Claims & evidence
| Claim | Evidence | As of | Status |
|---|---|---|---|
| Lumenor's release is gated by a 61-scenario CI evaluation harness | Live evaluation report — every scenario, response, and judge rationale | 2026-07-16 | Live |
| Zero answer leaks in gated contexts on the latest full run | Live report — leak count 0 / 61 | 2026-07-16 | Live |
| Run provenance is frozen (model, prompt, scenario-set version, cost) | Live report provenance panel + downloadable JSON | 2026-07-16 | Live |
| Door-code release is a pure function that fails closed | DoorOps case study — engine-core.ts + ~50 assertions in engine-core.check.ts | 2026-07 | Documented |
| The model selects a registered action id and never writes SQL | DoorOps case study — interpret → parse → resolve → guards → confirm → execute | 2026-07 | Documented |
| High-impact actions (price, lease, eviction) are permanently human-approved | DoorOps case study — policy-core.ts never-list + promotionTarget | 2026-07 | Documented |
| Output guardrails fail closed if the auditor itself errors | Lumenor case study — pipeline.ts leak-audit | 2026-07 | Documented |
| DoorOps runs a real 7-building / 22-unit portfolio (~350 leasing msgs, ~80 agent runs) | DoorOps case study — production counts | 2026-07-15 | Snapshot |
| Sanitized reference code (gate, registry, leak auditor, eval runner, ADRs) | Public evidence repository | — | Planned |
| Cross-provider evaluation (same scenarios against a second provider) | Frozen comparison report — Claude vs GPT-5.6 across the 61 scenarios, judge held constant | 2026-07-16 | Live |
Statuses are used precisely: Live means public and inspectable right now; Documented means described in a case study with named files (sanitized source publication is in progress); Snapshot is a point-in-time production count; Planned is in progress.
Technology map
The stack behind the systems, with where each capability is demonstrated.
| Capability | Where it shows up |
|---|---|
| TypeScript / JavaScript | Next.js, React, hand-rolled agent loops, zod schemas, server actions |
| REST APIs / SDKs | Anthropic, OpenAI, Twilio, Clerk, Supabase, Deepgram, ElevenLabs |
| Structured outputs | Typed action ids + zod-validated parameter schemas |
| Tool use | Module-agnostic tool-use loop; registered action surfaces |
| Retrieval | pgvector cosine over a learner's own uploads, cited |
| Evaluations | 61-scenario CI gate; mechanical assertions + reasoning-tier judge |
| Multi-provider routing | Capability-tier ModelRouter; providers swappable behind one interface |
| Authentication | Clerk; native Apple / Google token bridge on iOS |
| Security | Tenant scoping (fail-closed), AES-256-GCM PII, consent gating, access logs |
| CI/CD | GitHub, Vercel, Xcode Cloud, release gates |
| Cloud / data | Vercel, Supabase / Postgres + RLS, storage, serverless |
| Observability | Usage, cost, latency, error, audit + before/after snapshots |
| Mobile | Native SwiftUI (Tiglit) and Capacitor hybrid (Lumenor) |
| Messaging | Twilio A2P 10DLC SMS |
Architecture decision records
The load-bearing decisions, stated as short ADRs. Full sanitized ADRs ship with the evidence repository.
- The model selects an action; deterministic code performs the write.
- High-impact actions (price, lease terms, eviction, legal) are permanently human-approved.
- Leak auditing fails closed — a draft is blocked, never shown unaudited.
- Mechanical assertions run alongside model judges; neither is trusted alone.
- Models are routed by capability tier, not by name, so providers are swappable.
- Risky streaming responses are buffered and audited before display.
- Exact model + prompt + scenario-set versions are frozen into every evaluation report.