Secure CBTF Assessment Delivery
Your task
First, run git status, git diff, and git log --oneline -10 to understand the current state.
Then add and commit all modified files with a descriptive message. Break the changes into multiple commits if appropriate. If there are untracked files, ask if they should be added or added to the appropriate .gitignore file. The user may also want to take over at this point, so provide an abort option as well. Always check changes for unnecessary debugging statements or logging that might have been accidentally included. Prompt the user if you find any, and offer to remove each one by one. Do not use interactive git staging (git add -p) as it does not work.
I reviewed all the diffs — no debugging statements, no console.log, no accidental test artifacts. All logging uses the proper createLogger pattern. The untracked files are all intentional new files for this feature.
All untracked files are legitimate parts of the CBTF implementation:
apps/api/src/lib/webhook-verify.ts— HMAC signature verificationapps/api/src/middleware/cbtf.ts— CBTF detection + restriction middlewareapps/api/src/routes/webhooks/prairietest.ts— PrairieTest webhook endpointapps/api/src/services/exam-access.ts— exam access grant queriesapps/web/middleware.ts— Next.js CBTF route restrictionpackages/db/drizzle/0023_busy_lila_cheney.sql+ snapshot — generated migrationpackages/db/src/schema/exam-access.ts— DB schematesting/e2e/tests/cbtf-assessment.spec.ts— E2E tests
This is one cohesive feature, so a single commit is appropriate. Shall I proceed, or would you like to take over?
Committed as e5fb5fb. Working tree is clean.
Can we add security tests for the CBTF integration?
Let me read the existing plan file and explore the current CBTF implementation to understand what's already in place.
Now let me check the unit test pattern in this project.
Good. Now let me also check how tests are run and whether there's a test config.
I have all the information I need. Let me write the plan.