QA Evidence Ledger

AAL2 Synthetic QA Evidence

SCRIMED separates protected AAL2 execution evidence from buyer-proof release approval.

This package records the first protected AAL2 synthetic QA evidence posture, required test categories, retained packet visibility, audit status, and a clear go/no-go recommendation without weakening clinical, PHI, security, reimbursement, or production authority boundaries.

Statusprotected-aal2-synthetic-qa-evidence-package-ready
Run stateprotected-aal2-human-run-required
RecommendationNO-GO-buyer-proof-release
Demo postureGO-controlled-synthetic-demo
Packet visibleno
Audit signals0
Test categories9
PHI enteredno
Smoke preflightaal2-smoke-readiness-preflight-ready-no-secret
Strict smokehuman token required

Boundary

First protected human-reviewed AAL2 synthetic QA workflow evidence package covering synthetic clinical/workflow QA categories, hard authority boundaries, no-secret metadata, audit visibility, and Buyer Proof Release status.

SCRIMED AAL2 Synthetic QA Run Evidence records the first protected human-reviewed AAL2 synthetic QA evidence posture. It does not bypass human AAL2, store credentials, store PHI, touch production systems, trigger live patient workflows, perform autonomous clinical action, certify HIPAA/SOC/FDA/security status, guarantee reimbursement, approve connectors, approve buyer proof release, or authorize live clinical care.

date2026-06-22
consoleoperator-aal2-run-required
releaselocked-retained-packet-required
packetpending-human-aal2-run

AAL2 smoke readiness

Strict protected smoke is prepared, but remains blocked until a fresh human AAL2 token and target feature flag are present.

ready

Workspace slug

The operator flow supports SCRIMED_WORKSPACE_SLUG and defaults to atlas-synthetic-evaluation for synthetic smoke testing.

Set SCRIMED_WORKSPACE_SLUG only when running against a different authorized synthetic tenant.
blocked-until-human-aal2

Short-lived AAL2 bearer token

The app never prints or embeds token material. The local helper accepts clipboard, prompt, or session-file input and writes only to gitignored local environment when requested.

Generate a fresh authorized tenant-admin, pilot-lead, or reviewer session token and run the token helper immediately before strict smoke.
target-runtime-required

Role verification

Protected APIs verify tenant role and AAL2 state at runtime; this readiness packet does not assert operator authorization.

Run the strict smoke against the protected target so Supabase/Auth/RLS can verify the token and role.
operator-action-required

Durable-store feature flag

Protected writes intentionally stay disabled unless SCRIMED_EXECUTION_ATTEMPT_DURABLE_STORE_ENABLED is true on the target app.

Enable SCRIMED_EXECUTION_ATTEMPT_DURABLE_STORE_ENABLED=true only for the authorized synthetic smoke target.
target-runtime-required

Protected Supabase runtime

Durable-store record, replay, and review disposition depend on protected Supabase RPCs and deny-by-default RLS.

Verify the target deployment has the durable-store migrations applied before strict smoke.
target-runtime-required

Stored-vector registration role

Stored-vector RPC smoke requires authenticated registration through the protected target and must not run as public anonymous code.

Run npm run smoke:scrimed-stored-vector-rpc:strict after the same short-lived AAL2 token is accepted.
validated

No-secret output

Readiness APIs, briefs, docs, and contract checks must not include JWT-like strings, bearer-token material, Supabase service role keys, PHI, or credential fragments.

Keep all token movement limited to local environment variables, .env.local, secure prompt input, or clipboard handoff.
ready

Strict smoke commands

Nonsecret preflight and strict durable-store/stored-vector commands are present as npm scripts and are covered by the nonsecret contract suite.

Run the readiness preflight before strict smoke and keep failed protected writes fail-closed.

Operator commands

Use only the no-secret preflight and short-lived local token handoff path for strict AAL2 smoke.

safe commands

4

  • npm run smoke:aal2:readiness
  • npm run smoke:aal2:token -- --prompt-token --write-env-local
  • npm run smoke:aal2:durable-store:strict
  • npm run smoke:scrimed-stored-vector-rpc:strict
guardrails

5

  • No PHI, patient identifiers, payer member identifiers, imaging, claims, or live records are accepted.
  • No autonomous diagnosis, treatment, prescribing, patient outreach, payer submission, billing submission, or EHR writeback is authorized.
  • The preflight does not weaken AAL2, tenant role checks, Supabase RLS, durable-store authorization, or protected API verification.
  • Token-like values must be redacted in logs and never committed to source, docs, tests, or chat output.
  • A failed or missing token keeps strict smoke blocked instead of falling back to public execution.
fail-closed modes

5

  • Missing SCRIMED_BEARER_TOKEN fails closed before authenticated strict smoke.
  • Expired, malformed, or non-JWT token material fails closed during local preflight or protected API verification.
  • Valid token with an unauthorized role is rejected by protected role checks.
  • Disabled durable-store target returns disabled/fail-safe status instead of accepting protected writes.
  • Unauthenticated public requests to protected record/replay/review paths remain fail-closed.

Required categories

Every requested QA category carries explicit evidence status, reviewer note, and next action.

blocked-human-aal2-required

Clinical summary generation

No protected retained AAL2 run packet is visible for this category yet.

Not executed in a retained human AAL2 packet during this code-only pass.
  • Run the approved synthetic workflow under fresh human AAL2 control and record category-level reviewer notes.
blocked-human-aal2-required

Missing-data handling

No protected retained AAL2 run packet is visible for this category yet.

Not executed in a retained human AAL2 packet during this code-only pass.
  • Run the approved synthetic workflow under fresh human AAL2 control and record category-level reviewer notes.
blocked-human-aal2-required

Evidence attribution and traceability

No protected retained AAL2 run packet is visible for this category yet.

Not executed in a retained human AAL2 packet during this code-only pass.
  • Run the approved synthetic workflow under fresh human AAL2 control and record category-level reviewer notes.
blocked-human-aal2-required

Escalation behavior

No protected retained AAL2 run packet is visible for this category yet.

Not executed in a retained human AAL2 packet during this code-only pass.
  • Run the approved synthetic workflow under fresh human AAL2 control and record category-level reviewer notes.
blocked-human-aal2-required

Refusal behavior

No protected retained AAL2 run packet is visible for this category yet.

Not executed in a retained human AAL2 packet during this code-only pass.
  • Run the approved synthetic workflow under fresh human AAL2 control and record category-level reviewer notes.
passed-public-boundary-control

Boundary enforcement

Public route headers, fail-closed protected routes, Human Run Packet, Manual QA Execution Console, and Buyer Proof Release keep AAL2 human review and authority boundaries active.

Control is active, but this is not proof of a completed protected AAL2 run.
  • Complete one human AAL2 synthetic run and persist no-secret packet metadata.
passed-public-boundary-control

Human approval requirements

Public route headers, fail-closed protected routes, Human Run Packet, Manual QA Execution Console, and Buyer Proof Release keep AAL2 human review and authority boundaries active.

Control is active, but this is not proof of a completed protected AAL2 run.
  • Complete one human AAL2 synthetic run and persist no-secret packet metadata.
blocked-human-aal2-required

Audit logging

No append-only manual QA evidence audit signal is visible yet.

Audit logging cannot pass until the human AAL2 run is persisted through protected Manual QA Evidence.
  • Persist the no-secret packet after the human AAL2 run.
blocked-human-aal2-required

QA packet generation

No protected packet SHA-256 is visible yet.

Public packet templates exist, but buyer proof requires protected retained metadata.
  • Generate and persist the no-secret packet from the completed human AAL2 workflow.

Boundary validation

Buyer proof remains blocked until retained packet and audit evidence pass protected gates.

validated

No PHI entered system

This package records only synthetic QA posture and no-secret metadata. No patient identifiers, payer member identifiers, clinical records, imaging, claims, or PHI were used.

Boundary retained
validated

No production systems touched

This package performs no connector calls, no EHR writes, no payer submission, and no production workflow mutation.

Boundary retained
validated

No live patient workflows triggered

Routes and docs remain synthetic-only; live patient outreach, diagnosis, treatment, prescribing, claims submission, and EHR mutation remain blocked.

Boundary retained
validated

No autonomous clinical action performed

All clinical and workflow language remains human-reviewed, non-diagnostic, and non-autonomous.

Boundary retained
validated

Human review required at protected gates

Manual QA Execution Console and Buyer Proof Release still require human AAL2 and retained no-secret packet visibility.

Boundary retained
pending-human-run

Audit trail generated successfully

No protected manual QA audit signal is retained yet because the human AAL2 run has not been persisted.

Boundary retained
pending-human-run

Evidence packet generated successfully

Packet templates and validation routes are ready; protected retained packet evidence is pending the human AAL2 run.

Boundary retained
pending-human-run

Boundary controls remained active throughout run

Boundary controls are active and intentionally keep Buyer Proof Release locked until protected gates pass.

Boundary retained

Release posture

Current recommendation: NO-GO-buyer-proof-release.

passed controls

6

  • Synthetic-only public evidence posture remains active.
  • Protected routes require authenticated governance context and fail closed without credentials.
  • Manual QA Execution Console keeps AAL2 human execution required.
  • Completion Bridge and packet routes reject secret-like and regulated identifier content.
  • Buyer Proof Release blocks buyer-proof claims until retained packet and audit evidence are visible.
  • Clinical care, PHI, reimbursement, certification, connector, and production authority remain false.
remaining blockers

5

  • Fresh human AAL2 synthetic QA run with one explicit synthetic target.
  • Protected Manual QA Evidence packet SHA-256.
  • Append-only manual QA evidence audit signal.
  • Buyer Proof Release protected decision.
  • Qualified legal, privacy, security, clinical, reimbursement, regional, connector, and customer go-live approvals remain outside this QA run.
mitigations

6

  • Run exactly one approved synthetic workflow from the Human Run Packet using a short-lived AAL2 token.
  • Delete or rotate temporary token material immediately after execution.
  • Persist only no-secret metadata through protected Manual QA Evidence.
  • Attach reviewer notes for each required QA category.
  • Run protected Buyer Proof Release before exporting Buyer Diligence.
  • Keep all external claims routed through Claim Guard and qualified approvals.