Hub

Launch readiness

SCRIMED now separates sandbox DNS limits from real launch go/no-go proof.

This control plane keeps launch structure, product readiness, service readiness, strict branded-domain verification, DNS fallback evidence, protected AAL2 proof, and authority boundaries in one operator-reviewed lane.

Statuslaunch-readiness-control-plane-active
Launch tracks10
Ready3
Contained3
Operator gates1
External review3
DNS controls3
Service paths5
Launch risks5
Proof routes40

Boundary

Fallback proof is useful; branded-domain proof is mandatory.

SCRIMED Launch Readiness organizes launch structure, product readiness, service readiness, functional verification, DNS/domain checks, sandbox limitations, and workarounds into one go/no-go control plane. It is operating-readiness evidence only. It does not bypass sandbox restrictions, override DNS, approve production clinical use, authorize PHI processing, certify security or compliance, create a contractual SLA, approve production connectors, approve customer release, provide legal/accounting/tax advice, guarantee revenue or profit, or replace qualified human launch review.

01Primary: https://app.scrimedsolutions.com
02Fallback: https://scrimed-site.vercel.app
03Launch approval: human-launch-review-required
04Fallback authority: continuity-only-not-launch-approval

DNS and sandbox controls

Restricted DNS failures are classified, while the branded launch gate stays strict.

fallback-contained

Sandbox DNS classifier

Restricted Codex sandbox execution can return getaddrinfo ENOTFOUND for app.scrimedsolutions.com even when the production app is reachable from an approved network.

Fallback success is not sufficient for launch approval; unrestricted primary-domain smoke is still required.
  • Detection: The launch domain preflight first resolves the primary host, then requests health endpoints, then tests a fallback Vercel alias when the sandbox cannot resolve DNS.
  • Command: SCRIMED_PRIMARY_BASE_URL=https://app.scrimedsolutions.com SCRIMED_FALLBACK_BASE_URL=https://scrimed-site.vercel.app npm run smoke:launch-domain-preflight
  • Pass condition: Primary domain resolves and returns SCRIMED health/readiness, or sandbox DNS failure is explicitly classified while fallback health/readiness passes for internal continuity.
  • Workaround: Request approved network execution for production smoke, run the fallback preflight for continuity evidence, and keep the branded domain as the buyer-facing target.
  • This does not bypass DNS, alter external records, or convert fallback-only evidence into launch approval.
strict-primary-required

Strict production smoke

A green local build does not prove the branded production app, headers, routes, protected fail-closed checks, and public pages are reachable.

Required before external launch, buyer campaign activation, investor demo packet distribution, or board-readiness claim.
  • Detection: Run the public production smoke against https://app.scrimedsolutions.com from a network that can resolve DNS.
  • Command: SCRIMED_BASE_URL=https://app.scrimedsolutions.com SCRIMED_WORKSPACE_SLUG=atlas-synthetic-evaluation npm run smoke:public
  • Pass condition: All public HTML routes, JSON APIs, Markdown briefs, headers, and protected fail-closed checks pass.
  • Workaround: If sandbox DNS blocks this command, rerun with approved network access and attach the preflight classification to the launch note.
  • The smoke suite does not approve protected AAL2 happy-path mutations or production clinical authority.
operator-required

Domain ownership and route fallback

Custom-domain routing, SSL, Vercel aliasing, and Wix CTA routing are external systems and can drift independently of source code.

Buyer-facing launch material should use the branded domain only after this verification is current.
  • Detection: Verify app.scrimedsolutions.com health, product, launch-readiness, and pilot routes after every DNS, Vercel, or Wix CTA change.
  • Command: curl -L --max-time 20 -s -I https://app.scrimedsolutions.com/api/launch-readiness
  • Pass condition: The branded domain returns launch-readiness headers and buyer routes load without Vercel-auth friction.
  • Workaround: Use direct Vercel deployment URLs or authenticated share links for internal review while branded DNS or CTA routing is repaired.
  • Fallback routes are continuity aids, not a replacement for branded-domain launch readiness.

Launch tracks

Every launch surface now has an owner, gate, workaround, and hard stop.

Use Launch Readiness before any public campaign, buyer demo day, investor packet release, or broader app launch: run build/typecheck/lint, run strict branded-domain public smoke from a network with DNS, run launch-domain preflight to classify sandbox ENOTFOUND separately, keep fallback evidence continuity-only, verify no-authority headers, keep protected AAL2 happy-path proof operator-only, and route unresolved legal, finance, clinical, security, certification, PHI, connector, SLA, customer-release, revenue, and profit claims through qualified review.

contained

Custom domain and DNS preflight

Can operators distinguish a restricted sandbox DNS failure from a real production-domain outage?

Release Steward + Domain/DNS Administrator
  • Control: Run strict production smoke against the branded domain when network DNS is available, and run the launch domain preflight to classify DNS, HTTP, and fallback deployment posture.
  • Gate: Primary branded domain must resolve and pass smoke from an unrestricted network before public launch approval.
  • Workaround: When the managed sandbox returns ENOTFOUND, rerun production smoke with approved network access and use the fallback Vercel alias only as supporting evidence, not as launch approval.
  • Hard stop: Do not mark launch green from fallback-only proof when the branded domain cannot be verified.
  • Proof: /release-continuity, /operations, /navigation, /api/launch-readiness
ready

Source, build, and route inventory

Does the deployed product match the source and expose navigable launch-critical routes?

Engineering + Product Console
  • Control: Keep build, typecheck, route inventory, API route pattern count, persistent navigation, and smoke-covered HTML routes aligned before promotion.
  • Gate: Typecheck, lint, build, navigation inventory, public smoke, and route counts must agree before external promotion.
  • Workaround: If one dynamic detail route cannot be smoked, keep the canonical route smoke-covered and rely on build/typecheck for the dynamic segment until it becomes buyer-critical.
  • Hard stop: Do not launch with missing primary navigation, stale route counts, or broken canonical buyer paths.
  • Proof: /navigation, /product, /api/navigation-audit, /api/product/console
ready

Product and offer packaging

Can a buyer understand what SCRIMED sells without internal explanation?

Product Console + Revenue Operations
  • Control: Use the Product Console, Offerings Portfolio, demos, pilots, pricing, and proof stack as the first buyer-facing product path.
  • Gate: Every launch conversation has a sellable package, scope boundary, proof route, and next buyer action.
  • Workaround: Use assessment or synthetic pilot packages when production connectors, PHI, customer proof, or live-care authority are not approved.
  • Hard stop: Do not sell live clinical execution, EHR writeback, payer submission, or autonomous patient outreach.
  • Proof: /product, /offerings, /demos, /pilots, /pricing, /pilot-deal-room
ready

Service delivery and onboarding

Can SCRIMED handle demos, pilots, meetings, handoffs, and follow-up without ad hoc process?

Customer Operations + Sales Engineering
  • Control: Route client onboarding through human-reviewed emails, calendar-ready agendas, demo scripts, pilot workshops, follow-up SLAs, and handoff controls.
  • Gate: Each opportunity has owner, stage, communication packet, proof routes, scope, retained boundary, and next meeting artifact.
  • Workaround: Use manual human-send communications and no-PHI meeting packets until email/calendar automation and CRM sync are approved.
  • Hard stop: Do not auto-send emails, create calendar invites, bind contracts, store PHI, or promise procurement approval.
  • Proof: /client-onboarding, /sales-operations, /pilot, /pilot-workspace/access
external-review-required

Enterprise operations and margin control

Can SCRIMED scale revenue operations without letting contracts, margin, tax, or accounting risk drift?

Founder + Legal Ops + Finance + Accounting + Revenue Operations
  • Control: Run every serious opportunity through deal desk, price floor, margin review, legal/accounting/tax routing, billing readiness, and blocked-claim checks.
  • Gate: No enterprise proposal expands beyond approved package, price floor, review owner, contract posture, and margin exposure.
  • Workaround: Use non-binding readiness packets and qualified-review labels until counsel, accounting, tax, and finance reviewers approve templates.
  • Hard stop: Do not imply audited financials, legal approval, tax advice, revenue guarantee, profit guarantee, securities material, or contract approval.
  • Proof: /enterprise-business-ops, /capital-vitality, /public-market-readiness, /growth-engine
contained

Scale, support, and reliability posture

Can SCRIMED discuss enterprise scale without accidentally promising an SLA or managed service?

Platform + Service Reliability + Customer Operations
  • Control: Use scale domains, service reliability controls, incident/change operations, support-tier review, cost thresholds, and regional gates before commitments expand.
  • Gate: Support, uptime, SLO, region, residency, DR, and cost commitments must be contract-reviewed before buyer use.
  • Workaround: Offer launch-window support plans and review cadences as readiness language, not contractual SLA language.
  • Hard stop: Do not claim 24/7 production support, SOC/MDR coverage, uptime guarantee, or data-residency approval.
  • Proof: /enterprise-scalability, /service-reliability, /operational-efficiency, /platform-power
external-review-required

Healthcare data, interoperability, and patient safety

Can SCRIMED show strong health-record capability while keeping live-data and clinical authority blocked?

Clinical Governance + Interoperability + Privacy + Security
  • Control: Keep health records, interoperability, extraction, patient-safety lint, and clinical activation on synthetic/no-PHI tracks until buyer-specific authority exists.
  • Gate: Live PHI, EHR/HIE/payer connectors, matching, writeback, patient outreach, payer submission, or clinical action require explicit buyer, legal, privacy, security, and clinical approval.
  • Workaround: Use no-PHI synthetic extraction, metadata-only artifact references, standards mapping, and external evidence pointers.
  • Hard stop: Do not process PHI, diagnose, triage emergencies, prescribe, mutate records, submit claims, or represent clinical validation.
  • Proof: /health-records, /interoperability, /clinical-authority-readiness, /clinical-care-activation
external-review-required

Approvals, certifications, and global launch readiness

Can domestic and global launch claims stay prepared without claiming approval?

Legal + Security + Privacy + Regional Counsel + AI Governance
  • Control: Route HIPAA/BAA, SOC 2, HITRUST, ISO, FDA, ONC, EU AI Act, GDPR, NHS, MHRA, Australia, public-sector, and region-specific questions through evidence tracks.
  • Gate: External certification, conformity, regulatory, legal, privacy, procurement, and security claims must cite qualified evidence before use.
  • Workaround: Use preparation packets, official-source checklists, and external-review-required headers until formal approvals exist.
  • Hard stop: Do not claim HIPAA certification, SOC 2/HITRUST/ISO certification, FDA clearance, ONC certification, GDPR assurance, EU AI Act conformity, NHS/MHRA/Australia approval, or public-sector procurement approval.
  • Proof: /approvals-readiness, /global-certification-readiness, /global-reach, /trust-center
contained

AI, API, UI, agents, and continuous review

Can the platform feel enterprise-grade while keeping live AI authority and autonomous remediation blocked?

Platform Engineering + TrustOS + QA + Internal Research Team
  • Control: Keep API contracts, UI command paths, model-route controls, agent approval, eval/red-team loops, evidence retrieval, review agents, and incident learning wired into launch proof.
  • Gate: Launch messaging must show agent-assisted review and AI readiness while preserving human approval, no-PHI, no-live-AI, and no-public-quantum boundaries.
  • Workaround: Assign speculative technology such as quantum-safe readiness to internal research with no public capability claim.
  • Hard stop: Do not claim live autonomous AI authority, production model approval, public API SLA, trillion-scale equivalence, security certification, or public quantum capability.
  • Proof: /platform-power, /agents, /continuous-review-audit, /qa-claim-guard
operator-required

Protected proof and customer release

Can SCRIMED prove diligence value without exposing protected artifacts or customer-specific claims?

Buyer Diligence + TrustOps + Release Steward + Approved AAL2 Operator
  • Control: Keep protected buyer proof, release decisions, reviewer signoffs, distribution lockbox, recipient attestations, access logs, provider adapters, procurement evidence, and AAL2 proof fail-closed publicly.
  • Gate: Customer-specific proof must have permission, reviewer signoff, recipient scope, release authority, and access-log reconciliation before external sharing.
  • Workaround: Use public proof routes, synthetic evidence, and metadata-only protected summaries until customer release is approved.
  • Hard stop: Do not share named customer proof, confidential buyer artifacts, protected packets, or authenticated evidence without retained approval chain.
  • Proof: /pilot-workspace/access, /buyer-release-control-run, /qa-buyer-proof-release, /qa-manual-execution-console

Service paths

Launch is treated as product, service, diligence, proposal, and authority operations.

service

Public buyer entry

Homepage, Product Console, Offerings, Demos, Pilots, Pricing, and Pilot intake load from branded domain.

Founder + Product Console
  • Public, no-PHI, synthetic-only, claims-controlled.
  • Customer output: Clear buyer path from interest to product proof and pilot request.
  • Fallback: Share direct product, demo, pricing, and pilot URLs if Wix CTA routing is delayed.
service

Guided demo and pilot scoping

Client Onboarding packets, demo scripts, meeting agendas, pilot workshop notes, and follow-up controls are ready.

Sales Engineering + Customer Operations
  • Human-reviewed communications, no automatic send, no calendar mutation.
  • Customer output: Professional demo, pilot scope, presentation, and next-step artifacts.
  • Fallback: Manual email/calendar send using approved no-PHI packets.
service

Protected diligence and evidence

Protected workspace fail-closed publicly; AAL2 operator run produces no-secret retained proof when approved.

Buyer Diligence + TrustOps
  • AAL2 protected, tenant-scoped, no-PHI, metadata-only where external artifacts are referenced.
  • Customer output: Controlled diligence packet or public proof map, depending on release authority.
  • Fallback: Public proof routes and synthetic evidence summaries until protected release gates pass.
service

Enterprise proposal and contract review

Enterprise Business Ops, price floors, margin controls, blocked claims, and qualified-review owners are attached.

Legal Ops + Finance + Revenue Operations
  • Non-binding until executive, legal, accounting, tax, and buyer authority reviews complete.
  • Customer output: Scope, proof, assumptions, price logic, retained boundaries, and review path.
  • Fallback: Readiness-only proposal packet and review calendar before formal contracting.
service

Clinical and global expansion readiness

Approvals, Global Certification, Clinical Authority, Health Records, and Interoperability gates are visible.

Clinical Governance + Regional Counsel + Security
  • Preparation only until qualified external evidence exists.
  • Customer output: Region, approval, privacy, security, data, and clinical-authority plan.
  • Fallback: Synthetic, metadata-only, and external-reference evidence lanes until local approvals exist.

Launch risks

Known launch risks are contained before they become launch promises.

high

Sandbox DNS false negative blocks confidence even when production is healthy.

Classify DNS lookup failure separately from application failure and require unrestricted-network smoke before launch approval.

Release Steward
  • Gate: Primary branded domain resolves and public smoke passes from approved network.
high

Fallback deployment URL could be mistaken for buyer-ready launch proof.

Label fallback as continuity-only and keep branded-domain proof as the go/no-go requirement.

Product Console + Domain Administrator
  • Gate: Domain, SSL, Vercel alias, Wix CTA, and launch-readiness API headers verified.
medium

Launch breadth overwhelms first-time buyers or investors.

Route audiences into Product, Offerings, Client Onboarding, Investor Readiness, or Pilot Deal Room instead of exposing the full route map first.

Founder + Revenue Operations
  • Gate: Each launch audience has one packet, one proof ladder, one owner, and one next action.
critical

Product claims outrun approvals, certifications, or healthcare authority.

Keep no-authority headers, blocked claims, Claim Guard, approval tracks, and clinical/global gates visible in every launch-critical lane.

TrustOS + Claim Guard + Qualified Reviewers
  • Gate: External evidence and qualified reviewer signoff exist for any expanded claim.
high

Service delivery grows faster than support, margin, or governance.

Tie every demo, pilot, assessment, and proposal to onboarding controls, price floors, support posture, and margin review.

Customer Operations + Finance + Legal Ops
  • Gate: Repeatable onboarding, support, billing, contract, and margin processes are approved for the target segment.