Hub

Operations readiness

Make every blocker visible, owned, and replaceable before it slows SCRIMED down.

SCRIMED operational readiness tracks deployment, sales, domain, and quality blockers for the synthetic pilot and enterprise evaluation product. It does not authorize live clinical execution.

Statusoperational-readiness-clear
Blocked0
Manual actions0
Total8

Blocker register

Publishing, deployment, DNS, Wix routing, and security decisions get explicit owners.

ready

GitHub push authentication is configured for the current workspace.

SCRIMED commits can now be pushed through the authenticated GitHub CLI path, allowing Vercel Git integration to deploy from `main`.

Repository administrator
  • GitHub CLI authenticated as `temitayodahunsi777`; `git push origin main` successfully publishes reviewed local commits to GitHub.
  • Keep GitHub CLI authentication active for future local pushes.
  • Prefer normal `git push origin main` after local commits are reviewed.
  • Use GitHub connector publishing only as a fallback when local Git auth is unavailable.
  • Fallback: Re-run GitHub device auth or use the connected GitHub app for a connector-backed branch after accepting the history reconciliation plan.
ready

A controlled Node.js quality path is available even when npm is unavailable in the local shell.

Integrity, lint, TypeScript validation, and production builds can run before promotion without relying on the npm shell command.

Engineering
  • `npm` is unavailable in the current local shell, so SCRIMED uses direct Node entrypoints: `node scripts/check-generated-integrity.mjs`, `node node_modules/eslint/bin/eslint.js .`, `node node_modules/typescript/bin/tsc --noEmit`, and `node node_modules/next/dist/bin/next build --webpack`.
  • Keep the committed lockfile synchronized with intentional dependency changes.
  • Use direct Node entrypoints when npm is unavailable.
  • Use Vercel production deploys and GitHub Actions as independent remote verification paths.
  • Restore npm only as a convenience path, not as the single quality gate.
  • Fallback: If local Node entrypoints fail, rely on Vercel deployment status, GitHub Actions, and route smoke checks while the local toolchain is repaired.
ready

Vercel Git deployment path is working from GitHub `main`.

Production deploys can proceed through GitHub push even without a local Vercel CLI install.

Engineering
  • Vercel production deploys from pushed GitHub `main` commits and has returned READY for the latest pushed SCRIMED product builds.
  • Use GitHub push as the primary deploy trigger.
  • Monitor Vercel production deployments after each pushed commit.
  • Install Vercel CLI only if manual deployment, env management, or domain operations require it.
  • Fallback: Use the Vercel dashboard or connector inspection if the CLI is unavailable.
ready

`app.scrimedsolutions.com` is connected to the Vercel product app.

Buyers can reach the SCRIMED product through a branded domain without needing Vercel accounts.

Domain/DNS administrator
  • The production deployment lists `app.scrimedsolutions.com` as an alias, and `https://app.scrimedsolutions.com/api/health` returns HTTP 200 with SCRIMED ready status.
  • Keep `app.scrimedsolutions.com` attached to the Vercel `scrimed-site` production deployment.
  • Monitor DNS, SSL, and health-route availability after domain or deployment changes.
  • Keep Wix product CTAs pointed to the branded app domain.
  • Fallback: Use `https://scrimed-site.vercel.app` if the branded product domain experiences an outage.
ready

Sandbox DNS failures are now classified separately from production domain health.

Restricted Codex sandbox runs can return `getaddrinfo ENOTFOUND app.scrimedsolutions.com`; launch operators can now distinguish that false negative from a real branded-domain outage.

Release Steward + Domain/DNS administrator
  • `/launch-readiness`, `/api/launch-readiness`, and `npm run smoke:launch-domain-preflight` define the strict primary-domain gate and fallback continuity path.
  • Run strict public smoke against `https://app.scrimedsolutions.com` from approved network access before launch.
  • Run `npm run smoke:launch-domain-preflight` to classify sandbox DNS failures and fallback reachability.
  • Keep fallback Vercel URL success as continuity evidence only, never launch approval.
  • Fallback: Use `SCRIMED_ALLOW_DNS_FALLBACK=1 npm run smoke:launch-domain-preflight` for internal continuity proof when the sandbox cannot resolve the branded domain.
ready

Competitor pressure, legal/privacy/cyber claims, and infiltration-risk language now require an explicit hardening lane before public expansion.

SCRIMED can respond to Abridge, Ambience, Nabla, Suki, Microsoft, Oracle Health, Hippocratic AI, Notable, Commure, Cohere, and similar buyer comparisons without copying, overclaiming, exposing PHI, or implying security certification.

Founder + Legal Ops + Privacy + Security + TrustOS
  • `/competitive-defense`, `/api/competitive-defense`, and `/api/competitive-defense/brief` expose threat profiles, weakness relief, legal/privacy/cyber controls, infiltration-deterrence layers, external review gates, and no-authority headers.
  • Run competitor, legal, privacy, security, claims, and investor statements through Competitive Defense before public use.
  • Keep security-certification, penetration-test, PHI, legal-advice, customer-release, competitor-partnership, and attack-guarantee claims blocked until qualified review.
  • Treat public APIs, protected workspaces, agent tools, health-record paths, claims, and build/dependency pipeline as explicit infiltration-deterrence layers.
  • Fallback: If a claim cannot be mapped to a defense profile, proof route, and external-review gate, keep it internal or route it to `/limitations-workarounds`.
ready

Wix CTAs are connected to SCRIMED product routes.

Buyers can move from the official website into product, pricing, evaluation, and pilot-intake experiences.

Website administrator
  • The website administrator confirmed the Wix CTAs are connected, and the branded product domain is active.
  • Keep View Product Console, Review Pricing, Run Evaluation, and Request Pilot buttons mapped to the intended routes.
  • Keep CTA targets on `https://app.scrimedsolutions.com/product`, `/pricing`, `/evaluation`, and `/pilot`.
  • Re-run buyer-path smoke checks after any Wix or product-domain change.
  • Fallback: Share direct Vercel links manually during buyer conversations.
planned

Public vs protected route policy needs an explicit decision before broad buyer access.

If deployment protection is on, buyers may hit Vercel authentication. If off, public preview routes need careful no-PHI boundaries.

Security and product
  • Earlier protected Vercel URLs required connector-authenticated checks.
  • Keep public preview routes no-PHI and synthetic-only.
  • Decide which routes are public: `/`, `/product`, `/pricing`, `/evaluation`, `/pilot`, `/trust`.
  • Keep future tenant dashboards protected behind auth.
  • Fallback: Use Vercel share links or authenticated demos for early enterprise review.

Buyer route checklist

Official website traffic should land in the product without buyer Vercel accounts.

route

1. Website discovery

https://www.scrimedsolutions.com to https://app.scrimedsolutions.com/launch-readiness

Verify Launch Readiness and the branded app domain before promoting buyer CTAs.
  • Launch Readiness exposes primary-domain, fallback-domain, service path, hard-stop, and no-authority launch boundaries.
route

2. Defense and trust review

https://www.scrimedsolutions.com to https://app.scrimedsolutions.com/competitive-defense

Review competitor, legal, privacy, cybersecurity, and infiltration-deterrence hardening before promoting market claims.
  • Competitive Defense exposes no-copy, no-PHI, no-certification, no-penetration-test, no-partnership, and no-protection-guarantee boundaries.
route

3. Product discovery

https://www.scrimedsolutions.com to https://app.scrimedsolutions.com/product

Keep the primary Wix View Product Console CTA mapped to the branded product route.
  • CTA opens Product Console without requiring buyer-owned Vercel access.
route

4. Commercial review

https://www.scrimedsolutions.com to https://app.scrimedsolutions.com/pricing

Keep the Wix Review Pricing or Enterprise Pricing CTA mapped to the branded pricing route.
  • Pricing page shows public preview, assessment, synthetic pilot, protected pilot, enterprise license, and strategic partnership tiers.
route

5. Product proof

https://app.scrimedsolutions.com/product to https://app.scrimedsolutions.com/evaluation

Route qualified buyers into the AgentOS Evaluation Workspace.
  • Synthetic evaluation generates task plan, Trust Card, audit preview, and observability packet.
route

6. Sales conversion

https://app.scrimedsolutions.com/evaluation to https://app.scrimedsolutions.com/pilot

Route buyers from evaluation to pilot intake.
  • Pilot intake rejects PHI and produces a CRM-ready handoff packet.
route

7. Opportunity operations

https://app.scrimedsolutions.com/pilot to https://app.scrimedsolutions.com/sales-operations

Use the protected tenant-admin console to assign ownership, advance the pipeline, release an audited proposal, and synchronize the approved CRM destination.
  • Every accepted no-PHI buyer intake is durably retained and every opportunity mutation, proposal download, and CRM result is auditable.

Enterprise launch gates

Company readiness stays visible alongside deployment readiness.

This center is an operational readiness and claims-control register for SCRIMED's governed synthetic evaluation product. It is not legal advice, a compliance certification, a regulatory determination, or authorization for live clinical execution.

external-review-required

Legal Readiness

The product boundary and prohibited clinical claims are explicit. Final legal documents and regulatory determinations require qualified counsel.

5 controlled requirements
decision-required

Security Readiness

The application maintains synthetic-only boundaries, deny-by-default execution routes, reproducible builds, and baseline browser security headers. A formal security program and independent testing remain required.

4 controlled requirements
decision-required

Privacy Readiness

Public product flows prohibit PHI and minimize captured data. Final notices, processing records, retention schedules, and regional assessments remain required.

4 controlled requirements
external-review-required

Brand Readiness

Company name, slogan, visual language, official Wix site, branded product domain, Atlas, and FaithCore boundaries are documented.

5 controlled requirements
active-control

AI & Enterprise Governance

Agent registry, TrustQA, Trust Cards, AI Asset Registry, audit surfaces, human approvals, deny-by-default routes, and quality gates are active for synthetic evaluation.

4 controlled requirements
active-control

Marketing Readiness

Product copy consistently presents governed synthetic evaluations, operational intelligence, human review, and explicit production exclusions.

4 controlled requirements
decision-required

Public Relations Readiness

The mission, product boundary, official website, founder, and approved claims are documented. Formal media and crisis processes remain to be approved.

4 controlled requirements
active-control

Sales Readiness

Pricing, offers, demos, pilot programs, no-PHI intake, branded product routing, readiness brief, and proof stack are available.

4 controlled requirements
external-review-required

Advertising Readiness

Approved and prohibited claims are centralized. Paid campaign controls, substantiation packets, targeting policy, and review workflow remain required.

4 controlled requirements

Operating principles

Zero known blockers means a system for finding and owning every blocker.

principle

No silent blockers

Every blocked tool, auth issue, deployment gap, and manual action must appear in readiness output with owner and fallback.

principle

No unbounded healthcare claims

Every buyer-facing route must preserve synthetic/evaluation boundaries until approved production controls exist.

principle

No orphan surfaces

Every new page needs a route, API where useful, Hub entry, Product Console linkage, and documentation entry.

principle

No buyer confusion

Wix is the official marketing site; Vercel is the product app; buyers do not need Vercel accounts.

principle

No production promotion by vibes

Promotion requires build verification, deployment verification, route smoke tests, auth/DNS checks, and documented rollback path.

principle

No unreviewed competitor or security claims

Every competitor comparison, cybersecurity claim, privacy claim, penetration-test claim, customer-proof claim, and infiltration-risk statement must map to Competitive Defense, a proof route, and qualified review before public use.

principle

No fallback-only launch

Fallback Vercel URLs can preserve internal continuity, but branded-domain smoke must pass before public launch approval.