diff --git a/docs/consumption/gitea-nuget-feed-validation.md b/docs/consumption/gitea-nuget-feed-validation.md
new file mode 100644
index 0000000..586c399
--- /dev/null
+++ b/docs/consumption/gitea-nuget-feed-validation.md
@@ -0,0 +1,62 @@
+# Gitea NuGet Feed Validation
+
+## Purpose
+
+Validate that Gitea can be used as the package registry for cross-repo consumption in greenfield.
+
+## Validated Environment
+
+- Date: 2026-02-25
+- Gitea URL: `http://192.168.68.156:3000`
+- Organization feed: `http://192.168.68.156:3000/api/packages/AgileWebs/nuget/index.json`
+- Auth mode: Basic auth using Gitea login + token
+
+## Prerequisites
+
+- `AGILE_GITEA_URL` is set
+- `AGILE_GITEA_TOKEN` is set
+- Account has package publish permissions in `AgileWebs`
+
+## Required NuGet Source Configuration
+
+Because the current feed is HTTP, source entries must allow insecure connections.
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+```
+
+## Smoke Test Result
+
+The following flow was executed successfully:
+
+1. Create temporary package `AgileWebs.Nuget.Smoke`.
+2. Pack and push to org feed.
+3. Create clean consumer project.
+4. Restore consumer with package from Gitea feed.
+
+Result: **PASS**
+
+## Troubleshooting
+
+- Error: `NuGet requires HTTPS sources`.
+ - Cause: HTTP feed without insecure override.
+ - Fix: add `allowInsecureConnections="true"` in `nuget.config`.
+
+- Error: `401 Unauthorized` on push/restore.
+ - Cause: invalid token or missing package permission.
+ - Fix: validate token with `GET /api/v1/user` and retry.
+
+## Operational Recommendation
+
+- Keep this setting only while feed is HTTP.
+- Move feed to HTTPS to remove insecure source exception.