diff --git a/features/jwt/jwt_secret_retention.feature b/features/jwt/jwt_secret_retention.feature
index f915cd5..d07bf5d 100644
--- a/features/jwt/jwt_secret_retention.feature
+++ b/features/jwt/jwt_secret_retention.feature
@@ -89,7 +89,7 @@ Feature: JWT Secret Retention Policy
     Then I should receive configuration validation error
     And the error should mention "retention_factor must be ≥ 1.0"
 
-  @todo
+  @todo @nice_to_have
   Scenario: Metrics for secret retention
     Given I have enabled Prometheus metrics
     When the cleanup job removes expired secrets
@@ -97,7 +97,7 @@ Feature: JWT Secret Retention Policy
     And I should see "jwt_secrets_active_count" metric decrease
     And I should see "jwt_secret_retention_duration_seconds" histogram update
 
-  @todo
+  @todo @nice_to_have
   Scenario: Log masking for security
     Given I add a new JWT secret "super-secret-key-123456"
     When the cleanup job runs
@@ -151,7 +151,7 @@ Feature: JWT Secret Retention Policy
     And existing secrets should be reevaluated
     And cleanup should use new retention periods
 
-  @todo
+  @todo @nice_to_have
   Scenario: Audit trail for secret operations
     Given I enable audit logging
     When I add a new JWT secret
@@ -176,7 +176,7 @@ Feature: JWT Secret Retention Policy
     And new tokens should use the emergency secret
     And cleanup should remove compromised secrets
   
-  @todo
+  @todo @nice_to_have
   Scenario: Monitoring and alerting
     Given I have monitoring configured
     When the cleanup job fails repeatedly