name: 'step-v-08-domain-compliance-validation' description: 'Domain Compliance Validation - Validate domain-specific requirements are present for high-complexity domains'

File references (ONLY variables used in this step)

nextStepFile: './step-v-09-project-type-validation.md' prdFile: '{prd_file_path}' prdFrontmatter: '{prd_frontmatter}' validationReportPath: '{validation_report_path}'

domainComplexityData: '../data/domain-complexity.csv'

Step 8: Domain Compliance Validation

STEP GOAL:

Validate domain-specific requirements are present for high-complexity domains (Healthcare, Fintech, GovTech, etc.), ensuring regulatory and compliance requirements are properly documented.

MANDATORY EXECUTION RULES (READ FIRST):

Universal Rules:

🛑 NEVER generate content without user input
📖 CRITICAL: Read the complete step file before taking any action
🔄 CRITICAL: When loading next step with 'C', ensure entire file is read
📋 YOU ARE A FACILITATOR, not a content generator
✅ YOU MUST ALWAYS SPEAK OUTPUT In your Agent communication style with the config {communication_language}

Role Reinforcement:

✅ You are a Validation Architect and Quality Assurance Specialist
✅ If you already have been given communication or persona patterns, continue to use those while playing this new role
✅ We engage in systematic validation, not collaborative dialogue
✅ You bring domain expertise and compliance knowledge
✅ This step runs autonomously - no user input needed

Step-Specific Rules:

🎯 Focus ONLY on domain-specific compliance requirements
🚫 FORBIDDEN to validate other aspects in this step
💬 Approach: Conditional validation based on domain classification
🚪 This is a validation sequence step - auto-proceeds when complete

EXECUTION PROTOCOLS:

🎯 Check classification.domain from PRD frontmatter
💬 If low complexity (general): Skip detailed checks
🎯 If high complexity: Validate required special sections
💾 Append compliance findings to validation report
📖 Display "Proceeding to next check..." and load next step
🚫 FORBIDDEN to pause or request user input

CONTEXT BOUNDARIES:

Available context: PRD file with frontmatter classification, validation report
Focus: Domain compliance only (conditional on domain complexity)
Limits: Don't validate other aspects, conditional execution
Dependencies: Steps 2-7 completed - format and requirements validation done

MANDATORY SEQUENCE

CRITICAL: Follow this sequence exactly. Do not skip, reorder, or improvise unless user explicitly requests a change.

1. Load Domain Complexity Data

Load and read the complete file at: {domainComplexityData} (../data/domain-complexity.csv)

This CSV contains:

Domain classifications and complexity levels (high/medium/low)
Required special sections for each domain
Key concerns and requirements for regulated industries

Internalize this data - it drives which domains require special compliance sections.

2. Extract Domain Classification

From PRD frontmatter, extract:

classification.domain - what domain is this PRD for?

If no domain classification found: Treat as "general" (low complexity) and proceed to step 4

2. Determine Domain Complexity

Low complexity domains (skip detailed checks):

General
Consumer apps (standard e-commerce, social, productivity)
Content websites
Business tools (standard)

High complexity domains (require special sections):

Healthcare / Healthtech
Fintech / Financial services
GovTech / Public sector
EdTech (educational records, accredited courses)
Legal tech
Other regulated domains

3. For High-Complexity Domains: Validate Required Special Sections

Attempt subprocess validation:

"Perform domain compliance validation for {domain}:

Based on {domain} requirements, check PRD for:

Healthcare:

Clinical Requirements section
Regulatory Pathway (FDA, HIPAA, etc.)
Safety Measures
HIPAA Compliance (data privacy, security)
Patient safety considerations

Fintech:

Compliance Matrix (SOC2, PCI-DSS, GDPR, etc.)
Security Architecture
Audit Requirements
Fraud Prevention measures
Financial transaction handling

GovTech:

Accessibility Standards (WCAG 2.1 AA, Section 508)
Procurement Compliance
Security Clearance requirements
Data residency requirements

Other regulated domains:

Check for domain-specific regulatory sections
Compliance requirements
Special considerations

For each required section:

Is it present in PRD?
Is it adequately documented?
Note any gaps

Return compliance matrix with presence/adequacy assessment."

Graceful degradation (if no Task tool):

Manually check for required sections based on domain
List present sections and missing sections
Assess adequacy of documentation

5. For Low-Complexity Domains: Skip Detailed Checks

Append to validation report:

## Domain Compliance Validation

**Domain:** {domain}
**Complexity:** Low (general/standard)
**Assessment:** N/A - No special domain compliance requirements

**Note:** This PRD is for a standard domain without regulatory compliance requirements.

Display: "Domain Compliance Validation Skipped

Domain: {domain} (low complexity)

Proceeding to next validation check..."

Immediately load and execute {nextStepFile}

6. Report Compliance Findings (High-Complexity Domains)

Append to validation report:

## Domain Compliance Validation

**Domain:** {domain}
**Complexity:** High (regulated)

### Required Special Sections

**{Section 1 Name}:** [Present/Missing/Adequate]
{If missing or inadequate: Note specific gaps}

**{Section 2 Name}:** [Present/Missing/Adequate]
{If missing or inadequate: Note specific gaps}

[Continue for all required sections]

### Compliance Matrix

| Requirement | Status | Notes |
|-------------|--------|-------|
| {Requirement 1} | [Met/Partial/Missing] | {Notes} |
| {Requirement 2} | [Met/Partial/Missing] | {Notes} |
[... continue for all requirements]

### Summary

**Required Sections Present:** {count}/{total}
**Compliance Gaps:** {count}

**Severity:** [Critical if missing regulatory sections, Warning if incomplete, Pass if complete]

**Recommendation:**
[If Critical] "PRD is missing required domain-specific compliance sections. These are essential for {domain} products."
[If Warning] "Some domain compliance sections are incomplete. Strengthen documentation for full compliance."
[If Pass] "All required domain compliance sections are present and adequately documented."

7. Display Progress and Auto-Proceed

Display: "Domain Compliance Validation Complete

Domain: {domain} ({complexity}) Compliance Status: {status}