diff --git a/CHANGELOG.md b/CHANGELOG.md
index ef75781..9a16770 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@ This project has no stable public release yet.
 - Added the v0.2 governance rules specification for conservative, deterministic instruction-file diagnostics.
 - Added unreleased governance findings for unsupported security or maturity claims, review or CI bypass guidance, unsafe command execution guidance, runtime network or LLM dependency guidance, missing secret-handling boundaries, and missing instruction scope or authority.
 - Added governance finding coverage across console, JSON, and Markdown output paths.
+- Added golden contract coverage for current governance console, JSON, and Markdown output behavior.
 - Added structured finding evidence for line-based governance findings.
 - Added regression coverage for redacting secret-like values from finding evidence in JSON output.
 
diff --git a/README.md b/README.md
index d7379bd..2fedbed 100644
--- a/README.md
+++ b/README.md
@@ -342,9 +342,9 @@ The local check suite verifies:
 
 Current verified local result on `main`:
 
-    Ran 93 tests
+    ./scripts/check.sh passes
 
-    OK
+The exact unit test count may change as coverage evolves. The source of truth is the current `./scripts/check.sh` output and the matching GitHub Actions run for `main`.
 
 CI runs the same local check script through GitHub Actions.
 
diff --git a/docs/V0.2-GOVERNANCE-RULES-SPEC.md b/docs/V0.2-GOVERNANCE-RULES-SPEC.md
index f5938ec..e0d9f5f 100644
--- a/docs/V0.2-GOVERNANCE-RULES-SPEC.md
+++ b/docs/V0.2-GOVERNANCE-RULES-SPEC.md
@@ -398,17 +398,22 @@ The release review must confirm that:
 * v0.2 documentation does not claim proof of repository safety;
 * tag and GitHub Release point to the verified release SHA.
 
-## Recommended next phase after this document
+## Release readiness follow-up
 
-Recommended next phase:
+The `test/add-governance-golden-output-coverage` phase has been completed on current `main`.
 
-`test/add-governance-golden-output-coverage`
+The next follow-up should be a release-readiness audit before any v0.2 version, tag, or release decision.
 
-Only if scope is limited to existing unreleased v0.2 behavior:
+That audit should verify:
 
-* no new governance rules;
-* no output redesign;
-* no release, tag, or version change;
-* no security or maturity claims.
+* README.md;
+* CHANGELOG.md;
+* SECURITY.md;
+* docs/THREAT-MODEL.md;
+* docs/PRODUCT-STRATEGY.md;
+* current CLI output from real commands;
+* packaging and version metadata;
+* branch protection and required checks;
+* release artifact expectations.
 
-The next test phase must preserve read-only behavior and existing runtime boundaries.
+The follow-up must not change code, tests, rules, output behavior, version metadata, tags, or releases unless that scope is approved as its own explicit phase.