Evidence Index

Every major claim, mapped to something you can inspect.

This portfolio is written for inspection. Each claim below links to the strongest evidence that exists today — a live evaluation report, a named source file in a case study, or a dated production snapshot — and carries an honest status. Where an artifact isn't public yet, it says so.

Live public & inspectable now Documented described with named files Snapshot point-in-time production count Planned in progress

Claims & evidence

ClaimEvidenceAs ofStatus
Lumenor's release is gated by a 61-scenario CI evaluation harnessLive evaluation report — every scenario, response, and judge rationale2026-07-16Live
Zero answer leaks in gated contexts on the latest full runLive report — leak count 0 / 612026-07-16Live
Run provenance is frozen (model, prompt, scenario-set version, cost)Live report provenance panel + downloadable JSON2026-07-16Live
Door-code release is a pure function that fails closedDoorOps case studyengine-core.ts + ~50 assertions in engine-core.check.ts2026-07Documented
The model selects a registered action id and never writes SQLDoorOps case study — interpret → parse → resolve → guards → confirm → execute2026-07Documented
High-impact actions (price, lease, eviction) are permanently human-approvedDoorOps case studypolicy-core.ts never-list + promotionTarget2026-07Documented
Output guardrails fail closed if the auditor itself errorsLumenor case studypipeline.ts leak-audit2026-07Documented
DoorOps runs a real 7-building / 22-unit portfolio (~350 leasing msgs, ~80 agent runs)DoorOps case study — production counts2026-07-15Snapshot
Sanitized reference code (gate, registry, leak auditor, eval runner, ADRs)Public evidence repositoryPlanned
Cross-provider evaluation (same scenarios against a second provider)Frozen comparison report — Claude vs GPT-5.6 across the 61 scenarios, judge held constant2026-07-16Live

Statuses are used precisely: Live means public and inspectable right now; Documented means described in a case study with named files (sanitized source publication is in progress); Snapshot is a point-in-time production count; Planned is in progress.

Technology map

The stack behind the systems, with where each capability is demonstrated.

CapabilityWhere it shows up
TypeScript / JavaScriptNext.js, React, hand-rolled agent loops, zod schemas, server actions
REST APIs / SDKsAnthropic, OpenAI, Twilio, Clerk, Supabase, Deepgram, ElevenLabs
Structured outputsTyped action ids + zod-validated parameter schemas
Tool useModule-agnostic tool-use loop; registered action surfaces
Retrievalpgvector cosine over a learner's own uploads, cited
Evaluations61-scenario CI gate; mechanical assertions + reasoning-tier judge
Multi-provider routingCapability-tier ModelRouter; providers swappable behind one interface
AuthenticationClerk; native Apple / Google token bridge on iOS
SecurityTenant scoping (fail-closed), AES-256-GCM PII, consent gating, access logs
CI/CDGitHub, Vercel, Xcode Cloud, release gates
Cloud / dataVercel, Supabase / Postgres + RLS, storage, serverless
ObservabilityUsage, cost, latency, error, audit + before/after snapshots
MobileNative SwiftUI (Tiglit) and Capacitor hybrid (Lumenor)
MessagingTwilio A2P 10DLC SMS

Architecture decision records

The load-bearing decisions, stated as short ADRs. Full sanitized ADRs ship with the evidence repository.

  1. The model selects an action; deterministic code performs the write.
  2. High-impact actions (price, lease terms, eviction, legal) are permanently human-approved.
  3. Leak auditing fails closed — a draft is blocked, never shown unaudited.
  4. Mechanical assertions run alongside model judges; neither is trusted alone.
  5. Models are routed by capability tier, not by name, so providers are swappable.
  6. Risky streaming responses are buffered and audited before display.
  7. Exact model + prompt + scenario-set versions are frozen into every evaluation report.