Reports, history, and status
Interpret Sentinel reports, history, status, and evidence while respecting data-source, export, retention, and recap limitations.
Reports, history, and status
Sentinel history and status surfaces summarize scan records, readiness, limitations, and supporting evidence. History can be store-backed or demo-backed, while the status route communicates what the private-alpha environment can and cannot do. The supplied implementation does not establish PDF or CSV export, immutable audit history, indefinite retention, scheduled reports, or automated weekly recaps.
Reports
A report should summarize only records available from the active source. Identify whether the information is store-backed or demo-backed, link conclusions to findings and evidence, and avoid presenting an interface summary as a certified security assessment. PDF, CSV, and scheduled-report exports are not verified in the current Sentinel private-alpha surface.
A Sentinel report is a review summary built from available scan, finding, and evidence records. Sentinel can organize those records, but no final report schema or native publishing workflow is verified.
Before using a report operationally, confirm the repository, scan scope, source provenance, and evidence references. A report containing demo or fixture data is product material rather than a customer assessment. Avoid presenting it as proof that a repository was scanned.
Reports should preserve uncertainty. Candidate findings are not automatically confirmed vulnerabilities, severity is not confidence, and patch proposals are not completed remediation.
Reports can summarize available scan records and evidence without a verified native export contract. Verified product routes include /sentinel/history and /sentinel/status. History records may come from a store or from demo data depending on the loader path. Store-backed history currently marks weekly recap as disabled.
Verified product routes include /sentinel/history and /sentinel/status; check the source label before using a history entry in an operational report. Scan status should be interpreted together with repository source, scope, plan, findings, and data provenance; open linked evidence only within the authorized repository context. A history row does not prove immutable storage, complete scanner coverage, or indefinite availability.
No fixed retention period or immutability guarantee is established; compare scan status with the plan and available findings rather than assuming completion from one badge. History records may come from a store or from demo data depending on the loader path; use the status surface to identify planned, unsupported, demo, empty, or store-backed conditions. Treat a history row as insufficient proof of immutable storage, complete scanner coverage, or indefinite availability.
History
History can be backed by stored records or demo data, and the page must display that distinction whenever it affects interpretation. A stored entry can describe a supported scan record; a demo entry demonstrates layout and review behavior. Neither source establishes indefinite retention or an immutable audit ledger.
Compare a history item with its repository reference, plan, status, findings, and evidence. If a linked object is missing, first check whether the page is using an empty, unsupported, demo, or store-backed source. Absence alone does not prove deletion, tampering, or a completed cleanup operation.
The verified /sentinel/history route can display store-backed or demo-backed records. Rely on a history entry only after checking its source label. Store-backed history reflects the configured record path; demo history is seeded for preview and must remain clearly identified.
History does not come with a verified immutability or indefinite-retention guarantee. The current loader also marks weekly recap as disabled for the inspected store-backed path. Do not promise that all scans, events, reviews, or proposals remain available across deployments.
A missing record can result from an empty source, unsupported path, demo configuration, or persistence limitation. Review provenance before treating absence as evidence of deletion or tampering.
History may be loaded from a store or from demo data, and that source must be visible. Scan status should be interpreted together with repository source, scope, plan, findings, and data provenance. No export contract for PDF, CSV, or another downloadable report format was verified. No fixed retention period or immutability guarantee is established.
Store-backed history currently marks weekly recap as disabled; compare scan status with the plan and available findings rather than assuming completion from one badge. No fixed retention period or immutability guarantee is established; use the status surface to identify planned, unsupported, demo, empty, or store-backed conditions. Do not promise scheduled summaries or export formats that the current routes do not implement.
Verified product routes include /sentinel/history and /sentinel/status; open linked evidence only within the authorized repository context. Scan status should be interpreted together with repository source, scope, plan, findings, and data provenance; create external reports through approved organizational processes because native export behavior remains unverified.
Scan status
Status should answer whether the selected path is ready, running through a supported state, complete, blocked, empty, or unavailable according to the current record. Keep readiness separate from security outcome. A completed supported scan with no findings does not prove that the repository is secure, and an unsupported source does not constitute a clean result.
Scan status summarizes where a record stands in the current product. Interpret it with repository authorization, scope, plan state, policy decisions, source type, and available findings. A completed-looking value does not prove that every scanner ran or every rule applied.
Use /sentinel/status to review readiness and limitations. Unsupported or planned capabilities should remain distinct from operational failures. Likewise, a scan with no findings should not be described as proof that the repository is secure.
When status conflicts with visible records, capture the safe scan identifier, source label, plan state, and implementation version before retrying.
Status summarizes readiness and record state rather than guaranteeing complete scanner coverage. Evidence references may contain sensitive repository details and require authorized access. Open linked evidence only within the authorized repository context. Use the status surface to identify planned, unsupported, demo, empty, or store-backed conditions.
No export contract for PDF, CSV, or another downloadable report format was verified; open linked evidence only within the authorized repository context. Verified product routes include /sentinel/history and /sentinel/status; create external reports through approved organizational processes because native export behavior remains unverified.
Store-backed history currently marks weekly recap as disabled; use the status surface to identify planned, unsupported, demo, empty, or store-backed conditions. No fixed retention period or immutability guarantee is established; check the source label before using a history entry in an operational report.
Exports
Copying visible text is not equivalent to a supported export with completeness, provenance, and retention guarantees.
No verified contract supports PDF, CSV, scheduled, or automated recap exports. Do not invent an export button, file format, API, or delivery schedule.
| Output | Verified? |
|---|---|
| History and status routes | Yes. |
| Store or demo provenance | Yes; it must be labeled. |
| PDF or CSV export | No. |
| Scheduled report | No. |
| Weekly recap | Disabled for the inspected store-backed path. |
| Fixed retention | No. |
If an organization needs a report outside Sentinel, move only authorized, necessary information into an approved system and preserve links to the source evidence. Avoid copying sensitive repository content into broad distribution channels.
PDF, CSV, scheduled, and automated recap outputs are not verified. Create external reports through approved organizational processes because native export behavior remains unverified. An operational report should use a history entry only after its source label is checked.
Evidence references may contain sensitive repository details and require authorized access; use the status surface to identify planned, unsupported, demo, empty, or store-backed conditions. Store-backed history currently marks weekly recap as disabled; check the source label before using a history entry in an operational report.
Evidence
Reports and history should remain traceable to evidence. Include finding and scan identifiers, affected files, rule or scanner references, safe summaries, and timestamps when the current record supplies them.
Do not detach a conclusion from its provenance. Store, demo, fixture, empty, and unsupported records have different meanings. A history row based on demo data cannot support a real repository decision.
Evidence can contain sensitive code. Limit access and copied snippets, and do not assume a fixed Sentinel retention or deletion policy.
Any reported conclusion should remain traceable to its authorized evidence source. Compare scan status with the plan and available findings rather than assuming completion from one badge.
History records may come from a store or from demo data depending on the loader path; create external reports through approved organizational processes because native export behavior remains unverified. No export contract for PDF, CSV, or another downloadable report format was verified; compare scan status with the plan and available findings rather than assuming completion from one badge.
Troubleshooting
If history or status looks inconsistent, check the data path before changing the scan:
- Confirm whether records are store-backed or demo-backed.
- Compare the repository and scan identifiers with the intended assessment.
- Review the plan and scan state.
- Distinguish an empty result from an unsupported loader path.
- Check whether the record is expected to persist in the current environment.
- Use the status route to identify private-alpha limitations.
Do not rerun analysis against an unauthorized source to recreate a missing record. For internal investigation, provide safe identifiers, source type, scope, status, and exact visible error without including unnecessary repository content.
Inconsistent history is best diagnosed through data-source, scan, plan, and readiness state.
Scan status should be interpreted together with repository source, scope, plan, findings, and data provenance; check the source label before using a history entry in an operational report. Evidence references may contain sensitive repository details and require authorized access; open linked evidence only within the authorized repository context.