feat: complete Phase 4 client skill and workspace profiles

.planning/REQUIREMENTS.md

@@ -40,11 +40,11 @@
 
 ### Client and Workspace Integration
 
-- [ ] **CFG-01**: CAS generates profile-specific configuration for supported AI clients without overwriting unrelated user configuration.
-- [ ] **CFG-02**: User can preview, validate, apply, and remove only CAS-owned client configuration.
-- [ ] **CFG-03**: Profiles install and validate portable agent skills and workspace conventions from allowlisted sources.
-- [ ] **CFG-04**: MCP configuration clearly distinguishes local workstation transports from production remote transports and never embeds secrets.
-- [ ] **CFG-05**: Configuration adapters detect drift and preserve recoverable backups.
+- [x] **CFG-01**: CAS generates profile-specific configuration for supported AI clients without overwriting unrelated user configuration.
+- [x] **CFG-02**: User can preview, validate, apply, and remove only CAS-owned client configuration.
+- [x] **CFG-03**: Profiles install and validate portable agent skills and workspace conventions from allowlisted sources.
+- [x] **CFG-04**: MCP configuration clearly distinguishes local workstation transports from production remote transports and never embeds secrets.
+- [x] **CFG-05**: Configuration adapters detect drift and preserve recoverable backups.
 
 ### Diagnostics and Support
 
@@ -109,11 +109,11 @@
 | OPS-05 | Phase 3 | Complete |
 | OPS-06 | Phase 3 | Complete |
 | OPS-07 | Phase 3 | Complete |
-| CFG-01 | Phase 4 | Pending |
-| CFG-02 | Phase 4 | Pending |
-| CFG-03 | Phase 4 | Pending |
-| CFG-04 | Phase 4 | Pending |
-| CFG-05 | Phase 4 | Pending |
+| CFG-01 | Phase 4 | Complete |
+| CFG-02 | Phase 4 | Complete |
+| CFG-03 | Phase 4 | Complete |
+| CFG-04 | Phase 4 | Complete |
+| CFG-05 | Phase 4 | Complete |
 | DIAG-01 | Phase 5 | Pending |
 | DIAG-02 | Phase 5 | Pending |
 | DIAG-03 | Phase 5 | Pending |

.planning/ROADMAP.md

@@ -11,7 +11,7 @@ CAS Workstation v1 progresses from a functional seed to a trustworthy desired-st
 | 1 | Governance and Quality Foundation | Establish enforceable contracts, test seams, CI, and traceability | GOV-01, GOV-02, GOV-03, GOV-04 | 4 |
 | 2 | Manifest, Inventory, and Safety Boundaries | Make desired state, ownership, paths, and destructive operations fail closed | MAN-01..05, SAFE-01..05 | 10 |
 | 3 | Transactional Plan and Apply Engine | Deliver idempotent setup, upgrade, repair, and recovery | OPS-01..07 | 7 |
-| 4 | Client, Skills, and Workspace Profiles | Safely integrate supported AI clients and portable developer context | CFG-01..05 | 5 |
+| 4 | Client, Skills, and Workspace Profiles | 3/3 | Complete   | 2026-06-14 |
 | 5 | Diagnostics and Supportability | Make readiness, drift, failures, and support evidence actionable | DIAG-01..05 | 5 |
 | 6 | Trusted Release and Clean-Machine Proof | Produce verifiable releases and end-to-end operational evidence | REL-01, REL-02 | 2 |
 | 7 | Public Architecture and Operations Evidence | Complete the documentation and support surface required for adoption | REL-03, REL-04 | 2 |
@@ -54,7 +54,7 @@ CAS Workstation v1 progresses from a functional seed to a trustworthy desired-st
 3. Every operation is correlated and journaled with safe failure, resume, retry, or rollback guidance.
 4. Dirty or diverged repositories and risky external operations fail closed by default.
 
-### Phase 4: Client, Skills, and Workspace Profiles
+### Phase 4: Client, Skills, and Workspace Profiles (Complete: 2026-06-14)
 
 **Goal:** Profiles safely install and maintain the AI-native context developers need without clobbering user configuration.
 

.planning/STATE.md

@@ -2,14 +2,14 @@
 gsd_state_version: 1.0
 milestone: v1.0
 milestone_name: milestone
-status: ready_to_discuss
-last_updated: "2026-06-12T17:45:00.000Z"
+status: Phase 4 complete
+last_updated: "2026-06-14T09:58:55.795Z"
 progress:
   total_phases: 7
-  completed_phases: 3
-  total_plans: 9
-  completed_plans: 9
-  percent: 43
+  completed_phases: 4
+  total_plans: 12
+  completed_plans: 12
+  percent: 57
 ---
 
 # Project State
@@ -23,7 +23,7 @@ See: `.planning/PROJECT.md` (updated 2026-06-11)
 
 ## Current Position
 
-Phase: 4
+Phase: 4 — COMPLETE
 Plan: Not started
 
 - Project initialization: complete

.planning/phases/04-client-skills-and-workspace-profiles/04-01-PLAN.md

@@ -0,0 +1,43 @@
+---
+phase: 04-client-skills-and-workspace-profiles
+plan: 01
+type: execute
+wave: 1
+depends_on: []
+files_modified:
+  - stack.manifest.json
+  - schemas/manifest.schema.json
+  - schemas/operation-plan.schema.json
+  - schemas/managed-state.schema.json
+  - tests/fixtures/contracts/manifest.valid.json
+  - tests/Manifest.Tests.ps1
+requirements: [CFG-03, CFG-04]
+requirements_addressed: [CFG-03, CFG-04]
+autonomous: true
+must_haves:
+  truths:
+    - "D-01 D-02: full remains the only golden-path profile and resource membership stays declarative"
+    - "D-06 D-08: skill/workspace sources and targets are allowlisted and unowned conflicts fail closed"
+    - "D-09 D-10: MCP transport intent is explicit and secret-bearing manifest fields are rejected"
+---
+
+<objective>
+Strengthen declarative contracts and semantic policy for typed client, skill, workspace, and MCP resources.
+</objective>
+
+<threat_model>
+- T-04-01 (high): malicious manifest source, target, transport, or secret-bearing field reaches execution. Mitigate with schema and semantic deny-by-default validation before planning.
+- T-04-03 (high): skill/workspace source escapes its allowlisted repository or target escapes an approved CAS boundary. Mitigate with relative-path contracts and canonical boundary validation.
+</threat_model>
+
+<tasks>
+<task type="auto">
+  <name>Define safe Phase 4 manifest and operation contracts</name>
+  <files>stack.manifest.json, schemas/manifest.schema.json, schemas/operation-plan.schema.json, schemas/managed-state.schema.json, tests/fixtures/contracts/manifest.valid.json, tests/Manifest.Tests.ps1</files>
+  <action>Extend client definitions with adapter, ownership key, and CAS-relative target metadata; extend skill/workspace definitions with allowlisted repository/source/target metadata; make MCP transport scope and authentication reference explicit without secret values; extend typed operation evidence where needed. Preserve the existing full profile and its four golden-path repos.</action>
+  <verify>Invoke-Pester -Path tests/ContractSchemas.Tests.ps1,tests/Manifest.Tests.ps1</verify>
+</task>
+</tasks>
+
+<success_criteria>Invalid sources, targets, transports, secret-bearing fields, and unresolved references fail before planning; full remains the deterministic golden path.</success_criteria>
+<output>Create `04-01-SUMMARY.md` after execution.</output>

.planning/phases/04-client-skills-and-workspace-profiles/04-01-SUMMARY.md

@@ -0,0 +1,7 @@
+# Phase 4 Plan 01 Summary
+
+Extended the manifest, schema, and semantic validator with allowlisted client
+and managed-tree adapters, explicit MCP scope/auth-reference boundaries, safe
+relative sources/targets, and preserved `full` as the declarative golden path.
+
+Verification: contract and manifest tests pass.

.planning/phases/04-client-skills-and-workspace-profiles/04-02-PLAN.md

@@ -0,0 +1,47 @@
+---
+phase: 04-client-skills-and-workspace-profiles
+plan: 02
+type: execute
+wave: 2
+depends_on: ["04-01"]
+files_modified:
+  - scripts/Cas.Workstation.psm1
+  - tests/ClientConfig.Tests.ps1
+  - tests/ManagedTrees.Tests.ps1
+  - tests/Safety.Tests.ps1
+requirements: [CFG-01, CFG-02, CFG-03, CFG-05]
+requirements_addressed: [CFG-01, CFG-02, CFG-03, CFG-05]
+autonomous: true
+must_haves:
+  truths:
+    - "D-03 D-04 D-05: client adapters surgically manage a namespaced owned subtree with atomic backup and owned-content digest"
+    - "D-06 D-07 D-08: skills/workspaces are deterministic managed trees and unowned conflicts fail closed"
+    - "D-12: inventory distinguishes satisfied, missing, drifted, conflicting, and unsupported states"
+---
+
+<objective>
+Implement reusable owned-subtree client adapters and deterministic managed-tree adapters with drift evidence.
+</objective>
+
+<threat_model>
+- T-04-02 (high): client merge or uninstall overwrites unrelated user settings. Mitigate with namespaced surgical merge/removal, canonical owned-node digest, validation, and atomic backup.
+- T-04-03 (high): managed tree follows reparse points or deletes unexpected content. Mitigate with staged deterministic entries, safe-path checks, and per-entry ownership.
+</threat_model>
+
+<tasks>
+<task type="auto">
+  <name>Implement namespaced client configuration adapters</name>
+  <files>scripts/Cas.Workstation.psm1, tests/ClientConfig.Tests.ps1, tests/Safety.Tests.ps1</files>
+  <action>Add pure desired-fragment rendering, inspection, merge, digest, apply, verification, and surgical removal helpers. Preserve unrelated JSON settings, reject malformed/conflicting targets, and use atomic backup/write primitives.</action>
+  <verify>Invoke-Pester -Path tests/ClientConfig.Tests.ps1,tests/Safety.Tests.ps1</verify>
+</task>
+<task type="auto">
+  <name>Implement deterministic skill and workspace tree adapters</name>
+  <files>scripts/Cas.Workstation.psm1, tests/ManagedTrees.Tests.ps1, tests/Safety.Tests.ps1</files>
+  <action>Add allowlisted source/target resolution, deterministic per-file tree digests, staged copy, conflict detection, safe apply, and owned-tree verification without recursive adoption.</action>
+  <verify>Invoke-Pester -Path tests/ManagedTrees.Tests.ps1,tests/Safety.Tests.ps1</verify>
+</task>
+</tasks>
+
+<success_criteria>Adapters preserve unrelated state, produce deterministic owned-content evidence, and fail closed for malformed, escaping, reparse-point, or unowned-conflict inputs.</success_criteria>
+<output>Create `04-02-SUMMARY.md` after execution.</output>

.planning/phases/04-client-skills-and-workspace-profiles/04-02-SUMMARY.md

@@ -0,0 +1,7 @@
+# Phase 4 Plan 02 Summary
+
+Implemented namespaced client merge/removal, owned-content drift digests,
+atomic backup/write behavior, deterministic managed-tree digests, safe copies,
+and unowned-target conflict handling.
+
+Verification: client, managed-tree, and safety tests pass.

.planning/phases/04-client-skills-and-workspace-profiles/04-03-PLAN.md

@@ -0,0 +1,54 @@
+---
+phase: 04-client-skills-and-workspace-profiles
+plan: 03
+type: execute
+wave: 3
+depends_on: ["04-01", "04-02"]
+files_modified:
+  - scripts/Cas.Workstation.psm1
+  - tests/Plan.Tests.ps1
+  - tests/Apply.Tests.ps1
+  - tests/OperationWorkflow.Tests.ps1
+  - tests/Uninstall.Tests.ps1
+  - README.md
+  - docs/traceability.json
+  - .planning/REQUIREMENTS.md
+  - .planning/ROADMAP.md
+  - .planning/STATE.md
+requirements: [CFG-01, CFG-02, CFG-03, CFG-04, CFG-05]
+requirements_addressed: [CFG-01, CFG-02, CFG-03, CFG-04, CFG-05]
+autonomous: true
+must_haves:
+  truths:
+    - "D-11: all client, skill, and workspace mutation executes only through typed deterministic journaled operations"
+    - "D-12: repair reconciles only CAS-owned drift and satisfied resources become skips"
+    - "D-03 D-05: uninstall removes only the CAS-owned client subtree and never restores a whole stale user file"
+    - "D-01: public documentation continues to identify full as the verified golden-path profile"
+---
+
+<objective>
+Integrate Phase 4 adapters with inventory, deterministic planning, journaled apply, ledger-only uninstall, and public evidence.
+</objective>
+
+<threat_model>
+- T-04-04 (high): direct helper mutation bypasses preview, plan integrity, journal, or ownership evidence. Mitigate by routing typed operations only through the existing operation engine.
+- T-04-02 (high): uninstall restores stale whole-file backup over later user changes. Mitigate with specialized surgical client removal.
+</threat_model>
+
+<tasks>
+<task type="auto">
+  <name>Integrate typed inventory, planning, apply, ownership, and uninstall</name>
+  <files>scripts/Cas.Workstation.psm1, tests/Plan.Tests.ps1, tests/Apply.Tests.ps1, tests/OperationWorkflow.Tests.ps1, tests/Uninstall.Tests.ps1</files>
+  <action>Add deterministic dependency-aware operations for selected clients, skills, and workspaces; classify drift; execute adapters through the journaled engine; persist managed ownership/digests; and surgically uninstall only owned configuration/tree entries.</action>
+  <verify>Invoke-Pester -Path tests/Plan.Tests.ps1,tests/Apply.Tests.ps1,tests/OperationWorkflow.Tests.ps1,tests/Uninstall.Tests.ps1</verify>
+</task>
+<task type="auto">
+  <name>Complete Phase 4 documentation and traceability</name>
+  <files>README.md, docs/traceability.json, .planning/REQUIREMENTS.md, .planning/ROADMAP.md, .planning/STATE.md</files>
+  <action>Document profile-specific client/skill/workspace preview, apply, repair, MCP security boundaries, and surgical uninstall. Map CFG-01 through CFG-05 to executable evidence and mark Phase 4 complete only after the full quality gate passes.</action>
+  <verify>powershell.exe -NoProfile -ExecutionPolicy Bypass -File .\Invoke-Quality.ps1</verify>
+</task>
+</tasks>
+
+<success_criteria>Selected Phase 4 resources are previewable, idempotent, journaled, repairable, and removable only within proven CAS ownership while unrelated user state survives.</success_criteria>
+<output>Create `04-03-SUMMARY.md` and `04-VERIFICATION.md` after execution.</output>

.planning/phases/04-client-skills-and-workspace-profiles/04-03-SUMMARY.md

@@ -0,0 +1,8 @@
+# Phase 4 Plan 03 Summary
+
+Integrated selected clients, skills, and workspaces into deterministic
+dependency-aware planning, journaled apply, ownership evidence, repair
+classification, and surgical ledger-only uninstall.
+
+Verification: full quality gate passes with 59 tests, including review-driven
+clean-bootstrap and digest-proven managed-tree lifecycle coverage.