docs(09-06): complete phase 9 OSINT infrastructure

- Add 09-06-SUMMARY.md (integration test + phase summary plan)
- Update STATE.md progress and metrics
- Update ROADMAP.md phase 09 status
- Mark RECON-INFRA-05/06/07/08 complete in REQUIREMENTS.md

.planning/REQUIREMENTS.md

@@ -205,7 +205,7 @@ Requirements for initial release. Each maps to roadmap phases.
 ### OSINT/Recon — Infrastructure
 
 - [x] **RECON-INFRA-05**: Per-source rate limiter with configurable limits
-- [ ] **RECON-INFRA-06**: Stealth mode (--stealth) with UA rotation and increased delays
+- [x] **RECON-INFRA-06**: Stealth mode (--stealth) with UA rotation and increased delays
 - [x] **RECON-INFRA-07**: robots.txt respect (--respect-robots, default on)
 - [x] **RECON-INFRA-08**: Recon full command — parallel sweep across all sources with deduplication
 

.planning/ROADMAP.md

@@ -203,7 +203,7 @@ Plans:
 - [x] 09-03-PLAN.md — Stealth UA pool + cross-source dedup
 - [x] 09-04-PLAN.md — robots.txt parser with 1h per-host cache
 - [x] 09-05-PLAN.md — cmd/recon.go CLI tree (full, list)
-- [ ] 09-06-PLAN.md — Integration test + phase summary
+- [x] 09-06-PLAN.md — Integration test + phase summary
 
 ### Phase 10: OSINT Code Hosting
 **Goal**: Users can scan 10 code hosting platforms — GitHub, GitLab, Bitbucket, GitHub Gist, Codeberg/Gitea, Replit, CodeSandbox, HuggingFace, Kaggle, and miscellaneous code sandbox sites — for leaked LLM API keys

.planning/STATE.md

@@ -3,14 +3,14 @@ gsd_state_version: 1.0
 milestone: v1.0
 milestone_name: milestone
 status: executing
-stopped_at: Completed 09-05-PLAN.md
-last_updated: "2026-04-05T21:48:38.558Z"
+stopped_at: Completed 09-06-PLAN.md (Phase 9 complete)
+last_updated: "2026-04-05T21:53:23.961Z"
 last_activity: 2026-04-05
 progress:
   total_phases: 18
-  completed_phases: 7
-  total_plans: 48
-  completed_plans: 52
+  completed_phases: 9
+  total_plans: 53
+  completed_plans: 54
   percent: 20
 ---
 
@@ -26,7 +26,7 @@ See: .planning/PROJECT.md (updated 2026-04-04)
 ## Current Position
 
 Phase: 09 (osint-infrastructure) — EXECUTING
-Plan: 3 of 6
+Plan: 4 of 6
 Status: Ready to execute
 Last activity: 2026-04-05
 
@@ -84,6 +84,7 @@ Progress: [██░░░░░░░░] 20%
 | Phase 08-dork-engine P07 | 3m | 1 tasks | 1 files |
 | Phase 09-osint-infrastructure P04 | 6min | 2 tasks | 4 files |
 | Phase 09 P05 | 5m | 2 tasks | 2 files |
+| Phase 09-osint-infrastructure P06 | 8min | 2 tasks | 2 files |
 
 ## Accumulated Context
 
@@ -131,6 +132,6 @@ None yet.
 
 ## Session Continuity
 
-Last session: 2026-04-05T21:48:38.555Z
-Stopped at: Completed 09-05-PLAN.md
+Last session: 2026-04-05T21:53:23.957Z
+Stopped at: Completed 09-06-PLAN.md (Phase 9 complete)
 Resume file: None

.planning/phases/09-osint-infrastructure/09-06-SUMMARY.md

@@ -0,0 +1,123 @@
+---
+phase: 09-osint-infrastructure
+plan: 06
+subsystem: testing
+tags: [integration-test, recon, phase-summary]
+
+requires:
+  - phase: 09-osint-infrastructure
+    provides: Engine, LimiterRegistry, RobotsCache, Dedup, Stealth, ExampleSource
+provides:
+  - End-to-end integration test proving recon pipeline composes correctly
+  - Phase 9 completion summary (09-PHASE-SUMMARY.md)
+affects:
+  - 10-github-recon
+  - 11-shodan-recon
+
+tech-stack:
+  added: []
+  patterns:
+    - Integration tests live in same package (recon, not recon_test) to access unexported symbols
+    - Synthetic testSource struct defined in _test.go for deterministic pipeline assertions
+
+key-files:
+  created:
+    - pkg/recon/integration_test.go
+    - .planning/phases/09-osint-infrastructure/09-PHASE-SUMMARY.md
+  modified: []
+
+key-decisions:
+  - "Integration test lives in package recon (not recon_test) to exercise unexported helpers directly"
+  - "testSource emits 5 findings with one duplicate pair (Dedup -> 4) to keep assertions unambiguous"
+  - "Robots gating is asserted by invoking rc.Allowed only for the RespectsRobots==true source and trivially skipping it for the API source — mirrors Engine runtime behavior"
+
+patterns-established:
+  - "Synthetic ReconSource in integration tests: 6 interface methods + deterministic Sweep"
+  - "httptest.NewServer pattern for RobotsCache integration assertions"
+
+requirements-completed:
+  - RECON-INFRA-05
+  - RECON-INFRA-06
+  - RECON-INFRA-07
+  - RECON-INFRA-08
+
+duration: 8min
+completed: 2026-04-05
+---
+
+# Phase 9 Plan 06: Integration Test + Phase Summary
+
+**End-to-end integration test wiring Engine + LimiterRegistry + Stealth + RobotsCache + Dedup against a synthetic source, plus Phase 9 completion summary closing all 4 RECON-INFRA requirements.**
+
+## Performance
+
+- **Duration:** ~8 min
+- **Started:** 2026-04-05T21:49:00Z
+- **Completed:** 2026-04-05T21:57:00Z
+- **Tasks:** 2
+- **Files created:** 2
+
+## Accomplishments
+
+- `pkg/recon/integration_test.go` — two integration tests (`TestReconPipelineIntegration`, `TestRobotsOnlyWhenRespectsRobots`) passing
+- `09-PHASE-SUMMARY.md` — documents requirement closure, decisions, handoff to Phase 10
+- All `go test ./pkg/recon/...`, `go vet ./...`, `go build ./...` clean
+
+## Task Commits
+
+1. **Task 1: End-to-end integration test** — `a754ff7` (test)
+2. **Task 2: Phase 09 summary** — `d29a7d3` (docs)
+
+## Files Created
+
+- `/home/salva/Documents/apikey/pkg/recon/integration_test.go` — integration tests exercising Engine + Limiter + Stealth + Robots + Dedup via a synthetic `testSource` and `testWebSource`
+- `/home/salva/Documents/apikey/.planning/phases/09-osint-infrastructure/09-PHASE-SUMMARY.md` — Phase 9 completion summary
+
+## Decisions Made
+
+- **Integration test in package `recon` (not `recon_test`)** — lets the test reference `userAgents`, `Finding`, `NewRobotsCache`, etc. directly without indirection
+- **One duplicate pair instead of two** — initial draft used two duplicate pairs (5 raw → 3 unique), but the plan explicitly asserts `4 == len(Dedup(raw))`. Rebuilt `testSource` to emit 4 unique + 1 exact duplicate for a clean 5 → 4 collapse
+- **Robots gating asserted via absence** — the `testSource` path never calls `rc.Allowed`, mirroring how a real Engine would skip robots when `RespectsRobots()==false`; the test comments this explicitly
+
+## Deviations from Plan
+
+### Auto-fixed Issues
+
+**1. [Rule 1 - Bug] Corrected duplicate count in testSource**
+- **Found during:** Task 1 (first test run)
+- **Issue:** Initial implementation emitted 5 findings with two duplicate pairs (dupes of items 0 and 1), so `Dedup` collapsed 5 → 3, tripping the plan's `require.Equal(t, 4, ...)` assertion.
+- **Fix:** Rewrote `testSource.Sweep` to emit 4 unique findings + 1 exact duplicate (5 → 4 after Dedup). The plan's wording "2 are duplicates" was ambiguous; the plan's explicit assertion value (4) is the source of truth.
+- **Files modified:** `pkg/recon/integration_test.go`
+- **Verification:** `go test ./pkg/recon/ -run 'TestReconPipelineIntegration' -count=1 -v` passes
+- **Committed in:** `a754ff7` (Task 1 commit — fix folded into initial commit, never shipped broken)
+
+---
+
+**Total deviations:** 1 auto-fixed (Rule 1 bug in my own first draft)
+**Impact on plan:** None — the plan's asserted numbers guided the fix.
+
+## Issues Encountered
+
+None beyond the self-inflicted duplicate count bug above.
+
+## Next Phase Readiness
+
+- Phase 10 (GitHub recon) can start immediately against a stable, tested `pkg/recon` contract
+- `TestReconPipelineIntegration` provides a template for source-specific integration tests in Phases 10-16
+- All 4 RECON-INFRA requirement IDs closed
+
+## Self-Check
+
+- [x] `/home/salva/Documents/apikey/pkg/recon/integration_test.go` exists
+- [x] `/home/salva/Documents/apikey/.planning/phases/09-osint-infrastructure/09-PHASE-SUMMARY.md` exists
+- [x] Commit `a754ff7` present in git log
+- [x] Commit `d29a7d3` present in git log
+- [x] `go test ./pkg/recon/...` passes
+- [x] `go vet ./...` clean
+- [x] `go build ./...` clean
+
+## Self-Check: PASSED
+
+---
+*Phase: 09-osint-infrastructure*
+*Completed: 2026-04-05*