Sigloren / Codaegis

MVP shell

Phase 1 browser shell for the GitHub-first, packet-first, read-only Codaegis flow.

No active session. Create one on the connect route to exercise the packet loop with the current live-or-fallback boundary.

GitHub-firstOne repo at a timePull request review firstAnalyze firstPacket-first UIRead-only by default

Result

Render the packet. Do not improvise a separate story.

This screen is built from the same fields a webhook, export, or future API should carry. The human page is a calm rendering of the same packet, not a second artifact.

No stored run exists yet, so this route is showing the current demo packet. Start a run to replace it with a real stored packet.

reviewPR #128

Auth policy and billing changes landed together with limited rollback clarity.

Codaegis found enough risk to require review before trust or merge.

Repo: sigloren/checkout-risk
Confidence: medium
Access level: read-only
Retention: 7 days
Policy memory: policy.none
Run duration: 2m 14s

Decision basis

Auth scope widened in the same pull request as billing hooks.
Rollback guidance is incomplete for the changed path.
Read-only access was enough to produce a narrow packet.

Risk findings

Coupled auth and billing changes

high

Permission-sensitive auth edits and billing logic moved together in one pull request.

A reviewer has to trust more than one critical boundary at once.

Evidence · sigloren/checkout-risk PR #128

Required fixes

Split auth and billing concerns into smaller review units.

Next actions

Narrow the diff and rerun Codaegis on the updated pull request.

Safe state and uncertainty

Hold merge until the risk boundary is smaller and easier to trust.

Keep the current production token policy as baseline until the narrower PR is ready.

Deployment notes were not attached to the review context.