diff --git a/openspec/changes/code-review-fix/tasks.md b/openspec/changes/code-review-fix/tasks.md
index 95e4661..1cb07ef 100644
--- a/openspec/changes/code-review-fix/tasks.md
+++ b/openspec/changes/code-review-fix/tasks.md
@@ -1,7 +1,7 @@
 ## 1. Security Critical — Git & Credentials
 
 - [x] 1.1 `[haiku]` Add `.env` to `.gitignore` and run `git rm --cached .env` to untrack it
-- [ ] 1.2 `[haiku]` Add `models/` and `*.pkl` to `.gitignore`
+- [x] 1.2 `[haiku]` Add `models/` and `*.pkl` to `.gitignore`
 - [ ] 1.3 `[haiku]` Replace real credentials in `.env.example` with placeholders (`POSTGRES_PASSWORD=change_me_to_a_strong_password`)
 - [ ] 1.4 `[haiku]` Remove SQL comment with credentials from `services/ml/app/db.py` and add fail-fast check for missing `DATABASE_URL`
 - [ ] 1.5 `[sonnet]` Update `docker-compose.yml` to use `${POSTGRES_USER}`, `${POSTGRES_PASSWORD}`, `${POSTGRES_DB}` env var interpolation in all DATABASE_URL values