TenantAtlas/specs/404-public-content-messaging/tasks.md

Tasks: Public Website Sales Copy & Positioning Rewrite

Input: /Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/spec.md and /Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/plan.md

Scope: This task list covers the Spec 404 correction plus the follow-up homepage implementation approved by the user. Do not edit apps/platform, root workspace contracts, build output, dependencies, or backend runtime files.

Validation lane: Browser/static website validation plus spec/documentation review.

Tasks

• T001: Repo-Zustand und Spec-404-Pfad verifizieren Run git status --short --branch and locate 404 with find specs -maxdepth 2 -iname '*404*' -type d -o -iname '*404*' -type f. Confirm whether there is exactly one 404 folder. If multiple exist, choose the Public Website Sales Copy & Positioning Spec based on branch, title, and content, and document the decision in the plan or final report.

• T002: Bestehende 404-Artefakte lesen und Quark-/Architektur-Copy inventarisieren Read spec.md, plan.md, and tasks.md fully. Identify internal, defensive, academic, architecture-heavy, category-philosophy, "operating model", provider-boundary, and source-of-truth wording that should not drive visible website copy.

• T003: Sichtbare Copy-Prinzipien in spec.md ersetzen Rewrite the spec so visible public copy must sell business outcomes: Microsoft 365 policy control, early drift detection, versioned configuration backups, evidence, reviews, recovery context, auditability, and shared truth for MSPs, IT, Security, and Audit.

• T004: Hero-Copy-Beispiele auf B2B-Sales-Ton umstellen Add concrete hero examples: "Microsoft 365 Policies unter Kontrolle bringen.", the required subhead about MSPs and Enterprise IT, the supporting line with Microsoft 365 Governance and Intune as first strong policy focus, and CTAs "Demo buchen" and "Plattform ansehen".

• T005: Alte defensive Section-Namen ersetzen Remove the old public-story direction around "Die richtige Produktkategorie zuerst", "Für Teams, die Governance gemeinsam tragen", "Klare Grenzen statt überzogener Versprechen", and "Den nächsten Schritt bewusst wählen". Replace them with problem, capability, stakeholder, differentiation, trust teaser, and bottom CTA sections.

• T006: Capability- und Outcome-Sprache definieren Define capability cards for policy drift, backups/versioning, audit-ready reviews, controlled recovery preparation, provider permissions, and traceable decisions. Each card must state an outcome rather than an internal product module.

• T007: MSP-/Enterprise-/Security-/Audit-Personas definieren Add stakeholder copy for MSP Operatoren, Enterprise IT, and Security & Audit. Make the shared data basis explicit: evidence, findings, reviews, accepted risks, and follow-ups instead of screenshots, Excel lists, or gut feel.

• T008: Provider-/Intune-/Microsoft-365-Claim-Regeln schärfen Make Microsoft 365 the first public market. Allow Intune as the first strong policy focus and example domain. Treat provider extensibility as secondary. Forbid Google, AWS, and multi-cloud as live claims unless separately proven by repo/product truth.

• T009: Trust-/DSGVO-/Hosting-Claim-Regeln belassen, aber nicht als sichtbare Website-Story formulieren Keep strict trust guardrails for DSGVO, ISO, NIS2, hosting, legal-proof evidence, complete evidence, automatic remediation, and automatic restore. Allow only safe wording around auditability, review packs, role-aware evidence, controlled recovery preparation, and decision traceability.

• T010: plan.md an neue Copy-Umsetzungslogik anpassen Rewrite the plan as a website-copy refactoring plan. It must include repo verification, current copy inventory, identification of internal/defensive copy, hero, problem/pain, capability cards, stakeholder/persona section, differentiation, trust teaser, bottom CTA, SEO/metadata direction, claim guardrails/static search terms, browser smoke requirements for later implementation, and no runtime changes in this spec update.

• T011: tasks.md konsistent zu spec.md und plan.md machen Ensure the tasks are numbered, checkable, and aligned with the approved scope transition from spec-only correction to website implementation. Keep platform, dependency, backend runtime, and build-output changes out of scope.

• T012: Final prüfen, dass nur erlaubte Website- und keine apps/platform-Dateien geändert wurden Run git status --short -- apps/website apps/platform and git diff --name-only. Expected tracked changes are limited to specs/404-public-content-messaging/ plus minimal apps/website source or smoke-test files.

• T013: Final prüfen, dass 404 nicht mehr wie interne Architektur-/Philosophie-Copy klingt Review the final artifacts for visible-copy direction. They must read like a B2B cybersecurity and IT-operations sales-copy brief: direct, confident, technically credible, outcome-led, MSP-ready, enterprise-ready, and free from internal Spec Kit or architecture-first language as the public story.

• T014: Abschlussbericht mit Replacement-Status erstellen Final report must list changed files, summarize the sales-copy correction, explicitly confirm which apps/website files changed and that no apps/platform files changed, state whether old 404 copy passages were replaced or only supplemented, and name relevant follow-up specs such as 405 Trust, 406 Provider Taxonomy, and 407 Use Cases.

• T015: Homepage-Copy in apps/website umsetzen Update the homepage source copy so the rendered first viewport uses the approved Microsoft 365 policy-control headline, subhead, supporting line, and CTAs.

• T016: Capability-Cards auf Outcome-Sprache umstellen Replace the old capability language with drift, backups/versioning, audit-ready reviews, controlled recovery, provider permissions, and traceable decisions.

• T017: Stakeholder-, Differentiation- und Trust-Teaser-Sections umsetzen Render MSP, Enterprise IT, Security/Audit, differentiation, trust teaser, and bottom CTA sections from the approved sales-copy structure.

• T018: Metadata und Platform-Wording von interner Architektur-Copy befreien Update public metadata and obvious supporting route copy to avoid governance-of-record, source-of-truth, and provider-extensible hero language.

• T019: Website build, static scan und Browser-Review ausführen Run the website build, forbidden-claim scan, browser review for the homepage, and existing website smoke suite with updated copy expectations.

• T020: Final prüfen, dass keine apps/platform-, Dependency- oder Build-Output-Dateien geändert wurden Confirm changed files are limited to approved spec artifacts and minimal apps/website source or smoke-test files.

Definition Of Done

• spec.md, plan.md, and tasks.md are consistent.
• Spec 404 is titled or clearly framed as "Public Website Sales Copy & Positioning Rewrite".
• The spec sells business outcomes rather than internal architecture.
• Concrete visible copy examples are present.
• Microsoft 365 is clearly the first public market.
• Intune is an example/start domain, not the product boundary.
• Provider extensibility is secondary and not overclaimed.
• Website implementation was performed only in approved apps/website source and website-smoke-test files.
• No apps/platform changes were performed.
• No root/workspace contracts were changed.
• Git diff contains only approved 404 spec artifacts plus minimal apps/website source and website-smoke-test files, aside from any pre-existing unrelated untracked files.
• Final report states whether old 404 copy was replaced or only supplemented.