Policy settings
Responsible-use, consent, protected-boundary and integration configuration state.
One authorized client, one real exposure-defense loop, zero fake actions.
The system makes boundaries explicit before sensitive work.
Principal
Jordan Hale
synthetic-principal-001
Findings
12
case-state fallback
StealthScore
54 -> 78
rubric estimate
External actions
0
human approval required
Loop proof
Evidence that this screen supports the Jordan Hale defense loop.
State declaration
No surface claims a live action that is not wired.
Any outside-world touch remains protected, gated, or dry-run. Scaffolded controls can acknowledge intent locally but do not send, provision, upload, scan, call, publish, or mutate external systems.
Capability proof
Route-level proof that this screen stays inside the Jordan Hale loop.
operate
Command palette
A keyboard-first launcher for moving through the demo without exposing hidden or destructive operations.
Real today
The command palette opens routes and local UI scaffolds through accessible controls.
Scaffolded
Mutation commands, provider dispatch, report publishing, and artifact capture remain protected or dry-run.
externalActionTaken: false. No external action is triggered from this route.
operate
Service provisioning center
A service setup center that shows what infrastructure the case needs and what is blocked before real provisioning.
Real today
The center renders service cards with owners, due days, related findings, protected flags, and next actions.
Scaffolded
Provider calls, resource creation, queue workers, partner completion, and real service activation are not executed in this UI phase.
externalActionTaken: false. No external action is triggered from this route.
Support mode
2
Capabilities
3
Docker
3
Vercel
Postgres can persist support and audit facts locally or on Vercel. Deployments without DATABASE_URL stay public-safe and degraded.
safety
Responsible-use gates
Sensitive UI controls and MCP tools state human approval and externalActionTaken:false.
Safety gates remain active in fixture mode.
externalActionTaken: false
api
Protected capability bootstrap API
POST /api/v1/setup and POST /api/v1/capabilities seed support rows only after platform-key authorization.
Without Postgres, the route returns postgres_not_configured instead of fake success.
externalActionTaken: false
data
Postgres capability support flags
Postgres-backed setup seeds cloak_capability_support and verifies durable support rows.
Vercel reports fixture/degraded mode only until DATABASE_URL is configured.
externalActionTaken: false
Boundary controls
Shared platform contract.
- PLATPHORM_API_KEY is required for mutations and protected actions.
- No provider keys are exposed client-side.
- External sends, scans, uploads and provisioning remain disabled here.
- Public UI is synthetic and read-only.
Local management state
Operator cockpit state from deterministic fixtures.
Active cases
1
Integrations
28
Related findings
Synthetic exposure objects connected to this surface.
EXP-001HighNew exposureAggregated people-search profile with home + relatives
Single most reused source feeding downstream aggregators.
EXP-002CriticalValidatedProperty record links residence to principal name
Highest physical-risk exposure in the case.
EXP-003MediumAction readyReserved mobile number indexed against principal
Direct path to account-takeover via OTP.
EXP-004HighAction readyWHOIS-style metadata exposes personal email
Links online identity to physical contact details.
Guarded interactions
All sensitive controls are honest scaffolds.
Save protected settings
No external action taken from this UI phase.
Evidence, risk, work, approval, report
The single loop remains visible from every route.