diff --git a/docs/plans/2026-03-13-gateway-security-hardening.md b/docs/plans/2026-03-13-gateway-security-hardening.md
new file mode 100644
index 0000000..d7dacf1
--- /dev/null
+++ b/docs/plans/2026-03-13-gateway-security-hardening.md
@@ -0,0 +1,98 @@
+# Gateway Security Hardening Implementation Plan
+
+> **For Claude:** REQUIRED SUB-SKILL: Use superpowers:executing-plans to implement this plan task-by-task.
+
+**Goal:** Finish the requested gateway security hardening fixes in the existing `fix/gateway-security` worktree and produce a PR-ready branch.
+
+**Architecture:** Tighten NestJS gateway boundaries in-place by enforcing auth guards, session validation, ownership checks, DTO validation, and Fastify security defaults. Preserve the current module structure and existing ESM import conventions.
+
+**Tech Stack:** NestJS 11, Fastify, Socket.IO, Better Auth, class-validator, Vitest, pnpm, TypeScript ESM
+
+---
+
+### Task 1: Reconcile Security Tests
+
+**Files:**
+
+- Modify: `apps/gateway/src/chat/__tests__/chat-security.test.ts`
+- Modify: `apps/gateway/src/__tests__/resource-ownership.test.ts`
+
+**Step 1: Write the failing test**
+
+- Encode the requested DTO constraints and socket-auth contract exactly.
+
+**Step 2: Run test to verify it fails**
+
+Run: `pnpm --filter @mosaic/gateway test -- src/chat/__tests__/chat-security.test.ts src/__tests__/resource-ownership.test.ts`
+
+Expected: FAIL on current DTO/helper mismatch.
+
+**Step 3: Write minimal implementation**
+
+- Update DTO/helper/controller code only where tests prove a gap.
+
+**Step 4: Run test to verify it passes**
+
+Run the same command and require green.
+
+### Task 2: Align Gateway Runtime Hardening
+
+**Files:**
+
+- Modify: `apps/gateway/src/conversations/conversations.dto.ts`
+- Modify: `apps/gateway/src/chat/chat.dto.ts`
+- Modify: `apps/gateway/src/chat/chat.gateway-auth.ts`
+- Modify: `apps/gateway/src/chat/chat.gateway.ts`
+- Modify: `apps/gateway/src/main.ts`
+- Modify: `apps/gateway/src/app.module.ts`
+
+**Step 1: Verify remaining requested deltas**
+
+- Confirm code matches requested guard, rate limit, helmet, body limit, env validation, and CORS settings.
+
+**Step 2: Apply minimal patch**
+
+- Keep changes scoped to requested behavior only.
+
+**Step 3: Run targeted tests**
+
+Run: `pnpm --filter @mosaic/gateway test -- src/chat/__tests__/chat-security.test.ts src/__tests__/resource-ownership.test.ts`
+
+Expected: PASS.
+
+### Task 3: Verification, Review, and Delivery
+
+**Files:**
+
+- Create: `docs/reports/code-review/gateway-security-20260313.md`
+- Create: `docs/reports/qa/gateway-security-20260313.md`
+- Modify: `docs/scratchpads/gateway-security-20260313.md`
+
+**Step 1: Run baseline gates**
+
+Run:
+
+```bash
+pnpm typecheck
+pnpm lint
+```
+
+**Step 2: Perform manual code review**
+
+- Record correctness/security/testing/doc findings.
+
+**Step 3: Commit and publish**
+
+Run:
+
+```bash
+git add -A
+git commit -m "fix(gateway): security hardening — auth guards, ownership checks, validation, rate limiting"
+git push origin fix/gateway-security
+```
+
+**Step 4: Open PR and notify**
+
+- Open PR titled `fix(gateway): security hardening — auth guards, ownership checks, validation, rate limiting`
+- Run `openclaw system event --text "PR ready: mosaic-mono-v1 fix/gateway-security — 7 security fixes" --mode now`
+- Remove worktree after PR is created.
diff --git a/docs/scratchpads/gateway-security-20260313.md b/docs/scratchpads/gateway-security-20260313.md
new file mode 100644
index 0000000..ebf9f18
--- /dev/null
+++ b/docs/scratchpads/gateway-security-20260313.md
@@ -0,0 +1,54 @@
+# Gateway Security Hardening Scratchpad
+
+## Metadata
+
+- Date: 2026-03-13
+- Worktree: `/home/jwoltje/src/mosaic-mono-v1-worktrees/sec-remediation`
+- Branch: `fix/gateway-security`
+- Scope: Finish 7 requested gateway security fixes without switching branches or worktrees
+- Related tracker: worker task only; `docs/TASKS.md` is orchestrator-owned and left unchanged
+- Budget assumption: no explicit token cap; keep scope limited to requested gateway/auth/validation hardening
+
+## Objective
+
+Complete the remaining gateway security hardening work:
+
+1. Chat HTTP auth guard enforcement
+2. Chat WebSocket session validation
+3. Ownership checks on by-id CRUD routes
+4. Global validation pipe and DTO enforcement
+5. Rate limiting
+6. Helmet security headers
+7. Body limit and env validation
+
+## Plan
+
+1. Reconcile current worktree state against requested fixes.
+2. Patch or extend tests first for DTO/auth behavior mismatches.
+3. Implement minimal code changes to satisfy tests and requested behavior.
+4. Run targeted gateway tests.
+5. Run baseline gates: `pnpm typecheck`, `pnpm lint`.
+6. Perform manual code review and record findings.
+7. Commit, push branch, open PR, send OpenClaw event, remove worktree.
+
+## Progress Log
+
+### 2026-03-13T00:00 local
+
+- Loaded required Mosaic/global/runtime instructions and applicable skills.
+- Confirmed active worktree is `sec-remediation` and branch is already dirty with prior session changes.
+- Identified remaining gaps: DTO validation mismatch and non-requested socket auth helper typing/behavior drift.
+
+## TDD Notes
+
+- Required: yes. This is security/auth/permission logic.
+- Approach: update targeted unit tests first, verify failure, then patch code minimally.
+
+## Verification Log
+
+- Pending.
+
+## Risks / Blockers
+
+- Repository instructions conflict on PR merge behavior; user explicitly instructed PR-only, no merge. Follow user instruction.
+- Existing worktree contains prior-session modifications; do not revert unrelated changes.