mancitrus/system-prompts-and-models-of-ai-tools

mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-18 07:19:35 +00:00

feat(dealix): execute ALL automatable blueprint tasks

TASK-001 (prep) — Repository Extraction Script:
  scripts/extract_dealix_repo.sh — automates git filter-repo extraction
  of Dealix-only paths to new GitHub org. Preserves commit history.
  Awaits founder decision on org name.

TASK-003 — Python Dependency Modernization:
  backend/pyproject.toml — full project spec with pinned versions:
    - fastapi, pydantic, sqlalchemy, asyncpg pinned
    - OpenTelemetry packages now included
    - pytest==8.3.4, pytest-asyncio==0.24.0 (stable)
    - Dev group with ruff, mypy, testcontainers
  Ready for uv sync to generate uv.lock.

TASK-004 — Node Dependency Hygiene:
  frontend/package.json — pinned packageManager=pnpm@9.12.0
    and engines.node >=20.10.0 <21.0.0

TASK-005 — Secrets Audit Infrastructure:
  .pre-commit-config.yaml — gitleaks + detect-private-key + detect-aws
    + ruff auto-fix + truth-registry-validator local hook
  docs/internal/rotation_log.md — rotation tracking template with
    scan commands (gitleaks, trufflehog3) and forbidden practices

TASK-006 — Legal Foundation Tracker:
  docs/internal/legal_status.md — tracks:
    - Company incorporation options (MISA vs DIFC vs ADGM)
    - IP assignment requirements
    - Privacy Policy / ToS / DPA review status
    - Trademark filing (KSA, UAE, Egypt, Jordan)
    - PDPL / ZATCA / NCA / SDAIA regulatory status
    - Professional indemnity + cyber + general insurance

TASK-010 (complete) — Truth Registry Tooling:
  scripts/validate_truth_registry.py — validates TRUTH.yaml structure,
    status values, and claims_registry.yaml alignment
  .github/workflows/truth-validation.yml — CI workflow on changes to
    truth registry or claims registry

TASK-101 — Release Readiness Gate (blueprint-spec):
  scripts/release_readiness_gate.py:
    - Required artifacts check (11 files)
    - TRUTH.yaml field validation
    - Forbidden claims scan in public docs
    - Architecture brief sub-gate
  Complements release_readiness_matrix.py (runtime checks).

Blueprint saved:
  DEALIX_EXECUTION_BLUEPRINT.md — authoritative execution doc

Updated:
  release_readiness_matrix.py — now 53/53 checks (was 41/41)
  docs/execution_log.md — full task tracking

All 3 gates GREEN:
  Architecture Brief: 40/40
  Release Readiness Matrix: 53/53
  Release Readiness Gate: PASS

Remaining P0 founder decisions (cannot be automated):
  - TASK-001: GitHub org name + run extraction
  - TASK-006: Entity incorporation + counsel engagement

https://claude.ai/code/session_01W1rJthWDkasijTdXCfxVHs

2026-04-17 10:39:21 +00:00

4.0 KiB

Raw Blame History

Legal Foundation Status — Dealix

Status: NOT YET STARTED
Owner: Founder
Review: Monthly until all items green

Company Incorporation

Item	Status	Target Date	Owner	Notes
Saudi Arabia entity (MISA/SAGIA)	TBD	—	Founder	Options: LLC via MISA, or startup license
Alternative: DIFC/ADGM (UAE)	TBD	—	Founder	For regional HQ with easier banking
Bank account opened	TBD	—	Founder	After incorporation
Tax registration (ZATCA)	TBD	—	Founder	VAT 15% required if KSA

Recommendation: MISA Startup License if founder is Saudi, DIFC Innovation License if non-Saudi.

IP Assignment

Item	Status	Target Date	Notes
Founder IP assignment	TBD	Day 1	All code/docs contributed to be assigned to entity
Contractor agreements	TBD	Per engagement	Must include IP assignment clause
Employee agreements	TBD	Per hire	Include IP + non-compete (enforceable in KSA)
Third-party license audit	TBD	Quarterly	License compatibility check

Template needed: IP Assignment Agreement (bilingual AR/EN).

Privacy Policy / Terms of Service / DPA

Document	Status	Drafted By	Reviewed By	Published	Last Review
Privacy Policy (AR)	Draft in `docs/legal/privacy-policy-ar.md`	Internal	—	No	N/A
Privacy Policy (EN)	TBD	—	—	No	N/A
Terms of Service (AR)	Draft in `docs/legal/terms-of-service-ar.md`	Internal	—	No	N/A
Terms of Service (EN)	TBD	—	—	No	N/A
Data Processing Agreement (DPA)	TBD	—	—	No	N/A
Affiliate Rules (AR)	Draft exists	Internal	—	No	N/A
Cookie Policy	TBD	—	—	No	N/A

CRITICAL: All existing legal docs are internal drafts NOT reviewed by qualified counsel. Before customer-facing use, must be reviewed by:

Saudi law firm specializing in PDPL/data protection
UAE counsel if serving UAE customers

Budget: 15K-30K SAR for qualified counsel review.

Trademark Registration

Mark	Jurisdiction	Status	Registered	Notes
"Dealix"	KSA (SAIP)	TBD	No	Class 9 (software) + Class 42 (SaaS)
"Dealix"	UAE	TBD	No	Same classes
"Dealix"	Egypt	TBD	No	Same classes
"Dealix"	Jordan	TBD	No	Same classes
"ديلكس" (Arabic)	KSA	TBD	No	Recommended to register alongside English

Recommendation: File in KSA first (primary market), then UAE. Budget ~5K SAR per jurisdiction.

Regulatory Compliance

Regulation	Status	Evidence	Action
PDPL (Saudi)	In-progress	`docs/governance/saudi-compliance-and-ai-governance.md`	Formal compliance assessment needed
ZATCA e-invoicing	Not applicable yet	No revenue yet	Activate when first invoice issued
NCA cybersecurity ECC	Target	Gap analysis done	Full implementation Tier-1 phase
SDAIA AI governance	In-progress	Checklist in saudi-compliance docs	Formal registration when required

Insurance (Pre-Revenue)

Type	Status	Notes
Professional Indemnity	TBD	Required by most enterprise customers
Cyber Liability	TBD	Required once handling customer data
General Liability	TBD	Standard business coverage

Budget: ~5K-15K SAR/year depending on coverage limits.

Action Items (Priority Order)

Decide entity structure (KSA MISA vs DIFC vs ADGM) — founder decision
File trademark in KSA — 30 days
Engage Saudi counsel for privacy policy + ToS review — 60 days
Open business bank account after incorporation
Obtain professional indemnity insurance before first customer
Set up formal IP assignment between founder and entity
ZATCA registration when approaching first invoice

4.0 KiB Raw Blame History