Boundary Register

Limitations and workaround operations

SCRIMED turns every limitation into a safe operating path, owner, proof route, and graduation gate.

This control plane resolves the practical question behind every boundary: what do we do today, safely, while PHI, live care, legal, finance, security, certification, connector, API, AI, release, and global authority remain gated?

Statuslimitations-workaround-control-plane-active
Tracks12
Open risks11
Critical4
High risk5
Packets8
Escalations8
Playbooks11
Preflights5
Fail closed1
Known blockers6
Unresolved blockers4
Execution ledger5
Resolved controls5
Cadences6
Proof routes42
Hard stops180
Blocked claims24

Operating boundary

Workarounds create safe motion; they do not create authority.

SCRIMED Limitations and Workaround Operations turns hard boundaries, defects, bottlenecks, unresolved approvals, and unsupported claims into safe operating alternatives with owners, proof routes, escalation triggers, expiration rules, and graduation gates. It is a workaround and containment layer only. It does not authorize PHI processing, live clinical care, patient matching, EHR writeback, payer submission, production connectors, public API SLAs, contractual uptime, managed service coverage, autonomous remediation, live autonomous AI, production model routing, legal advice, accounting advice, tax advice, audited financial reporting, securities material, revenue guarantees, profit-margin guarantees, security certification, accessibility certification, regulatory approval, public quantum capability claims, or buyer release authority.

01Classify every issue, blocker, limitation, or buyer request by category, severity, owner, proof route, and authority boundary.
02Prefer a safe workaround packet before inventing a new process: synthetic no-PHI, external evidence reference, human-reviewed communication, AAL2 proof, API contract, model-route register, deal desk, or regional pack.
03Escalate immediately when PHI, live care, legal, finance, tax, security certification, regional approval, production connector, public API SLA, live AI, or buyer-release authority is implied.
04Attach an expiration rule so workaround packets do not become stale informal permission.
05Graduate the workaround only after the required evidence, qualified review, customer authority, release decision, and smoke or protected proof exist.
06Promote repeated issues into Navigation Audit, Operational Efficiency, Boundary Resolution, Platform Power, Service Reliability, or public smoke coverage.

Boundaries buyers can trust

SCRIMED turns limitations into a safer buying path instead of hiding them until procurement.

The strategic message is simple: buyers can purchase no-PHI assessments and synthetic pilots now because SCRIMED keeps production, clinical, connector, security, and legal authority visibly gated.

buyer concern

Can we evaluate SCRIMED without exposing PHI or live operations?

Yes. Current demos, assessments, and synthetic pilots are designed around no-PHI inputs, synthetic fixtures, metadata-only references, and explicit live-data hard stops.

Buyers can move into a paid workflow assessment or synthetic pilot before privacy, connector, and live clinical approvals are complete.
  • Proof route: /health-records
buyer concern

Will SCRIMED overpromise compliance, security, or clinical readiness?

No. The claims register, Trust Center, global certification readiness, and limitation routes separate readiness evidence from certification or approval claims.

Procurement, counsel, and security reviewers can evaluate the current posture without forcing the sales team to invent unsupported answers.
  • Proof route: /trust-center
buyer concern

What happens when a buyer asks for something outside today’s capability?

SCRIMED converts the request into a workaround packet with owner, safe inputs, output, expiry rule, hard stops, escalation trigger, and graduation gate.

Sales momentum continues through scoped alternatives instead of unsafe custom promises or stalled follow-up.
  • Proof route: /limitations-workarounds
buyer concern

How does SCRIMED keep reliability issues from becoming hidden risk?

Route checks, release proof, TrustOps incidents, operational-efficiency sprints, and continuous review loops make defects and bottlenecks visible.

Enterprise buyers see a vendor operating model they can inspect before a larger pilot or protected activation.
  • Proof route: /trust-safety-operations

Boundary escalation matrix

High-risk requests now have deterministic triage before anyone improvises a promise.

Each pattern defines the immediate decision, safe response, owner, escalation path, decision SLA, hard stops, and evidence required before the boundary can graduate.

critical / Immediate block, same-business-day owner assignment, and daily review until safely re-scoped.

Buyer asks to upload, paste, connect, or analyze PHI, patient identifiers, member IDs, live charts, production records, or customer credentials.

Block the request and re-scope to synthetic, no-PHI, or metadata-only evaluation.

Privacy, security, clinical governance, customer authority owner, and TrustOS
  • Safe response: SCRIMED can evaluate the workflow with synthetic fixtures, metadata-only source references, and a health-record safety plan while PHI authority remains gated.
  • Path: Health Records Safety Exchange, Clinical Authority Readiness, Boundary Resolution, Qualified customer/privacy approval
  • Hard stops: PHI introduced, patient identifier introduced, production credential requested, live chart requested
  • Evidence: BAA/DPA when required, customer authority, security review, clinical governance approval, connector/data boundary approval
  • Proof routes: /health-records, /clinical-authority-readiness, /boundary-resolution
critical / Immediate claim hold before external use; qualified review required before any clinical wording expands.

Buyer, demo, sales, or product language asks SCRIMED to diagnose, treat, triage, prescribe, route patients, sign notes, or provide production CDS.

Hold the claim and convert the workflow to draft-only operational planning with human clinical review.

Clinical governance, qualified clinicians, legal, privacy, and release stewardship
  • Safe response: SCRIMED can prepare workflow intelligence, draft queues, evidence organization, and governance packets, but live clinical decisions require qualified authority.
  • Path: Clinical Care Activation, Clinical Authority Readiness, QA Claim Guard, Regulatory/intended-use review
  • Hard stops: diagnosis implied, treatment implied, autonomous triage requested, clinician signature implied
  • Evidence: intended-use review, clinical governance approval, customer scope, monitoring/override plan, rollback evidence
  • Proof routes: /clinical-care-activation, /clinical-authority-readiness, /qa-claim-guard
critical / Immediate block for production endpoints; weekly connector-readiness review once safely scoped.

Buyer requests production EHR, HIE, payer, imaging, device, SMART launch, writeback, patient matching, or payer submission connectivity.

Block live connector execution and route to standards mapping, sandbox preflight, and customer authority review.

Interoperability, platform engineering, privacy, security, clinical governance, and customer integration owner
  • Safe response: SCRIMED can provide standards-aware synthetic conformance review, connector contract planning, and no-mutation evidence before production connectivity is approved.
  • Path: Interoperability registry, Health Records Safety Exchange, Platform Power API contract register, Customer sandbox authority
  • Hard stops: production endpoint requested, EHR writeback requested, payer submission requested, patient matching requested
  • Evidence: customer sandbox, security review, connector contract, mutation policy, audit/monitoring, rollback plan
  • Proof routes: /interoperability, /health-records, /platform-power, /integrations/fixture-validation
high / Same-business-day evidence owner assignment; weekly procurement evidence review until artifact status changes.

Procurement asks for SOC 2, HITRUST, ISO, HIPAA certification, penetration testing, vendor-risk approval, BAA/DPA, or security signoff.

Respond with readiness posture, available evidence references, missing artifacts, and external-review owner.

Security, privacy, legal, trust operations, customer authority owner, and qualified external reviewer
  • Safe response: SCRIMED can provide trust-center readiness evidence, metadata-only artifact references, and a review plan without claiming certification or approval.
  • Path: Trust Center, Global Certification Readiness, Provider Security Reviews, Procurement Evidence Registry
  • Hard stops: security certified claimed, SOC 2 certified claimed, HITRUST certified claimed, penetration test complete claimed
  • Evidence: qualified assessment, remediation evidence, approved artifact reference, customer-specific acceptance, release authority
  • Proof routes: /trust-center, /global-certification-readiness, /pilot-workspace/access
high / Same-business-day API owner assignment; weekly scale council for quota, support, incident, and price-floor decisions.

Buyer asks for public API access, unlimited usage, public SDK, uptime, support coverage, contractual SLA, managed service coverage, or trillion-scale capacity.

Route to API contract readiness and deal-desk review before any external commitment.

Platform engineering, service reliability, legal ops, finance, customer operations, and executive approver
  • Safe response: SCRIMED can share route summaries, version posture, boundary headers, rate-class planning, and support assumptions without creating an SLA.
  • Path: Platform Power, Enterprise Scalability, Service Reliability, Enterprise Business Ops
  • Hard stops: public API SLA implied, unlimited usage promised, contractual uptime promised, managed service commitment implied
  • Evidence: contract terms, rate limits, support tier, incident response plan, monitoring, price model, executive approval
  • Proof routes: /platform-power, /enterprise-scalability, /service-reliability, /enterprise-business-ops
critical / Immediate stop for protected execution; approval packet required before action resumes.

User asks agents to send messages, create invites, execute tools, remediate production, make clinical/legal/financial decisions, or act without human approval.

Switch to recommendation mode and require named human approval before any protected action.

AgentOS, TrustOS, QA, security, finance, clinical governance, and approved operator
  • Safe response: SCRIMED agents can plan, inspect, draft, evaluate, and route work while protected execution remains human-approved and audit-bound.
  • Path: AgentOS, TrustOS, Continuous Review, Manual QA Execution Console, QA Claim Guard
  • Hard stops: tool execution without approval, production remediation requested, clinical decision requested, legal or financial decision requested
  • Evidence: allowed tool schema, blocked tool list, human approval UI, audit persistence, rollback behavior, customer authority
  • Proof routes: /agents, /trust-os, /continuous-review-audit, /qa-manual-execution-console, /qa-claim-guard
high / Hold until qualified reviewer signs off on exact language, recipient, scope, and measurement boundary.

Proposal, investor, buyer, or board language asks for legal advice, tax/accounting conclusions, audited financials, valuation, securities material, ROI, revenue, reimbursement, or profit guarantees.

Hold external release and route to deal desk plus qualified legal, finance, accounting, tax, or securities review.

Founder, deal desk, legal, finance, accounting, tax, revenue operations, and qualified advisors
  • Safe response: SCRIMED can provide readiness evidence, fixed-scope offers, buyer-approved measurement plans, and review slots without giving professional advice or guarantees.
  • Path: Enterprise Business Ops, Growth Engine, Capital Vitality, Investor Audience Readiness, QA Claim Guard
  • Hard stops: legal advice implied, tax advice implied, securities material implied, ROI or revenue guaranteed
  • Evidence: qualified review, approved language, buyer baseline, measurement plan, recipient context, release decision
  • Proof routes: /enterprise-business-ops, /growth-engine, /capital-vitality, /investor-audience-readiness, /qa-claim-guard
high / Same-business-day region owner assignment; external regional review before any public-sector or country-specific claim.

Buyer or partner asks for country launch, public-sector approval, government endorsement, GDPR/EU AI Act conformity, NHS/MHRA/Australia approval, or data-residency approval.

Convert to regional discovery and localization planning until qualified regional authority exists.

Regional counsel, privacy, security, global partnerships, procurement, and customer authority owner
  • Safe response: SCRIMED can prepare no-PHI regional packs, deployment questions, and evidence implications without claiming local approval or conformity.
  • Path: Global Reach, Global Certification Readiness, Deployment Profiles, Boundary Resolution
  • Hard stops: country launch approved claimed, government endorsement implied, data residency approved claimed, regional compliance approved claimed
  • Evidence: regional counsel review, privacy/security review, hosting decision, procurement authority, partner/customer signoff
  • Proof routes: /global-reach, /global-certification-readiness, /deployment-profiles, /boundary-resolution

Boundary workaround playbook

Every preserved NO-GO boundary now maps to a safe alternative before execution expands.

The playbook gives operators deterministic trigger signals, immediate decisions, mapped packets, validation commands, fail-closed expectations, required approvals, residual risks, and graduation evidence.

blocked-until-evidence

live PHI, patient identifiers, member data, live charts, and production credentials

Block intake, do not store the payload, and re-scope to synthetic or metadata-only review.

synthetic-no-phi-packet
  • Signals: PHI upload, patient identifier, member ID, live chart, production credential
  • Safe alternative: Use the Synthetic no-PHI packet, Health Records Safety Exchange source mapping, and external evidence references without copying protected records into SCRIMED.
  • Approvals: privacy review, security review, customer authority, BAA/DPA when required, clinical governance review
  • Validate: npm run smoke:limitations-workarounds
  • Fail closed: Requests that contain PHI or identifiers remain blocked before storage, model routing, connector execution, or buyer-facing output.
  • Residual risk: Synthetic proof can support diligence, but it does not validate live PHI operations or patient-specific safety.
  • Hard stops: PHI pasted into prompt, live chart uploaded, patient matching requested, production credential provided
  • Proof routes: /health-records, /clinical-authority-readiness, /boundary-resolution, /limitations-workarounds
external-approval-required

diagnosis, treatment, prescribing, triage, patient routing, signed notes, and production CDS

Convert to draft-only workflow intelligence and require qualified clinical review.

synthetic-no-phi-packet
  • Signals: diagnosis, treatment recommendation, prescribing, triage, sign note, clinical decision support
  • Safe alternative: Use clinical-governance preparation, synthetic clinical robustness evaluation, evidence organization, and human review queues.
  • Approvals: qualified clinician review, intended-use review, regulatory classification, customer scope approval, monitoring and override plan
  • Validate: npm run smoke:clinical-robustness-lab
  • Fail closed: Clinical outputs remain research/demo or draft-only and cannot become autonomous care, diagnosis, treatment, prescribing, or signed documentation.
  • Residual risk: Reviewer-gated drafts can reduce operational burden but do not replace clinician judgment or establish clinical validation.
  • Hard stops: autonomous diagnosis, treatment plan finalized, prescription action, patient routed without approval
  • Proof routes: /clinical-care-activation, /clinical-authority-readiness, /clinical-robustness-lab, /qa-claim-guard
blocked-until-evidence

production EHR/HIE/payer/imaging/device connector use, patient matching, writeback, and mutation

Block production connector execution and convert the ask into standards mapping plus sandbox preflight.

api-contract-readiness
  • Signals: production endpoint, SMART launch, EHR writeback, patient matching, PACS mutation, device feed
  • Safe alternative: Use fixture validation, interoperability conformance metadata, connector contract review, and no-mutation evidence packets.
  • Approvals: customer sandbox authority, security review, connector contract, mutation policy, audit and rollback review
  • Validate: npm run smoke:public
  • Fail closed: Production connector, writeback, patient matching, and raw connector payload logging stay blocked until explicit customer and technical authority exists.
  • Residual risk: Synthetic conformance shows readiness posture only; it cannot prove customer-specific connector acceptance.
  • Hard stops: production endpoint requested, raw connector payload stored, EHR writeback requested, patient merge requested
  • Proof routes: /interoperability, /health-records, /integrations/fixture-validation, /platform-power
human-review-required

payer submission, billing submission, claim filing, reimbursement certainty, and medical-necessity determination

Keep payer work in documentation readiness or draft-review mode and block submission.

deal-desk-exception
  • Signals: submit prior authorization, submit claim, bill payer, medical necessity approved, reimbursement guaranteed
  • Safe alternative: Use Documentation-Before-Authorization checks, RCM denial-risk metadata, payer-policy lookup scaffolds, and human-reviewed packets.
  • Approvals: payer workflow owner, clinical reviewer, billing compliance review, customer authorization, release decision
  • Validate: npm run smoke:documentation-before-authorization
  • Fail closed: SCRIMED may identify missing documentation and draft review packets, but it does not submit payer transactions or guarantee reimbursement.
  • Residual risk: Documentation readiness can lower denial risk but cannot assure payer behavior or reimbursement.
  • Hard stops: payer transaction submitted, claim filed, reimbursement guaranteed, medical necessity certified
  • Proof routes: /scrimed-build-roadmap, /enterprise-business-ops, /qa-claim-guard, /limitations-workarounds
human-review-required

autonomous agent execution, production remediation, model routing, tool calls, email/calendar actions, and protected workflow actions

Switch to recommendation mode and require named human approval before any protected action resumes.

model-route-register
  • Signals: execute tool, send email, create calendar invite, auto-remediate, route PHI to model, production model approved
  • Safe alternative: Use the Meta-Harness, model-route register, manual QA execution console, and no-secret AAL2 operator lanes.
  • Approvals: tool permission owner, TrustOS review, security review, cost owner, clinical/legal/finance owner when relevant
  • Validate: npm run smoke:scrimed-meta-harness
  • Fail closed: Agents can plan, inspect, draft, evaluate, and recommend, but protected execution requires permissioned tools, audit logs, and human approval.
  • Residual risk: Human-reviewed recommendations still require monitoring for drift, misuse, cost spikes, and unsafe automation pressure.
  • Hard stops: tool execution without approval, patient outreach, production remediation, clinical/legal/financial decision
  • Proof routes: /agents, /trust-os, /scrimed-build-roadmap, /continuous-review-audit, /qa-manual-execution-console
external-approval-required

SOC 2, HITRUST, ISO, HIPAA certification, penetration test completion, BAA/DPA, and security signoff

Respond with readiness posture and evidence request owner, not certification language.

external-evidence-reference
  • Signals: SOC 2 certified, HITRUST certified, HIPAA certified, pentest complete, BAA approved, vendor risk approved
  • Safe alternative: Use Trust Center readiness, global certification readiness, provider security review metadata, and external evidence references.
  • Approvals: qualified assessor, security owner, privacy owner, legal owner, customer-specific acceptance
  • Validate: npm run smoke:limitations-workarounds
  • Fail closed: Security and privacy claims remain readiness-only unless qualified evidence and approved release authority exist.
  • Residual risk: Readiness artifacts can support procurement but do not substitute for independent assessment or customer acceptance.
  • Hard stops: certification claimed, assessment implied complete, security signoff promised, BAA accepted without review
  • Proof routes: /trust-center, /global-certification-readiness, /pilot-workspace/access, /boundary-resolution
human-review-required

public API SLA, unlimited usage, contractual uptime, managed service coverage, support guarantee, and scale-equivalence claims

Route to API contract readiness, pricing, support, incident, and executive review before external commitment.

api-contract-readiness
  • Signals: public API, unlimited usage, uptime guaranteed, managed service, support guarantee, trillion-dollar scale
  • Safe alternative: Share route summaries, version posture, boundary headers, draft quotas, rate classes, support assumptions, and no-SLA language.
  • Approvals: platform owner, service reliability owner, legal, finance, executive approver
  • Validate: npm run smoke:public
  • Fail closed: Public routes remain inspectable readiness surfaces and do not create contractual SLA, unlimited scale, or managed-service obligations.
  • Residual risk: Technical availability checks are not contractual commitments and do not prove enterprise support capacity.
  • Hard stops: unlimited usage promised, contractual uptime promised, managed service active claimed, scale parity guaranteed
  • Proof routes: /platform-power, /enterprise-scalability, /service-reliability, /enterprise-business-ops
external-approval-required

legal advice, tax/accounting conclusions, audited financials, securities material, valuation, ROI, revenue, reimbursement, and profit guarantees

Hold external release and route exact language to qualified legal, finance, accounting, tax, or securities review.

deal-desk-exception
  • Signals: legal advice, tax advice, audited financials, securities material, valuation, ROI guaranteed, revenue guaranteed
  • Safe alternative: Use fixed-scope offers, buyer-approved measurement plans, review slots, finance methodology gates, and no-guarantee language.
  • Approvals: qualified counsel, finance reviewer, accounting reviewer, tax reviewer when relevant, executive release authority
  • Validate: npm run smoke:limitations-workarounds
  • Fail closed: Commercial and investor material remains readiness and operating discipline, not legal advice, audited reporting, securities material, or guarantees.
  • Residual risk: Value narratives remain estimates or hypotheses until buyer-approved baselines and qualified review exist.
  • Hard stops: legal advice provided, tax/accounting conclusion, securities material released, ROI guaranteed
  • Proof routes: /enterprise-business-ops, /growth-engine, /capital-vitality, /investor-audience-readiness
external-approval-required

country launch, public-sector approval, government endorsement, data residency, GDPR, EU AI Act, NHS, MHRA, and regional procurement claims

Convert to no-PHI regional discovery and localization planning until qualified local authority exists.

global-regional-pack
  • Signals: country launch, government endorsed, data residency approved, GDPR approved, EU AI Act conformant, NHS approved
  • Safe alternative: Use global regional workaround packs, deployment profiles, regional evidence implications, and local-counsel owner assignment.
  • Approvals: regional counsel, privacy review, security review, hosting decision, procurement authority, partner/customer signoff
  • Validate: npm run smoke:limitations-workarounds
  • Fail closed: Regional work remains discovery and localization planning, not local approval, procurement acceptance, conformity, or launch authority.
  • Residual risk: Global readiness maps requirements but does not resolve local law, procurement, hosting, or clinical authority.
  • Hard stops: country launch approved, government endorsement implied, data residency approved early, regional compliance approved
  • Proof routes: /global-reach, /global-certification-readiness, /deployment-profiles, /boundary-resolution
human-review-required

customer go-live, buyer release, protected proof distribution, production support, and launch approval

Hold release language and require protected proof, reviewer signoff, recipient authority, and claim guard review.

aal2-protected-proof
  • Signals: go-live approved, buyer release, send proof packet, production support, launch approved
  • Safe alternative: Use QA Completion Bridge, Activation Seal, Manual QA Execution Console, Buyer Proof Release, and no-secret protected evidence packets.
  • Approvals: approved AAL2 operator, reviewer signoff, release steward, recipient authority, claim guard
  • Validate: npm run smoke:aal2:readiness
  • Fail closed: Public smoke and synthetic proof do not become buyer release authority or customer go-live approval.
  • Residual risk: Protected proof can expire or become stale after deployment, route, reviewer, workspace, recipient, or claim-language changes.
  • Hard stops: token retained, buyer release claimed early, go-live approved without signoff, protected proof shared without recipient authority
  • Proof routes: /release-continuity, /qa-manual-execution-console, /buyer-release-control-run, /pilot-workspace/access
blocked-until-evidence

public quantum capability, quantum clinical advantage, quantum-safe certification, and future infrastructure superiority

Keep the topic internal research only and remove external product, buyer, investor, or security claims.

external-evidence-reference
  • Signals: quantum capability, quantum advantage, quantum-safe certified, future infrastructure superiority
  • Safe alternative: Use internal research backlog items with hypothesis, source log, review owner, and no-public-claim labels.
  • Approvals: internal research owner, security review, legal review, claim guard, release decision
  • Validate: npm run smoke:limitations-workarounds
  • Fail closed: Quantum remains internal research and cannot appear as a public capability, certification, clinical advantage, or investor claim.
  • Residual risk: Future-facing language can quickly become an unsupported superiority claim if not kept behind release review.
  • Hard stops: public quantum capability claimed, quantum clinical advantage claimed, quantum-safe certification claimed
  • Proof routes: /continuous-review-audit, /qa-claim-guard, /boundary-resolution, /limitations-workarounds

Boundary preflight evaluator

Gray-zone requests are classified before they become execution, sales, or clinical promises.

Synthetic preflight cases prove SCRIMED maps risky requests to fail-closed decisions, approval gates, safe workaround packets, proof routes, and no-authority outputs.

block-fail-closed

preflight-live-phi-upload

Block intake, do not store the payload, and re-scope to synthetic or metadata-only review. Block production connector execution and convert the ask into standards mapping plus sandbox preflight.

synthetic-no-phi-packet, api-contract-readiness
  • Matched playbooks: playbook-live-phi-request, playbook-ehr-writeback-connector-request
  • Safe alternative: Use the Synthetic no-PHI packet, Health Records Safety Exchange source mapping, and external evidence references without copying protected records into SCRIMED. Use fixture validation, interoperability conformance metadata, connector contract review, and no-mutation evidence packets.
  • Approvals: privacy review, security review, customer authority, BAA/DPA when required, clinical governance review, customer sandbox authority, connector contract, mutation policy, audit and rollback review
  • Validate: npm run smoke:limitations-workarounds, npm run smoke:public
  • External execution allowed: no
  • PHI processing allowed: no
  • Autonomous action allowed: no
  • Audit: scrimed-limit-6aad07c3
human-review-required

preflight-payer-submit

Keep payer work in documentation readiness or draft-review mode and block submission.

deal-desk-exception
  • Matched playbooks: playbook-payer-submission-request
  • Safe alternative: Use Documentation-Before-Authorization checks, RCM denial-risk metadata, payer-policy lookup scaffolds, and human-reviewed packets.
  • Approvals: payer workflow owner, clinical reviewer, billing compliance review, customer authorization, release decision
  • Validate: npm run smoke:documentation-before-authorization
  • External execution allowed: no
  • PHI processing allowed: no
  • Autonomous action allowed: no
  • Audit: scrimed-limit-ddf12661
human-review-required

preflight-agent-remediate

Switch to recommendation mode and require named human approval before any protected action resumes.

model-route-register
  • Matched playbooks: playbook-autonomous-agent-action-request
  • Safe alternative: Use the Meta-Harness, model-route register, manual QA execution console, and no-secret AAL2 operator lanes.
  • Approvals: tool permission owner, TrustOS review, security review, cost owner, clinical/legal/finance owner when relevant
  • Validate: npm run smoke:scrimed-meta-harness
  • External execution allowed: no
  • PHI processing allowed: no
  • Autonomous action allowed: no
  • Audit: scrimed-limit-286ca658
external-approval-required

preflight-security-certification

Respond with readiness posture and evidence request owner, not certification language.

external-evidence-reference
  • Matched playbooks: playbook-security-certification-request
  • Safe alternative: Use Trust Center readiness, global certification readiness, provider security review metadata, and external evidence references.
  • Approvals: qualified assessor, security owner, privacy owner, legal owner, customer-specific acceptance
  • Validate: npm run smoke:limitations-workarounds
  • External execution allowed: no
  • PHI processing allowed: no
  • Autonomous action allowed: no
  • Audit: scrimed-limit-bd76bab8
safe-workaround-only

preflight-safe-synthetic-assessment

Proceed only as a no-PHI synthetic or metadata-only assessment with no protected execution.

synthetic assessment
  • Matched playbooks: none
  • Safe alternative: Use a buyer-safe synthetic assessment, metadata-only references, and human-reviewed output language.
  • Approvals: human review before external use
  • Validate: npm run smoke:limitations-workarounds
  • External execution allowed: no
  • PHI processing allowed: no
  • Autonomous action allowed: no
  • Audit: scrimed-limit-a4d43dd8

Known limit resolution queue

Current blockers now have safe workarounds, next proof commands, and graduation gates.

These are the practical boundaries SCRIMED is actively carrying forward from build and smoke execution: AAL2 operator proof, the AAL2 durable-store token blocker, durable-store feature flags, sandbox DNS, Supabase identity posture, local build tooling, and release hygiene.

high / requires-human-operator

Future AAL2 durable-store happy-path smoke runs still require an authorized tenant-admin, pilot-lead, or reviewer to supply a fresh short-lived AAL2 bearer token.

The latest strict canary produced protected record, replay, review, idempotency, and unauthenticated fail-closed proof, but every repeat run must still start from a fresh human AAL2 session.

Tenant governance operator + release engineering + TrustOS
  • Workaround: Run npm run smoke:aal2:readiness first, then use the no-secret helper with an explicit token source: npm run smoke:aal2:token -- --clipboard-token --clear-clipboard --write-env-local, or the hidden prompt path when clipboard transfer is blocked.
  • Resolution: Retain only no-secret smoke status, command names, workspace slug, role class, audit metadata, and packet hashes after a human AAL2 operator runs the strict smoke; never store or paste bearer tokens.
  • Next proof: npm run smoke:aal2:durable-store:strict
  • Fail-closed check: Missing SCRIMED_BEARER_TOKEN and invalid tokens stop before authenticated mutation; unauthenticated durable-store endpoints remain 401 or 503.
  • Gate: Fresh AAL2 session, authorized role, gitignored .env.local or shell env only, strict smoke pass, no-token evidence packet, reviewer signoff, and re-run before buyer-specific proof is released.
  • Hard stops: token pasted into source, token retained in docs, AAL2 bypass attempted, observer role used for writes
  • Proof routes: /release-continuity, /qa-manual-execution-console, /api/workflows/execution-attempts/durable-store
high / active-workaround

The deployed app exposes durable-store contracts while protected writes depend on the SCRIMED_EXECUTION_ATTEMPT_DURABLE_STORE_ENABLED runtime flag and protected Supabase RPCs.

Production protected writes are enabled for the synthetic canary path, but writes remain fail-closed unless Supabase Auth, AAL2, tenant role, workspace membership, no-PHI guards, and route authorization all align.

Platform reliability + database owner + release stewardship
  • Workaround: Keep public summary and unauthenticated fail-closed smoke active; use strict AAL2 smoke only with a short-lived authorized operator token and synthetic workspace.
  • Resolution: Keep the flag paired with named synthetic canaries, migration evidence, runtime-token configuration, rollback owner, strict AAL2 proof, and protected audit review.
  • Next proof: npm run smoke:aal2:durable-store
  • Fail-closed check: When protected writes are disabled or auth context is missing, authenticated and unauthenticated mutation attempts do not create durable records.
  • Gate: Applied migration, server runtime token, feature flag scoped to target, strict AAL2 canary pass, rollback plan, and retained audit event review.
  • Hard stops: feature flag enabled without migration, production write enabled without AAL2 smoke, rollback owner missing
  • Proof routes: /api/workflows/execution-attempts/durable-store, /workflows/execution-attempts, /release-continuity
medium / resolved-by-workaround

The local sandbox may fail DNS resolution for app.scrimedsolutions.com, which can block live production smoke checks inside the default sandbox.

Local implementation can pass build and static tests while live smoke requires an approved network execution path.

Release engineering + platform reliability
  • Workaround: Retry the exact same smoke command with approved network escalation, or run against a local dev server with SCRIMED_BASE_URL=http://127.0.0.1:3025.
  • Resolution: Keep every live-domain smoke command reproducible, documented, and paired with a local-server equivalent where practical.
  • Next proof: SCRIMED_BASE_URL=https://app.scrimedsolutions.com npm run smoke:public
  • Fail-closed check: DNS failure is classified as an environment boundary, not an application pass; the same smoke must pass with network access before release proof expands.
  • Gate: Live smoke passes from an approved network path and local fallback remains documented for sandbox-limited development.
  • Hard stops: treating ENOTFOUND as product proof, changing application code to bypass DNS, skipping live-domain smoke before release
  • Proof routes: /launch-readiness, /release-continuity, /service-reliability
high / blocked-external-dependency

Supabase leaked-password protection and password-auth posture must be resolved before password sign-in is used for protected operations.

Protected routes can stay passkey, magic-link, and AAL2 first, but password-based protected operator flows should not become the default until advisor posture is clean.

Security lead + identity owner
  • Workaround: Keep protected durable-store and QA flows on short-lived AAL2 sessions from passkey or magic-link paths; exclude password sign-in from protected smoke instructions.
  • Resolution: Clear the Supabase security advisor item, document the identity posture, and rerun protected AAL2 smoke before broadening password-based operator access.
  • Next proof: npm run smoke:aal2:token -- --prompt-token
  • Fail-closed check: Protected APIs continue to require verified Supabase Auth, aal=aal2, session_id, tenant role, and route-level authorization.
  • Gate: Advisor clean or password auth excluded, MFA enrollment verified, AAL2 claims present, and tenant role proof retained without secrets.
  • Hard stops: claiming HIPAA/SOC certification, using password-only protected access, bypassing AAL2
  • Proof routes: /global-certification-readiness, /trust-center, /pilot-workspace/access
watch / resolved-by-workaround

Local Next.js builds may warn that the native Darwin SWC binary has a macOS code-signature mismatch and fall back to WASM bindings.

Builds still complete, but the warning can be mistaken for an application failure or obscure actual build errors.

Developer experience + platform reliability
  • Workaround: Treat the warning as local toolchain noise when npm run build exits 0; preserve the full build result in release notes.
  • Resolution: Refresh local dependencies or reinstall the native SWC package in a clean workspace when the team wants faster native builds.
  • Next proof: npm run build
  • Fail-closed check: No release proof is accepted unless build exits 0, lint and typecheck pass, and route generation completes.
  • Gate: Clean native SWC load or accepted WASM fallback with successful build, typecheck, lint, and smoke evidence.
  • Hard stops: ignoring nonzero build exit, hiding build warnings from release notes, treating local toolchain warning as production capacity proof
  • Proof routes: /service-reliability, /release-continuity, /platform-power
medium / active-workaround

The SCRIMED worktree can carry many staged, modified, and untracked build artifacts across long execution sessions.

Implementation can continue, but release proof and investor or buyer evidence must distinguish new changes from prior work and generated output.

Release stewardship + founder/operator
  • Workaround: Use git status --short, git diff --name-only, and focused smoke outputs before summarizing; never revert unrelated user or prior-session changes.
  • Resolution: Create a release checkpoint with scoped files, generated-output policy, commit message, tag, and deployment evidence after human review.
  • Next proof: git status --short
  • Fail-closed check: No commit, deploy, or buyer proof claim is made until changed files, untracked files, smoke commands, and known exclusions are listed.
  • Gate: Reviewed diff, successful lint/typecheck/build/smoke, clean or intentionally scoped worktree, and release decision recorded.
  • Hard stops: reverting unrelated work, committing secrets, claiming release readiness without status and smoke evidence
  • Proof routes: /release-continuity, /navigation, /api/product/console

Recent workaround execution ledger

Resolved boundaries are retained as no-secret proof, rollback controls, and residual-risk guidance.

This ledger captures the practical fixes from SCRIMED execution: tenant-admin workspace bootstrap, AAL2 token-helper precedence, durable-store PHI guard precision, strict AAL2 durable-store smoke, and deploy hygiene. It records proof posture without storing bearer tokens, secrets, PHI, or buyer-release authority.

proof-retained-no-secret

Tenant-admin workspace bootstrap completed for synthetic canary

The signed-in founder/operator account existed, but the synthetic workspace did not yet have a verified tenant-admin membership for protected AAL2 smoke execution.

Tenant governance operator + security lead + release engineering
  • Upgrade: Created the protected tenant/workspace membership path for atlas-synthetic-evaluation so authorized AAL2 smoke can prove tenant role, status, and workspace scope before mutation.
  • Evidence retained: No-secret membership facts only: workspace slug, active tenant-admin role class, status, and access-review due date.
  • Verify: npm run smoke:aal2:token -- --clipboard-token --clear-clipboard --write-env-local
  • Rollback/fallback: Suspend membership or downgrade role in Supabase, then rerun protected smoke to confirm record/replay/review return 401 or 403.
  • Residual boundary: Future users still need a governed tenant-access workflow, access review, and offboarding path before they can operate protected workflows.
  • Next control: Promote the founder bootstrap into a reusable tenant-admin access-review checklist with least-privilege role assignment and expiry evidence.
  • Hard stops: role granted without owner, inactive membership used, workspace slug guessed, access review omitted
  • Proof routes: /pilot-workspace/access, /release-continuity, /limitations-workarounds
control-active

AAL2 token helper now prefers explicit operator token sources

A stale gitignored local bearer token could be read before a newly copied or prompted token, causing false expired-token failures during strict smoke setup.

Security platform + developer experience
  • Upgrade: The helper now prefers explicit session-file, clipboard, or prompt sources before local environment fallbacks and clears the macOS clipboard when requested.
  • Evidence retained: No bearer token retained in source, docs, logs, or smoke output; only redacted preflight status and token policy metadata are shown.
  • Verify: npm run smoke:aal2:policy-test
  • Rollback/fallback: Use the hidden prompt mode and delete SCRIMED_BEARER_TOKEN from .env.local before retrying if clipboard controls are unavailable.
  • Residual boundary: A valid JWT still depends on a live AAL2 session and may expire before the protected smoke completes.
  • Next control: Add the token-helper preflight to every protected smoke runbook and keep all token-like values behind redaction.
  • Hard stops: token printed, token committed, stale token reused, AAL2 bypass attempted
  • Proof routes: /release-continuity, /qa-manual-execution-console, /limitations-workarounds
proof-retained-no-secret

Durable-store PHI guard precision migrations applied

The durable-store no-PHI guard treated safe synthetic envelope identifiers as potential PHI, blocking protected synthetic smoke even when no patient data was present.

Database owner + TrustOS + clinical safety reviewer
  • Upgrade: Applied precision migrations so identifier checks use bounded patterns while preserving hard stops for PHI, patient identifiers, live charts, member data, and production records.
  • Evidence retained: Migration file names, contract-check pass state, and synthetic no-PHI smoke result only; no patient data or live records are used.
  • Verify: npm run smoke:execution-attempt-durable-store
  • Rollback/fallback: Disable protected writes with SCRIMED_EXECUTION_ATTEMPT_DURABLE_STORE_ENABLED=false and keep public fail-closed smoke active while the guard is reviewed.
  • Residual boundary: Guard precision is a synthetic-safety control, not permission to process PHI or live health records.
  • Next control: Keep adding adversarial synthetic strings to the durable-store contract check before broadening any protected workflow surface.
  • Hard stops: PHI introduced, live chart pasted, member ID used, guard weakened without review
  • Proof routes: /api/workflows/execution-attempts/durable-store, /health-records, /limitations-workarounds
proof-retained-no-secret

Strict AAL2 durable-store smoke passed for record, replay, review, and idempotency

Before the protected canary, SCRIMED had fail-closed unauthenticated evidence but lacked retained happy-path proof for authenticated durable-store operations.

Release engineering + TrustOS + tenant governance operator
  • Upgrade: Strict smoke now proves unauthenticated record/replay/review fail closed and authorized AAL2 tenant-admin access can create record, reuse idempotency, replay evidence, and submit review disposition.
  • Evidence retained: No-secret pass/fail status, route class, workspace slug, operation classes, and command names; bearer tokens and protected payload details are not retained.
  • Verify: npm run smoke:aal2:durable-store:strict
  • Rollback/fallback: Turn off SCRIMED_EXECUTION_ATTEMPT_DURABLE_STORE_ENABLED or revoke the tenant role, then verify protected writes fail closed.
  • Residual boundary: This is synthetic protected-workflow proof only; it is not production clinical approval, PHI authority, buyer release authority, or SLA evidence.
  • Next control: Mirror the strict smoke pattern for every future protected workflow before exposing it in demos, pilots, or buyer diligence.
  • Hard stops: buyer release claimed, PHI authority implied, token retained, observer role used for writes
  • Proof routes: /workflows/execution-attempts, /release-continuity, /limitations-workarounds
control-active

Vercel deploy hygiene hardened around local dependency archives

A local dependency archive directory could inflate deploy payloads and obscure whether deployment failures came from product code or local machine artifacts.

Platform reliability + release stewardship
  • Upgrade: The deploy ignore policy, TypeScript exclusion, and ESLint ignore now contain local dependency artifacts including node_modules 2, and production deploys can use archive mode to reduce file-count risk.
  • Evidence retained: Deployment identifier, ready status, ignore-file policy, and command class only; no secrets or local cache contents are retained.
  • Verify: npm run build
  • Rollback/fallback: Remove local generated dependency archives, rerun build, then deploy with the Vercel archive pathway after human release review.
  • Residual boundary: A successful lint, build, typecheck, or deploy does not create launch approval, customer release approval, uptime guarantee, or managed-service coverage.
  • Next control: Keep generated-output hygiene in predeploy checks and require release notes to distinguish product changes from local artifacts.
  • Hard stops: secret in deploy bundle, generated cache deployed, deploy success treated as launch approval, file-count error ignored
  • Proof routes: /launch-readiness, /service-reliability, /limitations-workarounds

Issue tracks

Each hard boundary now has an owned workaround, fallback path, trigger, and graduation gate.

critical / blocked-until-approved

PHI and live patient-data boundary

Current public and synthetic workflows cannot ingest PHI, patient identifiers, payer member data, live charts, production credentials, or source medical records.

Privacy, security, clinical governance, customer authority owner, and TrustOS
  • Workaround: Use synthetic fixtures, metadata-only references, external evidence-room pointers, no-PHI excerpts, and Health Records Safety Exchange source mapping.
  • Fallback: If a buyer needs live records, convert the ask into a customer-hosted sandbox scoping packet and hold execution until approved authority exists.
  • Escalate: Any PHI, identifier, live chart, production credential, patient matching, or data-residency request appears.
  • Gate: Executed customer authority, BAA/DPA when required, security review, clinical governance approval, connector approval, monitoring, rollback, and retained evidence.
  • Proof routes: /health-records, /clinical-authority-readiness, /boundary-resolution
critical / external-review-required

Live clinical care and CDS authority

SCRIMED can prepare workflow intelligence, draft-only outputs, and governance evidence, but cannot diagnose, treat, route patients, sign notes, or provide live clinical decision support.

Clinical governance, qualified clinicians, legal, privacy, and release stewardship
  • Workaround: Frame outputs as synthetic workflow planning, review queues, draft-only documentation, and clinical-governance preparation with explicit human review.
  • Fallback: Route clinical intent, care pathway, diagnosis, treatment, triage, or clinician signature requests to clinical governance before any external claim expands.
  • Escalate: A claim implies diagnosis, treatment, live triage, autonomous care coordination, or production CDS.
  • Gate: Clinical governance approval, regulatory classification, customer scope, clinician workflow controls, monitoring, override, and rollback evidence.
  • Proof routes: /clinical-authority-readiness, /clinical-care-activation, /qa-claim-guard
critical / blocked-until-approved

Production EHR connector and writeback boundary

FHIR, SMART, HL7, DICOM, X12, terminology, and connector planning are synthetic; production connectors, writeback, payer submission, and patient matching remain blocked.

Interoperability, platform engineering, privacy, security, clinical governance, and customer integration owner
  • Workaround: Use fixture validation, synthetic conformance kits, connector contract review, external artifact references, and no-mutation evidence.
  • Fallback: Convert live integration asks into a standards mapping, sandbox preflight, and customer authority checklist.
  • Escalate: Production endpoint, credential, writeback, payer submission, patient match, or live HIE/EHR request appears.
  • Gate: Customer sandbox, security review, connector contract, data boundary approval, mutation policy, audit, monitoring, and rollback evidence.
  • Proof routes: /interoperability, /health-records, /integrations/fixture-validation
high / human-review-required

Public API, SLA, and unlimited-scale boundary

Route handlers, summaries, and briefs are inspectable contract-readiness surfaces, not public API marketplace launch, contractual SLA, unlimited rate limit, or uptime guarantee.

Platform engineering, legal ops, service reliability, customer operations, and finance
  • Workaround: Use route summaries, boundary headers, version posture, draft quotas, rate-limit classes, support assumptions, and no-SLA language.
  • Fallback: If a buyer needs API terms, route to contract review with route class, quota, auth posture, monitoring, incident, support tier, and price floor.
  • Escalate: Public API, unlimited usage, uptime, SLA, support, or managed-service language appears.
  • Gate: Contract terms, staffing model, support tier, incident response, monitoring, rate limits, price model, and executive approval.
  • Proof routes: /platform-power, /enterprise-scalability, /service-reliability
critical / external-review-required

Live AI, production model-routing, and agent autonomy boundary

Agents may plan, route, inspect, recommend, and produce synthetic evidence, but they cannot execute protected clinical, legal, financial, customer, or production actions autonomously.

AI platform, AgentOS, TrustOS, QA, security, finance, and clinical governance
  • Workaround: Use model-route registers, allowed/blocked data classes, eval packs, red-team loops, human approval triggers, and protected AAL2 operator lanes.
  • Fallback: When a tool action is requested, switch to recommendation mode and require named human approval before protected execution.
  • Escalate: The system is asked to act without approval, route PHI to a model, self-remediate production, or make clinical/legal/financial decisions.
  • Gate: Approved provider, model route, data policy, eval pass criteria, monitoring, tool schema, approval UI, rollback, audit persistence, and customer authority.
  • Proof routes: /agents, /trust-os, /platform-power, /continuous-review-audit
high / external-review-required

Security, privacy, SOC 2, HITRUST, and certification boundary

SCRIMED can organize readiness evidence, controls, and protected review paths, but cannot claim SOC 2, HITRUST, ISO, HIPAA certification, penetration-test completion, or security approval without qualified evidence.

Security, privacy, legal, trust operations, customer authority owner, and qualified external reviewers
  • Workaround: Use Trust Center, Provider Security Reviews, Procurement Evidence Registry, Global Certification Readiness, and no-sensitive-artifact references.
  • Fallback: Respond with readiness status, evidence-request owner, due date, and external-review gate instead of certification language.
  • Escalate: A buyer asks for SOC 2, HITRUST, ISO, HIPAA certification, pentest, BAA/DPA, vendor-risk approval, or security signoff.
  • Gate: Qualified assessment, remediation evidence, approved artifact reference, customer-specific acceptance, and release authority.
  • Proof routes: /trust-center, /global-certification-readiness, /pilot-workspace/access
high / external-review-required

Global legal, privacy, AI Act, GDPR, NHS, MHRA, and regional boundary

Global expansion readiness can map evidence needs and regional packs, but cannot claim local legal approval, procurement approval, data-residency approval, EU AI Act conformity, GDPR compliance approval, NHS DTAC approval, MHRA approval, or government endorsement.

Regional counsel, privacy, security, clinical governance, global partnerships, and customer procurement owner
  • Workaround: Use regional buyer packs, deployment profiles, official-source evidence implications, partner authority registers, and qualified regional counsel review.
  • Fallback: Frame global work as no-PHI discovery and localization planning until regional authority exists.
  • Escalate: A claim names country launch, public-sector approval, local hosting approval, GDPR/EU AI Act conformity, NHS/MHRA/Australia approval, or government endorsement.
  • Gate: Qualified regional legal/privacy/security review, hosting decision, procurement authority, partner approval, and retained release evidence.
  • Proof routes: /global-certification-readiness, /global-reach, /deployment-profiles
high / external-review-required

Legal, finance, accounting, tax, revenue, and profit boundary

Enterprise Business Ops can prepare deal desk, pricing, margin, billing, and review packets, but cannot provide legal/accounting/tax advice, audited financial reporting, contract approval, securities material, revenue guarantees, ROI guarantees, or profit-margin guarantees.

Founder, deal desk, legal, finance, accounting, tax, revenue operations, and qualified reviewers
  • Workaround: Use fixed-scope offers, price floors, buyer-approved measurement plans, counsel review slots, finance/accounting/tax triage, and qualified release authority.
  • Fallback: Route exceptions to qualified counsel, finance, accounting, tax, and executive approval before proposal release.
  • Escalate: A proposal includes contract approval, non-standard terms, revenue impact, ROI, reimbursement, valuation, fundraising, tax, accounting, or legal conclusions.
  • Gate: Qualified review, signed approval, buyer baseline, measurement plan, billing setup, payment terms, and retained release authority.
  • Proof routes: /enterprise-business-ops, /growth-engine, /capital-vitality, /public-market-readiness
medium / human-review-required

Email, calendar, demo, meeting, and buyer communication boundary

SCRIMED can prepare email-ready copy, calendar-ready agendas, demo scripts, meeting notes, and follow-up packets, but cannot autonomously send emails, create calendar invites, approve procurement, or commit scope.

Revenue operations, sales engineering, customer operations, legal ops, finance, and product owner
  • Workaround: Use human-reviewed templates, meeting packets, owner handoffs, no-PHI notes, and explicit send/invite approval fields.
  • Fallback: Hold the communication in draft state and require sender, recipient, scope, data boundary, and approval evidence before use.
  • Escalate: The communication contains PHI, security claims, contract language, pricing exceptions, procurement claims, or clinical promises.
  • Gate: Human approval of exact content, recipients, timing, scope, no-PHI boundary, pricing, and follow-up owner.
  • Proof routes: /client-onboarding, /offerings, /pilot-deal-room
high / human-review-required

Protected QA, buyer proof, and release authority boundary

Public smoke can prove route availability and fail-closed protected behavior, but cannot prove protected happy-path execution, buyer-specific release, authenticated QA completion, or customer evidence-room distribution.

Release engineering, TrustOS, tenant governance, approved operator, and buyer diligence
  • Workaround: Use AAL2 protected workspaces, no-secret operator packets, QA Completion Bridge, Activation Seal, Proof Promotion, Buyer Proof Release, and release-control runbooks.
  • Fallback: When protected proof is requested, run the approved human AAL2 flow and retain only no-secret packet hashes and metadata.
  • Escalate: A claim references retained protected proof, customer release, authenticated QA, token handling, evidence-room access, or buyer distribution.
  • Gate: Fresh human AAL2 run, no-secret packet, reviewer signoff, release decision, lockbox, recipient authority, access-log reconciliation, and claim guard approval.
  • Proof routes: /release-continuity, /qa-manual-execution-console, /buyer-release-control-run, /pilot-workspace/access
medium / workaround-active

UI quality, accessibility, and seamless navigation boundary

Navigation can be improved continuously, but current UI polish, responsive behavior, keyboard path, contrast, and accessibility posture are not formal WCAG, VPAT, Section 508, or external UX certification.

Frontend, Product Console, QA, accessibility reviewer, customer operations, and sales engineering
  • Workaround: Use site navigation, role journeys, Navigation Audit, Product Console, Hub cards, smoke-covered routes, and manual UI review before demos.
  • Fallback: If users cannot find a workflow, add it to primary navigation, role journeys, limitation controls, hub views, product actions, and smoke coverage.
  • Escalate: A buyer-critical route is hidden, text overlaps, mobile route is unusable, keyboard path is unclear, or accessibility certification is implied.
  • Gate: Manual responsive review, keyboard path review, contrast review, copy fit, accessibility remediation evidence, and qualified external review if claims expand.
  • Proof routes: /navigation, /product, /hub, /platform-power
watch / blocked-until-approved

Internal innovation, quantum, and future infrastructure boundary

Internal research may investigate quantum, advanced model routing, privacy-preserving computation, and future infrastructure, but public product claims remain blocked.

Internal Research Team, TrustOS, AI platform, security, legal, finance, and founder
  • Workaround: Keep research assigned to the internal research team with private hypotheses, no-public-claim labels, source logs, review owners, and claim-guard blocks.
  • Fallback: Translate future research into internal backlog items and remove public wording until validated evidence and qualified review exist.
  • Escalate: Quantum, model advantage, cryptographic, clinical, security, financial, or infrastructure superiority language appears in external material.
  • Gate: Validated technical evidence, risk review, qualified legal/security review, buyer-safe claim language, and approved release decision.
  • Proof routes: /continuous-review-audit, /qa-claim-guard, /boundary-resolution

Workaround packets

Reusable packets keep blocked work moving without improvising around regulated gates.

TrustOS + product owner

Synthetic no-PHI packet

A buyer asks for workflow proof, record extraction, AI output, or demo evidence without approved PHI authority.

  • Inputs: synthetic fixtures, metadata-only source labels, de-identified public examples, no-secret operator notes
  • Output: Buyer-safe demo or assessment packet with explicit no-PHI and no-live-care boundary.
  • Expiry: Refresh whenever source class, buyer scope, approval state, or claim language changes.
  • Hard stops: PHI introduced, patient identifier introduced, live chart requested, source artifact pasted
Customer authority owner + trust operations

External evidence reference

The artifact is sensitive, confidential, regulated, buyer-owned, or not safe to store in SCRIMED.

  • Inputs: external system name, artifact type, reviewer label, status, expiry date
  • Output: Metadata-only reference that points to the authority source without storing the underlying artifact.
  • Expiry: Renew before expiration, owner change, buyer scope change, or regulation/certification scope change.
  • Hard stops: artifact uploaded, secret included, contract pasted, medical record pasted
Revenue operations + sales engineering

Human-reviewed communication packet

Email, calendar, demo, presentation, pilot workshop, proposal, or follow-up language is needed.

  • Inputs: recipient role, meeting objective, no-PHI scope, offer, proof route, required reviewer
  • Output: Draft-only communication with approval slot, send owner, follow-up owner, and blocked-content checklist.
  • Expiry: Re-review after 7 days, pricing change, scope change, reviewer change, or new buyer requirement.
  • Hard stops: autonomous send requested, calendar invite creation requested, contract promise included, PHI included
Approved operator + release stewardship

AAL2 protected proof packet

A buyer, operator, or reviewer needs retained protected proof instead of public smoke evidence.

  • Inputs: workspace slug, operator role, packet hash, reviewer label, no-secret summary
  • Output: Protected no-secret proof packet with release decision and buyer-safe claim state.
  • Expiry: Re-run when deployment, route, workspace, reviewer, claim language, or evidence packet changes.
  • Hard stops: token retained, AAL2 bypass attempted, protected route publicly exposed, buyer release claimed early
Platform engineering + developer experience

API contract readiness packet

A technical buyer needs API detail before public API SLA, SDK, or production connector approval exists.

  • Inputs: route, owner, schema, version posture, auth posture, boundary headers
  • Output: Draft API contract packet with examples, rate-limit posture, no-SLA language, and blocked claims.
  • Expiry: Re-review on schema change, auth change, rate-limit change, version change, or buyer-specific scope.
  • Hard stops: public API SLA implied, production connector promised, PHI payload accepted, unlimited usage promised
AI platform + TrustOS + finance

Model-route register packet

A feature proposes AI model execution, provider routing, fallback, evals, or agent reasoning.

  • Inputs: provider, model class, allowed data, blocked data, eval pack, fallback, cost owner
  • Output: Readiness-only model-route record with human approval triggers and no-live-AI boundary.
  • Expiry: Re-review on provider, model, data class, cost threshold, eval failure, or customer scope change.
  • Hard stops: PHI routed to model, provider approval missing, production model approval implied, clinical validation claimed
Deal desk + legal + finance

Deal desk exception packet

Pricing, scope, payment terms, ROI, reimbursement, legal, tax, accounting, securities, or contract language is non-standard.

  • Inputs: offer, price floor, scope, payment terms, reviewer role, approval status
  • Output: Qualified-review packet with blocked claims, margin notes, counsel/accounting/tax slots, and release gate.
  • Expiry: Re-review on price, scope, buyer, term, reviewer, or claim-language change.
  • Hard stops: legal advice implied, revenue guaranteed, profit guaranteed, contract approved without reviewer
Global partnerships + regional counsel

Global regional workaround pack

A region, public-sector buyer, channel partner, or global certification question appears before local authority exists.

  • Inputs: region, buyer type, deployment profile, regional counsel owner, blocked claims
  • Output: Localization pack that frames readiness, evidence needs, hosting questions, and retained external gates.
  • Expiry: Re-review on region, regulation, hosting profile, partner, customer segment, or public-sector scope change.
  • Hard stops: country launch claimed, government endorsement implied, data residency approved early, regional clinical approval claimed

Cadence and proof

Review loops keep workarounds from becoming stale, informal, or overclaimed.

cadence

Daily limitation intake and workaround triage

Resolve with existing control, assign workaround packet, escalate to qualified review, or block until authority exists.

Boundary owner + operational efficiency owner
  • Signals: new blocker, new defect, buyer request, claim drift, missing owner, stale route
  • Hard stops: owner missing, proof route missing, PHI introduced, unsupported claim repeated
cadence

Daily no-PHI and clinical authority review

Hold, re-scope to synthetic/no-PHI, or escalate to clinical/privacy/legal owners.

TrustOS + privacy + clinical governance
  • Signals: PHI hint, patient identifier, clinical advice claim, record mutation, care pathway language
  • Hard stops: live record requested, diagnosis implied, treatment implied, patient matching requested
cadence

Daily API, UI, and AI boundary scan

Attach contract packet, UI route, model-route record, agent approval trigger, or cost owner.

Platform engineering + Product Console + AI platform
  • Signals: new API, UI navigation gap, model route, agent tool request, eval failure, cost spike
  • Hard stops: public API SLA implied, live AI implied, agent tool execution without approval, route orphaned
cadence

Weekly legal, finance, and deal-risk council

Approve exact reviewed language, request qualified review, revise scope, or block external use.

Founder + legal + finance + deal desk
  • Signals: pricing exception, margin risk, contract term, ROI claim, tax/accounting question, investor language
  • Hard stops: legal advice implied, revenue guaranteed, profit guaranteed, securities material created
cadence

Weekly global and certification workaround review

Prepare regional pack, reference external artifact, assign reviewer, or hold until external authority exists.

Security + privacy + regional counsel + global partnerships
  • Signals: certification ask, regional buyer, public-sector path, data residency, hosting profile, procurement evidence
  • Hard stops: certified claim, country launch claim, government endorsement, data residency approved early
cadence

Pre-demo seamless-navigation review

Promote route into navigation, add product action, add smoke coverage, or hold the demo until the path is discoverable.

Product Console + frontend + sales engineering
  • Signals: buyer-critical route, primary nav, role journey, hub view, product action, limitation link
  • Hard stops: route hidden, text overlap, mobile route unusable, accessibility certification implied
metric

Open limitation pressure

11 tracks still require human, external, or approval-gated resolution.

Every open limitation has a safe workaround, owner, proof route, escalation trigger, and graduation gate.
  • Evidence: /api/limitations-workarounds
  • Lower open pressure is operating discipline, not approval or certification.
metric

Workaround packet coverage

8 reusable workaround packets and 8 escalation paths cover the highest-risk boundary classes.

Every repeated issue resolves to an approved packet or escalation decision before buyer use.
  • Evidence: /limitations-workarounds
  • Packets are interim controls; they do not become authority without retained evidence.
metric

Hard-stop visibility

180 hard stops and blocked claims are visible from this layer.

Each hard stop has an escalation owner and no-authority language before external use.
  • Evidence: /boundary-resolution
  • Hard-stop visibility does not waive qualified review.
metric

Proof-route coverage

42 proof routes support workaround routing and graduation checks.

Every workaround links to a live route, API, brief, protected workspace, or external evidence reference.
  • Evidence: /navigation
  • Proof routes organize evidence; they do not prove protected execution alone.
metric

Known blocker resolution queue

6 current operational blockers are tracked, with 4 still requiring active workaround, external dependency closure, or human operator action.

Every known blocker has a fail-closed check, safe workaround, next proof command, owner, and graduation gate before launch claims expand.
  • Evidence: /api/limitations-workarounds
  • A resolution queue is operational control, not production, clinical, security, or release approval.
metric

No-secret execution ledger

5 recent limitation workarounds are retained with 5 proof-retained or active-control entries and 0 open dependency entries.

Every resolved boundary keeps verification command, rollback path, residual boundary, owner, hard stops, and no-secret evidence-retention language.
  • Evidence: /api/limitations-workarounds
  • Execution ledger entries prove operational control only; they do not retain tokens, PHI, secrets, or buyer-release authority.
metric

Boundary workaround playbook coverage

11 preserved NO-GO boundaries have trigger signals, immediate decisions, safe alternatives, validation commands, fail-closed expectations, approval gates, and residual-risk language.

Every high-risk request can be routed to a deterministic workaround before anyone improvises a buyer, clinical, connector, legal, financial, or security promise.
  • Evidence: /api/limitations-workarounds
  • A playbook creates operating discipline only; it does not release any preserved boundary.
metric

Boundary preflight fail-closed coverage

5 synthetic request preflights are evaluated, with 1 fail-closed decisions and 1 safe-workaround-only decisions.

Every gray-zone buyer, operator, agent, clinical, payer, connector, security, finance, global, or release request is classified before execution or external language expands.
  • Evidence: /api/limitations-workarounds
  • Preflight classification is routing and containment only; it does not process PHI, execute tools, submit payer work, or approve customer go-live.