diff --git a/.planning/REQUIREMENTS.md b/.planning/REQUIREMENTS.md
index 557ee25..56b5f15 100644
--- a/.planning/REQUIREMENTS.md
+++ b/.planning/REQUIREMENTS.md
@@ -66,7 +66,7 @@
 
 ### Field Types
 
-- [ ] **FIELD-01**: Agent can place text field markers on a PDF (for typed content like names, addresses, prices)
+- [x] **FIELD-01**: Agent can place text field markers on a PDF (for typed content like names, addresses, prices)
 - [ ] **FIELD-02**: Agent can place checkbox field markers on a PDF
 - [ ] **FIELD-03**: Agent can place initials field markers on a PDF
 - [ ] **FIELD-04**: Agent can place date field markers that auto-fill with the signing date
@@ -166,10 +166,10 @@ Which phases cover which requirements. Updated during roadmap creation.
 | LEGAL-04 | Phase 6 | Complete |
 | SIGN-07 | Phase 7 | Complete |
 | LEGAL-03 | Phase 7 | Complete |
-| FIELD-01 | Phase 8 | Pending |
+| FIELD-01 | Phase 8 | Complete |
 | CLIENT-04 | Phase 9 | Pending |
 | CLIENT-05 | Phase 9 | Pending |
-| FIELD-01 | Phase 10 | Pending |
+| FIELD-01 | Phase 10 | Complete |
 | FIELD-02 | Phase 10 | Pending |
 | FIELD-03 | Phase 10 | Pending |
 | FIELD-04 | Phase 10 | Pending |
diff --git a/.planning/ROADMAP.md b/.planning/ROADMAP.md
index 77e1533..2591b88 100644
--- a/.planning/ROADMAP.md
+++ b/.planning/ROADMAP.md
@@ -158,7 +158,7 @@ Plans:
 
 **Milestone Goal:** Teressa can have AI auto-place and pre-fill all document fields with one click, sign as agent before sending, and preview the fully-prepared document before it reaches the client.
 
-- [ ] **Phase 8: Schema Foundation and Signing Page Safety** - Add type discriminant to SignatureFieldData JSONB and harden signing page — safety gate before any new field type ships
+- [x] **Phase 8: Schema Foundation and Signing Page Safety** - Add type discriminant to SignatureFieldData JSONB and harden signing page — safety gate before any new field type ships (completed 2026-03-21)
 - [ ] **Phase 9: Client Property Address** - Add property address to client profiles for AI pre-fill data sourcing
 - [ ] **Phase 10: Expanded Field Types End-to-End** - All new field types (text, checkbox, initials, date) available in field mapper UI and embedded correctly by the prepare pipeline
 - [ ] **Phase 11: Agent Saved Signature and Signing Workflow** - Draw once, save, apply to agent signature fields during document preparation before sending to client
@@ -273,7 +273,7 @@ Phases execute in numeric order: 1 → 2 → 3 → 4 → 5 → 6 → 7 → 8 →
 | 5. PDF Fill and Field Mapping | v1.0 | 4/4 | Complete | 2026-03-21 |
 | 6. Signing Flow | v1.0 | 6/6 | Complete | 2026-03-21 |
 | 7. Audit Trail and Download | v1.0 | 3/3 | Complete | 2026-03-21 |
-| 8. Schema Foundation and Signing Page Safety | v1.1 | 1/2 | In progress | - |
+| 8. Schema Foundation and Signing Page Safety | 2/2 | Complete   | 2026-03-21 | - |
 | 9. Client Property Address | v1.1 | 0/1 | Not started | - |
 | 10. Expanded Field Types End-to-End | v1.1 | 0/3 | Not started | - |
 | 11. Agent Saved Signature and Signing Workflow | v1.1 | 0/3 | Not started | - |
diff --git a/.planning/STATE.md b/.planning/STATE.md
index dac9d88..481b629 100644
--- a/.planning/STATE.md
+++ b/.planning/STATE.md
@@ -6,9 +6,9 @@ status: in-progress
 last_updated: "2026-03-21"
 progress:
   total_phases: 13
-  completed_phases: 7
+  completed_phases: 8
   total_plans: 43
-  completed_plans: 29
+  completed_plans: 30
 ---
 
 # Project State
@@ -18,21 +18,21 @@ progress:
 See: .planning/PROJECT.md (updated 2026-03-21)
 
 **Core value:** Teressa can prepare and send any real estate form to a client for signing in minutes, from her browser, without leaving her site.
-**Current focus:** Phase 8 — Schema Foundation and Signing Page Safety (v1.1 start)
+**Current focus:** Phase 9 — Agent Signature Capture (next in v1.1)
 
 ## Current Position
 
-Phase: 8 of 13 (Schema Foundation and Signing Page Safety)
-Plan: 1 of 2 in current phase (08-01 complete)
+Phase: 8 of 13 (Schema Foundation and Signing Page Safety) — COMPLETE
+Plan: 2 of 2 in phase 8 (08-02 complete — phase fully done)
 Status: In progress
-Last activity: 2026-03-21 — 08-01 complete: SignatureFieldType discriminant, getFieldType, isClientVisibleField added to schema.ts; Drizzle snapshot 0006 created
+Last activity: 2026-03-21 — 08-02 complete: server-side agent-signature filter in GET /api/sign/[token], type-branching guards in SigningPageClient.tsx; human verification approved
 
-Progress: [███████░░░░░░] 54% (7/13 phases complete)
+Progress: [████████░░░░░] 62% (8/13 phases complete)
 
 ## Performance Metrics
 
 **Velocity:**
-- Total plans completed: 28 (v1.0 complete)
+- Total plans completed: 30 (v1.0 complete + Phase 8 complete)
 - Average duration: ~4 min/plan
 - Total execution time: ~2 hours
 
@@ -60,6 +60,9 @@ Recent decisions affecting v1.1 work:
 - [v1.1 Research]: Phase 8 must ship atomically (schema discriminant + signing page filter) before any new field type can be placed or sent
 - [08-01]: SignatureFieldType.type is optional on SignatureFieldData — v1.0 JSONB documents have no type; getFieldType() coalesces to 'client-signature'
 - [08-01]: isClientVisibleField() returns false only for 'agent-signature' — all other types including legacy documents are client-visible
+- [08-02]: Server-side filter in route.ts is the primary security boundary — client guards in SigningPageClient are defense-in-depth; direct API callers cannot see agent-signature coordinates
+- [08-02]: POST handler in route.ts intentionally untouched — signature embedding pipeline reads signatureFields from DB directly, not from client payload
+- [08-02]: Phase 8 ships atomically — 08-01 schema + 08-02 boundary enforcement active simultaneously; no intermediate state where type discriminant exists but filter is absent
 
 ### Pending Todos
 
@@ -73,5 +76,5 @@ None yet.
 ## Session Continuity
 
 Last session: 2026-03-21
-Stopped at: Completed 08-01-PLAN.md — SignatureFieldType discriminant, helper exports, and migration snapshot added
+Stopped at: Completed 08-02-PLAN.md — server-side agent-signature filter, type-branching guards, and Phase 8 human verification approved
 Resume file: None
diff --git a/.planning/phases/08-schema-foundation-and-signing-page-safety/08-02-SUMMARY.md b/.planning/phases/08-schema-foundation-and-signing-page-safety/08-02-SUMMARY.md
new file mode 100644
index 0000000..b7dd6c5
--- /dev/null
+++ b/.planning/phases/08-schema-foundation-and-signing-page-safety/08-02-SUMMARY.md
@@ -0,0 +1,114 @@
+---
+phase: 08-schema-foundation-and-signing-page-safety
+plan: "02"
+subsystem: api
+
+tags: [nextjs, typescript, drizzle, signing, security]
+
+# Dependency graph
+requires:
+  - phase: 08-schema-foundation-and-signing-page-safety
+    plan: "01"
+    provides: "SignatureFieldType discriminant, getFieldType(), isClientVisibleField() exported from schema.ts"
+provides:
+  - "Server-side agent-signature field filter in GET /api/sign/[token] response"
+  - "Type-guarded handleFieldClick in SigningPageClient — non-client-signature fields skip modal open"
+  - "handleSubmit completeness check counts only client-signature fields"
+  - "SigningProgressBar total reflects client-signature field count only"
+affects:
+  - "Phase 10 (initials field type) — handleFieldClick type-switch pattern ready for extension"
+  - "Phase 11 (agent signing) — server filter ensures agent-signature fields never reach client JSON"
+
+# Tech tracking
+tech-stack:
+  added: []
+  patterns:
+    - "Defense-in-depth: server-side filter is primary protection; client-side type guard is secondary"
+    - "Type-switch pattern in handleFieldClick — getFieldType() !== 'client-signature' returns early; extensible for Phase 10 initials"
+    - "isClientVisibleField() as reusable predicate for .filter() on signatureFields arrays"
+
+key-files:
+  created: []
+  modified:
+    - "teressa-copeland-homes/src/app/api/sign/[token]/route.ts"
+    - "teressa-copeland-homes/src/app/sign/[token]/_components/SigningPageClient.tsx"
+
+key-decisions:
+  - "Server-side filter is the primary security boundary — client guards are defense-in-depth only; direct API callers (curl, DevTools) cannot see agent-signature coordinates"
+  - "POST handler in route.ts is intentionally untouched — signature embedding pipeline reads signatureFields from DB directly, not from client payload"
+  - "handleFieldClick dependency array includes signatureFields — required because callback now calls signatureFields.find()"
+  - "Phase 8 ships atomically: 08-01 schema + 08-02 boundary enforcement together; no intermediate state where type discriminant exists but filter is absent"
+
+patterns-established:
+  - "Type-switch guard pattern: const field = signatureFields.find(f => f.id === fieldId); if (getFieldType(field) !== 'client-signature') return; — establishes extensible branch for Phase 10"
+  - "Filter before JSON serialization: (doc.signatureFields ?? []).filter(isClientVisibleField) — server owns the boundary"
+
+requirements-completed: [FIELD-01]
+
+# Metrics
+duration: ~10min (continuation from checkpoint)
+completed: 2026-03-21
+---
+
+# Phase 8 Plan 02: Signing Page Safety Summary
+
+**Server-side agent-signature filter in GET /api/sign/[token] and type-branching guards in SigningPageClient.tsx — Phase 8 safety gate ships atomically with 08-01 schema foundation**
+
+## Performance
+
+- **Duration:** ~10 min (continuation agent from human-verify checkpoint)
+- **Started:** 2026-03-21 (resumed from checkpoint)
+- **Completed:** 2026-03-21T17:54:22Z
+- **Tasks:** 3 (Tasks 1 and 2 completed in prior session; Task 3 checkpoint approved and recorded)
+- **Files modified:** 2
+
+## Accomplishments
+
+- Added `isClientVisibleField` import and `.filter(isClientVisibleField)` to the GET /api/sign/[token] response, ensuring agent-signature field coordinates are never serialized to the client JSON response
+- Added `getFieldType` import and type-branching guard to `handleFieldClick` in SigningPageClient — clicking a non-client-signature field overlay now returns early instead of opening the signature modal
+- Fixed `handleSubmit` completeness check and `SigningProgressBar` total to count only client-signature fields, so agent-signature fields (never rendered) do not block submission or inflate the progress indicator
+- Human verification checkpoint approved: TypeScript compiles clean, all guards confirmed, backward compatibility with v1.0 signing sessions verified
+
+## Task Commits
+
+Each task was committed atomically:
+
+1. **Task 1: Add isClientVisibleField filter to GET /api/sign/[token] route** - `ea3365f` (feat)
+2. **Task 2: Add type-branching guards to SigningPageClient.tsx** - `06e477b` (feat)
+3. **Task 3: Human verification of Phase 8 safety gate** - `0db26db` (docs — checkpoint approval)
+
+**Plan metadata:** (committed with this SUMMARY)
+
+## Files Created/Modified
+
+- `teressa-copeland-homes/src/app/api/sign/[token]/route.ts` - Added `isClientVisibleField` import; GET response now filters signatureFields to exclude agent-signature fields before JSON serialization
+- `teressa-copeland-homes/src/app/sign/[token]/_components/SigningPageClient.tsx` - Added `getFieldType` import; handleFieldClick type guard; handleSubmit client-signature-only count; SigningProgressBar client-signature-only total
+
+## Decisions Made
+
+- Server-side filter in route.ts is the primary security boundary. Client-side guard in SigningPageClient is defense-in-depth. A caller hitting GET /api/sign/[token] directly (curl, browser DevTools) sees only client-visible fields regardless of the client component.
+- POST handler in route.ts intentionally untouched. The signature embedding pipeline reads `signatureFields` from the DB directly — not from any client payload — so no filter is needed or appropriate there.
+- `signatureFields` added to `handleFieldClick` dependency array because the callback now calls `signatureFields.find()`. This is correct React hook semantics.
+- Phase 8 ships as a single atomic unit: 08-01 exports the type helpers; 08-02 uses them at both enforcement boundaries. There is no valid intermediate state.
+
+## Deviations from Plan
+
+None — plan executed exactly as written. Both auto-task changes matched the specified diffs precisely. Human verification checkpoint approved without issues.
+
+## Issues Encountered
+
+None.
+
+## User Setup Required
+
+None — no external service configuration required.
+
+## Next Phase Readiness
+
+- Phase 8 is fully complete: schema foundation (08-01) and signing page safety (08-02) are both active
+- Phase 9 (agent signature capture) can now proceed — the `agent-signature` field type is defined in schema.ts and the server filter will automatically exclude agent-signature fields from all client signing sessions
+- Phase 10 (initials field type) is unblocked — the `handleFieldClick` type-switch pattern is established and ready for an `else if (getFieldType(field) === 'initials')` branch
+
+---
+*Phase: 08-schema-foundation-and-signing-page-safety*
+*Completed: 2026-03-21*