Compliance Hub — Decision Decks

5 decisions needed before proceeding — pick an option on each, then copy your choices
2026-07-01
1
GitHub + Docker Migration
Where does the code live? Does it run locally too?

Context

Compliance Hub currently lives in a local git repo only. Moving to GitHub gives you CI/CD, team access, and a foundation for Docker. The standards corpus (100k+ clause files) is IP and must never be in GitHub.

Decision A — GitHub Migration

Decision B — Docker Local Hosting

You gain

  • Runs fully on-prem, behind firewall
  • Corpus never leaves your building
  • No per-query Cloudflare costs
  • Works offline / air-gapped

You lose

  • Cloudflare edge performance
  • Managed scaling (you manage infra)
  • Zero-ops (must maintain Docker stack)
  • 3–5 days engineering to build

Also need from you (if doing GitHub)

  • GitHub org:
  • Repo name:
  • Who runs the push?
2
MCP Build
Connect Compliance Hub to Claude Desktop, Cursor, Windsurf

What it is

MCP = Model Context Protocol — Anthropic's open standard for connecting AI tools to data sources. An MCP server lets any Claude Desktop / Cursor / Windsurf user query your corpus directly from inside their tool. Auth is already built — key issuance, mint/revoke, UsersView all shipped. This is a clean 1-day build.

When to build

Access scope

3
Compliance File Store
Turn query answers into a durable, exportable record system

The problem

Opus gap review verdict: "excellent retrieval instrument wearing the paperwork of a system-of-record it hasn't built." Every query answer disappears. There's no audit trail, no product record, no defensible export. This is the gap between a search tool and a compliance management system.

Options — ranked by value vs effort

If building (A or B) — export format needed?

4
Pre-Launch Check Plan
What's the bar before we say "ready"?

Must-fix first (before any review)

3 silent bugs that will read as "broken" to any fresh evaluator:
  • Maintenance toggle does nothing — admin off-switch writes wrong table. Fix: ~2 hours.
  • Inbox Approve is a dead-end — approvals park forever, nothing processes them. Fix: ~1 hour.
  • Verification pills show GOLD corpus as "Unknown" — hardcoded map over empty column. Fix: ~half a day.

Launch bar — pick your standard

Target launch date

Review findings delivery

5
Phase 2c Backend — Dig Deeper
Should the map show ranked-but-cut clauses, and get a proper expand API?

Context

Phase 2c frontend (ghost nodes, absent nodes, cross-ref chips) is shipping now — no decision needed. Two backend items need your call:

Decision A — Cut frontier (show ranked-but-cut clauses)

Right now the worker retrieves clauses and silently discards any that scored highly but fell past the 16-clause limit. Users can't see them. Fix: emit those discards as not_retrieved[reason='topk_limit'] so the map can show "▸ +9 more ranked" chips per standard group. Fix is ~3 hours worker change.

Decision B — /api/query/expand endpoint

A proper batch API for expanding multiple clauses in one call. More powerful than the single-clause materialise in Phase 2c. Enables multi-clause "dig deeper" expansion. Effort: ~1 day.
Decisions: 0 / 5