Communications hub

Twilio, WhatsApp, SendGrid and secure-message drafts with no delivery claims.

UI scaffoldOpen cockpit

Synthetic principal scenario. All identifiers are reserved or fictional. No real people are scraped or enriched.

Authorized scopeHuman approval requiredNo live scrapingNo external sendingNo real personal data

One authorized client, one real exposure-defense loop, zero fake actions.

Client and partner comms are drafted, reviewed and gated.

Principal

Jordan Hale

synthetic-principal-001

Findings

case-state fallback

StealthScore

54 -> 78

rubric estimate

External actions

human approval required

Loop proof

Evidence that this screen supports the Jordan Hale defense loop.

SMS templates

email preview

delivery placeholder

no message sent

State declaration

No surface claims a live action that is not wired.

UI scaffoldDry-runProtected actionHuman review

Any outside-world touch remains protected, gated, or dry-run. Scaffolded controls can acknowledge intent locally but do not send, provision, upload, scan, call, publish, or mutate external systems.

Capability proof

Route-level proof that this screen stays inside the Jordan Hale loop.

operate

Communications hub

UI scaffold

A safe message hub for client and partner communication drafts, with delivery clearly disabled in the demo.

Real today

The hub renders templates and approval states from local demo data with no transport call.

Scaffolded

Inbox replies, delivery receipts, outbound sends, and provider webhooks need protected backend integration.

SMS templates

Email preview

No sending without protected server action

No sending without human approval

externalActionTaken: false. No external action is triggered from this route.

operate

Twilio communications

UI scaffold

SMS and voice reminder templates for the defense loop, shown as drafts only until a human approves.

Real today

Message copy is displayed locally and no Twilio API is called from the UI.

Scaffolded

Actual SMS, WhatsApp, voice, reply inbox, and webhook processing need protected server-side Twilio integration.

Template preview

Protected badge

No fake delivered state

No message is sent

externalActionTaken: false. No external action is triggered from this route.

operate

SendGrid mail provisioning

UI scaffold

A mail setup checklist that explains DNS and template readiness without pretending email delivery works.

Real today

The route renders mail setup steps and dry-run email templates only.

Scaffolded

SendGrid credentials, DNS verification, mailbox provisioning, and email delivery require backend work and approval.

SPF checklist

DKIM checklist

No fake delivered state

No email is sent

externalActionTaken: false. No external action is triggered from this route.

Support mode

Capabilities

Docker

Vercel

Postgres can persist support and audit facts locally or on Vercel. Deployments without DATABASE_URL stay public-safe and degraded.

integration

SMS/email delivery

Dry-run

Local Postgres: degradedVercel: degraded

Communications surfaces show templates and approval gates only.

No message has been sent and no delivered state is shown.

externalActionTaken: false

integration

External service actions

UI scaffold

Local Postgres: degradedVercel: degraded

Jitsi, Twilio, SendGrid, Cloudflare, AWS, SCC, scan, and submit tools all return implemented:false.

Every external action remains scaffolded/protected until intentionally wired.

externalActionTaken: false

safety

Responsible-use gates

Connected

Local Postgres: supportedVercel: supported

Sensitive UI controls and MCP tools state human approval and externalActionTaken:false.

Safety gates remain active in fixture mode.

externalActionTaken: false

Principal context

The only subject in this demo is synthetic.

Name: Jordan Hale
Role: Synthetic executive principal
Risk posture: Elevated public-profile risk with family, property, business-entity, and credential-exposure concerns
Authorization: Synthetic or client-authorized only

Work objects

Only objects that advance the defense loop are shown.

EXP-001

Aggregated people-search profile with home + relatives

EXP-002

Property record links residence to principal name

EXP-003

Reserved mobile number indexed against principal

EXP-004

WHOIS-style metadata exposes personal email

EXP-005

Officer filing names principal at residential address

Packet posture

Drafted does not mean sent.

PKT-003Human review

Privacy request

No message sent. No takedown submitted.

PKT-004Human review

Takedown notice

No message sent. No takedown submitted.

Related findings

Synthetic exposure objects connected to this surface.

EXP-003MediumAction ready

Reserved mobile number indexed against principal

Direct path to account-takeover via OTP.

EXP-005CriticalWaiting partner

Officer filing names principal at residential address

Requires legal/trust partner remediation.

EXP-012MediumWaiting partner

Relative's broker profile leaks shared address

Recurrence risk if not coordinated across household.

Guarded interactions

All sensitive controls are honest scaffolds.

Draft SMS reminder

No external action taken from this UI phase.

Dry-run

Evidence, risk, work, approval, report

The single loop remains visible from every route.

Discover

12 findings

Evidence

12 records

Score

54 -> 78

Operate

12 tasks

Prove

report + trace