docs: strengthen portfolio proof and messaging

.planning/STATE.md

@@ -16,6 +16,8 @@ stopped_at: Milestone complete (Phase 16 was final phase)
 
 # Project State — gsd-orchestrator Feature Expansion (Milestone 3.0)
 
+Last activity: 2026-06-10 - Completed quick task 260610-ppo: Fix PR #6 README workflow state diagram responsibilities to match actual code including Triaging and TestGenerating and render success sample cleanly
+
 ## Current Status
 
 **Active Phase:** Phase 16 — Multi-Repo Support (planned — 2 plans ready)
@@ -267,3 +269,9 @@ All 11 phases and 11 v2 requirements satisfied. Full portfolio live at:
 |------|-----------|------|------------|
 | 16-01 | Add RepoConfig record + RepoConfigLoader stub; namespace FileCheckpointStore.StatePath; 7 RED/GREEN test stubs | 1 | yes |
 | 16-02 | Implement RepoConfigLoader.Load(); remove IConfiguration from IdleState; multi-repo watch loop; all 30 tests GREEN | 2 | yes |
+
+### Quick Tasks Completed
+
+| # | Description | Date | Commit | Status | Directory |
+|---|-------------|------|--------|--------|-----------|
+| 260610-ppo | Fix PR #6 README workflow/state documentation and success sample | 2026-06-10 | c31493b | Verified | [260610-ppo-fix-pr-6-readme-workflow-state-diagram-r](./quick/260610-ppo-fix-pr-6-readme-workflow-state-diagram-r/) |

.planning/audits/260610-enterprise-audit-fix/AUDIT-FIX.md

@@ -0,0 +1,34 @@
+# Enterprise Audit-Fix Report
+
+**Date:** 2026-06-10
+**Source:** `gsd-audit-fix --severity all --max 8`
+**Scope:** .NET correctness, workflow durability, security, GitHub integration, observability, tests, CI, and documentation.
+
+## Classification
+
+| ID | Finding | Severity | Classification | Status |
+|---|---|---|---|---|
+| F-01 | CI builds only the production project and never runs tests | high | auto-fixable | blocked: GitHub token lacks workflow scope |
+| F-02 | Test generation accepts blank tool content and crashes on empty LLM messages | high | auto-fixable | fixed after validation repair |
+| F-03 | Editing state accepts blank tool content and crashes on empty LLM messages | high | auto-fixable | not attempted after pipeline stop |
+| F-04 | Workflow states use null-forgiving context dereferences instead of diagnostic guards | medium | auto-fixable | not attempted after pipeline stop |
+| F-05 | Checkpoint writes reuse a predictable temporary filename and can collide | medium | auto-fixable | not attempted after pipeline stop |
+| F-06 | Watch mode examines only 20 issues and evicts processed issues nondeterministically | medium | auto-fixable | not attempted after pipeline stop |
+| F-07 | MCP pending requests may hang when the child process exits cleanly | medium | auto-fixable | not attempted after pipeline stop |
+| F-08 | Repo configuration accepts empty owner/repo values and invalid delays | low | auto-fixable | not attempted after pipeline stop |
+
+## Manual-Only Findings
+
+- Replace the committed `github-mcp-server.exe` with a reproducible, checksum-verified acquisition or release packaging strategy.
+- Decide the production authentication model. The current local PAT model conflicts with the target enterprise managed-identity/OAuth posture.
+- Run live end-to-end GitHub and LLM workflow UAT; mocked tests cannot prove external API behavior, prompt robustness, or reviewer permissions.
+
+## Fix Evidence
+
+- F-01: The fix was validated locally, then reverted because GitHub rejected workflow updates from the active OAuth token without `workflow` scope.
+- F-02: Blank generated test content is skipped and empty LLM response collections are handled safely; regression coverage added.
+- Final local validation: `dotnet build GithubMCP.slnx --configuration Release --no-restore`, `dotnet test GithubMCP.slnx --configuration Release --no-build`, and `git diff --check`.
+
+## Pipeline Stop
+
+The first F-02 edit failed compilation because a patch transport inserted literal newline escapes. The finding was repaired immediately and the full suite returned green. In accordance with `gsd-audit-fix`, remaining findings were marked not-attempted rather than continuing after a failed validation.

.planning/quick/260610-ppo-fix-pr-6-readme-workflow-state-diagram-r/260610-ppo-PLAN.md

@@ -0,0 +1,34 @@
+---
+quick_id: 260610-ppo
+status: complete
+mode: quick-full
+description: Fix PR #6 README workflow state diagram responsibilities to match actual code including Triaging and TestGenerating and render success sample cleanly
+---
+
+# Quick Task 260610-ppo Plan
+
+## Goal
+
+Make the README workflow documentation accurately reflect the implemented state machine and render the success sample cleanly.
+
+## Must Haves
+
+- The documented issue workflow includes `Idle`, `Triaging`, and `TestGenerating` in their implemented order.
+- The state diagram shows actionable triage continuing to `Analyzing` and non-actionable or triage-only runs exiting to `Done`.
+- State responsibilities match the behavior in `src/GsdOrchestrator/Workflows/States`.
+- The success sample uses render-safe text matching `Program.PrintResult`.
+
+## Task
+
+### 1. Correct README workflow documentation
+
+**Files:** `README.md`
+
+**Action:** Update the workflow summary, Mermaid state diagram, state responsibilities, and success output sample from the current source implementation.
+
+**Verify:**
+- Compare every documented transition with `WorkflowModels.cs` and each state implementation.
+- Run `dotnet test GithubMCP.slnx`.
+- Run `git diff --check`.
+
+**Done:** README accurately documents the runtime flow, includes `Triaging` and `TestGenerating`, and contains a clean success sample.

.planning/quick/260610-ppo-fix-pr-6-readme-workflow-state-diagram-r/260610-ppo-SUMMARY.md

@@ -0,0 +1,25 @@
+---
+quick_id: 260610-ppo
+status: complete
+completed: 2026-06-10
+implementation_commit: c31493b
+---
+
+# Quick Task 260610-ppo Summary
+
+Updated `README.md` so its workflow summary, Mermaid state diagram, and state responsibilities match the implemented runtime.
+
+## Changes
+
+- Added `Idle`, `Triaging`, and `TestGenerating` to the documented issue workflow.
+- Documented actionable, non-actionable, triage-only, and PR-review transitions.
+- Aligned every state responsibility with the corresponding state implementation.
+- Replaced broken success-sample question marks with the UTF-8 checkmarks emitted by `Program.PrintResult`.
+
+## Validation
+
+- `dotnet test GithubMCP.slnx --configuration Release`: 35 passed.
+- README source-evidence check: passed.
+- `git diff --check`: passed.
+
+Implementation commit: `c31493b`

.planning/quick/260610-ppo-fix-pr-6-readme-workflow-state-diagram-r/260610-ppo-VERIFICATION.md

@@ -0,0 +1,24 @@
+---
+quick_id: 260610-ppo
+status: passed
+verified: 2026-06-10
+---
+
+# Quick Task 260610-ppo Verification
+
+## Result
+
+Passed. The PR #6 README blocker is resolved against the current source implementation.
+
+## Must-Have Evidence
+
+- The workflow summary and diagram include `Idle -> Triaging -> Analyzing` and `Editing -> TestGenerating -> Validating`.
+- The diagram includes triage exits to `Done`, issue-mode review to `Documenting`, PR-review mode to `Done`, and validation blocking to `Failed`.
+- State responsibilities were checked against all registered implementations under `src/GsdOrchestrator/Workflows/States`.
+- The success sample contains the same UTF-8 checkmarks and labels emitted by `Program.PrintResult`.
+
+## Commands
+
+- `dotnet test GithubMCP.slnx --configuration Release`: passed, 35/35 tests.
+- README evidence check: passed.
+- `git diff --check`: passed.