Launch readiness
SCRIMED now separates sandbox DNS limits from real launch go/no-go proof.
This control plane keeps launch structure, product readiness, service readiness, strict branded-domain verification, DNS fallback evidence, protected AAL2 proof, and authority boundaries in one operator-reviewed lane.
Boundary
Fallback proof is useful; branded-domain proof is mandatory.
SCRIMED Launch Readiness organizes launch structure, product readiness, service readiness, functional verification, DNS/domain checks, sandbox limitations, and workarounds into one go/no-go control plane. It is operating-readiness evidence only. It does not bypass sandbox restrictions, override DNS, approve production clinical use, authorize PHI processing, certify security or compliance, create a contractual SLA, approve production connectors, approve customer release, provide legal/accounting/tax advice, guarantee revenue or profit, or replace qualified human launch review.
DNS and sandbox controls
Restricted DNS failures are classified, while the branded launch gate stays strict.
Sandbox DNS classifier
Restricted Codex sandbox execution can return getaddrinfo ENOTFOUND for app.scrimedsolutions.com even when the production app is reachable from an approved network.
- Detection: The launch domain preflight first resolves the primary host, then requests health endpoints, then tests a fallback Vercel alias when the sandbox cannot resolve DNS.
- Command: SCRIMED_PRIMARY_BASE_URL=https://app.scrimedsolutions.com SCRIMED_FALLBACK_BASE_URL=https://scrimed-site.vercel.app npm run smoke:launch-domain-preflight
- Pass condition: Primary domain resolves and returns SCRIMED health/readiness, or sandbox DNS failure is explicitly classified while fallback health/readiness passes for internal continuity.
- Workaround: Request approved network execution for production smoke, run the fallback preflight for continuity evidence, and keep the branded domain as the buyer-facing target.
- This does not bypass DNS, alter external records, or convert fallback-only evidence into launch approval.
Strict production smoke
A green local build does not prove the branded production app, headers, routes, protected fail-closed checks, and public pages are reachable.
- Detection: Run the public production smoke against https://app.scrimedsolutions.com from a network that can resolve DNS.
- Command: SCRIMED_BASE_URL=https://app.scrimedsolutions.com SCRIMED_WORKSPACE_SLUG=atlas-synthetic-evaluation npm run smoke:public
- Pass condition: All public HTML routes, JSON APIs, Markdown briefs, headers, and protected fail-closed checks pass.
- Workaround: If sandbox DNS blocks this command, rerun with approved network access and attach the preflight classification to the launch note.
- The smoke suite does not approve protected AAL2 happy-path mutations or production clinical authority.
Domain ownership and route fallback
Custom-domain routing, SSL, Vercel aliasing, and Wix CTA routing are external systems and can drift independently of source code.
- Detection: Verify app.scrimedsolutions.com health, product, launch-readiness, and pilot routes after every DNS, Vercel, or Wix CTA change.
- Command: curl -L --max-time 20 -s -I https://app.scrimedsolutions.com/api/launch-readiness
- Pass condition: The branded domain returns launch-readiness headers and buyer routes load without Vercel-auth friction.
- Workaround: Use direct Vercel deployment URLs or authenticated share links for internal review while branded DNS or CTA routing is repaired.
- Fallback routes are continuity aids, not a replacement for branded-domain launch readiness.
Launch tracks
Every launch surface now has an owner, gate, workaround, and hard stop.
Use Launch Readiness before any public campaign, buyer demo day, investor packet release, or broader app launch: run build/typecheck/lint, run strict branded-domain public smoke from a network with DNS, run launch-domain preflight to classify sandbox ENOTFOUND separately, keep fallback evidence continuity-only, verify no-authority headers, keep protected AAL2 happy-path proof operator-only, and route unresolved legal, finance, clinical, security, certification, PHI, connector, SLA, customer-release, revenue, and profit claims through qualified review.
Custom domain and DNS preflight
Can operators distinguish a restricted sandbox DNS failure from a real production-domain outage?
- Control: Run strict production smoke against the branded domain when network DNS is available, and run the launch domain preflight to classify DNS, HTTP, and fallback deployment posture.
- Gate: Primary branded domain must resolve and pass smoke from an unrestricted network before public launch approval.
- Workaround: When the managed sandbox returns ENOTFOUND, rerun production smoke with approved network access and use the fallback Vercel alias only as supporting evidence, not as launch approval.
- Hard stop: Do not mark launch green from fallback-only proof when the branded domain cannot be verified.
- Proof: /release-continuity, /operations, /navigation, /api/launch-readiness
Source, build, and route inventory
Does the deployed product match the source and expose navigable launch-critical routes?
- Control: Keep build, typecheck, route inventory, API route pattern count, persistent navigation, and smoke-covered HTML routes aligned before promotion.
- Gate: Typecheck, lint, build, navigation inventory, public smoke, and route counts must agree before external promotion.
- Workaround: If one dynamic detail route cannot be smoked, keep the canonical route smoke-covered and rely on build/typecheck for the dynamic segment until it becomes buyer-critical.
- Hard stop: Do not launch with missing primary navigation, stale route counts, or broken canonical buyer paths.
- Proof: /navigation, /product, /api/navigation-audit, /api/product/console
Product and offer packaging
Can a buyer understand what SCRIMED sells without internal explanation?
- Control: Use the Product Console, Offerings Portfolio, demos, pilots, pricing, and proof stack as the first buyer-facing product path.
- Gate: Every launch conversation has a sellable package, scope boundary, proof route, and next buyer action.
- Workaround: Use assessment or synthetic pilot packages when production connectors, PHI, customer proof, or live-care authority are not approved.
- Hard stop: Do not sell live clinical execution, EHR writeback, payer submission, or autonomous patient outreach.
- Proof: /product, /offerings, /demos, /pilots, /pricing, /pilot-deal-room
Service delivery and onboarding
Can SCRIMED handle demos, pilots, meetings, handoffs, and follow-up without ad hoc process?
- Control: Route client onboarding through human-reviewed emails, calendar-ready agendas, demo scripts, pilot workshops, follow-up SLAs, and handoff controls.
- Gate: Each opportunity has owner, stage, communication packet, proof routes, scope, retained boundary, and next meeting artifact.
- Workaround: Use manual human-send communications and no-PHI meeting packets until email/calendar automation and CRM sync are approved.
- Hard stop: Do not auto-send emails, create calendar invites, bind contracts, store PHI, or promise procurement approval.
- Proof: /client-onboarding, /sales-operations, /pilot, /pilot-workspace/access
Enterprise operations and margin control
Can SCRIMED scale revenue operations without letting contracts, margin, tax, or accounting risk drift?
- Control: Run every serious opportunity through deal desk, price floor, margin review, legal/accounting/tax routing, billing readiness, and blocked-claim checks.
- Gate: No enterprise proposal expands beyond approved package, price floor, review owner, contract posture, and margin exposure.
- Workaround: Use non-binding readiness packets and qualified-review labels until counsel, accounting, tax, and finance reviewers approve templates.
- Hard stop: Do not imply audited financials, legal approval, tax advice, revenue guarantee, profit guarantee, securities material, or contract approval.
- Proof: /enterprise-business-ops, /capital-vitality, /public-market-readiness, /growth-engine
Scale, support, and reliability posture
Can SCRIMED discuss enterprise scale without accidentally promising an SLA or managed service?
- Control: Use scale domains, service reliability controls, incident/change operations, support-tier review, cost thresholds, and regional gates before commitments expand.
- Gate: Support, uptime, SLO, region, residency, DR, and cost commitments must be contract-reviewed before buyer use.
- Workaround: Offer launch-window support plans and review cadences as readiness language, not contractual SLA language.
- Hard stop: Do not claim 24/7 production support, SOC/MDR coverage, uptime guarantee, or data-residency approval.
- Proof: /enterprise-scalability, /service-reliability, /operational-efficiency, /platform-power
Healthcare data, interoperability, and patient safety
Can SCRIMED show strong health-record capability while keeping live-data and clinical authority blocked?
- Control: Keep health records, interoperability, extraction, patient-safety lint, and clinical activation on synthetic/no-PHI tracks until buyer-specific authority exists.
- Gate: Live PHI, EHR/HIE/payer connectors, matching, writeback, patient outreach, payer submission, or clinical action require explicit buyer, legal, privacy, security, and clinical approval.
- Workaround: Use no-PHI synthetic extraction, metadata-only artifact references, standards mapping, and external evidence pointers.
- Hard stop: Do not process PHI, diagnose, triage emergencies, prescribe, mutate records, submit claims, or represent clinical validation.
- Proof: /health-records, /interoperability, /clinical-authority-readiness, /clinical-care-activation
Approvals, certifications, and global launch readiness
Can domestic and global launch claims stay prepared without claiming approval?
- Control: Route HIPAA/BAA, SOC 2, HITRUST, ISO, FDA, ONC, EU AI Act, GDPR, NHS, MHRA, Australia, public-sector, and region-specific questions through evidence tracks.
- Gate: External certification, conformity, regulatory, legal, privacy, procurement, and security claims must cite qualified evidence before use.
- Workaround: Use preparation packets, official-source checklists, and external-review-required headers until formal approvals exist.
- Hard stop: Do not claim HIPAA certification, SOC 2/HITRUST/ISO certification, FDA clearance, ONC certification, GDPR assurance, EU AI Act conformity, NHS/MHRA/Australia approval, or public-sector procurement approval.
- Proof: /approvals-readiness, /global-certification-readiness, /global-reach, /trust-center
AI, API, UI, agents, and continuous review
Can the platform feel enterprise-grade while keeping live AI authority and autonomous remediation blocked?
- Control: Keep API contracts, UI command paths, model-route controls, agent approval, eval/red-team loops, evidence retrieval, review agents, and incident learning wired into launch proof.
- Gate: Launch messaging must show agent-assisted review and AI readiness while preserving human approval, no-PHI, no-live-AI, and no-public-quantum boundaries.
- Workaround: Assign speculative technology such as quantum-safe readiness to internal research with no public capability claim.
- Hard stop: Do not claim live autonomous AI authority, production model approval, public API SLA, trillion-scale equivalence, security certification, or public quantum capability.
- Proof: /platform-power, /agents, /continuous-review-audit, /qa-claim-guard
Protected proof and customer release
Can SCRIMED prove diligence value without exposing protected artifacts or customer-specific claims?
- Control: Keep protected buyer proof, release decisions, reviewer signoffs, distribution lockbox, recipient attestations, access logs, provider adapters, procurement evidence, and AAL2 proof fail-closed publicly.
- Gate: Customer-specific proof must have permission, reviewer signoff, recipient scope, release authority, and access-log reconciliation before external sharing.
- Workaround: Use public proof routes, synthetic evidence, and metadata-only protected summaries until customer release is approved.
- Hard stop: Do not share named customer proof, confidential buyer artifacts, protected packets, or authenticated evidence without retained approval chain.
- Proof: /pilot-workspace/access, /buyer-release-control-run, /qa-buyer-proof-release, /qa-manual-execution-console
Service paths
Launch is treated as product, service, diligence, proposal, and authority operations.
Public buyer entry
Homepage, Product Console, Offerings, Demos, Pilots, Pricing, and Pilot intake load from branded domain.
- Public, no-PHI, synthetic-only, claims-controlled.
- Customer output: Clear buyer path from interest to product proof and pilot request.
- Fallback: Share direct product, demo, pricing, and pilot URLs if Wix CTA routing is delayed.
Guided demo and pilot scoping
Client Onboarding packets, demo scripts, meeting agendas, pilot workshop notes, and follow-up controls are ready.
- Human-reviewed communications, no automatic send, no calendar mutation.
- Customer output: Professional demo, pilot scope, presentation, and next-step artifacts.
- Fallback: Manual email/calendar send using approved no-PHI packets.
Protected diligence and evidence
Protected workspace fail-closed publicly; AAL2 operator run produces no-secret retained proof when approved.
- AAL2 protected, tenant-scoped, no-PHI, metadata-only where external artifacts are referenced.
- Customer output: Controlled diligence packet or public proof map, depending on release authority.
- Fallback: Public proof routes and synthetic evidence summaries until protected release gates pass.
Enterprise proposal and contract review
Enterprise Business Ops, price floors, margin controls, blocked claims, and qualified-review owners are attached.
- Non-binding until executive, legal, accounting, tax, and buyer authority reviews complete.
- Customer output: Scope, proof, assumptions, price logic, retained boundaries, and review path.
- Fallback: Readiness-only proposal packet and review calendar before formal contracting.
Clinical and global expansion readiness
Approvals, Global Certification, Clinical Authority, Health Records, and Interoperability gates are visible.
- Preparation only until qualified external evidence exists.
- Customer output: Region, approval, privacy, security, data, and clinical-authority plan.
- Fallback: Synthetic, metadata-only, and external-reference evidence lanes until local approvals exist.
Launch risks
Known launch risks are contained before they become launch promises.
Sandbox DNS false negative blocks confidence even when production is healthy.
Classify DNS lookup failure separately from application failure and require unrestricted-network smoke before launch approval.
- Gate: Primary branded domain resolves and public smoke passes from approved network.
Fallback deployment URL could be mistaken for buyer-ready launch proof.
Label fallback as continuity-only and keep branded-domain proof as the go/no-go requirement.
- Gate: Domain, SSL, Vercel alias, Wix CTA, and launch-readiness API headers verified.
Launch breadth overwhelms first-time buyers or investors.
Route audiences into Product, Offerings, Client Onboarding, Investor Readiness, or Pilot Deal Room instead of exposing the full route map first.
- Gate: Each launch audience has one packet, one proof ladder, one owner, and one next action.
Product claims outrun approvals, certifications, or healthcare authority.
Keep no-authority headers, blocked claims, Claim Guard, approval tracks, and clinical/global gates visible in every launch-critical lane.
- Gate: External evidence and qualified reviewer signoff exist for any expanded claim.
Service delivery grows faster than support, margin, or governance.
Tie every demo, pilot, assessment, and proposal to onboarding controls, price floors, support posture, and margin review.
- Gate: Repeatable onboarding, support, billing, contract, and margin processes are approved for the target segment.