AWS evidence storage
S3/object storage scaffold for redacted evidence, screenshots, reports and retention.
One authorized client, one real exposure-defense loop, zero fake actions.
Evidence can be bundled after redaction, but no upload happens here.
Principal
Jordan Hale
synthetic-principal-001
Findings
12
case-state fallback
StealthScore
54 -> 78
rubric estimate
External actions
0
human approval required
Loop proof
Evidence that this screen supports the Jordan Hale defense loop.
State declaration
No surface claims a live action that is not wired.
Any outside-world touch remains protected, gated, or dry-run. Scaffolded controls can acknowledge intent locally but do not send, provision, upload, scan, call, publish, or mutate external systems.
Capability proof
Route-level proof that this screen stays inside the Jordan Hale loop.
evidence
AWS evidence storage
A storage map for evidence, screenshots, reports, retention policy, encryption, and access controls.
Real today
The UI shows storage classes and redaction-before-upload requirements with no AWS keys client-side.
Scaffolded
Presigned URLs, uploads, object-lock controls, lifecycle policies, and storage health checks require backend services.
externalActionTaken: false. No external action is triggered from this route.
evidence
Evidence review
An evidence vault that makes clear what was captured, why it matters, and what still needs human review.
Real today
The evidence cards are deterministic and redaction-aware, with no real PII in the demo data.
Scaffolded
Actual screenshot storage, object-lock policy, TrustOps handoff, and Files/AWS uploads require backend services.
externalActionTaken: false. No external action is triggered from this route.
Support mode
2
Capabilities
2
Docker
2
Vercel
Postgres can persist support and audit facts locally or on Vercel. Deployments without DATABASE_URL stay public-safe and degraded.
integration
Provider provisioning
Cloudflare, AWS, SCC, and mail controls produce scaffold/protected responses only.
No resource has been provisioned.
externalActionTaken: false
workflow
Local audit event persistence
Postgres writes cloak_local_audit_events with external_action_taken=false.
Deployments without DATABASE_URL show public-safe trace fixtures and do not claim durable audit persistence.
externalActionTaken: false
safety
Responsible-use gates
Sensitive UI controls and MCP tools state human approval and externalActionTaken:false.
Safety gates remain active in fixture mode.
externalActionTaken: false
Service cards
Every card declares owner, dependency and protected status.
Related findings
Synthetic exposure objects connected to this surface.
EXP-001HighNew exposureAggregated people-search profile with home + relatives
Single most reused source feeding downstream aggregators.
EXP-002CriticalValidatedProperty record links residence to principal name
Highest physical-risk exposure in the case.
EXP-010HighAction readyUtility-style record confirms residence occupancy
Reinforces the critical property exposure cluster.
Guarded interactions
All sensitive controls are honest scaffolds.
Generate evidence bundle
No external action taken from this UI phase.
Evidence, risk, work, approval, report
The single loop remains visible from every route.