Access and scope transparency
How clearly official material explains what the tool can read, retrieve, index, or inherit.
Maximum 20 points
Methodology · version 1.0.0
CapitalGuard separates documented controls, verified vulnerabilities, reproducible synthetic tests, and product claims. Evidence can raise a score. Marketing cannot.
Non-negotiable claim boundary
A Public-Control Score measures publicly documented control coverage. It is not a penetration test, breach rate, safety certification, endorsement, or guarantee.
Five dimensions
How clearly official material explains what the tool can read, retrieve, index, or inherit.
Maximum 20 points
How clearly users can understand and control history, training use, retention, sharing, and deletion.
Maximum 20 points
How specifically official material documents connected services, scopes, revocation, and least privilege.
Maximum 20 points
How clearly the product documents approvals, write boundaries, sandboxing, network access, and consequential actions.
Maximum 20 points
How much official material describes logs, policy enforcement, provenance, signed activity, or administrator review.
Maximum 20 points
Scoring ladder
Reviewers score the material available on the review date. Missing public evidence is recorded as missing, not guessed from product reputation.
No relevant official documentation located
Generic description with little operational detail
Named user setting or boundary with limited scope detail
Concrete controls plus meaningful operational boundaries
Detailed scope, enforcement, revocation, isolation, or audit evidence
Synthetic benchmark
The public harness verifies inert markers in a synthetic repository. It does not execute a command, exploit a vendor, contact a network, or scan customer material.
pnpm run observatory:benchmarkFixture paths are confined to fixtures/observatory/synthetic-repo.
Every marker maps to one or more CapitalGuard Standard 1.0.0 controls.
The harness computes SHA-256 digests for fixtures and the canonical run result.
A passing fixture proves harness behavior only; it does not prove a vendor product is safe.
Vendor documentation, vendor advisories, government records, recognized standards, and primary research. Secondary claims cannot establish a score alone.
Daily checks compare official-source hashes. Changes are flagged for human review; interpretations and scores remain versioned until reviewed.
Material corrections create a changelog entry, update affected records and exports, and preserve the version history instead of silently rewriting it.
Use the evidence