SW
Back to Run Builder
Evidence vault

CMS EDE artifacts and package outputs for MarketLink.

This page is the operator view of collected evidence, run ledgers, storage boundaries, package formats, screenshots, API JSON, redaction manifests, checksums, and auditor reports.

Audit state
Evidence exists but export is blocked

87 artifacts, 38 source-row references, 14 review/blocker queue items, and 2 blocked package gates.

Runs
1
collector folders
Artifacts
87
screenshots, JSON, manifests
Source rows
38
CMS-native refs
Review queue
14
needs disposition
Package gate
blocked
not-ready-blockers-open
Review artifact explorerPackage Gate
Chain of custody

Raw capture becomes reviewed evidence, then an auditor package

The vault view keeps proof understandable: where it was captured, what CMS source it supports, whether it has been reviewed, and why it can or cannot leave ControlFrame.

Raw
87
Collector output

Private runner folders retain screenshots, JSON, traces, logs, and source sidecars.

latest run loaded
Map
38
CMS row index

Artifacts are reconciled to toolkit rows, item numbers, source files, and scenario IDs.

source indexed
Review
14
Redaction and custody

PII, PHI, tokens, screenshots, JSON, and text extracts need reviewer disposition before export.

open queue
Package
blocked
Export decision

The package gate assembles only approved evidence and disclosed blockers.

2 blocked gates
Runs
1
Collector output folders
Artifacts
87
Screenshots, JSON, extracts, manifests
Source rows
38
Framework-native evidence rows
Launcher runs
9
9 succeeded
Latest status
26/38
tests passed
Artifact explorer

Latest evidence artifacts

A CMS auditor should be able to see real artifact shape immediately: step, CMS item numbers, artifact type, checksum, and review state.

cms-ede-marketlink-application-preview-3c-2026-04-30T13-47-48-116Z
No artifact manifest was found for the latest run. Run Builder can validate, dry-run, and collect a fresh evidence folder before the vault can show screenshots, JSON, manifests, and checksums.
Storage boundary

Evidence vault repositories

ControlFrame separates raw collector output, reviewed evidence, auditor packages, and chain-of-custody metadata. CMS EDE still reads local collector folders in parts of this workflow; the production vault and object metadata spine are ready for the vault-native migration.

Demo/local workspace storage
Raw collector artifacts
raw-collector-artifacts
vault lane

Screenshots, Playwright traces, request/response JSON, logs, and source extracts captured before reviewer approval.

PNG/screenshotsJSON payloadsbrowser/API tracescollector stdout/stderr
Boundary
Private runner workspace first; production object storage after upload/finalization.
Current state
Object storage layer is implemented. CMS EDE collectors still read/write local evidence folders until vault-native finalization is completed.
Reviewed evidence
reviewed-evidence
vault lane

Artifacts approved for auditor use after redaction, checksum validation, source mapping, and reviewer disposition.

approved screenshotsapproved JSONredaction manifestreview notes
Boundary
Tenant-scoped object keys under org/project/run with SHA-256 metadata and short-lived read URLs.
Current state
Framework execution APIs persist evidence objects; CMS EDE package flow is being migrated from workspace folders into this vault.
Auditor packages
auditor-packages
vault lane

The final CMS-facing export bundle assembled only from approved evidence and open-blocker disclosures.

run manifestssource-row indexesartifact manifestchecksums
Boundary
S3-compatible encrypted object storage in production; local filesystem in demo/private-runner mode.
Current state
Exporter writes CMS package folders today; vault-native package release records are the next enterprise persistence step.
Chain-of-custody ledger
chain-of-custody-ledger
vault lane

Postgres metadata for runs, evidence objects, export objects, jobs, access logs, hashes, and reviewer gates.

audit_runsaudit_evidence_objectsaudit_export_objectsaudit_jobs
Boundary
Tenant-scoped database records plus object keys; secrets remain outside the ledger.
Current state
Implemented for production audit execution. CMS EDE runner jobs are queued in production and recorded in the durable store.
Execution ledger

CMS EDE launcher activity before artifact packaging

succeededvalidate
cms-ede-run-1777607979447-c642f6fb
May 1, 3:59 AM / 413 ms
exit 0
validate
scope: configured
persona: any
target: https://uat-marketlink.helpline.com
succeededvalidate
cms-ede-run-1777607779996-ddc0d3f5
May 1, 3:56 AM / 446 ms
exit 0
validate
scope: configured
persona: any
target: https://uat-marketlink.helpline.com
succeededvalidate
cms-ede-run-1777607682571-0f61c913
May 1, 3:54 AM / 431 ms
exit 0
validate
scope: configured
persona: any
target: https://uat-marketlink.helpline.com
succeededvalidate
cms-ede-run-1777607491371-a1fc43fa
May 1, 3:51 AM / 411 ms
exit 0
validate
scope: configured
persona: any
target: https://uat-marketlink.helpline.com
succeededvalidate
cms-ede-run-1777606843954-29e60a45
May 1, 3:40 AM / 421 ms
exit 0
validate
scope: configured
persona: any
target: https://uat-marketlink.helpline.com
succeededvalidate
cms-ede-run-1777606435564-bec15bc7
May 1, 3:33 AM / 466 ms
exit 0
validate
scope: configured
persona: any
target: https://uat-marketlink.helpline.com
Run history

Generated evidence packages

cms-ede-marketlink-application-preview-3c-2026-04-30T13-47-48-116Z

review
2026-04-30T13:49:08.860Z
Evidence workspace / cms-ede-marketlink-application-preview-3c-2026-04-30T13-47-48-116Z
26
passed
38
rows
87
artifacts
6
skipped
Export bundleView test resultsHTML report captured
Project Evidence | ControlFrame