METHODOLOGY · SEVEN DIMENSIONS · SEVERITY-RATED

The playbook we run.

Every audit checks the same seven dimensions. Each finding gets a severity (Critical / High / Medium / Low / Pass), an evidence link, and a paste-ready remediation prompt for the AI tool that built it. The verdict on page one — PASS / FIX / HALT — is signed by the inspector on Watch+ and Verified.

01/07 → DIM

Functional integrity

Happy path, edge cases, validation, error states.

02/07 → DIM

Security

Exposed secrets, auth, injection, headers, CVEs.

03/07 → DIM

Data layer

Schema, migrations, backups, integrity.

04/07 → DIM

Production readiness

Load, errors, observability, deployment.

05/07 → DIM

Maintainability

Code quality. Can a different developer take over?

06/07 → DIM

Hidden costs & lock-in

Uncapped APIs, vendor risk, billing exposure.

07/07 → DIM

Compliance basics

Privacy, accessibility, GDPR, terms.

// bucket 8 ("design / UX quality") is intentionally out of scope. Subjective. Dilutes rigor. Available later as an add-on if the market wants it.