# Wave 1A Launch Foundation Prompts

Goal: build the rails that let Navi show all categories, onboard providers, manage integrations, and prepare commercial flows safely.

## Prompt 1.0 Wave 1 Readiness Audit

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Task:
Audit whether Wave 0 is complete and whether Wave 1 can start.

Do not edit files.

Check:
1. git status clean
2. CI files exist
3. healthz and readyz exist
4. security headers exist
5. rate limits exist
6. secrets docs exist
7. docs/README.md exists
8. release report exists
9. RBAC patterns exist
10. audit log patterns exist
11. current API modules
12. current mobile screens
13. current dashboard modules
14. current website routes
15. current provider or third party integration patterns
16. current payment and booking models
17. where demo data exists

Output:
1. Wave 0 completion status
2. Wave 1 blockers
3. Safe tasks to start
4. Unsafe tasks to delay
5. Recommended Wave 1 order
6. Exact next prompt
```

## Prompt 1.1 Background Jobs Foundation

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/background-jobs-foundation

Task:
Add background job foundation using Redis.

Scope:
1. Inspect existing Redis usage.
2. Add BullMQ only if not already present.
3. Create queues:
   webhooks.inbound
   emails
   notifications
   ai.trip
   provider.sync
   provider.healthcheck
4. Add worker entrypoint apps/api/src/worker.ts.
5. Add retry and dead-letter pattern.
6. Add structured logging for job failures.
7. Do not migrate payment or AI logic yet.
8. Add docs/architecture/background-jobs.md.

Acceptance criteria:
1. Worker can start locally.
2. Queues are registered.
3. Retry policy exists.
4. DLQ pattern exists or is documented.
5. No existing API routes broken.

Run:
pnpm typecheck
pnpm lint
pnpm test for api if available

Final report:
1. Files changed
2. Queues added
3. Worker command
4. Tests run
5. Risks
6. Rollback plan
```

## Prompt 1.2 Telemetry Package

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/telemetry-package

Task:
Create a shared telemetry package.

Scope:
1. Create packages/telemetry.
2. Add typed event names.
3. Add Zod payload schemas.
4. Add adapter interface:
   track(event, payload, context)
5. Add no-op adapter for local development only.
6. Add audit-log adapter placeholder for API.
7. Do not integrate Amplitude, GA4, or pixels yet.
8. Add docs/architecture/telemetry.md.

Events:
signup.completed
login.succeeded
login.failed
listing.viewed
search.performed
booking.created
booking.confirmed
payment.succeeded
payment.failed
trip.generated
trip.failed
partner.applied
partner.approved
refund.requested
refund.completed
provider.connected
provider.connection_failed
provider.healthcheck_failed
commission.calculated
payout.created
review.submitted
customer.moved

Acceptance criteria:
1. Package builds.
2. Events are typed.
3. Payloads are validated.
4. No raw analytics SDK dependency added yet.

Run:
pnpm typecheck
pnpm lint
pnpm test if available

Final report:
1. Files changed
2. Events added
3. How to use package
4. Tests run
5. Risks
6. Rollback plan
```

## Prompt 1.3 Provider Category Registry

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/provider-category-registry

Task:
Create a real category and provider registry foundation so Navi can show all service categories without fake production logic.

Scope:
1. Inspect existing ListingKind, ServiceCategory, Partner, Business, and provider models.
2. Add or normalize service categories:
   STAY
   ACTIVITY
   TAXI
   FOOD
   PHARMACY
   GROCERY
   SIM
   EMERGENCY
   EVENT
   TRANSLATOR
   AI_TRIP
3. Add ProviderType or IntegrationType if missing.
4. Add status for categories and providers:
   DEMO_ONLY
   INQUIRY_ONLY
   SANDBOX_READY
   LIVE_READY
   DISABLED
5. Add dashboard-visible flags:
   visibleInMobile
   visibleInWebsite
   acceptsBookings
   acceptsPayments
   requiresManualFulfillment
   requiresThirdPartyApi
6. Seed the UAE category list.
7. Do not create fake checkout. If a category is not live, it must clearly show inquiry or coming soon status.
8. Add docs/product/service-category-readiness.md.

Acceptance criteria:
1. All categories can be represented consistently.
2. The dashboard can later control visibility and readiness status.
3. Mobile and website can show categories without pretending every category is live.
4. Production cannot accidentally use demo-only provider logic.

Run:
pnpm typecheck
pnpm lint
pnpm test for affected packages/apps

Final report:
1. Files changed
2. Schema changes
3. Categories added
4. Readiness states added
5. Risks
6. Rollback plan
```

## Prompt 1.4 Partner Application API

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/partner-application-api

Task:
Build partner application API foundation.

Scope:
1. Add or inspect partner/business models.
2. Add PartnerApplication model if missing.
3. Public endpoint:
   POST /v1/partners/applications
4. Validate with @navi/validators.
5. Store business name, contact person, email, phone, service type, city/emirate, message, status.
6. Status:
   PENDING
   IN_REVIEW
   APPROVED
   REJECTED
7. Write AuditLog for creation and status change.
8. Do not build file uploads yet in this prompt.
9. Add tests.

Acceptance criteria:
1. Public application endpoint works.
2. Validation works.
3. Audit log is created.
4. No auth required for application submit.
5. Admin review endpoints can be added later.

Run:
pnpm typecheck
pnpm lint
pnpm test api

Final report:
1. Files changed
2. Schema changes
3. Endpoint added
4. Tests run
5. Risks
6. Rollback plan
```

## Prompt 1.5 Partner Application Dashboard Review

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/partner-application-dashboard

Task:
Build dashboard review screens for partner applications.

Scope:
1. Add dashboard route for partner applications.
2. List applications.
3. View application detail.
4. Approve or reject with reason.
5. Permission gate:
   partner.application.read.all
   partner.application.approve
6. Use existing dashboard UI patterns.
7. Do not create full partner onboarding wizard yet.
8. Add empty, loading, error, and permission denied states.

Acceptance criteria:
1. Admin can view applications.
2. Authorized user can approve/reject.
3. Unauthorized user cannot act.
4. Status update calls API.
5. UI is responsive and clean.

Run:
pnpm typecheck
pnpm lint
pnpm test if available

Final report:
1. Files changed
2. Screens added
3. Permissions used
4. Screenshots if possible
5. Risks
6. Rollback plan
```

## Prompt 1.6 Website Partner Apply Page

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/website-partner-apply

Task:
Create public partner application page.

Scope:
1. Add website route:
   /en/partners/apply
   /ar/partners/apply if locale routing exists
2. Form fields must match PartnerApplication API.
3. Use @navi/validators.
4. Add EN and AR copy.
5. Add RTL support for Arabic.
6. Add success and error states.
7. Add CTA from partner page to application page.
8. Do not add CMS yet.

Acceptance criteria:
1. User can submit partner application from website.
2. Validation errors are clear.
3. EN and AR content exists.
4. RTL layout does not break.
5. API integration is through @navi/api-client or clean fetch wrapper.

Run:
pnpm typecheck
pnpm lint
pnpm test if available

Final report:
1. Files changed
2. Routes added
3. Screenshots if possible
4. Test results
5. Risks
6. Rollback plan
```

## Prompt 1.7 Website SEO Foundation

```text
You are operating on the Navi monorepo at:

/Users/start-tech/Documents/Claude/Projects/Navi

Navi is a UAE travel companion platform with a standalone iOS and Android mobile app, standalone public website, standalone admin and partner dashboard, and central API backend.

Repo structure:
apps/api
apps/mobile
apps/dashboard
apps/website
packages/ui
packages/types
packages/validators
packages/config
packages/api-client
docs

Tech direction:
API: NestJS, Fastify, Prisma, Postgres, Redis
Mobile: Expo Router, React Native, TypeScript
Dashboard: Next.js, TypeScript
Website: Next.js, TypeScript
Package manager: pnpm
Monorepo: turbo
Languages: English and Arabic
UI must support RTL.

Operating rules:
1. One focused task only.
2. Branch name must match the task.
3. Use conventional commits.
4. Do not delete code unless replacing it with a safer working version.
5. Never weaken auth, RBAC, validation, audit logs, rate limits, payment safety, or security.
6. Never commit secrets.
7. Do not touch unrelated files.
8. If you find conflicts or uncertainty, stop and report before making risky changes.
9. Follow existing repo patterns.
10. Keep mobile, dashboard, website, and API separated.
11. Business logic belongs in the API, not frontend screens.
12. Shared packages may contain only types, validators, config, API client, telemetry, money utilities, or design tokens.
13. All third party integrations must use provider interfaces and adapter classes.
14. Do not create fake production logic. Local demo mode is allowed only when isolated, clearly named, and impossible to enable in production by accident.
15. Every finished task must include summary, files changed, tests run, risks, rollback plan, and next recommended step.

Before editing files:
1. Run git status.
2. Inspect relevant folders.
3. Explain what you found.
4. Then implement only the requested task.

Finish format:
1. Summary
2. Files changed
3. Commands run
4. What works now
5. What is mocked or local only
6. What still needs real credentials or provider approval
7. Risks
8. Rollback plan
9. Next recommended prompt


Branch:
wave1/website-seo-foundation

Task:
Improve website SEO foundation without adding CMS.

Scope:
1. Add per-locale metadata where routes exist.
2. Add Organization JSON-LD.
3. Add WebSite SearchAction JSON-LD.
4. Add BreadcrumbList where simple.
5. Add sitemap generation if safe.
6. Add hreflang en/ar where locale routes exist.
7. Add robots.txt if missing.
8. Add docs/website/seo-foundation.md.
9. Add category landing sections for all Navi categories, clearly showing provider opportunities.

Acceptance criteria:
1. Home page has metadata.
2. Locale pages have correct language metadata.
3. JSON-LD exists and is valid structure.
4. Sitemap and robots exist if supported.
5. No CMS integration in this prompt.

Run:
pnpm typecheck
pnpm lint
pnpm build for website if available

Final report:
1. Files changed
2. SEO items added
3. Build result
4. Risks
5. Rollback plan
```