# Technical Capability Map

This map connects the current DriveDesk Core capabilities to their public-safe
implementation surface, evidence, and verifier commands.

## Capability Matrix

| Capability | Implementation surface | Evidence | Verifier |
| --- | --- | --- | --- |
| Public review bundle | One-command review runner for the public entrypoint, system path, Business OS tour, quickstart, verification matrix, project status, capability map, evidence index, demo health, OpenAPI drift, SDK, observability, alert routing, and proof contract | `docs/public/PUBLIC_REVIEW_BUNDLE.md`, `docs/public/evidence/public-review-bundle.sanitized.json`, `scripts/run_public_review_bundle.sh` | `bash scripts/check_public_review_bundle.sh` |
| Public engineering entrypoint | GitHub Pages root `index.html`, compact system review path, quickstart, and static demo shell | `docs/public/SYSTEM_REVIEW_PATH.md`, `docs/public/REVIEWER_QUICKSTART.md`, `docs/public/ENGINEERING_REVIEW_GUIDE.md`, `docs/public/ENGINEERING_PROOF.md` | `bash scripts/check_public_pages_entrypoint.sh && bash scripts/check_public_system_review_path.sh && bash scripts/check_public_reviewer_quickstart.sh` |
| Interview stack brief | Plain-language map explaining each major stack, current validation state, remaining commercial work, interview talking points, and proof commands | `docs/public/INTERVIEW_STACK_BRIEF.md`, `docs/public/evidence/interview-stack-brief.sanitized.json` | `bash scripts/check_public_interview_stack_brief.sh` |
| Public verification matrix | Claim-to-evidence matrix covering public entrypoint, demo health, OpenAPI drift, SDK, Business OS route, Control Tower, action gates, integrations, notifications, observability, incidents, release safety, GitOps, OpenTofu, private validation, and export boundary | `docs/public/PUBLIC_VERIFICATION_MATRIX.md`, `docs/public/EVIDENCE_INDEX.md`, `docs/public/evidence/public-evidence-index.sanitized.json` | `bash scripts/check_public_verification_matrix.sh && bash scripts/check_public_evidence_index.sh` |
| Public demo health | Public Demo Health workflow, static fallback, OpenAPI artifact, generated SDK manifest, demo payload markers, and public evidence contract | `docs/public/PUBLIC_DEMO_HEALTH.md`, `docs/public/evidence/public-demo-health.sanitized.json`, `.github/workflows/public-demo-health.yml`, `apps/admin/public-demo/demo-data.js`, `sdk/generated/public-demo/openapi-client-manifest.json` | `bash scripts/check_public_demo_health.sh && bash scripts/check_public_pages_entrypoint.sh` |
| OpenAPI drift | Committed OpenAPI artifact compared with current FastAPI `app.openapi()`, generated SDK manifest, and static demo markers | `docs/public/OPENAPI_DRIFT.md`, `docs/public/evidence/openapi-drift.sanitized.json`, `docs/openapi.json`, `sdk/generated/public-demo/openapi-client-manifest.json` | `bash scripts/check_public_openapi_drift.sh && bash scripts/check_public_demo_api.sh && bash scripts/check_public_demo_sdk.sh` |
| Platform tour | Business event -> workflow -> adapter -> incident -> proof route across Control Tower, Adapter Studio, operations, and proof | `docs/public/PLATFORM_TOUR.md`, `apps/admin/public-demo/index.html`, `GET /demo/public` | `bash scripts/check_public_platform_tour.sh && bash scripts/check_public_demo_api.sh` |
| Review Console | Browser-visible readiness console for public stand state, DevOps proof, integration handoff, remaining commercial work, and public/private boundary | `docs/public/REVIEW_CONSOLE.md`, `docs/public/evidence/review-console.sanitized.json`, `GET /demo/public` `reviewConsole`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_review_console.sh && bash scripts/check_public_demo_api.sh` |
| Commercial readiness 80 | Public-safe milestone showing the checked path from DevOps/platform proof toward commercial Business OS readiness without claiming finished SaaS | `docs/public/COMMERCIAL_READINESS_80.md`, `docs/public/evidence/commercial-readiness-80.sanitized.json`, `infra/platform-maturity/commercial-readiness-80.sanitized.json` | `bash scripts/check_public_commercial_readiness_80.sh` |
| Project status | Current public-safe state, limits, next work, and validation commands | `docs/public/PROJECT_STATUS.md`, `docs/public/ROADMAP.md` | `bash scripts/check_public_project_status.sh` |
| Read-only API contract | FastAPI `GET /demo/public`, `GET /demo/connector-certification`, `GET /demo/connector-fixture-replay`, `GET /demo/business-intake-pipeline`, `GET /demo/business-task-handoff`, `GET /demo/business-notification-channels`, `GET /demo/notification-delivery`, `GET /demo/business-context-assistant`, `GET /demo/business-action-execution`, `GET /demo/business-approval-gateway`, `GET /demo/integration-runtime`, `GET /demo/integration-execution`, `GET /demo/integration-repair`, `POST /tenants/{tenant_id}/integration-repairs/preview`, `GET /demo/business-scenario-replay`, and generated `docs/openapi.json` | `docs/public/API_BACKED_DEMO.md`, `examples/curl/demo-public.sh` | `bash scripts/check_public_demo_api.sh` |
| Generated client SDK | Python, JavaScript, and TypeScript demo clients plus typed file-import, CRM provider-intake, and worker-backed adapter operation plans, standalone connector certification, provider onboarding, and replay validation, Adapter Studio validation, integration runtime metadata, integration execution metadata, and integration repair metadata | `docs/public/CLIENT_SDK.md`, `docs/public/CONNECTOR_CERTIFICATION.md`, `docs/public/PROVIDER_ONBOARDING.md`, `docs/public/ADAPTER_DEVELOPER_GUIDE.md`, `docs/public/INTEGRATION_RUNTIME.md`, `docs/public/INTEGRATION_EXECUTION.md`, `docs/public/INTEGRATION_REPAIR.md`, `sdk/generated/public-demo/`, `examples/python/demo_adapter_operation_plan.py`, `examples/js/demo-adapter-operation-plan.mjs` | `bash scripts/check_public_demo_sdk.sh && bash scripts/check_public_connector_certification.sh && bash scripts/check_public_provider_onboarding.sh && bash scripts/check_public_adapter_developer_guide.sh && bash scripts/check_public_integration_runtime.sh && bash scripts/check_public_integration_execution.sh && bash scripts/check_public_integration_repair.sh` |
| Auth, RBAC, and tenant boundary | Bearer-token auth, tenant-scoped helpers, platform-admin model | `docs/public/AUTH_FOUNDATION.md`, `docs/public/TENANT_ISOLATION.md`, `docs/public/PLATFORM_ADMIN.md` | `bash scripts/ci_smoke_public.sh` |
| Audit and outbox recovery | Audited retry path for failed outbox jobs | `docs/public/OUTBOX_RECOVERY.md`, `docs/adr/0030-outbox-retry-recovery.md` | `bash scripts/ci_smoke_public.sh` |
| Business records and workflow automation | Tenant-owned records, lifecycle transitions, reusable workflow scenarios, end-to-end workflow-to-proof scenario, workflow rules, action runs | `docs/public/BUSINESS_RECORDS.md`, `docs/public/BUSINESS_RECORD_LIFECYCLE.md`, `docs/public/WORKFLOW_RULES.md`, `docs/public/WORKFLOW_ACTION_RUNS.md`, `docs/public/WORKFLOW_DEMO.md` | `bash scripts/ci_smoke_public.sh && bash scripts/check_public_demo_api.sh` |
| Business operations control tower | Provider intake preview, CRM runtime adapter contract, tenant-owned state observations, role-specific workbench context preview, automatic detection preview, escalation preview with owner/queue/SLA routing, action-plan preview with ordered operator work, notification preview with channel/draft boundaries, business exceptions, role briefing preview, approval-gated repair actions, dry-run execution, aggregate metrics, and public demo contract | `docs/public/BUSINESS_CONTROL_TOWER.md`, `GET /demo/public`, `POST /tenants/{tenant_id}/business-provider-intake/preview`, `POST /tenants/{tenant_id}/business-workbench-context/preview`, `POST /tenants/{tenant_id}/business-detections/preview`, `POST /tenants/{tenant_id}/business-escalations/preview`, `POST /tenants/{tenant_id}/business-action-plans/preview`, `POST /tenants/{tenant_id}/business-notifications/preview`, `POST /tenants/{tenant_id}/business-briefings/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_control_tower.sh && bash scripts/check_public_demo_api.sh` |
| Business intake API handoff | Recruiter-fast backend/API route from Telegram-style intake facts to FastAPI preview, validated business record shape, admin workbench queue, status transition, outbox/integration handoff, OpenAPI/SDK, pytest, and CI | `docs/public/BUSINESS_INTAKE_API_HANDOFF.md`, `docs/public/BUSINESS_INTAKE_PIPELINE.md`, `docs/public/BUSINESS_TASK_HANDOFF.md`, `GET /demo/business-intake-pipeline`, `GET /demo/business-task-handoff`, `docs/openapi.json`, `sdk/generated/public-demo/`, `tests/test_drivedesk_core_api.py`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_intake_api_handoff.sh && bash scripts/check_public_demo_api.sh && bash scripts/check_public_demo_sdk.sh` |
| Business intake pipeline | Preview-only provider event pipeline for CRM/bank/accounting signals: safe payload, role workbench cards, detection, approval-gated action plan, draft notifications, and explicit no-persistence/no-external-call boundaries | `docs/public/BUSINESS_INTAKE_PIPELINE.md`, `GET /demo/business-intake-pipeline`, `GET /demo/public` `businessIntakePipeline`, `POST /tenants/{tenant_id}/business-intake-pipeline/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_intake_pipeline.sh && bash scripts/check_public_demo_api.sh` |
| Business task handoff | Preview-only operator handoff for action-plan steps: internal task cards, internal outbox candidates, draft in-app notifications, approval gates, and explicit no-persistence/no-external-write boundaries | `docs/public/BUSINESS_TASK_HANDOFF.md`, `GET /demo/business-task-handoff`, `GET /demo/public` `businessTaskHandoff`, `POST /tenants/{tenant_id}/business-task-handoffs/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_task_handoff.sh && bash scripts/check_public_demo_api.sh` |
| Business notification channels | Preview-only notification readiness matrix for in-app, Telegram, email, SMS, and webhook: safe delivery drafts, private secret gates, and explicit no-external-delivery boundaries | `docs/public/BUSINESS_NOTIFICATION_CHANNELS.md`, `GET /demo/business-notification-channels`, `GET /demo/public` `businessNotificationChannels`, `POST /tenants/{tenant_id}/business-notification-channels/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_notification_channels.sh && bash scripts/check_public_demo_api.sh` |
| Notification delivery runtime | Public-safe delivery runtime for in-app, Telegram, email, SMS, and webhook: adapter profiles, policy check, idempotent outbox events, worker dispatch, provider gate, retry, dead-letter, operator review, and observability | `docs/public/NOTIFICATION_DELIVERY.md`, `GET /demo/notification-delivery`, `GET /demo/public` `notificationDelivery`, `docs/public/evidence/notification-delivery.sanitized.json`, `infra/notifications/notification-delivery.sanitized.json`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_notification_delivery.sh && bash scripts/check_public_demo_api.sh` |
| Business Context Assistant | Preview-only Business Context Assistant that turns CRM, bank, accounting, and legal-reference facts into safe context cards, insight rules, and next actions without provider writes | `docs/public/BUSINESS_CONTEXT_ASSISTANT.md`, `GET /demo/business-context-assistant`, `GET /demo/public` `businessContextAssistant`, `POST /tenants/{tenant_id}/business-workbench-context/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_context_assistant.sh && bash scripts/check_public_demo_api.sh` |
| Business action execution | Preview-only action execution plan that turns suggested actions into idempotent dry-run candidates, preflight checks, approval gates, rollback notes, and explicit no-provider-write boundaries | `docs/public/BUSINESS_ACTION_EXECUTION.md`, `GET /demo/business-action-execution`, `GET /demo/public` `businessActionExecution`, `POST /tenants/{tenant_id}/business-action-executions/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_action_execution.sh && bash scripts/check_public_demo_api.sh` |
| Business approval gateway | Preview-only approval gateway that turns provider-changing execution candidates into approval requests, RBAC/dual-control policy checks, approver routing, blocked commit unlocks, and audit trail evidence | `docs/public/BUSINESS_APPROVAL_GATEWAY.md`, `GET /demo/business-approval-gateway`, `GET /demo/public` `businessApprovalGateway`, `POST /tenants/{tenant_id}/business-approval-gateway/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_approval_gateway.sh && bash scripts/check_public_demo_api.sh` |
| Integration Runtime | Public-safe adapter runtime preview that turns an operation contract into scope and idempotency preflight, approval dependency, outbox handoff, worker boundary, reconciliation plan, incident routes, and `adapter_runtime.previewed` evidence | `docs/public/INTEGRATION_RUNTIME.md`, `GET /demo/integration-runtime`, `GET /demo/public` `integrationRuntime`, `POST /tenants/{tenant_id}/integration-runtime/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_integration_runtime.sh && bash scripts/check_public_demo_api.sh` |
| Integration Execution | Public-safe adapter execution timeline that turns runtime intent into run ledger, outbox enqueue, worker dispatch, blocked provider call, retry, dead-letter, reconciliation links, observability metrics, and `integration_execution.run_ledger_prepared` evidence | `docs/public/INTEGRATION_EXECUTION.md`, `GET /demo/integration-execution`, `GET /demo/public` `integrationExecution`, `POST /tenants/{tenant_id}/integration-executions/preview`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_integration_execution.sh && bash scripts/check_public_demo_api.sh` |
| Integration repair | Public-safe repair workbench and action preview that turn retry, dead-letter, and reconciliation failures into runbook-backed impact analysis, safe diagnostics, approval-gated repair actions, postchecks, and no-provider-call boundaries | `docs/public/INTEGRATION_REPAIR.md`, `GET /demo/integration-repair`, `POST /tenants/{tenant_id}/integration-repairs/preview`, `GET /demo/public` `integrationRepair`, `docs/public/evidence/integration-repair.sanitized.json`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_integration_repair.sh && bash scripts/check_public_demo_api.sh` |
| Business scenario replay | Reusable Business OS paths for CRM/bank/accounting mismatch, support SLA risk, and procurement delay risk; each path shows external signals, normalized facts, detected risk, recommended actions, approval gates, automation candidates, and data boundaries | `docs/public/BUSINESS_SCENARIO_REPLAY.md`, `GET /demo/business-scenario-replay`, `GET /demo/public` `businessScenarioReplay`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_business_scenario_replay.sh && bash scripts/check_public_demo_api.sh` |
| Integration adapter model | Runtime adapter catalog, public-safe provider connector guide, connector certification workbench, provider onboarding workbench, provider sandbox dry-run plan, fake-transport read-only runner, sanitized operator CLI, evidence recorder/verifier, connector fixture replay, `GET /demo/connector-certification`, `GET /demo/provider-onboarding`, `GET /demo/connector-fixture-replay`, Integration Runtime, Integration Execution, Integration Repair, Adapter Studio, adapter developer guide, CRM deal intake adapter, auth profiles, secret boundaries, operation scenarios, typed SDK operation plans, mapping preview, scopes, diagnostics, reconciliation, incident cards, repair runbooks, and repair action preview | `apps/admin/public-demo/index.html`, `scripts/run_provider_sandbox_dry_run.py`, `scripts/record_provider_sandbox_dry_run_evidence.sh`, `scripts/check_provider_sandbox_dry_run_evidence.py`, `docs/public/PROVIDER_CONNECTOR_GUIDE.md`, `docs/public/CONNECTOR_CERTIFICATION.md`, `docs/public/PROVIDER_ONBOARDING.md`, `docs/public/PROVIDER_SANDBOX_DRY_RUN.md`, `docs/public/CONNECTOR_FIXTURE_REPLAY.md`, `docs/public/INTEGRATION_RUNTIME.md`, `docs/public/INTEGRATION_EXECUTION.md`, `docs/public/INTEGRATION_REPAIR.md`, `docs/public/ADAPTER_DEVELOPER_GUIDE.md`, `docs/public/INTEGRATION_ADAPTER_CATALOG.md`, `docs/public/INTEGRATION_OPERATION_CONTRACTS.md`, `docs/public/INTEGRATION_RECONCILIATION.md`, `docs/public/CLIENT_SDK.md`, `docs/public/evidence/connector-certification.sanitized.json`, `docs/public/evidence/provider-onboarding.sanitized.json`, `docs/public/evidence/provider-sandbox-dry-run.sanitized.json`, `docs/public/evidence/connector-fixture-replay.sanitized.json`, `docs/public/evidence/integration-repair.sanitized.json`, `examples/connector-fixtures/replay-fixtures.sanitized.json`, `docs/adr/0072-mock-crm-deal-adapter.md`, `docs/adr/0073-adapter-auth-profile-boundary.md`, `docs/adr/0074-public-safe-connector-certification.md`, `docs/adr/0075-public-safe-connector-fixture-replay.md` | `bash scripts/check_public_provider_connector_guide.sh && bash scripts/check_public_connector_certification.sh && bash scripts/check_public_provider_onboarding.sh && bash scripts/check_public_provider_sandbox_dry_run.sh && bash scripts/check_public_connector_fixture_replay.sh && bash scripts/check_public_integration_runtime.sh && bash scripts/check_public_integration_execution.sh && bash scripts/check_public_integration_repair.sh && bash scripts/check_public_adapter_developer_guide.sh && bash scripts/check_public_demo_api.sh && bash scripts/check_public_demo_sdk.sh` |
| Recovery drills | Synthetic backup/restore, rollback, canary gate, and staged promotion evidence | `docs/public/BACKUP_RESTORE_EVIDENCE.md`, `docs/public/RELEASE_ROLLBACK_EVIDENCE.md`, `docs/public/SLO_CANARY_GATE_EVIDENCE.md`, `docs/public/STAGED_PROMOTION_EVIDENCE.md` | `bash scripts/check_public_backup_restore.sh && bash scripts/check_public_release_rollback.sh && bash scripts/check_public_slo_canary_gate.sh && bash scripts/check_public_staged_promotion.sh` |
| Observability proof | Metrics, structured logs, alert rules, runbooks, and dashboard panels represented as public-safe evidence | `docs/public/OBSERVABILITY_PROOF.md`, `docs/public/evidence/observability-proof.sanitized.json` | `bash scripts/check_public_observability_proof.sh` |
| Observability dashboard | Grafana-style dashboard groups, Prometheus/Loki panel queries, alert links, runbook links, safe labels, and public demo rendering | `docs/public/OBSERVABILITY_DASHBOARD.md`, `GET /demo/observability-dashboard`, `GET /demo/public` `observabilityDashboard`, `docs/public/evidence/observability-dashboard.sanitized.json`, `apps/admin/public-demo/index.html` | `bash scripts/check_public_observability_dashboard.sh && bash scripts/check_public_demo_api.sh` |
| Alert routing | Demo Operations tab, `GET /demo/public` `alertRouting` payload, Alertmanager-style route tree, receivers, dedupe keys, escalation, silences, runbook bindings, and failure artifacts | `apps/admin/public-demo/index.html`, `docs/public/ALERT_ROUTING_EVIDENCE.md`, `docs/public/evidence/alert-routing.sanitized.json` | `bash scripts/check_public_alert_routing.sh && bash scripts/check_public_demo_api.sh` |
| Incident response | Demo Incidents tab, `GET /demo/public` `incidentResponse` payload, incident queue, owner assignment, recovery timeline, mitigation actions, and resolution evidence | `apps/admin/public-demo/index.html`, `docs/public/INCIDENT_RESPONSE_DEMO.md`, `docs/public/INTEGRATION_INCIDENT_RUNBOOKS.md` | `bash scripts/check_public_demo_api.sh && bash scripts/check_public_engineering_proof.sh` |
| GitOps delivery | Helm chart, Argo CD layout, image automation, drift and remediation evidence | `docs/public/HELM_CHART.md`, `docs/public/GITOPS_DELIVERY.md`, `docs/public/GITOPS_IMAGE_AUTOMATION.md`, `docs/public/GITOPS_DRIFT_REMEDIATION.md` | `bash scripts/check_public_helm_render.sh && bash scripts/check_public_gitops_layout.sh && bash scripts/check_public_gitops_image_automation.sh` |
| OpenTofu and infra drift | Public-safe plan summary, state drift, runtime rollout, scheduled validation and alerting | `docs/public/OPENTOFU_PLAN_EVIDENCE.md`, `docs/public/INFRA_STATE_DRIFT_EVIDENCE.md`, `docs/public/PRIVATE_INFRA_SCHEDULED_VALIDATION.md`, `docs/public/PRIVATE_INFRA_SCHEDULED_ALERTING.md` | `bash scripts/check_public_opentofu_plan.sh && bash scripts/check_public_infra_state_drift.sh && bash scripts/check_public_private_infra_scheduled_validation.sh && bash scripts/check_public_private_infra_scheduled_alerting.sh` |
| Sanitized evidence boundary | Public-safe evidence files with no raw logs, credentials, hostnames, addresses, or production data | `docs/public/SANITIZED_EVIDENCE.md`, `docs/public/evidence/*.sanitized.json`, `PUBLIC_EXPORT_MANIFEST.md` | `bash scripts/check_public_export_secrets.sh` |
| Evidence index | Machine-readable mapping from public capabilities to docs, evidence files, verifier commands, public URLs, and boundary notes | `docs/public/EVIDENCE_INDEX.md`, `docs/public/evidence/public-evidence-index.sanitized.json` | `bash scripts/check_public_evidence_index.sh` |
| Engineering proof contract | Demo Proof tab, API payload, OpenAPI schema, SDK artifacts, docs, and CI gates | `docs/public/ENGINEERING_PROOF.md`, `docs/public/evidence/platform-maturity-70.sanitized.json`, `docs/public/evidence/commercial-readiness-80.sanitized.json` | `bash scripts/check_public_engineering_proof.sh` |

## Review Order

1. Open `docs/public/PUBLIC_REVIEW_BUNDLE.md`.
2. Run `bash scripts/run_public_review_bundle.sh`.
3. Open `docs/public/SYSTEM_REVIEW_PATH.md`.
4. Open `docs/public/PLATFORM_TOUR.md`.
5. Open `docs/public/REVIEWER_QUICKSTART.md`.
6. Open `docs/public/INTERVIEW_STACK_BRIEF.md`.
7. Open `docs/public/PUBLIC_VERIFICATION_MATRIX.md`.
8. Open the GitHub Pages engineering reference.
9. Open the live demo and switch to the Workflow, Control Tower, Integrations, Operations, Incidents, Review, and Proof tabs.
10. Read `docs/public/PROJECT_STATUS.md`.
11. Inspect `docs/openapi.json`, `GET /demo/public`, `GET /demo/connector-certification`, `GET /demo/connector-fixture-replay`, `GET /demo/business-intake-pipeline`, `GET /demo/business-task-handoff`, `GET /demo/business-notification-channels`, `GET /demo/notification-delivery`, `GET /demo/business-context-assistant`, `GET /demo/business-action-execution`, `GET /demo/business-approval-gateway`, `GET /demo/integration-runtime`, `GET /demo/integration-execution`, `GET /demo/integration-repair`, `POST /tenants/{tenant_id}/integration-repairs/preview`, and `GET /demo/business-scenario-replay`.
12. Run `bash scripts/ci_smoke_public.sh`.
13. Run `bash scripts/check_public_system_review_path.sh`.
14. Run `bash scripts/check_public_interview_stack_brief.sh`.
15. Run `bash scripts/check_public_demo_health.sh`.
16. Run `bash scripts/check_public_openapi_drift.sh`.
17. Run `bash scripts/check_public_platform_tour.sh`.
18. Run `bash scripts/check_public_reviewer_quickstart.sh`.
19. Run `bash scripts/check_public_verification_matrix.sh`.
20. Run `bash scripts/check_public_project_status.sh`.
21. Run `bash scripts/check_public_technical_capability_map.sh`.
22. Run `bash scripts/check_public_evidence_index.sh`.
23. Run `bash scripts/check_public_review_console.sh`.
24. Run `bash scripts/check_public_business_control_tower.sh`.
25. Run `bash scripts/check_public_business_intake_pipeline.sh`.
26. Run `bash scripts/check_public_business_task_handoff.sh`.
27. Run `bash scripts/check_public_business_notification_channels.sh`.
28. Run `bash scripts/check_public_notification_delivery.sh`.
29. Run `bash scripts/check_public_business_context_assistant.sh`.
30. Run `bash scripts/check_public_business_action_execution.sh`.
31. Run `bash scripts/check_public_business_approval_gateway.sh`.
32. Run `bash scripts/check_public_integration_runtime.sh`.
33. Run `bash scripts/check_public_integration_execution.sh`.
34. Run `bash scripts/check_public_integration_repair.sh`.
35. Run `bash scripts/check_public_business_scenario_replay.sh`.
36. Run `bash scripts/check_public_observability_proof.sh`.
37. Run `bash scripts/check_public_observability_dashboard.sh`.
38. Run `bash scripts/check_public_alert_routing.sh`.
39. Run `bash scripts/check_public_connector_certification.sh`.
40. Run `bash scripts/check_public_connector_fixture_replay.sh`.
41. Run the capability-specific verifier from the table above.

## Boundary

The public surface uses synthetic data and sanitized evidence. It does not expose
private runtime addresses, credentials, raw logs, production data, private state,
or customer-specific operational history.
