checks_run": [ "kanban_show(t_c08e5544)", "skill_view(kanban-worker)", "skill_view(product-definition-prd)", "send Telegram START message_id=7991", "read owner repair brief", "read prior Final Re-QA / owner review / product recheck / SEO recheck reports", "git rev-parse HEAD && git status --short --branch", "date -u", "curl production status for /editor /library /templates /ai-photo-prompt-editor /prompt-library", "inspect downstream Kanban tasks" ], "residual_risk": [ "Auth/payment may require external owner console actions; must be blocked precisely if unavailable.", "Short owner-facing routes are currently 404 and must be repaired or redirected.", "Visual repair depends on design and frontend downstream completion.", "No public promotion until fresh SEO/Compliance/Product/Final QA and owner review pass." ], "next_inputs": [ "moying design contract t_c3548a9f must finish before visual implementation can fully comply.", "moshu backend t_f90fce3d should implement auth/payment or return exact blocker.", "mojie frontend t_0110a5c7 should repair route/visual issues and t_614049b0 should integrate backend truth plus P1/P2 fixes.", "moyin/modun/moce/motest must run fresh gates after deployment." ] } ```