Control register

The matrix

✓ marks a control documented in this register. ✓⛑ marks one that had a flaw found and fixed — follow it to the write-up. A blank means not documented here — not absent, and never a deficiency; nothing is marked ✗. Each product's full control set lives on its page. This is a cross-read, not a scorecard.

Product	Deny-by-default access RLS, grant revocation, tenant isolation, operator-gated capabilities	PII minimization & scrubbing Drop-don't-store, pseudonymization, hashing, multi-layer scrubbers	Regulatory guardrails Fair-housing, §1641/CBP, safe-harbor & licensing, GLBA/DPPA/FCRA boundaries	Fail-closed defaults Classifiers and egress that refuse rather than proceed on unknown or unconfigured state	Pre-merge security gates Authz-review gates, denylist-in-CI, security-reviewer agents, requirements-audit-before-build	Auditability & self-audit Formal self-audits, append-only/immutable trails, explainability, anti-overclaim
ReadySetBind LIVE · PILOT
TariffRefunded LIVE
StackBadger PUBLISHED
SafeCircleOps PRIVATE
DealFinder PAUSED
CyberReadyAI PAUSED
RiskScanAI SHELVED

Where a control broke — and got fixed

The ✓⛑ cells. A control that was implemented wrong, caught, and corrected. These are the entries worth reading — the coverage matters less than the recovery.

ReadySetBind Deny-by-default access

One SECURITY DEFINER function is the sole tenancy predicate for every RLS policy, with explicit deny-all on no-access tables.

FLAW & FIXA verification RPC stayed callable by the anonymous role for ~3 days after a REVOKE missed it — closed in a follow-up migration.
Read the write-up →
ReadySetBind Fail-closed defaults

Email outcomes route through a fail-closed classifier — anything unknown counts as failed.

FLAW & FIXThe email provider returned HTTP 200 for non-deliveries, so callers advanced state on mail that never sent — the bug that drove the classifier and a CI rule.
Read the write-up →
TariffRefunded Deny-by-default access

Clerk↔Supabase RLS keyed on the JWT subject across six table policies, one storage policy, and an RPC; anonymous sessions are header-bound.

FLAW & FIXPolicies first cast the JWT subject to a UUID, so every authenticated query failed until the predicate read the raw subject claim instead.
StackBadger Deny-by-default access

Read-only by default; write probes require both a CLI flag and an explicit per-test marker.

FLAW & FIXA code-review round anchored and case-folded the exclusion regexes that scope every probe — they were unanchored before.
Read the write-up →
StackBadger Pre-merge security gates

Twin confirmation gates plus a preflight doctor check stand before any probe.

FLAW & FIXThe original gates had a bypass, closed in a first code-review round.
Read the write-up →
CyberReadyAI Deny-by-default access

Clerk↔Supabase RLS, storage isolation by folder prefix, and tier-gated access.

FLAW & FIXThe RLS policies keyed on a function that returns null for Clerk tokens — effectively dead, with all production paths re-enforcing ownership in code; fixed properly in the successor product. No real users or data at the time.
RiskScanAI Deny-by-default access

RLS on all five tables keyed on the JWT subject, with service-role functions re-enforcing ownership in code as a second layer; three-tier guest/free/paid access.

FLAW & FIXThe early prototype "verified" tokens by manual decode with no signature check; one hardening commit added real verification, security headers, webhook idempotency, and timing-safe comparisons across 13 files. Before any real users or data.
RiskScanAI PII minimization & scrubbing

The Claude API key is server-side only; generic error strings replace raw messages; agents are denied read access to secret files.

FLAW & FIXRaw error messages leaked to API responses in the prototype, removed in the same hardening commit.

Per-product detail

Every cell, with the control it stands for. Open a product to read what each ✓ is backed by.

ReadySetBind LIVE · PILOT

Deny-by-default access: One SECURITY DEFINER function is the sole tenancy predicate for every RLS policy, with explicit deny-all on no-access tables. Fixed: A verification RPC stayed callable by the anonymous role for ~3 days after a REVOKE missed it — closed in a follow-up migration. write-up →
PII minimization & scrubbing: User IDs HMAC-pseudonymized with a vaulted key; error payloads scrubbed; PII rejected from ops alerts.
Regulatory guardrails: Insurance-binding regulatory controls. (Kevin's call — insurance-binding domain)
Fail-closed defaults: Email outcomes route through a fail-closed classifier — anything unknown counts as failed. Fixed: The email provider returned HTTP 200 for non-deliveries, so callers advanced state on mail that never sent — the bug that drove the classifier and a CI rule. write-up →
Pre-merge security gates: A standing authorization-review gate plus a dedicated security-reviewer agent clear every new route, function, or policy; an ast-grep CI rule blocks any unclassified email call.
Auditability & self-audit: A formal self-audit (third iteration of a per-project extraction ritual); the append-only audit_log row is written before the state change it authorizes.

TariffRefunded LIVE

Deny-by-default access: Clerk↔Supabase RLS keyed on the JWT subject across six table policies, one storage policy, and an RPC; anonymous sessions are header-bound. Fixed: Policies first cast the JWT subject to a UUID, so every authenticated query failed until the predicate read the raw subject claim instead.
PII minimization & scrubbing: Four-layer scrubber across client, server, error reports, and breadcrumbs; full importer-of-record numbers dropped from the schema for a suffix key and opaque group ID.
Regulatory guardrails: A federal customs regulation's (§1641) forbidden phrasings live in a pre-commit denylist; 12 HIGH / 6 MEDIUM violations remediated across 17 files. write-up →
Fail-closed defaults: The anonymous-session merge function raises rather than letting an unauthenticated caller hijack an account merge.
Pre-merge security gates: The §1641 forbidden-phrase denylist runs as a blocking pre-PR gate; a purpose-built pentest harness probes the full external surface. write-up →
Auditability & self-audit: Two dated site-vs-strategy alignment audits producing numbered P0/P1/P2 findings, each traceable to a fixing PR.

StackBadger PUBLISHED

Deny-by-default access: Read-only by default; write probes require both a CLI flag and an explicit per-test marker. Fixed: A code-review round anchored and case-folded the exclusion regexes that scope every probe — they were unanchored before. write-up →
PII minimization & scrubbing: Report-layer scrubbing ships in the public repo; the heavier brand/PII scrub runs in the export process.
Regulatory guardrails: Written authorization to test is a stated precondition in the security policy, not a footnote.
Fail-closed defaults: Exclusion paths and tables are on by default across every probe seam; the tool refuses to guess a target profile rather than mis-target.
Pre-merge security gates: Twin confirmation gates plus a preflight doctor check stand before any probe. Fixed: The original gates had a bypass, closed in a first code-review round. write-up →
Auditability & self-audit: A negative result — Supabase-Auth non-detectability — is documented and pinned by a test rather than papered over; dual report output carries the evidence trail.

SafeCircleOps PRIVATE

Deny-by-default access: The riskiest, tip-off-capable tool runs only when two settings are flipped, with the skip reason recorded; single-operator local CLI.
PII minimization & scrubbing: Breach-check credentials are HMAC-hashed on receipt with a per-case key that never persists; sensitive egress is consent-gated.
Regulatory guardrails: A legal checklist keeps GLBA/DPPA-regulated databases and FCRA boundaries out of the automated path entirely.
Fail-closed defaults: Egress fails closed: if the proxy is enabled but unconfigured, the pipeline refuses to connect rather than going direct.
Pre-merge security gates: A requirements-audit-before-build gate audited the design against the real tool landscape before any code; each finding became an enforced hard rule.
Auditability & self-audit: Chain of custody as code: every tool run writes an append-only manifest — version, command line, operator, UTC times, output hash — and finished outputs are made OS-level immutable.

DealFinder PAUSED

Deny-by-default access: Postgres with row-level security and an append-only audit log; auth + RLS shipped.
PII minimization & scrubbing: The sensitive owner-age demographic signal was dropped from scoring entirely — minimization by removal; no real owner records or credentials in the repo.
Regulatory guardrails: Fair-housing as a design-time constraint: no age inference in the shipped scoring function; divorce signals require per-deal human review.
Fail-closed defaults: The tax-delinquency scraper trips a circuit breaker after 50 consecutive failures and sanity-checks its own output rather than proceeding on corrupt data.
Pre-merge security gates: Fair-housing controls here were design-time PRD decisions, not a CI/tooling gate.
Auditability & self-audit: Explainable-by-construction scoring: an additive model with weights locked in migration code, so "why did this lead score 78?" always has an answer.

CyberReadyAI PAUSED

Deny-by-default access: Clerk↔Supabase RLS, storage isolation by folder prefix, and tier-gated access. Fixed: The RLS policies keyed on a function that returns null for Clerk tokens — effectively dead, with all production paths re-enforcing ownership in code; fixed properly in the successor product. No real users or data at the time.
PII minimization & scrubbing: Analytics events carry no user identifiers.
Regulatory guardrails: Referral fees are fixed-amount only — the safe harbor that avoids producer licensing — with regulatory counsel budgeted as a gate before the next tier; premium dollar amounts kept out of the UI to stay educational, not solicitation.
Fail-closed defaults: Unconfirmed evidence uploads are rejected and unconfirmed policies earn no maturity score.
Pre-merge security gates: A plan-time adversarial self-grill caught implementation-killing facts before any code; a dedicated security-reviewer agent carried in from the prior product.
Auditability & self-audit: A post-hoc audit of 16 agent guardrails found one provably effective, three brittle, and roughly nine warning-only theater — the rubric became block, red-team it day one, or don't ship it. write-up →

RiskScanAI SHELVED

Deny-by-default access: RLS on all five tables keyed on the JWT subject, with service-role functions re-enforcing ownership in code as a second layer; three-tier guest/free/paid access. Fixed: The early prototype "verified" tokens by manual decode with no signature check; one hardening commit added real verification, security headers, webhook idempotency, and timing-safe comparisons across 13 files. Before any real users or data.
PII minimization & scrubbing: The Claude API key is server-side only; generic error strings replace raw messages; agents are denied read access to secret files. Fixed: Raw error messages leaked to API responses in the prototype, removed in the same hardening commit.
Regulatory guardrails: General SMB cyber-risk tool, pre-dating the insurance/safe-harbor pivot that became CyberReadyAI.
Fail-closed defaults: AI summaries are validated for required keys before storage; on a malformed response it builds a deterministic fallback rather than rendering a broken summary. write-up →
Pre-merge security gates: A dedicated security-reviewer agent (auth, secrets, input validation, CORS, RLS, Stripe) encoded review into the tooling rather than leaving it ad hoc.
Auditability & self-audit: An autonomous nightly run included a credibility audit that replaced poorly-sourced marketing stats with cited figures; symptom→root-cause taxonomies kept as self-audit artifacts.