docs: add XT-2 and XT-3 extreme test master prompts

README.md

@@ -177,7 +177,7 @@ DOCKERCOMMS_IT_GHCR_REPO=ghcr.io/user/repo DOCKERCOMMS_IT_RECIPIENT=alice@exampl
 
 ## Development
 
-- [docs/TESTING-DOCTRINE.md](docs/TESTING-DOCTRINE.md) and [docs/EXTREME-TEST-MASTER-PROMPT.md](docs/EXTREME-TEST-MASTER-PROMPT.md): how we test, and the extreme E2E (XT-1) agent prompt (adversarial QA; pair with the release/GA runbook, not a substitute for it)
+- [docs/TESTING-DOCTRINE.md](docs/TESTING-DOCTRINE.md), [docs/EXTREME-TEST-MASTER-PROMPT.md](docs/EXTREME-TEST-MASTER-PROMPT.md) (XT-1) through [docs/EXTREME-TEST-MASTER-PROMPT-XT6.md](docs/EXTREME-TEST-MASTER-PROMPT-XT6.md) (XT-6): testing ladder including CI workflow parity and optional RC bundle (XT-6) (use the release/GA runbook for closure, not a substitute)
 - SPEC.md: protocol specification
 - ARCH.md: implementation architecture
 - RELEASE_CHECKLIST.md: stop-ship gates

docs/EXTREME-TEST-MASTER-PROMPT-XT2.md

@@ -0,0 +1,106 @@
+# Master prompt: XT-2 — Live Docker + full-matrix execution
+
+**Version: XT-2** — next step after [XT-1](EXTREME-TEST-MASTER-PROMPT.md). **Does not** supersede [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) (v11) for GA/closure; **does** add Docker-first live runs and **anti-summary** rules. Use [TESTING-DOCTRINE.md](TESTING-DOCTRINE.md) for principles.
+
+---
+
+## Hard truths (keep the prompt honest)
+
+- **“Absolutely no bugs”** is not something any agent or test suite can prove; the strongest defensible claim is **no known failures in the matrix you actually ran**, with logs.
+- **Cursor** can only use Docker if the environment exposes it (Docker Desktop, Linux daemon, or Dev Containers with the socket). The prompt must **fail closed** when Docker is missing.
+- **“Do everything in Docker”** can still need a **host** step (e.g. `docker-e2e` gates may produce a **Linux** binary; **macOS** may need `make clean && make build` for a **Mach-O** host run — see the runbook and this document’s **GATE 0** / **C** / **D** flow).
+- If **`docker info` fails:** label **Phases B–E** of this matrix (and **XT-4** phases that need Docker) **BLOCKED**; **Phase A** (host `gofmt`, `go test`, `vet`, lint, `make coverage-gate`, etc.) can still pass and is **real signal** for Go on the host for that SHA.
+
+---
+
+## Relationship to other prompts
+
+| Prompt / doc | Role |
+|--------------|------|
+| **v11** / [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) | GA, §A/§B, NOT RUN — **releases** |
+| [EXTREME-TEST-MASTER-PROMPT.md](EXTREME-TEST-MASTER-PROMPT.md) (XT-1) | Full adversarial plan |
+| **XT-2** (this file) | **Execution** + **Docker-first** + **anti-summary** (first output = shell + real command + real output) |
+| [TESTING-DOCTRINE.md](TESTING-DOCTRINE.md) | Oracle, pyramid, repro bar, bash for NEG |
+| [EXTREME-TEST-MASTER-PROMPT-XT3.md](EXTREME-TEST-MASTER-PROMPT-XT3.md) (XT-3) | **Change-aware** + PR/merge + optional **fix** loop (after XT-2) |
+| [EXTREME-TEST-MASTER-PROMPT-XT4.md](EXTREME-TEST-MASTER-PROMPT-XT4.md) (XT-4) | Evidence + triage + tables |
+| [EXTREME-TEST-MASTER-PROMPT-XT5.md](EXTREME-TEST-MASTER-PROMPT-XT5.md) (XT-5) | **Preflight** Docker · **STATIC_ONLY** / **DOCKER_REQUIRED** · main@merge |
+| [EXTREME-TEST-MASTER-PROMPT-XT6.md](EXTREME-TEST-MASTER-PROMPT-XT6.md) (XT-6) | **CI parity** + optional **RC** / **`act`** |
+
+**“Open Docker in Cursor”** = your machine’s Docker Desktop (or a Dev Container with the Docker socket). The agent runs `docker` in the **terminal**; there is no separate “Cursor-only Docker” unless you configure Dev Containers or a remote. XT-2 expects the same `docker` CLI as a normal shell.
+
+---
+
+## Paste block (for Cursor) — everything in the fence
+
+```
+MASTER PROMPT: dockercomms — XT-2 “Live Docker + execution evidence” (not a GA/closure runbook)
+Use with: local clone of `codethor0/dockercomms`. Read `docs/TESTING-DOCTRINE.md`, `docs/EXTREME-TEST-MASTER-PROMPT.md` (XT-1), and `docs/RELEASE-RUNBOOK.md` (v11) first. XT-2 **adds** Docker-first live runs and **anti-summary** rules. It does **not** replace **GA/§A/§B** evidence — use the runbook for that.
+MISSION
+Run **real** commands, **real** Docker, **real** local registry, and (if creds exist) **real** GHCR paths. **Maximize** evidence; **minimize** narrative. Goal: **zero unexpected product failures** in the **defined matrix** for this SHA, not a proof of “no bugs in the universe.”
+ANTI-SUMMARY RULE (HARD)
+- The first 20 lines of your output **must** be: **shell header** (UTC, path, SHA, Docker status) + **the first command you ran** + **its output** (or exit + one-line error).  
+- **Forbidden** as an opening: long plans, “here’s what I would do,” or executive summary **before** any command output.  
+- After each phase, **at most 3** sentences of interpretation; then **next** commands.  
+- If you cannot run a step, **one line** `BLOCKED: {reason}` and move on — do not pad.
+DOCKER AVAILABILITY (GATE 0)
+1. `docker info` (or `docker version`) — if **fails**, state **BLOCKED: Docker not available in this environment** and run **only** host `go test` + static checks; **do not** claim “full XT-2” complete. **Explicit:** with Docker down, phases **B–E** (script preflight that needs a daemon, `docker-e2e` gates, local registry, optional GHCR-in-container) are **BLOCKED**; **Phase A** (gofmt, `go vet`, `go test`, race, lint, `make coverage-gate` where applicable) on the **host** can still be **valid** and should be run.  
+2. If **OK**, one line: **Docker: OK** + **context** (e.g. `docker context` name).  
+3. For **E2E in container** (project script): from repo root run `./scripts/docker-e2e.sh gates` (or as documented). If script **fails**, capture **last 100 lines** of output (§8b style).  
+4. **After** any step that overwrites **root** `./dockercomms` with a **Linux** build: `make clean && make build` on **host** + `file` one line — **mandatory** before further **host** CLI tests.
+LIVE TEST MATRIX (RUN IN ORDER; **STOP** only on **unexpected** PRODUCT failure unless user said “continue and log all”)
+**A. Host static + unit (always)**  
+`gofmt -l .` (empty or list files) · `go vet ./...` · `go test ./...` · `go test -race ./...` · `golangci-lint run ./...` (if project standard) · `make coverage-gate`  
+**B. Script preflight (no network OR check-only as designed)**  
+`./scripts/run-integration.sh --check` · `./scripts/login-and-run-integration.sh --check`  
+**C. Container gates (if Docker OK)**  
+`./scripts/docker-e2e.sh` **gates** → then **host rebuild** per above  
+**D. Local registry E2E (isolated, bash driver)**  
+`docs/repro.md` (or `RELEASE-RUNBOOK`): **one** **happy** round-trip per **isolation_id**; **two** **NEG** (expected non-zero) with `Expected` from **README** / doc **section heading**; **two** **flake** iterations on **different** `isolation` keys  
+**E. Optional matrix (if user or time says)**  
+- `E2E_LINUX_MATRIX=1` in user message: `./scripts/linux-distro-matrix.sh` if present, else `NOT RUN`  
+- `GH_PAT` or `~/.dockercomms_gh_pat` on **host**: `docs/FINAL-RELEASE-GO-NO-GO.md` **Section B** by heading, then `./scripts/login-and-run-integration.sh` (full), then `./scripts/docker-e2e.sh` **integration** → **cli** → **full** — if **no** creds: run **integration** once, **quote** skip, label **NOT RUN (auth)** — not “pass”
+CLEAN CODE + NO REGRESSIONS (if code changes authorized in **this** message)
+- **Smallest** diff; **one** issue per change or tight cluster.  
+- **gofmt**; **tests** in same package for behavior change.  
+- Run at minimum: `go test -race` on **touched** packages and `go test ./...` if fast enough.  
+- **No** disabling linters, **no** weakening tests, **no** `// nolint` without justification in the same PR.  
+- **No** “cleanup” in the same commit as a bugfix **unless** trivial.
+ORACLES
+- `README` **## Exit Codes**; `docs/repro.md`; `SPEC`/`ARCH` as needed. Mismatch = **bug** (code) or **DOC-DEBT** (docs) — state which.
+REPORT (END — ONLY AFTER COMMANDS)
+1. **SHA** (3-way if claiming published tip), **clean/dirty** tree.  
+2. **Table**: Phase | Command | Result | Note (isolation_id / NOT RUN / B-UX-HOST).  
+3. **Unexpected PRODUCT failures** (must be **empty** for a “clean” claim): or **list** with **5-field** repro (command, isolation_id, expected, actual, first error line).  
+4. **BLOCKED** rows for Docker / auth / time.  
+5. **One paragraph**: what is **not** covered (GHCR, chaos, huge files) — not faux humility, **concrete** gaps.  
+6. If user asked **“no bugs”** language: use **one** sentence: **“No *unexpected* failures in the above matrix; not a guarantee of total correctness.”**
+USER MESSAGE SHOULD INCLUDE
+- `Clone: /path/to/dockercomms`  
+- `CODE_CHANGES_ALLOWED=yes|no` and **if** `yes` **one** line scope.  
+- `Time budget: e.g. 2h` or `run_all_phases=yes`  
+- `GH_PAT present on host: yes|no` (not the value)  
+- Optional: `E2E_LINUX_MATRIX=1`, `CONTINUE_ON_FAILURE=yes` to log all failures in one go.
+BANNED
+- Opening with summary; claiming green without output; “absolutely no bugs” globally; skipping Docker gate when `docker info` works; P1 on shared-inbox without isolation retry; secrets in the log; emojis (optional).
+END XT-2
+```
+
+---
+
+## How to use in Cursor (paste under the block)
+
+One line, for example:
+
+`Clone: /path/to/dockercomms` · `CODE_CHANGES_ALLOWED=no` · `Time budget: 2h` · `GH_PAT present on host: no`
+
+Change `CODE_CHANGES_ALLOWED=yes` only when you want the agent to land fixes; keep one focused PR or commit per bug cluster.
+
+---
+
+## See also
+
+- [TESTING-DOCTRINE.md](TESTING-DOCTRINE.md)
+- [EXTREME-TEST-MASTER-PROMPT.md](EXTREME-TEST-MASTER-PROMPT.md) (XT-1)
+- [EXTREME-TEST-MASTER-PROMPT-XT3.md](EXTREME-TEST-MASTER-PROMPT-XT3.md) (XT-3) — change-aware + PR confidence
+- [EXTREME-TEST-MASTER-PROMPT-XT4.md](EXTREME-TEST-MASTER-PROMPT-XT4.md) (XT-4) · [EXTREME-TEST-MASTER-PROMPT-XT5.md](EXTREME-TEST-MASTER-PROMPT-XT5.md) (XT-5) · [EXTREME-TEST-MASTER-PROMPT-XT6.md](EXTREME-TEST-MASTER-PROMPT-XT6.md) (XT-6)
+- [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) (v11 / operator GA)

docs/EXTREME-TEST-MASTER-PROMPT-XT3.md

@@ -0,0 +1,92 @@
+# Master prompt: XT-3 — Change-aware live matrix + optional fix loop
+
+**Version: XT-3** — next step after [XT-2](EXTREME-TEST-MASTER-PROMPT-XT2.md). **Supersedes:** nothing in v11 / [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md). **Extends:** [XT-1](EXTREME-TEST-MASTER-PROMPT.md) (doctrine, adversarial plan), [XT-2](EXTREME-TEST-MASTER-PROMPT-XT2.md) (live Docker, anti-summary, GATE 0, matrix A–E).
+
+**Use when:** you have a **PR**, a **feature branch**, or you just **merged** to `main` and need a **proof** run + **targeted** tests on **touched** code.
+
+**GA / §A / §B** — still **[RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) + v11** only; **XT-3** is **QA / merge confidence**, not §A/§B proof.
+
+---
+
+## Ladder (prompts)
+
+| Prompt / doc | Role |
+|--------------|------|
+| **v11** + [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) | Operator / GA / §A/§B / NOT RUN |
+| [XT-1](EXTREME-TEST-MASTER-PROMPT.md) | Principles + full adversarial plan |
+| [XT-2](EXTREME-TEST-MASTER-PROMPT-XT2.md) | Live Docker + no-summary + A–E matrix |
+| **XT-3** (this file) | What changed first + PR/merge confidence + optional fix loop |
+
+---
+
+## Paste block (for Cursor) — everything in the fence
+
+```
+MASTER PROMPT: dockercomms — XT-3 “Change-aware live matrix + optional fix loop”
+Supersedes: nothing in v11 / RELEASE-RUNBOOK. Extends: XT-1 (doctrine), XT-2 (live Docker + anti-summary).
+Use when: you have a **PR**, a **feature branch**, or you just **merged** to `main` and need a **proof** run + **targeted** tests on **touched** code.
+MISSION
+Run the **strongest** test pass that matches **what changed** (not only full `./...` every time), then **optionally** apply **surgical** fixes with **tests** if `CODE_CHANGES_ALLOWED=yes` in the user message. Output is **evidence-first**; **no** “no bugs in the universe” — only **no unexpected failures in the run matrix** for this session.
+REQUIRED READ (same session, first 5 min)
+- `docs/TESTING-DOCTRINE.md`
+- `docs/EXTREME-TEST-MASTER-PROMPT.md` (XT-1)
+- `docs/EXTREME-TEST-MASTER-PROMPT-XT2.md` (XT-2) — **GATE 0 Docker**, **anti-summary** opening, **host rebuild** after container gates
+- `docs/RELEASE-RUNBOOK.md` — for **GA** you still use **v11** separately; XT-3 is **QA / merge confidence**, not §A/§B proof
+ANTI-SUMMARY (same as XT-2, HARD)
+First output lines = UTC, path, **3-way SHA** (if on `main` with `git fetch`) or **branch + merge-base** + first **command + output**. No plan wall before **docker info** or **go version**.
+PRE-FLIGHT: WHAT CHANGED? (XT-3 NEW)
+1. `git status -sb` and `git rev-parse HEAD` and `git branch --show-current`
+2. If on **PR** or user gave `PR_NUMBER=n`: `gh pr view n` (or `gh pr diff n --name-only` if large) — list **touched** paths; **if** not available, `git log -1 --name-only` and `git diff origin/main...HEAD --name-only` (or `main`…HEAD)
+3. **Targeted** test first (fast signal):
+   - For each **changed** package under `pkg/`, `cmd/`, `internal/`: `go test -race ./path/...` 
+   - If only **docs** / **.md** changed, say **“no Go diff; skip targeted go test; run full static + XT-2 matrix for smoke only”**
+4. Then run **global** `go test ./...` and `go test -race ./...` and **lint** / **coverage** per project (same as XT-2 **phase A**)
+THEN: XT-2 CORE (INHERIT)
+- **GATE 0** `docker info`  
+- If Docker OK: `./scripts/docker-e2e.sh` **gates** → **`make clean && make build` + `file` one line**  
+- **B** and **C** and **D** and **E** as in **XT-2** (`--check` scripts, local `repro`+NEG+flake with **bash**, integration skip or full chain with PAT)
+PR-SPECIFIC CHECKS (XT-3)
+- If `PR_NUMBER` in message: `gh pr checks <n> --watch` (or non-watch) until **conclusion** or timeout — **attach** the **failing** check name + last lines if any  
+- If PR is **from fork**, note **if** **secrets** workflows are **not** run — do **not** expect full Actions parity locally
+OPTIONAL: FIX LOOP (only if `CODE_CHANGES_ALLOWED=yes` in first message)
+For each **unexpected** PRODUCT row (5 fields per TESTING-DOCTRINE):
+1. **Minimal** code change; **add** or **tighten** a **test** in the same package.  
+2. `go test -race ./<pkg>/...` then **`go test -race ./...` if affordable**  
+3. **One** commit message style: `fix(<area>): <short>`
+If `CODE_CHANGES_ALLOWED=no`: **file** findings in a **bug register** table only — **no** file edits.
+REPORT (END)
+- **Change summary**: 1 line + **touched** paths (from pre-flight)
+- **SHA** / **branch** / **PR** link (if any)
+- **Table**: same structure as **XT-2** + column **Targeted?** (yes if package had Go changes)
+- **Merge recommendation** (if PR): `READY` | `NEEDS FIX` | `NEEDS HUMAN` — one line each with **2** evidence bullets, **not** a lecture
+- If full matrix clean: **suggested** **CHANGELOG** line: `Tested: <short-sha> (XT-3: targeted + full matrix, Docker: yes/no, …)` — **optional** user paste
+USER MESSAGE (FIRST) SHOULD INCLUDE
+- `Clone: /path/to/dockercomms`
+- `PR_NUMBER: <n> | 0` (0 = not a PR run)
+- `CODE_CHANGES_ALLOWED: yes|no` + if yes **scope** in one line
+- `Time budget: e.g. 90m`
+- `GH_PAT on host: yes|no` (value never in chat)
+- `E2E_LINUX_MATRIX: 0|1` · `CONTINUE_ON_FAILURE: yes|no` (if yes, log all failures, still stop on P0)
+- Inherit: XT-2 flags as needed
+BANNED
+- Skipping **targeted** `go test` on **changed** packages when Go files changed
+- Merging “GA done” with XT-3 — **v11** only for that
+- Summary-first opening; secrets in log; emojis in report (project default: off)
+END XT-3
+```
+
+---
+
+## How to use in Cursor (one line to paste under the block)
+
+`Clone: /path/to/dockercomms` · `PR_NUMBER: 0` · `CODE_CHANGES_ALLOWED: no` · `Time budget: 2h` · `GH_PAT on host: no`
+
+---
+
+## See also
+
+- [TESTING-DOCTRINE.md](TESTING-DOCTRINE.md)
+- [EXTREME-TEST-MASTER-PROMPT.md](EXTREME-TEST-MASTER-PROMPT.md) (XT-1)
+- [EXTREME-TEST-MASTER-PROMPT-XT2.md](EXTREME-TEST-MASTER-PROMPT-XT2.md) (XT-2)
+- [EXTREME-TEST-MASTER-PROMPT-XT4.md](EXTREME-TEST-MASTER-PROMPT-XT4.md) (XT-4) · [EXTREME-TEST-MASTER-PROMPT-XT5.md](EXTREME-TEST-MASTER-PROMPT-XT5.md) (XT-5) · [EXTREME-TEST-MASTER-PROMPT-XT6.md](EXTREME-TEST-MASTER-PROMPT-XT6.md) (XT-6)
+- [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) (v11 / GA)

docs/EXTREME-TEST-MASTER-PROMPT-XT4.md

@@ -0,0 +1,47 @@
+# Master prompt: XT-4 — Evidence-based test and triage (agent handoff)
+
+**Version: XT-4** — maximal, **evidence-first** pass: real shell output, no fabricated pass/fail. **Does not** replace [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) (v11) for GA/§A/§B.
+
+**Next steps:** [XT-5](EXTREME-TEST-MASTER-PROMPT-XT5.md) (preflight Docker, **STATIC_ONLY** / **DOCKER_REQUIRED**), then [XT-6](EXTREME-TEST-MASTER-PROMPT-XT6.md) (**CI** mirror vs `ci.yml`, optional RC bundle).
+
+---
+
+## Non-negotiable truth rules (summary)
+
+- Do not claim “no bugs” / 100% correct; strongest honest claim: no **unexpected** failures in the **matrix run** for this checkout, OS, Docker, and time budget.
+- Do not fabricate results; **NOT RUN** with one-line reason if not executed.
+- Do not print secrets; **GH_PAT** = PRESENT or ABSENT only.
+- **NEG** / exit capture: **bash** driver (see [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md)); if `docker info` fails, Docker-dependent phases are **BLOCKED**; **host** Phase 1 Go static + unit can still be valid ([TESTING-DOCTRINE.md](TESTING-DOCTRINE.md), [XT-2](EXTREME-TEST-MASTER-PROMPT-XT2.md) GATE 0).
+- After `docker-e2e.sh` **gates** (or any step that can overwrite the root binary with a Linux build): **`make clean && make build`** + **`file ./dockercomms`** on host before further host CLI tests.
+
+## Phases (typical order)
+
+| Phase | Content |
+|-------|---------|
+| **0** | XT-3 pre-flight: what changed; targeted `go test -race` on touched `pkg/` / `cmd/` / `internal/` |
+| **1** | Static + unit: `gofmt -l`, `go vet`, `go test`, `go test -race`, `golangci-lint`, `make coverage-gate` |
+| **2** | `./scripts/run-integration.sh --check`, `./scripts/login-and-run-integration.sh --check` |
+| **3** | `./scripts/docker-e2e.sh gates` → host rebuild + `file` |
+| **4** | Local registry E2E (bash): happy path, NEG1/NEG2, I8 two isolated flakes per [repro.md](repro.md) |
+| **5** | Optional GHCR: PAT present → Section B + `login-and-run` + `docker-e2e` integration → cli → full; else skip quote + **NOT RUN (auth)** |
+| **6** | Optional: `linux-distro-matrix.sh`, chaos — time / `EXTREME` |
+
+## Output template (end of session)
+
+Use sections such as:
+
+- **### XT-4 RESULT — dockercomms** — SHA, 3-way / clean / Docker / time budget
+- **### Command outcomes (table)** — Phase | Command | Exit | Note
+- **### Unexpected product failures** — empty for “clean” or 5-field rows per [TESTING-DOCTRINE.md](TESTING-DOCTRINE.md)
+- **### NOT RUN / BLOCKED**
+- **### P0–P1 register** / **P2–P3 / DOC-DEBT**
+- **### HONESTY LINE** — one sentence: no unexpected failures in matrix above; not total correctness
+
+**Opening (anti-summary):** first block = `date -u`, `pwd`, `git status`, SHAs, `go version`, `docker` check, **then** first command output — no plan wall before evidence.
+
+---
+
+## Related
+
+- [TESTING-DOCTRINE.md](TESTING-DOCTRINE.md) · [XT-1](EXTREME-TEST-MASTER-PROMPT.md) · [XT-2](EXTREME-TEST-MASTER-PROMPT-XT2.md) · [XT-5](EXTREME-TEST-MASTER-PROMPT-XT5.md) · [XT-6](EXTREME-TEST-MASTER-PROMPT-XT6.md)
+- [RELEASE-RUNBOOK.md](RELEASE-RUNBOOK.md) (v11 / GA)