diff --git a/docs/tasks/scoped-gitea-token/README.md b/docs/tasks/scoped-gitea-token/README.md
new file mode 100644
index 0000000..323b3ed
--- /dev/null
+++ b/docs/tasks/scoped-gitea-token/README.md
@@ -0,0 +1,27 @@
+# Scoped Gitea Token for Pokerole Project
+
+**Status:** Ready  
+**Priority:** Tier 1 - Security  
+**Time:** 15 minutes  
+**Depends:** Vaultwarden operational  
+**Last Updated:** 2026-02-16
+
+## Overview
+Create scoped Gitea API token limited to Pokerole repos only. Replace master token with defense-in-depth boundary enforcement.
+
+## Problem
+Pokerole project currently uses master Gitea token with "honor system" scoping. Iron Wall principle: enforce technically, not socially.
+
+## Actions
+1. Create new Gitea token scoped to 4 Pokerole repos only
+2. Store in Vaultwarden
+3. Update `pokerole-project/misc-docs/SESSION-START-PROMPT.md`
+4. Test Claudius access (Pokerole repos ONLY)
+5. Remove master token reference
+
+## Success Criteria
+- ✅ Scoped token created and stored
+- ✅ Claudius isolated from Firefrost infrastructure
+- ✅ Defense in depth enforced
+
+**Fire + Frost + Foundation** 💙🔥❄️