refactor(semantics): migrate legacy @TIER to @COMPLEXITY annotations

- Replaced @TIER: TRIVIAL with @COMPLEXITY: 1 - Replaced @TIER: STANDARD with @COMPLEXITY: 3 - Replaced @TIER: CRITICAL with @COMPLEXITY: 5 - Manually elevated specific critical/complex components to levels 2 and 4 - Ignored legacy, specs, and node_modules directories - Updated generated semantic map
2026-03-16 10:06:44 +03:00
parent 321e0eb2db
commit 274510fc38
321 changed files with 30101 additions and 58483 deletions
--- a/backend/src/services/init.py
+++ b/backend/src/services/init.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: services, package, init
 # @PURPOSE: Package initialization for services module
 # @LAYER: Core
--- a/backend/src/services/tests/test_encryption_manager.py
+++ b/backend/src/services/tests/test_encryption_manager.py
@@ -1,5 +1,5 @@
 # [DEF:test_encryption_manager:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: encryption, security, fernet, api-keys, tests
 # @PURPOSE: Unit tests for EncryptionManager encrypt/decrypt functionality.
 # @LAYER: Domain
--- a/backend/src/services/tests/test_health_service.py
+++ b/backend/src/services/tests/test_health_service.py
@@ -5,7 +5,7 @@ from src.services.health_service import HealthService
 from src.models.llm import ValidationRecord

 # [DEF:test_health_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Unit tests for HealthService aggregation logic.

@pytest.mark.asyncio
--- a/backend/src/services/tests/test_llm_plugin_persistence.py
+++ b/backend/src/services/tests/test_llm_plugin_persistence.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.__tests__.test_llm_plugin_persistence:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Regression test for ValidationRecord persistence fields populated from task context.

 import types
--- a/backend/src/services/tests/test_llm_prompt_templates.py
+++ b/backend/src/services/tests/test_llm_prompt_templates.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.__tests__.test_llm_prompt_templates:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, llm, prompts, templates, settings
 # @PURPOSE: Validate normalization and rendering behavior for configurable LLM prompt templates.
 # @LAYER: Domain Tests
@@ -18,7 +18,7 @@ from src.services.llm_prompt_templates import (


 # [DEF:test_normalize_llm_settings_adds_default_prompts:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Ensure legacy/partial llm settings are expanded with all prompt defaults.
 # @PRE: Input llm settings do not contain complete prompts object.
 # @POST: Returned structure includes required prompt templates with fallback defaults.
@@ -39,7 +39,7 @@ def test_normalize_llm_settings_adds_default_prompts():


 # [DEF:test_normalize_llm_settings_keeps_custom_prompt_values:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Ensure user-customized prompt values are preserved during normalization.
 # @PRE: Input llm settings contain custom prompt override.
 # @POST: Custom prompt value remains unchanged in normalized output.
@@ -54,7 +54,7 @@ def test_normalize_llm_settings_keeps_custom_prompt_values():


 # [DEF:test_render_prompt_replaces_known_placeholders:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Ensure template placeholders are deterministically replaced.
 # @PRE: Template contains placeholders matching provided variables.
 # @POST: Rendered prompt string contains substituted values.
@@ -69,7 +69,7 @@ def test_render_prompt_replaces_known_placeholders():


 # [DEF:test_is_multimodal_model_detects_known_vision_models:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Ensure multimodal model detection recognizes common vision-capable model names.
 def test_is_multimodal_model_detects_known_vision_models():
    assert is_multimodal_model("gpt-4o") is True
@@ -80,7 +80,7 @@ def test_is_multimodal_model_detects_known_vision_models():


 # [DEF:test_resolve_bound_provider_id_prefers_binding_then_default:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Verify provider binding resolution priority.
 def test_resolve_bound_provider_id_prefers_binding_then_default():
    settings = {
@@ -93,7 +93,7 @@ def test_resolve_bound_provider_id_prefers_binding_then_default():


 # [DEF:test_normalize_llm_settings_keeps_assistant_planner_settings:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Ensure assistant planner provider/model fields are preserved and normalized.
 def test_normalize_llm_settings_keeps_assistant_planner_settings():
    normalized = normalize_llm_settings(
--- a/backend/src/services/tests/test_rbac_permission_catalog.py
+++ b/backend/src/services/tests/test_rbac_permission_catalog.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.__tests__.test_rbac_permission_catalog:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, rbac, permissions, catalog, discovery, sync
 # @PURPOSE: Verifies RBAC permission catalog discovery and idempotent synchronization behavior.
 # @LAYER: Service Tests
--- a/backend/src/services/tests/test_resource_service.py
+++ b/backend/src/services/tests/test_resource_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.__tests__.test_resource_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: resource-service, tests, dashboards, datasets, activity
 # @PURPOSE: Unit tests for ResourceService
 # @LAYER: Service
--- a/backend/src/services/auth_service.py
+++ b/backend/src/services/auth_service.py
@@ -1,6 +1,6 @@
 # [DEF:backend.src.services.auth_service:Module]
 #
-# @TIER:      CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: auth, service, business-logic, login, jwt, adfs, jit-provisioning
 # @PURPOSE:   Orchestrates credential authentication and ADFS JIT user provisioning.
 # @LAYER:     Domain
@@ -27,11 +27,11 @@ from ..core.logger import belief_scope
 # [/SECTION]

 # [DEF:AuthService:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Provides high-level authentication services.
 class AuthService:
    # [DEF:__init__:Function]
-    # @TIER: TRIVIAL
+    # @COMPLEXITY: 1
    # @PURPOSE: Initializes the authentication service with repository access over an active DB session.
    # @PRE: db is a valid SQLAlchemy Session instance bound to the auth persistence context.
    # @POST: self.repo is initialized and ready for auth user/role CRUD operations.
@@ -43,7 +43,7 @@ class AuthService:
    # [/DEF:__init__:Function]

    # [DEF:authenticate_user:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Validates credentials and account state for local username/password authentication.
    # @PRE: username and password are non-empty credential inputs.
    # @POST: Returns User only when user exists, is active, and password hash verification succeeds; otherwise returns None.
@@ -69,7 +69,7 @@ class AuthService:
    # [/DEF:authenticate_user:Function]

    # [DEF:create_session:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Issues an access token payload for an already authenticated user.
    # @PRE: user is a valid User entity containing username and iterable roles with role.name values.
    # @POST: Returns session dict with non-empty access_token and token_type='bearer'.
@@ -95,7 +95,7 @@ class AuthService:
    # [/DEF:create_session:Function]

    # [DEF:provision_adfs_user:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Performs ADFS Just-In-Time provisioning and role synchronization from AD group mappings.
    # @PRE: user_info contains identity claims where at least one of 'upn' or 'email' is present; 'groups' may be absent.
    # @POST: Returns persisted user entity with roles synchronized to mapped AD groups and refreshed state.
--- a/backend/src/services/clean_release/init.py
+++ b/backend/src/services/clean_release/init.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Redesigned clean release compliance subsystem.
 # @LAYER: Domain

--- a/backend/src/services/clean_release/tests/test_audit_service.py
+++ b/backend/src/services/clean_release/tests/test_audit_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_audit_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, clean-release, audit, logging
 # @PURPOSE: Validate audit hooks emit expected log patterns for clean release lifecycle.
 # @LAYER: Infra
--- a/backend/src/services/clean_release/tests/test_compliance_orchestrator.py
+++ b/backend/src/services/clean_release/tests/test_compliance_orchestrator.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_compliance_orchestrator:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, clean-release, orchestrator, stage-state-machine
 # @PURPOSE: Validate compliance orchestrator stage transitions and final status derivation.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/tests/test_manifest_builder.py
+++ b/backend/src/services/clean_release/tests/test_manifest_builder.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_manifest_builder:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: tests, clean-release, manifest, deterministic
 # @PURPOSE: Validate deterministic manifest generation behavior for US1.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/tests/test_preparation_service.py
+++ b/backend/src/services/clean_release/tests/test_preparation_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_preparation_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, clean-release, preparation, flow
 # @PURPOSE: Validate release candidate preparation flow, including policy evaluation and manifest persisting.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/tests/test_report_builder.py
+++ b/backend/src/services/clean_release/tests/test_report_builder.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_report_builder:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, clean-release, report-builder, counters
 # @PURPOSE: Validate compliance report builder counter integrity and blocked-run constraints.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/tests/test_source_isolation.py
+++ b/backend/src/services/clean_release/tests/test_source_isolation.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_source_isolation:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, clean-release, source-isolation, internal-only
 # @PURPOSE: Verify internal source registry validation behavior.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/tests/test_stages.py
+++ b/backend/src/services/clean_release/tests/test_stages.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.services.clean_release.test_stages:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, clean-release, compliance, stages
 # @PURPOSE: Validate final status derivation logic from stage results.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/approval_service.py
+++ b/backend/src/services/clean_release/approval_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.approval_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, approval, decision, lifecycle, gate
 # @PURPOSE: Enforce approval/rejection gates over immutable compliance reports.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/artifact_catalog_loader.py
+++ b/backend/src/services/clean_release/artifact_catalog_loader.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.artifact_catalog_loader:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, artifacts, bootstrap, json, tui
 # @PURPOSE: Load bootstrap artifact catalogs for clean release real-mode flows.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/audit_service.py
+++ b/backend/src/services/clean_release/audit_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.audit_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, audit, lifecycle, logging
 # @PURPOSE: Provide lightweight audit hooks for clean release preparation/check/report lifecycle.
 # @LAYER: Infra
--- a/backend/src/services/clean_release/candidate_service.py
+++ b/backend/src/services/clean_release/candidate_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.candidate_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, candidate, artifacts, lifecycle, validation
 # @PURPOSE: Register release candidates with validated artifacts and advance lifecycle through legal transitions.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/compliance_execution_service.py
+++ b/backend/src/services/clean_release/compliance_execution_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.compliance_execution_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, compliance, execution, stages, immutable-evidence
 # @PURPOSE: Create and execute compliance runs with trusted snapshots, deterministic stages, violations and immutable report persistence.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/compliance_orchestrator.py
+++ b/backend/src/services/clean_release/compliance_orchestrator.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.compliance_orchestrator:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, orchestrator, compliance-gate, stages
 # @PURPOSE: Execute mandatory clean compliance stages and produce final COMPLIANT/BLOCKED/FAILED outcome.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/demo_data_service.py
+++ b/backend/src/services/clean_release/demo_data_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.demo_data_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, demo-mode, namespace, isolation, repository
 # @PURPOSE: Provide deterministic namespace helpers and isolated in-memory repository creation for demo and real modes.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/dto.py
+++ b/backend/src/services/clean_release/dto.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release_dto:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Data Transfer Objects for clean release compliance subsystem.
 # @LAYER: Application

--- a/backend/src/services/clean_release/enums.py
+++ b/backend/src/services/clean_release/enums.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release_enums:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Canonical enums for clean release lifecycle and compliance.
 # @LAYER: Domain

--- a/backend/src/services/clean_release/exceptions.py
+++ b/backend/src/services/clean_release/exceptions.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release_exceptions:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Domain exceptions for clean release compliance subsystem.
 # @LAYER: Domain

--- a/backend/src/services/clean_release/facade.py
+++ b/backend/src/services/clean_release/facade.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release_facade:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Unified entry point for clean release operations.
 # @LAYER: Application

--- a/backend/src/services/clean_release/manifest_builder.py
+++ b/backend/src/services/clean_release/manifest_builder.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.manifest_builder:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, manifest, deterministic-hash, summary
 # @PURPOSE: Build deterministic distribution manifest from classified artifact input.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/manifest_service.py
+++ b/backend/src/services/clean_release/manifest_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.manifest_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, manifest, versioning, immutability, lifecycle
 # @PURPOSE: Build immutable distribution manifests with deterministic digest and version increment.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/mappers.py
+++ b/backend/src/services/clean_release/mappers.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release_mappers:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Map between domain entities (SQLAlchemy models) and DTOs.
 # @LAYER: Application

--- a/backend/src/services/clean_release/policy_engine.py
+++ b/backend/src/services/clean_release/policy_engine.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.policy_engine:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, policy, classification, source-isolation
 # @PURPOSE: Evaluate artifact/source policies for enterprise clean profile with deterministic outcomes.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/policy_resolution_service.py
+++ b/backend/src/services/clean_release/policy_resolution_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.policy_resolution_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, policy, registry, trusted-resolution, immutable-snapshots
 # @PURPOSE: Resolve trusted policy and registry snapshots from ConfigManager without runtime overrides.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/preparation_service.py
+++ b/backend/src/services/clean_release/preparation_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.preparation_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, preparation, manifest, policy-evaluation
 # @PURPOSE: Prepare release candidate by policy evaluation and deterministic manifest creation.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/publication_service.py
+++ b/backend/src/services/clean_release/publication_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.publication_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, publication, revoke, gate, lifecycle
 # @PURPOSE: Enforce publication and revocation gates with append-only publication records.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/report_builder.py
+++ b/backend/src/services/clean_release/report_builder.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.report_builder:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: clean-release, report, audit, counters, violations
 # @PURPOSE: Build and persist compliance reports with consistent counter invariants.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/repositories/init.py
+++ b/backend/src/services/clean_release/repositories/init.py
@@ -1,5 +1,5 @@
 # [DEF:clean_release_repositories:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Export all clean release repositories.

 from .candidate_repository import CandidateRepository
--- a/backend/src/services/clean_release/repositories/approval_repository.py
+++ b/backend/src/services/clean_release/repositories/approval_repository.py
@@ -1,5 +1,5 @@
 # [DEF:approval_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query approval decisions.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/artifact_repository.py
+++ b/backend/src/services/clean_release/repositories/artifact_repository.py
@@ -1,5 +1,5 @@
 # [DEF:artifact_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query candidate artifacts.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/audit_repository.py
+++ b/backend/src/services/clean_release/repositories/audit_repository.py
@@ -1,5 +1,5 @@
 # [DEF:audit_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query audit logs for clean release operations.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/candidate_repository.py
+++ b/backend/src/services/clean_release/repositories/candidate_repository.py
@@ -1,5 +1,5 @@
 # [DEF:candidate_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query release candidates.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/compliance_repository.py
+++ b/backend/src/services/clean_release/repositories/compliance_repository.py
@@ -1,5 +1,5 @@
 # [DEF:compliance_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query compliance runs, stage runs, and violations.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/manifest_repository.py
+++ b/backend/src/services/clean_release/repositories/manifest_repository.py
@@ -1,5 +1,5 @@
 # [DEF:manifest_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query distribution manifests.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/policy_repository.py
+++ b/backend/src/services/clean_release/repositories/policy_repository.py
@@ -1,5 +1,5 @@
 # [DEF:policy_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query policy and registry snapshots.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/publication_repository.py
+++ b/backend/src/services/clean_release/repositories/publication_repository.py
@@ -1,5 +1,5 @@
 # [DEF:publication_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query publication records.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repositories/report_repository.py
+++ b/backend/src/services/clean_release/repositories/report_repository.py
@@ -1,5 +1,5 @@
 # [DEF:report_repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Persist and query compliance reports.
 # @LAYER: Infra

--- a/backend/src/services/clean_release/repository.py
+++ b/backend/src/services/clean_release/repository.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.repository:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, repository, persistence, in-memory
 # @PURPOSE: Provide repository adapter for clean release entities with deterministic access methods.
 # @LAYER: Infra
--- a/backend/src/services/clean_release/source_isolation.py
+++ b/backend/src/services/clean_release/source_isolation.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.source_isolation:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, source-isolation, internal-only, validation
 # @PURPOSE: Validate that all resource endpoints belong to the approved internal source registry.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/stages/init.py
+++ b/backend/src/services/clean_release/stages/init.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.stages:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, compliance, stages, state-machine
 # @PURPOSE: Define compliance stage order and helper functions for deterministic run-state evaluation.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/stages/base.py
+++ b/backend/src/services/clean_release/stages/base.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.stages.base:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, compliance, stages, contracts, base
 # @PURPOSE: Define shared contracts and helpers for pluggable clean-release compliance stages.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/stages/data_purity.py
+++ b/backend/src/services/clean_release/stages/data_purity.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.stages.data_purity:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, compliance-stage, data-purity
 # @PURPOSE: Evaluate manifest purity counters and emit blocking violations for prohibited artifacts.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/stages/internal_sources_only.py
+++ b/backend/src/services/clean_release/stages/internal_sources_only.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.stages.internal_sources_only:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, compliance-stage, source-isolation, registry
 # @PURPOSE: Verify manifest-declared sources belong to trusted internal registry allowlist.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/stages/manifest_consistency.py
+++ b/backend/src/services/clean_release/stages/manifest_consistency.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.stages.manifest_consistency:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, compliance-stage, manifest, consistency, digest
 # @PURPOSE: Ensure run is bound to the exact manifest snapshot and digest used at run creation time.
 # @LAYER: Domain
--- a/backend/src/services/clean_release/stages/no_external_endpoints.py
+++ b/backend/src/services/clean_release/stages/no_external_endpoints.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.clean_release.stages.no_external_endpoints:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: clean-release, compliance-stage, endpoints, network
 # @PURPOSE: Block manifest payloads that expose external endpoints outside trusted schemes and hosts.
 # @LAYER: Domain
--- a/backend/src/services/git_service.py
+++ b/backend/src/services/git_service.py
@@ -1,6 +1,6 @@
 # [DEF:backend.src.services.git_service:Module]
 #
-# @TIER:      STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: git, service, gitpython, repository, version_control
 # @PURPOSE:   Core Git logic using GitPython to manage dashboard repositories.
 # @LAYER:     Service
@@ -32,7 +32,7 @@ from src.models.config import AppConfigRecord
 from src.core.database import SessionLocal

 # [DEF:backend.src.services.git_service.GitService:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Wrapper for GitPython operations with semantic logging and error handling.
 class GitService:
    """
--- a/backend/src/services/health_service.py
+++ b/backend/src/services/health_service.py
@@ -1,5 +1,5 @@
 # [DEF:health_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: health, aggregation, dashboards
 # @PURPOSE: Business logic for aggregating dashboard health status from validation records.
 # @LAYER: Domain/Service
@@ -20,7 +20,7 @@ from ..core.task_manager.cleanup import TaskCleanupService
 from ..core.task_manager import TaskManager

 # [DEF:HealthService:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 4
 # @PURPOSE: Aggregate latest dashboard validation state and manage persisted health report lifecycle.
 # @RELATION: [DEPENDS_ON] ->[backend.src.models.llm.ValidationRecord]
 # @RELATION: [DEPENDS_ON] ->[backend.src.schemas.health.DashboardHealthItem]
@@ -35,7 +35,7 @@ class HealthService:
    @PURPOSE: Service for managing and querying dashboard health data.
    """
    # [DEF:HealthService.__init__:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Initialize health service with DB session and optional config access for dashboard metadata resolution.
    # @PRE: db is a valid SQLAlchemy session.
    # @POST: Service is ready to aggregate summaries and delete health reports.
@@ -46,7 +46,7 @@ class HealthService:
    # [/DEF:HealthService.__init__:Function]

    # [DEF:HealthService._prime_dashboard_meta_cache:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Warm dashboard slug/title cache with one Superset list fetch per environment.
    # @PRE: records may contain mixed numeric and slug dashboard identifiers.
    # @POST: Numeric dashboard ids for known environments are cached when discoverable.
@@ -127,7 +127,7 @@ class HealthService:
    # [/DEF:HealthService._prime_dashboard_meta_cache:Function]

    # [DEF:HealthService._resolve_dashboard_meta:Function]
-    # @TIER: TRIVIAL
+    # @COMPLEXITY: 1
    # @PURPOSE: Resolve slug/title for a dashboard referenced by persisted validation record.
    # @PRE: dashboard_id may be numeric or slug-like; environment_id may be empty.
    # @POST: Returns dict with `slug` and `title` keys, using cache when possible.
@@ -154,7 +154,7 @@ class HealthService:
    # [/DEF:HealthService._resolve_dashboard_meta:Function]

    # [DEF:HealthService.get_health_summary:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Aggregate latest validation status per dashboard and enrich rows with dashboard slug/title.
    # @PRE: environment_id may be omitted to aggregate across all environments.
    # @POST: Returns HealthSummaryResponse with counts and latest record row per dashboard.
@@ -232,7 +232,7 @@ class HealthService:
    # [/DEF:HealthService.get_health_summary:Function]

    # [DEF:HealthService.delete_validation_report:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Delete one persisted health report and optionally clean linked task/log artifacts.
    # @PRE: record_id is a validation record identifier.
    # @POST: Returns True only when a matching record was deleted.
--- a/backend/src/services/llm_prompt_templates.py
+++ b/backend/src/services/llm_prompt_templates.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.llm_prompt_templates:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: llm, prompts, templates, settings
 # @PURPOSE: Provide default LLM prompt templates and normalization helpers for runtime usage.
 # @LAYER: Domain
@@ -13,7 +13,7 @@ from typing import Dict, Any, Optional


 # [DEF:DEFAULT_LLM_PROMPTS:Constant]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Default prompt templates used by documentation, dashboard validation, and git commit generation.
 DEFAULT_LLM_PROMPTS: Dict[str, str] = {
    "dashboard_validation_prompt": (
@@ -62,7 +62,7 @@ DEFAULT_LLM_PROMPTS: Dict[str, str] = {


 # [DEF:DEFAULT_LLM_PROVIDER_BINDINGS:Constant]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Default provider binding per task domain.
 DEFAULT_LLM_PROVIDER_BINDINGS: Dict[str, str] = {
    "dashboard_validation": "",
@@ -73,7 +73,7 @@ DEFAULT_LLM_PROVIDER_BINDINGS: Dict[str, str] = {


 # [DEF:DEFAULT_LLM_ASSISTANT_SETTINGS:Constant]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Default planner settings for assistant chat intent model/provider resolution.
 DEFAULT_LLM_ASSISTANT_SETTINGS: Dict[str, str] = {
    "assistant_planner_provider": "",
@@ -83,7 +83,7 @@ DEFAULT_LLM_ASSISTANT_SETTINGS: Dict[str, str] = {


 # [DEF:normalize_llm_settings:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Ensure llm settings contain stable schema with prompts section and default templates.
 # @PRE: llm_settings is dictionary-like value or None.
 # @POST: Returned dict contains prompts with all required template keys.
@@ -127,7 +127,7 @@ def normalize_llm_settings(llm_settings: Any) -> Dict[str, Any]:


 # [DEF:is_multimodal_model:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Heuristically determine whether model supports image input required for dashboard validation.
 # @PRE: model_name may be empty or mixed-case.
 # @POST: Returns True when model likely supports multimodal input.
@@ -169,7 +169,7 @@ def is_multimodal_model(model_name: str, provider_type: Optional[str] = None) ->


 # [DEF:resolve_bound_provider_id:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Resolve provider id configured for a task binding with fallback to default provider.
 # @PRE: llm_settings is normalized or raw dict from config.
 # @POST: Returns configured provider id or fallback id/empty string when not defined.
@@ -185,7 +185,7 @@ def resolve_bound_provider_id(llm_settings: Any, task_key: str) -> str:


 # [DEF:render_prompt:Function]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Render prompt template using deterministic placeholder replacement with graceful fallback.
 # @PRE: template is a string and variables values are already stringifiable.
 # @POST: Returns rendered prompt text with known placeholders substituted.
--- a/backend/src/services/llm_provider.py
+++ b/backend/src/services/llm_provider.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.llm_provider:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: service, llm, provider, encryption
 # @PURPOSE: Service for managing LLM provider configurations with encrypted API keys.
 # @LAYER: Domain
@@ -19,7 +19,7 @@ if TYPE_CHECKING:
 MASKED_API_KEY_PLACEHOLDER = "********"

 # [DEF:_require_fernet_key:Function]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @PURPOSE: Load and validate the Fernet key used for secret encryption.
 # @PRE: ENCRYPTION_KEY environment variable must be set to a valid Fernet key.
 # @POST: Returns validated key bytes ready for Fernet initialization.
@@ -34,7 +34,7 @@ def _require_fernet_key() -> bytes:
 # [/DEF:_require_fernet_key:Function]

 # [DEF:EncryptionManager:Class]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @PURPOSE: Handles encryption and decryption of sensitive data like API keys.
 # @INVARIANT: Uses only a validated secret key from environment.
 #
@@ -79,7 +79,7 @@ class EncryptionManager:
 # [/DEF:EncryptionManager:Class]

 # [DEF:LLMProviderService:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Service to manage LLM provider lifecycle.
 class LLMProviderService:
    # [DEF:LLMProviderService.__init__:Function]
@@ -92,7 +92,7 @@ class LLMProviderService:
    # [/DEF:LLMProviderService.__init__:Function]

    # [DEF:get_all_providers:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Returns all configured LLM providers.
    # @PRE: Database connection must be active.
    # @POST: Returns list of all LLMProvider records.
@@ -102,7 +102,7 @@ class LLMProviderService:
    # [/DEF:get_all_providers:Function]

    # [DEF:get_provider:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Returns a single LLM provider by ID.
    # @PRE: provider_id must be a valid string.
    # @POST: Returns LLMProvider or None if not found.
@@ -112,7 +112,7 @@ class LLMProviderService:
    # [/DEF:get_provider:Function]

    # [DEF:create_provider:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Creates a new LLM provider with encrypted API key.
    # @PRE: config must contain valid provider configuration.
    # @POST: New provider created and persisted to database.
@@ -134,7 +134,7 @@ class LLMProviderService:
    # [/DEF:create_provider:Function]

    # [DEF:update_provider:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Updates an existing LLM provider.
    # @PRE: provider_id must exist, config must be valid.
    # @POST: Provider updated and persisted to database.
@@ -163,7 +163,7 @@ class LLMProviderService:
    # [/DEF:update_provider:Function]

    # [DEF:delete_provider:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Deletes an LLM provider.
    # @PRE: provider_id must exist.
    # @POST: Provider removed from database.
@@ -178,7 +178,7 @@ class LLMProviderService:
    # [/DEF:delete_provider:Function]

    # [DEF:get_decrypted_api_key:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Returns the decrypted API key for a provider.
    # @PRE: provider_id must exist with valid encrypted key.
    # @POST: Returns decrypted API key or None on failure.
--- a/backend/src/services/notifications/tests/test_notification_service.py
+++ b/backend/src/services/notifications/tests/test_notification_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.notifications.__tests__.test_notification_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Unit tests for NotificationService routing and dispatch logic.

 import pytest
--- a/backend/src/services/notifications/providers.py
+++ b/backend/src/services/notifications/providers.py
@@ -1,6 +1,6 @@
 # [DEF:backend.src.services.notifications.providers:Module]
 #
-# @TIER:      CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: notifications, providers, smtp, slack, telegram, abstraction
 # @PURPOSE:   Defines abstract base and concrete implementations for external notification delivery.
 # @LAYER:     Infra
--- a/backend/src/services/notifications/service.py
+++ b/backend/src/services/notifications/service.py
@@ -1,6 +1,6 @@
 # [DEF:backend.src.services.notifications.service:Module]
 #
-# @TIER:      CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: notifications, service, routing, dispatch, background-tasks
 # @PURPOSE:   Orchestrates notification routing based on user preferences and policy context.
 # @LAYER:     Domain
--- a/backend/src/services/profile_service.py
+++ b/backend/src/services/profile_service.py
@@ -1,6 +1,6 @@
 # [DEF:backend.src.services.profile_service:Module]
 #
-# @TIER:      CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: profile, service, validation, ownership, filtering, superset, preferences
 # @PURPOSE:   Orchestrates profile preference persistence, Superset account lookup, and deterministic actor matching.
 # @LAYER:     Domain
@@ -51,7 +51,7 @@ SUPPORTED_DENSITIES = {"compact", "comfortable"}


 # [DEF:ProfileValidationError:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Domain validation error for profile preference update requests.
 class ProfileValidationError(Exception):
    def __init__(self, errors: Sequence[str]):
@@ -61,7 +61,7 @@ class ProfileValidationError(Exception):


 # [DEF:EnvironmentNotFoundError:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Raised when environment_id from lookup request is unknown in app configuration.
 class EnvironmentNotFoundError(Exception):
    pass
@@ -69,7 +69,7 @@ class EnvironmentNotFoundError(Exception):


 # [DEF:ProfileAuthorizationError:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Raised when caller attempts cross-user preference mutation.
 class ProfileAuthorizationError(Exception):
    pass
@@ -77,7 +77,7 @@ class ProfileAuthorizationError(Exception):


 # [DEF:ProfileService:Class]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @PURPOSE: Implements profile preference read/update flow and Superset account lookup degradation strategy.
 class ProfileService:
    # [DEF:__init__:Function]
--- a/backend/src/services/rbac_permission_catalog.py
+++ b/backend/src/services/rbac_permission_catalog.py
@@ -1,6 +1,6 @@
 # [DEF:backend.src.services.rbac_permission_catalog:Module]
 #
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: rbac, permissions, catalog, sync, discovery
 # @PURPOSE:   Discovers declared RBAC permissions from API routes/plugins and synchronizes them into auth database.
 # @LAYER:     Service
--- a/backend/src/services/reports/tests/test_report_normalizer.py
+++ b/backend/src/services/reports/tests/test_report_normalizer.py
@@ -1,5 +1,5 @@
 # [DEF:backend.tests.test_report_normalizer:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: tests, reports, normalizer, fallback
 # @PURPOSE: Validate unknown task type fallback and partial payload normalization behavior.
 # @LAYER: Domain (Tests)
--- a/backend/src/services/reports/tests/test_report_service.py
+++ b/backend/src/services/reports/tests/test_report_service.py
@@ -1,5 +1,5 @@
 # [DEF:test_report_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Unit tests for ReportsService list/detail operations
 # @LAYER: Domain
 # @RELATION: TESTS -> backend.src.services.reports.report_service.ReportsService
--- a/backend/src/services/reports/normalizer.py
+++ b/backend/src/services/reports/normalizer.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.reports.normalizer:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: reports, normalization, tasks, fallback
 # @PURPOSE: Convert task manager task objects into canonical unified TaskReport entities with deterministic fallback behavior.
 # @LAYER: Domain
--- a/backend/src/services/reports/report_service.py
+++ b/backend/src/services/reports/report_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.reports.report_service:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: reports, service, aggregation, filtering, pagination, detail
 # @PURPOSE: Aggregate, normalize, filter, and paginate task reports for unified list/detail API use cases.
 # @LAYER: Domain
@@ -23,7 +23,7 @@ from .normalizer import normalize_task_report

 # [DEF:ReportsService:Class]
 # @PURPOSE: Service layer for list/detail report retrieval and normalization.
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @PRE: TaskManager dependency is initialized.
 # @POST: Provides deterministic list/detail report responses.
 # @INVARIANT: Service methods are read-only over task history source.
@@ -42,7 +42,7 @@ from .normalizer import normalize_task_report
 # @TEST_INVARIANT: consistent_pagination -> verifies: [valid_service]
 class ReportsService:
    # [DEF:__init__:Function]
-    # @TIER: CRITICAL
+    # @COMPLEXITY: 5
    # @PURPOSE: Initialize service with TaskManager dependency.
    # @PRE: task_manager is a live TaskManager instance.
    # @POST: self.task_manager is assigned and ready for read operations.
--- a/backend/src/services/reports/type_profiles.py
+++ b/backend/src/services/reports/type_profiles.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.reports.type_profiles:Module]
-# @TIER: CRITICAL
+# @COMPLEXITY: 5
 # @SEMANTICS: reports, type_profiles, normalization, fallback
 # @PURPOSE: Deterministic mapping of plugin/task identifiers to canonical report task types and fallback profile metadata.
 # @LAYER: Domain
--- a/backend/src/services/resource_service.py
+++ b/backend/src/services/resource_service.py
@@ -1,5 +1,5 @@
 # [DEF:backend.src.services.resource_service:Module]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @SEMANTICS: service, resources, dashboards, datasets, tasks, git
 # @PURPOSE:   Shared service for fetching resource data with Git status and task status
 # @LAYER:     Service
@@ -19,12 +19,12 @@ from ..core.logger import logger, belief_scope
 # [/SECTION]

 # [DEF:backend.src.services.resource_service.ResourceService:Class]
-# @TIER: STANDARD
+# @COMPLEXITY: 3
 # @PURPOSE: Provides centralized access to resource data with enhanced metadata
 class ResourceService:
    
    # [DEF:backend.src.services.resource_service.ResourceService.__init__:Function]
-    # @TIER: TRIVIAL
+    # @COMPLEXITY: 1
    # @PURPOSE: Initialize the resource service with dependencies
    # @PRE: None
    # @POST: ResourceService is ready to fetch resources
@@ -35,7 +35,7 @@ class ResourceService:
    # [/DEF:backend.src.services.resource_service.ResourceService.__init__:Function]
    
    # [DEF:backend.src.services.resource_service.ResourceService.get_dashboards_with_status:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Fetch dashboards from environment with Git status and last task status
    # @PRE: env is a valid Environment object
    # @POST: Returns list of dashboards with enhanced metadata
@@ -85,7 +85,7 @@ class ResourceService:
    # [/DEF:get_dashboards_with_status:Function]

    # [DEF:get_dashboards_page_with_status:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Fetch one dashboard page from environment and enrich only that page with status metadata.
    # @PRE: env is valid; page >= 1; page_size > 0.
    # @POST: Returns page items plus total counters without scanning all pages locally.
@@ -149,7 +149,7 @@ class ResourceService:
    # [/DEF:get_dashboards_page_with_status:Function]

    # [DEF:_get_last_llm_task_for_dashboard:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Get most recent LLM validation task for a dashboard in an environment
    # @PRE: dashboard_id is a valid integer identifier
    # @POST: Returns the newest llm_dashboard_validation task summary or None
@@ -230,7 +230,7 @@ class ResourceService:
    # [/DEF:_get_last_llm_task_for_dashboard:Function]

    # [DEF:_normalize_task_status:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Normalize task status to stable uppercase values for UI/API projections
    # @PRE: raw_status can be enum or string
    # @POST: Returns uppercase status without enum class prefix
@@ -247,7 +247,7 @@ class ResourceService:
    # [/DEF:_normalize_task_status:Function]

    # [DEF:_normalize_validation_status:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Normalize LLM validation status to PASS/FAIL/WARN/UNKNOWN
    # @PRE: raw_status can be any scalar type
    # @POST: Returns normalized validation status token or None
@@ -263,7 +263,7 @@ class ResourceService:
    # [/DEF:_normalize_validation_status:Function]

    # [DEF:_normalize_datetime_for_compare:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Normalize datetime values to UTC-aware values for safe comparisons.
    # @PRE: value may be datetime or any scalar.
    # @POST: Returns UTC-aware datetime; non-datetime values map to minimal UTC datetime.
@@ -278,7 +278,7 @@ class ResourceService:
    # [/DEF:_normalize_datetime_for_compare:Function]
    
    # [DEF:get_datasets_with_status:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Fetch datasets from environment with mapping progress and last task status
    # @PRE: env is a valid Environment object
    # @POST: Returns list of datasets with enhanced metadata
@@ -317,7 +317,7 @@ class ResourceService:
    # [/DEF:get_datasets_with_status:Function]
    
    # [DEF:get_activity_summary:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Get summary of active and recent tasks for the activity indicator
    # @PRE: tasks is a list of Task objects
    # @POST: Returns summary with active_count and recent_tasks
@@ -357,7 +357,7 @@ class ResourceService:
    # [/DEF:get_activity_summary:Function]
    
    # [DEF:_get_git_status_for_dashboard:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Get Git sync status for a dashboard
    # @PRE: dashboard_id is a valid integer
    # @POST: Returns git status or None if no repo exists
@@ -417,7 +417,7 @@ class ResourceService:
    # [/DEF:_get_git_status_for_dashboard:Function]
    
    # [DEF:_get_last_task_for_resource:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Get the most recent task for a specific resource
    # @PRE: resource_id is a valid string
    # @POST: Returns task summary or None if no tasks found
@@ -455,7 +455,7 @@ class ResourceService:
    # [/DEF:_get_last_task_for_resource:Function]
    
    # [DEF:_extract_resource_name_from_task:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Extract resource name from task params
    # @PRE: task is a valid Task object
    # @POST: Returns resource name or task ID
@@ -467,7 +467,7 @@ class ResourceService:
    # [/DEF:_extract_resource_name_from_task:Function]
    
    # [DEF:_extract_resource_type_from_task:Function]
-    # @TIER: STANDARD
+    # @COMPLEXITY: 3
    # @PURPOSE: Extract resource type from task params
    # @PRE: task is a valid Task object
    # @POST: Returns resource type or 'unknown'