Public-beta gate · top 1 of 1 blockers
NEARLY READY1. No durable Radar run on this deployment
Owner: operator · Action: Trigger a Radar run from /admin/intelligence-ops with admin tools enabled. Confirm the run survives a redeploy.
Route / platform: /admin/intelligence-ops
Full strict verdict + all blockers + per-gate breakdown are rendered below.
Strict public-beta readiness — staging vs public-beta separated
Public beta nearly_ready, staging nearly_ready.
Controlled staging
nearly ready
0 blocker(s) for controlled staging.
Public beta (real customers, real auth)
nearly ready
1 blocker(s) for public beta.
All blockers (1)
No durable Radar run on this deployment blocks public beta
Owner: operator
Exact action: Trigger a Radar run from /admin/intelligence-ops with admin tools enabled. Confirm the run survives a redeploy.
Route / platform: /admin/intelligence-ops
Separation invariant: Staging test readiness and public-beta readiness are SEPARATE. Staging test access NEVER counts toward public-beta. Public-beta requires real magic-link sign-in working with a real customer email; SMTP env flag confirms operator-side configuration but a proven real session is the primary signal (R69).
admin · public · beta · readiness
Public-beta readiness
Hard launch gate: every category must be ready before public beta opens.
Verdict · live readiness probe + workspace counts + product intelligence.
Admin · Public-beta readiness
Public-beta readiness — live verdict
The verdict reads live state: Supabase activation probe + live workspace counts + product intelligence findings. Gaps surface with an exact next action per area. No query-param defaults.
Honest readiness landscape across 11 named areas lives on /admin/pre-beta-readiness.
AI Radar · latest run
AI Radar has not run yet — click 'Run AI Radar check now' on /admin/intelligence-ops.
Click Run AI Radar check now to record the first run. When the AGENTPROOF_ADMIN_TOOLS_ENABLED flag is off, the action runs a clearly labelled dry-run instead of failing.
Zero-partial feature matrix
9 operational · 6 blocked with exact action · 0 not started · 15 total. No partial, no largely, no ready-to-wire.| Feature | State | Owner | Exact next action |
|---|---|---|---|
| Auth / access (magic-link + password + local test + sign-out + R56-A shared resolver) | operational | none | None — tester can sign in and out safely today. |
| Signed-out protection (PrivateRouteGuard + PrivateRouteShell on every private route + R55 S1 smoke asserts 302) | operational | none | None — every founder-listed private route is guarded. |
| Radar dry-run (Run-check always works; dry_run_admin_disabled mode labelled honestly) | operational | none | None — operator clicks Run-check on /admin/intelligence-ops. |
| Radar live (real source fetching after legal/scope sign-off) | blocked with exact external action | operator | Set AGENTPROOF_ADMIN_TOOLS_ENABLED=true on Railway + flip per-source live_fetch_enabled=true in lib/agentproof/radar/radar_source_registry_v3.ts. |
| Radar Supabase persistence (radar_runs/_source_checks/_signals/_proposals/_pack_publications) | blocked with exact external action | operator | Apply migrations/r57_cp2_radar_tables.sql in Supabase SQL editor. Storage source label flips to 'Supabase-backed (durable)'. |
| Workspace command centre (Cp 5 + Cp 9 + R54 S3 + Cp 1 + R57 Cp 3 history) | operational | none | None — opens with one clear next action. |
| Microsoft connector readiness (Cp 12 7-precondition checklist + honest status) | blocked with exact external action | customer_admin | Customer admin: configure Microsoft Entra ID app + grant tenant admin consent + set AGENTPROOF_MICROSOFT_REAL_CONNECTOR_SHIPPED=true. |
| Azure AI Foundry readiness (Cp 6 6-state honest connector) | blocked with exact external action | customer_admin | Customer admin: configure Azure AI Foundry tenant + grant read-only permissions. |
| Assessment journey (Cp 7 first-assessment path; sample mode operational) | operational | none | None — sample assessment path is operational. Real-source assessment depends on connector readiness. |
| Report + improvement loop (Cp 8 integration panel scoped to workspace + agent) | operational | none | None — report and improvement panel mounted on /workspace/reports + /workspace/improvements. |
| Live staging smoke (R57 Cp 1 CLI + R57 Cp 7 result surfaces in product) | blocked with exact external action | operator | Operator: AGENTPROOF_STAGING_URL=https://your-url node scripts/run_r57_live_staging_smoke.cjs — writes evidence/r57_live_staging_smoke_run.json. |
| Public-beta readiness (R57 Cp 9 launch gate v2 with 4 verdict levels) | operational | none | None — gate consumes auth + smoke + radar + durability + workspace + connector + assessment + report + Trust/Help. |
| Trust / Help routes (R53 Cp 11 trust + /help) | operational | none | None — both routes present and reachable signed-out. |
| Supabase durability (R55 S3 9-record verifier on /system-health) | blocked with exact external action | operator | Apply migrations/r57_cp2_radar_tables.sql + verify on /system-health Supabase durability panel shows all 9 records durable. |
| Product intelligence (Radar Deep + intelligence-ops admin) | operational | none | None — Radar Deep panel mounted with 17 categories + 19-field source detail + 12-area impact. |
Supabase durability — table + migration status
0 durable · 0 missing · 12 RLS-blocked · 0 local fallback · 0 not yet probed. Local fallback NEVER counts as durable.
| Entity | State | Table | Migration | Why it matters | Exact next action |
|---|---|---|---|---|---|
| Workspace | rls denied signed out | agentproof_workspaces | 0007_r45_workspaces.sql | Workspace is the top-level customer container. Without durable workspaces, sign-in does not lead to anything that survives. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Workspace membership | rls denied signed out | agentproof_workspace_members | migrations/r66_a3_missing_tables.sql | Determines who can access which workspace. Without it, RLS cannot enforce per-tenant isolation. R66 A3 created this table and the public.is_workspace_member() function that all Radar RLS depends on. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Workspace invitations | rls denied signed out | agentproof_workspace_invitations | migrations/r66_a3_missing_tables.sql | Token-based workspace invitation lifecycle (pending/accepted/rejected/expired/revoked). Lets the operator invite testers without giving them admin access. R66 A3 closed the missing-migration gap. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Environments | rls denied signed out | agentproof_environments | 0007_r45_workspaces.sql | Environments hold the agents under review. Without durable environments, assessments cannot be saved. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Agents | rls denied signed out | agentproof_agents | 0007_r45_workspaces.sql | The actual AI agents that AgentProof assesses. Without this table, agents only live in memory. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Assessments / reviews | rls denied signed out | agentproof_assessment_reviews | 0009_r46_assessments_and_reports.sql | Captures the customer's answers + AgentProof's scoring. Without durability, the customer loses their work. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Reports | rls denied signed out | agentproof_reports | 0009_r46_assessments_and_reports.sql | Generated readiness reports for shareable / printable evidence. Without durability, reports are session-local. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Improvement actions | rls denied signed out | agentproof_improvement_actions | 0010_r47_improvements.sql | Backlog of improvement actions tied to a report. Without this, the improvement cycle has no memory. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Radar runs | rls denied signed out | radar_runs | r57_cp2_radar_tables.sql | Persists every radar run + source check evidence so the operating history survives refresh. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Radar signals | rls denied signed out | radar_signals | r57_cp2_radar_tables.sql | Stores candidate signals from radar runs so proposals and impact mapping have evidence to point to. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Product intelligence backlog | rls denied signed out | agentproof_product_intelligence_backlog | migrations/r66_a3_missing_tables.sql | Backlog of product-side proposals derived from radar signals + manual review. Without durability, backlog resets. R66 A3 closed the missing-migration gap. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
| Workspace audit events | rls denied signed out | agentproof_audit_events | migrations/r66_a3_missing_tables.sql | Workspace audit trail: who created which agent, when assessment was submitted, who approved which proposal. Without durability, the audit log is local-only and resets. | Sign in at /auth/sign-in. Once SMTP is configured (see SMTP blocker panel), magic-link sign-in will populate the session cookie and the probe will retry under RLS. |
Magic-link email delivery — warning
smtp configured no login observed yetSMTP configured · no login round-trip observed yet
Operator has flagged SMTP as configured. No signed-in session has been observed on this request. Login is not blocked — but cannot be proven on this surface until someone signs in.
Exact action: Send a test magic-link to your own email and complete the round-trip. /admin/setup will reflect the result and /workspace will read the same session.
Where: Supabase → Authentication → SMTP Settings
Fallback paths while SMTP is being configured
Safe non-production test access — proof
production blockedProduction deployment — staging test access permanently blocked.
Exact next action: No action available on production. Use real magic-link sign-in (Supabase SMTP must be configured).
Disabled by default: yes
The gate requires AGENTPROOF_ENABLE_LOCAL_TEST_AUTH=true. Unset = blocked. This is a hard invariant.
Permanently blocked in production: BLOCKED (NODE_ENV=production)
NODE_ENV=production on this deployment. Local test access is permanently disabled here.
AGENTPROOF_ENABLE_LOCAL_TEST_AUTH flag: (unset)
Operator has NOT enabled the flag. This is the safe default.
NEXT_PUBLIC_APP_URL not a production host: (production host)
Deploy URL looks like a production hostname. Test access is blocked even if the flag is set.
AGENTPROOF_LOCAL_TEST_USER_EMAIL set: (unset)
No test user email — test access cannot sign anyone in even if the flag is on.
AGENTPROOF_LOCAL_TEST_USER_PASSWORD set: (unset)
No test user password — test access cannot sign anyone in even if the flag is on.
Final decision: flag_not_set
AGENTPROOF_ENABLE_LOCAL_TEST_AUTH is not 'true'. Local test access is disabled by default.
Counts as production auth ready: no — never
Staging test access NEVER satisfies the public-beta gate. Production auth ready requires real magic-link sign-in working with a real customer email + SMTP configured.
Staging test access entry point
Staging test access (non-production) — AGENTPROOF_ENABLE_LOCAL_TEST_AUTH is not 'true'. Local test access is disabled by default.
Public-beta separation: Staging test access NEVER satisfies the public-beta gate. Production auth ready requires real magic-link sign-in working end-to-end with a real customer email + Supabase SMTP configured.
Strict public-beta readiness — staging vs public-beta separated
Public beta nearly_ready, staging nearly_ready.
Controlled staging
nearly ready
0 blocker(s) for controlled staging.
Public beta (real customers, real auth)
nearly ready
1 blocker(s) for public beta.
All blockers (1)
No durable Radar run on this deployment blocks public beta
Owner: operator
Exact action: Trigger a Radar run from /admin/intelligence-ops with admin tools enabled. Confirm the run survives a redeploy.
Route / platform: /admin/intelligence-ops
Separation invariant: Staging test readiness and public-beta readiness are SEPARATE. Staging test access NEVER counts toward public-beta. Public-beta requires real magic-link sign-in working with a real customer email; SMTP env flag confirms operator-side configuration but a proven real session is the primary signal (R69).
Public-beta launch gate v2
not readyNot ready — 6 blockers including critical (auth/smoke/signed-out) items.
Login not proven (no session + workspace confirmed).
Owner: operator · Action: Configure SMTP at Supabase Project Settings → Auth → SMTP, or enable local test access. Then complete one signed-in workspace round-trip.
Signed-out data protection not proven by smoke.
Owner: operator · Action: Run R57 Cp 1 CLI smoke runner — confirms /workspace/reports returns 302→/auth/sign-in or 200 with sign-in pane.
Smoke result has not shown all 10 routes green on the deployed URL.
Owner: operator · Action: Run AGENTPROOF_STAGING_URL=... node scripts/run_r57_live_staging_smoke.cjs and inspect evidence/r57_live_staging_smoke_run.json.
No durable radar run recorded.
Owner: operator · Action: Apply migrations/r57_cp2_radar_tables.sql to Supabase and click Run-check on /admin/intelligence-ops.
Supabase durability not proven where required.
Owner: operator · Action: Apply migrations/r57_cp2_radar_tables.sql + verify /system-health Supabase durability panel shows all-durable.
Assessment journey not operational.
Owner: customer_admin · Action: Customer admin: configure Microsoft tenant OR Azure Foundry tenant for real-source assessment. Sample path remains available.
Live staging smoke result
Smoke proof: no run recorded — readiness cannot be claimed green.- Signed-out safety
- unknown
- Radar route
- unknown
- Auth route
- unknown
- Workspace route
- unknown
- Run at
- —
- Staging URL
- —
- Pass / Total
- 0 / 0
- Fail / Blocked
- 0 / 0
Next: Run the CLI: AGENTPROOF_STAGING_URL=https://your-staging-url node scripts/run_r57_live_staging_smoke.cjs (proves the 10 R55 S1 routes work on the deployed URL).
Auth live proof
Not proven yet- Access state
- signed_out
- Signed in
- no
- Local test access
- inactive
- Workspace found
- no
- Workspace ownership valid
- no
- Supabase configured
- yes
- Supabase SMTP
- unknown
- Magic-link route
- present
- Sign-out route
- present
- Storage source
- supabase
- Signed-in email
- —
- Last checked
- 2026-05-25T04:39:25.016Z
Next: Sign in via /auth/sign-in to complete the proof.
Radar operating history
No radar run yet — open /admin/intelligence-ops and click Run check.No durable run yet
Set up Supabase persistence first (see R57 Cp 2). Then click 'Run check'. Runs without Supabase are local fallback only.
Next: Set up Supabase persistence first (see R57 Cp 2). Then click 'Run check'. Runs without Supabase are local fallback only.
CTA & path integrity
25 CTAs across 13 surfaces — 9 reach protected routes
Every CTA the customer can see is enumerated here. Each entry resolves to a real page, a back-compat redirect, a protected route that redirects to /auth/sign-in, or a disabled action with a reason. No CTA in this list lands on the not-found picker.
Highest-risk customer paths
Any CTA that points at a workspace, connector, discovery, or report surface. These must redirect signed-out viewers to /auth/sign-in via PrivateRouteGuard.
- My workspaceworkspace
/dashboard/estatefrom components/navigation/PublicSiteHeader.tsx - Choose a connectorconnector
/workspace/environments/setupfrom lib/agentproof/workspace/workspace_empty_state_content_v1.ts - Check blockersconnector
/workspace/microsoft-readinessfrom lib/agentproof/workspace/workspace_empty_state_content_v1.ts - Open Microsoft setupconnector
/workspace/environments/setup/microsoftfrom app/workspace/environments/setup/page.tsx - Open readinessconnector
/workspace/microsoft-readinessfrom lib/agentproof/workspace/workspace_microsoft_continuation_v1.ts - Open readiness assessmentreport
/workspace/readinessfrom lib/agentproof/workspace/workspace_microsoft_continuation_v1.ts - Open reportsreport
/workspace/reportsfrom app/workspace/reports/page.tsx
Coverage by surface
- public_home3 CTAs (1 protected)
- learn_centre3 CTAs (0 protected)
- ai_radar1 CTAs (0 protected)
- demo_sample2 CTAs (0 protected)
- trial1 CTAs (0 protected)
- auth5 CTAs (0 protected)
- workspace3 CTAs (2 protected)
- environment_setup1 CTAs (1 protected)
- microsoft_setup2 CTAs (2 protected)
- reports1 CTAs (1 protected)
- proof_customer_journey1 CTAs (1 protected)
- system_health1 CTAs (0 protected)
- public_beta_readiness1 CTAs (1 protected)
Live staging smoke runner · 10 routes
Smoke runner has not been probed yet — open the live staging URL and click Run.
Live probe of https://app.agentproofhq.com. Each route is fetched with a real HTTP request from the browser. Routes that never ran are labelled "Not yet probed" — never silently green.
https://app.agentproofhq.comNot safe yet — some routes failed, are blocked, or have not been probed.
- 1. Public landing opensNot yet probed
Anyone, signed out, gets a friendly product home with a path into demo or trial.
/expected: 200_html - 2. Sign-in page opensNot yet probed
Canonical sign-in page renders with magic-link or password mode toggle.
/auth/sign-inexpected: 200_html - 3. Demo / sample opensNot yet probed
Sample data is reachable and clearly labelled — never claimed as real.
/demoexpected: 200_html - 4. Workspace protects signed-out usersNot yet probed
Signed-out viewers are redirected to /auth/sign-in by PrivateRouteGuard — they never see private data.
/workspaceexpected: 302_redirect_to_auth - 5. Signed-out users do not see private dataNot yet probed
Cp Q invariant: signed-out viewers on every private route get the sign-in pane, never workspace reports.
/workspace/reportsexpected: 302_redirect_to_auth - 6. AI Radar opensNot yet probed
Public radar page renders with latest run mode (live/dry-run/never-run) honestly labelled.
/learn/ai-landscape-radarexpected: 200_safe_for_signed_out - 7. Trust Centre opensNot yet probed
Trust Centre opens with the 12 founder-authored sections + claim-safety validator.
/trustexpected: 200_safe_for_signed_out - 8. Help opensNot yet probed
Help / documentation entry point is reachable without sign-in.
/helpexpected: 200_safe_for_signed_out - 9. Public-beta readiness opensNot yet probed
Admin readiness verdict surface renders with CTA integrity + radar + workspace probes.
/admin/public-beta-readinessexpected: 200_html - 10. System health opensNot yet probed
System health surface renders with radar latest-run + Supabase probe + connector smoke runner.
/system-healthexpected: 200_html