Activity across projects.
Simulated audit activity for each project in the workspace, from provider context through approval and evidence generation.
- Logged
Provider context connected
Repository inventory and recent commit metadata loaded for northstar-health/patient-portal.
- Pending
Investigation session started
Northstar Patient Portal on main locked for scan against SOC 2, GDPR.
- Pending
Trust boundary scan queued
Next.js + Supabase signals moved into trust-boundary analysis.
- Pending
Critical finding detected
Patient documents are readable across tenants (personal data exposure).
- Pending
Fix approval requested
Replace the public read policy with a patient-scoped policy that requires an authenticated role and matches the object folder to the patient_id claim in auth.jwt(). Confirm a signed Data Processing Agreement covers the storage subprocessor. Fixes require approval and human review required before approval.
- Pending
Evidence packet generated
Generated artifacts become report-eligible only after approval.