# SCRIMED QA Human Run Packet

Status: manual-aal2-qa-human-run-packet-ready
Decision state: dispatch-template-ready
Execution allowed by code: no
Human AAL2 required: yes
Proof claim allowed: no
Buyer use allowed: no

## Boundary
SCRIMED QA Human Run Packet creates a no-secret dispatch packet for the approved human AAL2 synthetic QA run. It does not execute passkey ceremonies, mint or store tokens, persist packet hashes, process PHI, authorize live clinical care, certify security or compliance, guarantee reimbursement, approve production connectors, or claim retained authenticated QA proof before protected Manual QA Evidence is visible.

## Dispatch Rules
- Allowed now: generate a no-secret dispatch packet for an approved operator.
- Allowed now: predefine the exact workflow, target, command templates, safe fields, and post-run checks.
- Not allowed here: execute passkey/AAL2 ceremonies, mint tokens, store credentials, or persist evidence.
- Not allowed yet: claim retained authenticated QA proof, buyer-ready proof, clinical authority, PHI authority, reimbursement certainty, certification, or production connector approval.

## Accepted Attestations
- Operator roles: tenant-admin, pilot-lead
- Dispatch: human-aal2-required-no-code-bypass
- Proof blocked: no-retained-proof-until-protected-packet-visible
- Data boundary: synthetic-business-workflow-only

## Controls
- Approved human operator (required-before-dispatch): owner Tenant-admin or pilot-lead. Pass: The operator role is tenant-admin or pilot-lead and the AAL2 browser session is fresh. Fail closed if: The session is stale, shared, non-AAL2, or the role is not allowed.
- Single synthetic target (required-before-dispatch): owner Workflow owner. Pass: The packet names one synthetic target and one workspace slug before the run. Fail closed if: The target is broad, production-linked, patient-linked, payer-member-linked, or ambiguous.
- Manual workflow only (required-before-dispatch): owner Release engineering. Pass: The selected workflow remains manual and requires require_authenticated_path=true. Fail closed if: The workflow is scheduled, unattended, or allows the authenticated path to be optional.
- No-secret evidence fields (required-after-run): owner TrustOS reviewer. Pass: Only workflow ID, run URL, timestamp, safe object UUIDs, packet hash, and audit UUID are copied. Fail closed if: Tokens, credentials, PHI, payer member data, legal artifacts, reports, contracts, or clinical records appear.
- Protected packet visibility (hard-stop): owner Tenant governance operator. Pass: Protected Manual QA Evidence shows packet SHA-256 and append-only audit event visibility. Fail closed if: Only a public packet preview, operator assertion, screenshot, or chat statement exists.
- Proof and claim gates (hard-stop): owner Buyer diligence and claims governance. Pass: Completion Bridge, Activation Seal, Proof Promotion, Claim Guard, and Buyer Proof Release all preserve the retained-packet boundary. Fail closed if: Any buyer, investor, sales, PR, or operator language claims retained proof or production authority too early.
- Clinical authority blocked (hard-stop): owner Clinical, legal, privacy, security, compliance, and customer authority owners. Pass: The packet remains a governed synthetic QA dispatch artifact only. Fail closed if: The packet is used as clinical care, PHI, payer submission, reimbursement, certification, connector, or regional approval.

## Sales Demo Session QA activation
- Workflow kind: sales-demo-session-qa
- Dispatch path: .github/workflows/sales-demo-session-qa-smoke.yml
- Temporary secret: SCRIMED_SALES_QA_BEARER_TOKEN
- Default synthetic target: synthetic-sales-opportunity-intake-id
- Completion Bridge: /qa-completion-bridge
- Manual packet route: /api/qa-evidence/manual-run-packet
- Protected persistence: /api/pilot-workspaces/{workspaceSlug}/qa-evidence/manual-run-packets
- Activation Seal: /qa-activation-seal
- Proof Promotion: /qa-proof-promotion
- Claim Guard: /qa-claim-guard

Dispatch inputs:
```json
{
  "base_url": "https://app.scrimedsolutions.com",
  "intake_id": "<synthetic-sales-opportunity-intake-id>",
  "require_authenticated_path": true
}
```

Preflight command template:
```bash
SCRIMED_REQUIRE_SALES_QA=1 SCRIMED_SALES_QA_INTAKE_ID=<synthetic-intake-id> SCRIMED_SALES_QA_BEARER_TOKEN=<short-lived-aal2-token> node scripts/sales-demo-session-qa-token-preflight.mjs
```

Smoke command template:
```bash
SCRIMED_REQUIRE_SALES_QA=1 SCRIMED_BASE_URL=https://app.scrimedsolutions.com SCRIMED_SALES_QA_INTAKE_ID=<synthetic-intake-id> SCRIMED_SALES_QA_BEARER_TOKEN=<short-lived-aal2-token> node scripts/sales-demo-session-qa-smoke.mjs
```

Safe evidence template:
```json
{
  "workflowKind": "sales-demo-session-qa",
  "workflowRunId": "<numeric-scrimed-manual-run-id>",
  "workflowRunUrl": "https://app.scrimedsolutions.com/qa-run-control?runId=<numeric-scrimed-manual-run-id>",
  "executedAt": "<iso-8601-run-timestamp>",
  "baseUrl": "https://app.scrimedsolutions.com",
  "intakeId": "<synthetic-sales-opportunity-intake-id>",
  "createdSessionId": "<created-demo-session-uuid>",
  "packetAuditEventId": "<demo-session-packet-audit-event-uuid>",
  "qaOutcome": "pass",
  "operatorAttestation": "no-secrets-no-phi-aal2-human-run",
  "tokenDisposalAttestation": "temporary-token-deleted-or-rotated",
  "dataBoundary": "synthetic-business-workflow-only"
}
```

Operator sequence:
1. Open /pilot-workspace/access in a fresh browser session and verify AAL2 posture.
2. Confirm protected workspace slug {workspaceSlug}.
3. Create only the temporary masked workflow secret for the selected run.
4. Run the preflight command before dispatching the authenticated workflow.
5. Dispatch the manual workflow with require_authenticated_path=true and one explicit synthetic target.
6. Copy only the safe metadata fields from the completed run.
7. Delete or rotate the temporary secret before generating or persisting evidence.
8. Validate no-secret metadata through /qa-completion-bridge.
9. Generate the Markdown packet through /api/qa-evidence/manual-run-packet.
10. Persist only accepted metadata through /api/pilot-workspaces/{workspaceSlug}/qa-evidence/manual-run-packets.
11. Confirm /qa-activation-seal, /qa-proof-promotion, and /qa-claim-guard.
12. Export Buyer Diligence only after protected packet SHA-256 and audit visibility exist.

Abort conditions:
- No fresh human AAL2 session is available.
- The target is not synthetic or metadata-only.
- The token preflight fails or the token lifetime is too long.
- The workflow requires a long-lived or committed credential.
- Any evidence field contains a token, credential, PHI, patient identifier, payer member identifier, artifact URL, legal approval, security report, reimbursement determination, or production clinical record.
- The operator cannot delete or rotate the temporary secret after the run.
- Buyer Diligence is requested before no-secret evidence metadata is retained.

## Authority Reference QA activation
- Workflow kind: authority-reference-qa
- Dispatch path: .github/workflows/authority-reference-qa-smoke.yml
- Temporary secret: SCRIMED_BEARER_TOKEN
- Default synthetic target: atlas-synthetic-evaluation
- Completion Bridge: /qa-completion-bridge
- Manual packet route: /api/qa-evidence/manual-run-packet
- Protected persistence: /api/pilot-workspaces/{workspaceSlug}/qa-evidence/manual-run-packets
- Activation Seal: /qa-activation-seal
- Proof Promotion: /qa-proof-promotion
- Claim Guard: /qa-claim-guard

Dispatch inputs:
```json
{
  "base_url": "https://app.scrimedsolutions.com",
  "workspace_slug": "atlas-synthetic-evaluation",
  "require_authenticated_path": true
}
```

Preflight command template:
```bash
SCRIMED_REQUIRE_AUTHORITY_REFERENCE_QA=1 SCRIMED_WORKSPACE_SLUG=<synthetic-workspace-slug> SCRIMED_BEARER_TOKEN=<short-lived-aal2-token> node scripts/authority-artifact-reference-qa-token-preflight.mjs
```

Smoke command template:
```bash
SCRIMED_REQUIRE_AUTHORITY_REFERENCE_QA=1 SCRIMED_BASE_URL=https://app.scrimedsolutions.com SCRIMED_WORKSPACE_SLUG=<synthetic-workspace-slug> SCRIMED_BEARER_TOKEN=<short-lived-aal2-token> node scripts/authority-artifact-reference-qa-smoke.mjs
```

Safe evidence template:
```json
{
  "workflowKind": "authority-reference-qa",
  "workflowRunId": "<numeric-scrimed-manual-run-id>",
  "workflowRunUrl": "https://app.scrimedsolutions.com/qa-run-control?runId=<numeric-scrimed-manual-run-id>",
  "executedAt": "<iso-8601-run-timestamp>",
  "baseUrl": "https://app.scrimedsolutions.com",
  "intakeId": "atlas-synthetic-evaluation",
  "createdSessionId": "<created-authority-reference-uuid>",
  "packetAuditEventId": "<authority-reference-packet-audit-event-uuid>",
  "qaOutcome": "pass",
  "operatorAttestation": "no-secrets-no-phi-aal2-human-run",
  "tokenDisposalAttestation": "temporary-token-deleted-or-rotated",
  "dataBoundary": "synthetic-business-workflow-only"
}
```

Operator sequence:
1. Open /pilot-workspace/access in a fresh browser session and verify AAL2 posture.
2. Confirm protected workspace slug atlas-synthetic-evaluation.
3. Create only the temporary masked workflow secret for the selected run.
4. Run the preflight command before dispatching the authenticated workflow.
5. Dispatch the manual workflow with require_authenticated_path=true and one explicit synthetic target.
6. Copy only the safe metadata fields from the completed run.
7. Delete or rotate the temporary secret before generating or persisting evidence.
8. Validate no-secret metadata through /qa-completion-bridge.
9. Generate the Markdown packet through /api/qa-evidence/manual-run-packet.
10. Persist only accepted metadata through /api/pilot-workspaces/{workspaceSlug}/qa-evidence/manual-run-packets.
11. Confirm /qa-activation-seal, /qa-proof-promotion, and /qa-claim-guard.
12. Export Buyer Diligence only after protected packet SHA-256 and audit visibility exist.

Abort conditions:
- No fresh human AAL2 session is available.
- The target is not synthetic or metadata-only.
- The token preflight fails or the token lifetime is too long.
- The workflow requires a long-lived or committed credential.
- Any evidence field contains a token, credential, PHI, patient identifier, payer member identifier, artifact URL, legal approval, security report, reimbursement determination, or production clinical record.
- The operator cannot delete or rotate the temporary secret after the run.
- Buyer Diligence is requested before no-secret evidence metadata is retained.

## Post-Run Routes
- /qa-completion-bridge
- /api/qa-evidence/manual-run-packet
- /api/pilot-workspaces/{workspaceSlug}/qa-evidence/manual-run-packets
- /qa-activation-seal
- /qa-proof-promotion
- /qa-claim-guard
- /pilot-workspace/access#buyer-room

## Blocked Claims
- retained authenticated QA proof
- human AAL2 workflow completed
- live clinical care authorized
- PHI processing authorized
- HIPAA certified
- HIPAA compliant
- SOC 2 certified
- FDA cleared
- FDA approved
- reimbursement guaranteed
- production connector approved
- autonomous diagnosis authorized
- autonomous treatment authorized
- patient outreach authorized
- payer submission authorized

## Next Recommended Build Step
Have an approved tenant-admin or pilot-lead operator use this packet for exactly one synthetic AAL2 workflow, validate the no-secret result through Completion Bridge, persist it through protected Manual QA Evidence, then confirm Activation Seal, Proof Promotion, Claim Guard, and Buyer Proof Release before Buyer Diligence export.