Admin · Private pilot pack

Private pilot operating pack

Open the pilot readiness verdict →Open /system-health →Open /admin/pilot-launch (R38) →Open /admin/pilot-run (R36) →

Pilot verification result (R35)

No verification result on record

No pilot verification result on record. Run the one-click verification on /system-health to confirm persistence works end-to-end.

Why pilot verification matters

Pilot verification is the product's own proof that Supabase persistence works end-to-end for the signed-in customer. Every readiness surface consumes the verdict — pilot readiness flips Ready only after this passes.

What it verifies

Supabase session exists for the signed-in customer.
Supabase is configured (URL + anon key) on this deploy.
manual_environments table accepts upsert + read-back.
manual_agents table accepts upsert + read-back.
review_snapshots table accepts upsert + read-back.
report_history table accepts upsert + read-back.

Next action: Open /system-health and click Run pilot verification.

Run pilot verification →

The cached run is a localStorage cache of the/api/system-health/pilot-verification-run endpoint response — never proof on its own. The endpoint return value is the authoritative source.

Pilot execution console (R35)

3 dimension(s) blocked. Address the blockers before the pilot.

0 ok·3 in progress·3 blocked·0 deferred

Setup status

BlockedOwner: Product admin

Setup wizard reports critical items missing or failing.

Proof required: /api/admin/setup-status returns overall_state === 'all_critical_configured'.

Blocker: Setup is incomplete.

Open /admin/setup →

Pilot verification

In progressOwner: Pilot customer

Pilot verification has not been run for this session.

Proof required: R31 cached run verdict === 'passed' with all step outcomes verified.

Blocker: Verification has not returned 'passed'.

Run pilot verification →

Workspace readiness

In progressOwner: Pilot customer

Workspace has no verified manual agent yet.

Proof required: /api/workspace/manual-agent/verify returns verified === true.

Blocker: Add a manual agent.

Open /workspace →

Reports readiness

BlockedOwner: Pilot customer

report_history table is not reachable.

Proof required: /api/reports/verification returns supabase_real_rows.

Blocker: report_history table not reachable.

Open /reports →

AI Radar status

BlockedOwner: Product admin

Radar schedule artefact ships, but the public base URL is not configured.

Proof required: /api/radar/schedule-validator returns configured_runs_clean.

Blocker: Configure AGENTPROOF_PUBLIC_BASE_URL on the deploy.

Open /admin/intelligence-ops →

Pilot readiness verdict

In progressOwner: Product admin

Pilot readiness final gating reports remaining blockers.

Proof required: Final-gating verdict === 'ready_for_controlled_private_pilot'.

Blocker: One or more validators still report a blocker.

Open /admin/pilot-readiness →

Pilot script

Step 1. Sign in
Open the live URL and sign in with the invited identity.
Open /auth/login →
Step 2. Verify the product
Click Run pilot verification on /system-health.
Open /system-health#one-click-pilot-verification →
Step 3. Add a manual agent
Open /workspace/manual-agent/new and submit the form.
Open /workspace/manual-agent/new →
Step 4. Complete the assessment
Walk the readiness assessment for the agent.
Open /workspace/readiness →
Step 5. Generate the report
Open /reports to see the generated report with version stamps.
Open /reports →
Step 6. Review improvement actions
Open the improvement plan to see per-finding recommendations.
Open /workspace/report-portfolio →
Step 7. Run / review AI Radar
Open /admin/intelligence-ops or /learn/ai-landscape-radar to see the operating loop.
Open /admin/intelligence-ops →
Step 8. Decide go / no-go
Open /admin/pilot-readiness and record the decision.
Open /admin/pilot-readiness →

Feedback capture prompts

Clarity of value
After the pilot script, do you understand what AgentProof gives you that you do not already have?
Ease of use
Was any step confusing or blocked without an obvious next action?
Report usefulness
Would you share the generated report with a colleague? Anything missing?
Trust / safety concerns
Did anything in the product concern you from a trust or safety perspective?
Missing functionality
If you could add one thing before the next pilot, what would it be?

Stop / go criteria

GO: setup wizard reports all critical items configured/reachable.
GO: pilot verification passed on a clean signed-in session.
GO: at least one manual agent created and verified end-to-end.
GO: at least one report visible to the signed-in customer.
GO: AI Radar shows scheduled or manual run + governance pack state.
NO-GO: any product/code blocker on /admin/pilot-readiness final gating.
NO-GO: pilot verification cannot run on a clean deploy.
NO-GO: sample data appearing as operational customer data.
NO-GO: any secret-shaped value visible in UI or response bodies.

Setup →System health →Workspace →Reports →AI Radar →Intelligence ops →Pilot readiness →

Pilot journey state (R36)

2 dimension(s) blocked. Address the named blocker before continuing.

0 system-verified·0 user-attested·0 sample/demo·2 blocked·6 not started

Setup
Blocked
Setup wizard reports one or more critical items missing or failing.
Evidence source: /api/admin/setup-status returns overall_state === 'all_critical_configured'.
Store: Computed at render
Blocker: Open /admin/setup and address every critical item.
Open setup wizard →
Verification
Not started
R31 pilot verification has not been run for this session.
Evidence source: R31 cached run from /api/system-health/pilot-verification-run.
Store: Local cache (UI tracking only)
Blocker: Open /system-health and click Run pilot verification.
Run pilot verification →
Workspace
Not started
Customer is not signed in. Workspace is empty.
Evidence source: SSR session detection + manual_agents row presence via the verify endpoint.
Store: Computed at render
Blocker: Pilot customer signs in.
Open workspace →
Manual agent
Not started
No manual agent verified yet for the signed-in user.
Evidence source: /api/workspace/manual-agent/verify confirms a real row.
Store: Computed at render
Blocker: Open /workspace/manual-agent/new and submit the form.
Add manual agent →
Review
Not started
No committed review snapshot for any agent yet.
Evidence source: review_snapshots Supabase upsert + read-back via R31 verification.
Store: Computed at render
Blocker: Open /workspace/readiness and walk the review.
Open the readiness review →
Report
Not started
No report rows visible yet for the signed-in user.
Evidence source: /api/reports/verification returns supabase_real_rows.
Store: Computed at render
Blocker: Complete a review to generate the first report.
Open the reports centre →
AI Radar
Blocked
Radar schedule artefact ships but endpoint is not reachable (likely missing AGENTPROOF_PUBLIC_BASE_URL).
Evidence source: /api/radar/schedule-validator returns configured_runs_clean.
Store: Computed at render
Blocker: Add AGENTPROOF_PUBLIC_BASE_URL secret on the deploy.
Open intelligence ops →
Pilot readiness
Not started
Pilot readiness has not flipped to Ready yet.
Evidence source: R34 PilotReadinessFinalGating verdict === 'ready_for_controlled_private_pilot'.
Store: Computed at render
Blocker: Resolve remaining blockers on /admin/pilot-readiness.
Open pilot readiness →

The same journey state shape renders on /workspace, /system-health, /admin/pilot-pack, /admin/pilot-readiness, and /admin/pilot-run — one consistent view across surfaces.

Pilot pack (R32)

Customer-ready private pilot operating pack

What the pilot tests, what is ready, what is not ready, known limitations, the seven-step pilot script, the feedback prompts the customer answers, and the stop/go criteria. No internal product-owner wording.

What the pilot tests

Signed-in persistence. AgentProof can write + read its own verification dataset against Supabase via /api/system-health/pilot-verification-run.
Manual non-Microsoft agent path. Customers can add, verify, and use a non-Microsoft agent without Microsoft OAuth.
Report generation + export. The professional report layout renders with methodology / scoring / intelligence pack / report version stamps + visible Print/Save as PDF.
AI Radar operational loop. Approved-source radar runs (live or dry_run) produce visible run evidence and feed the adaptation proposal queue.

What is ready

One-click pilot verification. /system-health → Run pilot verification → endpoint writes + reads back 4 records + returns a verdict.
Auto-gated pilot readiness verdict. /admin/pilot-readiness flips to Ready automatically when the one-click verification passes.
Workspace readiness journey. /workspace shows the six-step journey ladder with the current step highlighted.
Reports centre. /reports lists customer reports with version stamps + state pills.

What is not ready

Microsoft live OAuth. Manual non-Microsoft is the first-class supported path. Microsoft live OAuth remains scaffolded only.
Radar scheduled live execution. Schedule infrastructure documented; the live cron must be wired to GitHub Actions or Railway by an admin.

Known limitations

No live web crawling. AI Radar fetches only URLs in the approved source registry. No broad crawl. No probing. No paywall bypass.
No legal / certification claims. AgentProof does not provide legal advice, compliance certification, or unsupported third-party endorsement.
No payment integration. Pilot is free for invited customers. There is no checkout, pricing page, or billing.

Pilot script

Step 1. Sign in
Open the live URL and sign in. The post-login prompt appears if pilot verification has not yet passed.
Open /auth/login →
Step 2. Verify the product
Click Run pilot verification on /system-health. The product proves its own Supabase persistence in one HTTP call.
Open /system-health →
Step 3. Add an agent
Open /workspace/manual-agent/new and submit the form. The verified success panel auto-checks the manual_agents table.
Open /workspace/manual-agent/new →
Step 4. Assess the agent
Walk the readiness assessment for the new agent.
Open /workspace/readiness →
Step 5. Generate the report
Open /reports to see the generated report with all four version stamps.
Open /reports →
Step 6. Review improvement actions
Open the improvement plan to see the per-finding recommendation cards.
Open /workspace/report-portfolio →
Step 7. Check AI Radar impact
Open /learn/ai-landscape-radar to see whether any approved radar update affects your report.
Open /learn/ai-landscape-radar →

Feedback capture prompts

Value clarity
After walking the pilot script, do you understand what AgentProof gives you that you do not already have?
Ease of use
Were any steps confusing? Was anything blocked without an obvious next action?
Report usefulness
Would you share the generated report with a colleague? Is anything missing that would change that answer?
Trust / safety concerns
Anything in the product that concerns you from a trust or safety perspective?
Missing functionality
If you could add one thing before the next pilot, what would it be?

Stop / go criteria

GO: pilot verification passed for at least one signed-in customer, manual agent creation verified end-to-end, report export visible, Basic Auth gate off, demo enabled, trial journey reachable.
STOP / NO-GO: pilot verification fails on a clean deploy; manual agent cannot be verified; report export missing; Basic Auth pop-up on customer routes; any sample data labelled operational.

Open /admin/pilot-readiness →

Pilot execution runbook (R34)

8-step executable runbook — status, proof, owner per step

5 step(s) blocked or failed. Address the blockers shown below.

0 system-verified·0 user-attested·3 pending·5 blocked/failed

Step 1. Verify configuration
BlockedOwner: Product admin
Setup wizard reports every critical configuration item configured or reachable.
Proof required: Setup wizard overall_state === 'all_critical_configured'.
Last checked: never · Verifier: /api/admin/setup-status
Open /admin/setup →
Step 2. Sign in
Not startedOwner: Pilot customer
Pilot customer signs in with the invited Supabase identity.
Proof required: Supabase session detected by SSR shell. Sign-in is customer-attested.
Last checked: never
Open /auth/login →
Step 3. Run pilot verification
BlockedOwner: Pilot customer
/system-health one-click endpoint writes + reads back 4 records and returns verdict: passed.
Proof required: R31 pilot verification cached run verdict is 'passed'.
Last checked: never · Verifier: /api/system-health/pilot-verification-run
Open /system-health#one-click-pilot-verification →
Step 4. Open the workspace
BlockedOwner: Pilot customer
Customer opens /workspace and confirms the readiness journey + verification prompt are visible.
Proof required: Customer-attested. Workspace pilot mode reflects the verification state.
Last checked: never
Open /workspace →
Step 5. Create or verify a manual agent
BlockedOwner: Pilot customer
Customer adds a manual non-Microsoft agent. The verified success panel confirms the agent row.
Proof required: At least one manual_agents row is verified for the signed-in user.
Last checked: never · Verifier: /api/workspace/manual-agent/verify
Open /workspace/manual-agent/new →
Step 6. Open reports
BlockedOwner: Pilot customer
/reports lists a real report with the four version stamps + export action.
Proof required: Reports verification confirms at least one report row reachable for the signed-in user.
Last checked: never · Verifier: /api/reports/verification
Open /reports →
Step 7. Run or check AI Radar
In progressOwner: Product admin
/admin/intelligence-ops shows a real or dry-run record. Schedule validator confirms automation status.
Proof required: At least one radar run is recorded; schedule validator reports configured + clean (or honest blocker).
Last checked: never · Verifier: /api/radar/schedule-validator
Open /admin/intelligence-ops →
Step 8. Review pilot readiness verdict
In progressOwner: Product admin
/admin/pilot-readiness consumes all validators and returns Ready / Nearly ready / Not ready.
Proof required: Final-gating view declares ready === true with no remaining critical blockers.
Last checked: never
Open /admin/pilot-readiness →

Steps with a verifier API path are derived from the named endpoint, not from a button click. The runbook refuses to mark such a step system-verified unless its verifier has confirmed it.

Pilot execution checklist (R33)

Run the 8-step pilot checklist end to end

Run the 8-step checklist with one signed-in pilot customer. Capture the named evidence at each step. Compare against the stop/go criteria.

Step 1. Sign in
Open /auth/login →
Open the live URL and sign in with the invited Supabase identity.
Evidence required: Screenshot of the signed-in workspace landing.
Step 2. Run pilot verification
Open /system-health →
Click Run pilot verification on /system-health. The endpoint writes + reads back four records.
Evidence required: Verdict pill + per-step list showing every step verified.
Step 3. Add a manual agent
Open /workspace/manual-agent/new →
Open /workspace/manual-agent/new and submit the form. The verified success panel auto-checks the manual_agents table.
Evidence required: Verified success panel + the agent appears in the agents list.
Step 4. Assess the agent
Open /workspace/readiness →
Walk the readiness assessment for the new agent.
Evidence required: Completed answers committed to the review snapshot.
Step 5. Generate the report
Open /reports →
Open /reports to see the generated report with all four version stamps.
Evidence required: Report appears in /reports with score, band, version stamps, and export action.
Step 6. Review AI Radar
Open /learn/ai-landscape-radar →
Open /learn/ai-landscape-radar to see whether any approved radar update affects your report.
Evidence required: Latest scheduled or manual run timestamp + any newer-intelligence warning.
Step 7. Record feedback
Open /beta/feedback →
Capture pilot feedback against the five prompts (value clarity / ease of use / report usefulness / trust + safety / missing functionality).
Evidence required: Five answered feedback prompts logged in the feedback table.
Step 8. Decide go / no-go
Open /admin/pilot-readiness →
Compare the pilot verdict against the stop/go criteria and record the decision on /admin/pilot-readiness.
Evidence required: Readiness verdict Ready or Hold with the human note recorded.

Stop / go criteria

GO: every step of the execution checklist is verified for at least one signed-in pilot customer.
GO: report acceptance proof captured + AI Radar status visible.
GO: feedback for all five prompts recorded.
NO-GO: pilot verification fails on a clean deploy.
NO-GO: manual agent cannot be verified end-to-end.
NO-GO: report export missing or shows raw debug content.
NO-GO: any sample data labelled as operational customer data.
NO-GO: any secret-shaped value visible in the UI or response bodies.

Known limitations

Microsoft live OAuth remains scaffolded only. Manual non-Microsoft is the first-class supported path.
AI Radar fetches only URLs in the approved source registry. No broad crawling, no probing, no paywall bypass, no vulnerability scanning.
AgentProof does not provide legal advice, compliance certification, or unsupported third-party endorsement.
Pilot is free for invited customers. There is no checkout, pricing page, or billing.

Feedback capture guidance

Capture verbatim quotes against the value-clarity prompt.
Note any step that required out-of-band help — that is a UX defect.
Record any moment of distrust (claim, layout, or surface) verbatim.
Record the one missing feature that would change the customer's recommendation.
Do not capture sensitive customer evidence content — only the pilot-execution evidence.

Open /system-health →Open /workspace →Open /reports →Open /admin/pilot-readiness →Open /admin/intelligence-ops →

Critical route inventory (R33)

All 8 critical routes resolve and are reachable.

8 ok·0 missing·0 orphans

/reportsSigned-in workspace
Reports centre — list of customer reports with the four version stamps and export action.
Source: app/reports/page.tsx · Inbound link sources: 3
Route /reports resolves and has 3 inbound link(s).
/admin/pilot-packAdmin
Customer-ready private pilot operating pack + execution checklist.
Source: app/admin/pilot-pack/page.tsx · Inbound link sources: 1
Route /admin/pilot-pack resolves and has 1 inbound link(s).
/admin/intelligence-opsAdmin
Intelligence ops dashboard — radar run history, adaptation proposals, governance.
Source: app/admin/intelligence-ops/page.tsx · Inbound link sources: 3
Route /admin/intelligence-ops resolves and has 3 inbound link(s).
/admin/pilot-readinessAdmin
Pilot readiness verdict + auto-gated readiness inputs.
Source: app/admin/pilot-readiness/page.tsx · Inbound link sources: 3
Route /admin/pilot-readiness resolves and has 3 inbound link(s).
/system-healthPublic
System health + one-click pilot verification entry point.
Source: app/system-health/page.tsx · Inbound link sources: 3
Route /system-health resolves and has 3 inbound link(s).
/workspace/manual-agent/newSigned-in workspace
Manual non-Microsoft agent creation — first-class supported path.
Source: app/workspace/manual-agent/new/page.tsx · Inbound link sources: 2
Route /workspace/manual-agent/new resolves and has 2 inbound link(s).
/workspaceSigned-in workspace
Customer operating centre — readiness journey + control centre + verification prompt.
Source: app/workspace/page.tsx · Inbound link sources: 2
Route /workspace resolves and has 2 inbound link(s).
/learn/ai-landscape-radarPublic
AI Radar — preview + run history + automation status + adaptation governance.
Source: app/learn/ai-landscape-radar/page.tsx · Inbound link sources: 3
Route /learn/ai-landscape-radar resolves and has 3 inbound link(s).

Critical navigation inventory (R35)

All 13 critical navigation targets resolve and are reachable from at least one visible surface.

13 ok·0 missing·0 URL-only orphans

HomePublic
/
Public landing — hero + trust strip + Learn cards.
Source: app/page.tsx · Inbound: 1
Route / resolves and has 1 inbound link(s).
LearnPublic
/learn
Learn centre — capability zones + good design + radar + library.
Source: app/learn/page.tsx · Inbound: 1
Route /learn resolves and has 1 inbound link(s).
DemoPublic
/demo
Sample-only demo — complete value story.
Source: app/demo/page.tsx · Inbound: 1
Route /demo resolves and has 1 inbound link(s).
TrialPublic
/trial
Sample-only trial — persisted workspace with sample data so the customer can come back.
Source: app/trial/page.tsx · Inbound: 1
Route /trial resolves and has 1 inbound link(s).
WorkspaceSigned-in workspace
/workspace
Customer operating centre — pilot mode + readiness journey.
Source: app/workspace/page.tsx · Inbound: 2
Route /workspace resolves and has 2 inbound link(s).
ReportsSigned-in workspace
/reports
Reports centre — Supabase-backed list with version stamps + export.
Source: app/reports/page.tsx · Inbound: 3
Route /reports resolves and has 3 inbound link(s).
AI RadarPublic
/learn/ai-landscape-radar
AI Radar — operating loop + customer-safe scheduled-run status.
Source: app/learn/ai-landscape-radar/page.tsx · Inbound: 2
Route /learn/ai-landscape-radar resolves and has 2 inbound link(s).
System HealthPublic
/system-health
System health command centre + one-click pilot verification.
Source: app/system-health/page.tsx · Inbound: 2
Route /system-health resolves and has 2 inbound link(s).
SetupAdmin
/admin/setup
Live setup wizard — every required configuration item + exact next action.
Source: app/admin/setup/page.tsx · Inbound: 2
Route /admin/setup resolves and has 2 inbound link(s).
Product BlueprintAdmin
/admin/product-blueprint
Product blueprint — admin operating map.
Source: app/admin/product-blueprint/page.tsx · Inbound: 1
Route /admin/product-blueprint resolves and has 1 inbound link(s).
Pilot ReadinessAdmin
/admin/pilot-readiness
Pilot readiness final gating verdict + auto-gate + decision-grade panels.
Source: app/admin/pilot-readiness/page.tsx · Inbound: 2
Route /admin/pilot-readiness resolves and has 2 inbound link(s).
Pilot PackAdmin
/admin/pilot-pack
Pilot execution console + checklist + route inventory.
Source: app/admin/pilot-pack/page.tsx · Inbound: 2
Route /admin/pilot-pack resolves and has 2 inbound link(s).
Intelligence OpsAdmin
/admin/intelligence-ops
AI Radar operating loop — schedule validator + adaptation governance + pack publication.
Source: app/admin/intelligence-ops/page.tsx · Inbound: 2
Route /admin/intelligence-ops resolves and has 2 inbound link(s).