Documentation

SPM is the structured, temporal, verifiable and injectable memory layer for agents and teams.

SPM turns fragmented project knowledge into governed project memory that agents can query, package, inject, harden, share, audit and reuse.

Guide index

QuickstartCreate a project, ingest memory and generate the first context pack.API modelUse project-scoped endpoints for objects, search, bundles and temporal memory.MCP and CLIExport context packs and governance records into agent workflows.Agent integrationConnect SPM to agent tools through MCP, CLI, API and context-pack handoffs.SecurityUnderstand entitlements, provenance, retention, legal holds and audit surfaces.PackagingMap SPM into Core, Team, Business, Enterprise and Marketplace offerings.

01 - quickstart

Create useful agent memory in one product flow.

Setup path

Move from tenant setup to an injectable, governed context pack without losing source, temporal layer or policy state.

7 steps

Create organization

Establish the tenant boundary for users, projects, providers, policies and audit logs.

Create project

Open a project memory workspace where SPM can preserve original, current, working and historical context.

Connect source

Attach repositories, files, docs or external systems so memory can be ingested with provenance.

Ingest memory

Normalize source material into memory objects, temporal events, tags, topics and searchable indexes.

Generate context pack

Ask SPM for a scoped, verifiable package that contains only the memory an agent needs.

Test injection

Use the pack through MCP, CLI or API and inspect how the agent receives project memory.

Share governed context

Publish or share context with entitlement tokens, safety status, source metadata and access logs.

CLI / MCP handoff

Generate a verifiable context pack.

verified

export SPM_API_URL=http://localhost:8000
export SPM_API_KEY=<api-token>
spm init --api $SPM_API_URL --project <project-id>
spm temporal state --topic release-readiness --limit 50
spm temporal context-pack create --action-name agent_handoff --topic release-readiness --tags mcp,agent
spm mcp tools --allow-tool spm_saved_searches_list --allow-tool spm_activity_recent --allow-tool spm_runs_list --json
spm launch agent-recipes --json
spm launch agent-connector-export --project-id <project-id> --agent-kind codex --api-base-url https://getspm.com --query 'current project memory for an agent handoff' --tag agent --out spm-agent-connector.zip --json
spm memory-agent maintenance run --topic release-readiness --min-confidence 0.8
spm memory-agent maintenance reviews list --status pending
spm benchmark run --max-projects 2 --json
spm benchmark run --max-projects 1 --llm-judge --llm-max-tasks 1 --json
spm benchmark runs --limit 5 --json
spm benchmark trend --limit 20 --json
spm benchmark trend --limit 20 --out spm-memory-benchmark-trend.zip
spm benchmark policy-create --name daily-evidence --schedule '0 6 * * *' --run-now --json
spm benchmark policies-run-due --limit 5 --json
spm benchmark evidence <run-id> --json
spm benchmark evidence <run-id> --out spm-memory-benchmark-evidence.zip
spm launch readiness --json
spm launch readiness-export --out spm-release-readiness.zip
spm launch operations --json
spm launch operations-export --out spm-launch-operations.zip
spm launch revenue-readiness --json
spm launch revenue-readiness-export --out spm-revenue-readiness.zip
spm launch external-evidence-room --json
spm launch external-evidence-export --out spm-external-evidence-room.zip
spm launch external-approval-record --source-label design-partner-a --approved-by design-partner-legal --reference-hash <sha256> --scope 'Reference pilot outcomes in sales conversations' --claim-level commercial_claim --public-quote --case-study --dpa-reviewed --json
spm launch external-approvals --limit 5 --json
spm launch external-approval-export <approval-id> --out spm-external-evidence-approval.zip
spm launch market-dossier --json
spm launch market-dossier-export --out spm-market-readiness-dossier.zip
spm launch restore-drill-record --environment production-staging --target spm-restore-drill-isolated-db --backup-uri s3://spm-backups/postgres/spm.sql.gz --backup-sha256 <sha256> --started-at 2026-05-19T10:00:00Z --finished-at 2026-05-19T10:12:00Z --json
spm launch restore-drills --limit 5 --json
spm launch restore-drill-export <drill-id> --out spm-restore-drill.zip
spm launch monitoring-record --environment production --base-url https://getspm.com --route slack:high:pass:ops-alerts:<fingerprint> --credential-secret-ref SPM_ALERT_WEBHOOK_URL --otel-tracing-configured --json
spm launch monitoring-evidence --limit 5 --json
spm launch monitoring-export <evidence-id> --out spm-monitoring-evidence.zip
spm launch production-probe --environment production --base-url https://getspm.com --platform self_hosted_vps --shared-host --shared-host-preflight-hash <preflight-hash> --http-port 3500 --https-port 3543 --version 2026-05-19 --json
spm launch production-record --environment production --base-url https://getspm.com --platform self_hosted_vps --http-port 3500 --https-port 3543 --version 2026-05-19 --json
spm launch production-evidence --limit 5 --json
spm launch production-export <evidence-id> --out spm-production-evidence.zip
npm run test:visual
spm launch visual-qa-record --report docs/visual-qa-report.json --environment production --premium-visual-reviewed --json
spm launch visual-qa-evidence --limit 5 --json
spm launch visual-qa-export <evidence-id> --out spm-visual-qa-evidence.zip
spm launch pilot-record --pilot-name design-partner-memory --customer-label design-partner-a --segment enterprise --use-case 'Validate temporal memory, context injection and verified context packs in an agent handoff workflow.' --criterion 'Recover original requirements without drift' --criterion 'Inject only relevant temporal context' --outcome agent_handoff_rework_reduction:pass:32:20:percent:pilot-report --sharing-validated --external-ref-label customer-approved-pilot-report --external-ref-hash <sha256> --json
spm launch pilot-evidence --limit 5 --json
spm launch pilot-validation --limit 20 --json
spm launch pilot-validation-export --out spm-pilot-validation-report.zip
spm launch pilot-export <evidence-id> --out spm-pilot-evidence.zip
spm deploy preflight --mode shared-host --host <server-ip> --identity-file ~/.ssh/id_2020_rsa --json
spm deploy shared-env --http-port 3500 --https-port 3543

The CLI and MCP flow should always end in a context pack that can be inspected, verified and injected into an agent run. Use the private Verification console, spm signing status, spm bundle verify --json and MCP tools spm_signing_status_get, spm_bundle_verify and spm_artifact_manifest_verify before trusting external handoff artifacts.

pack

hash locked

policy

checked

agent

ready

02 - memory model

SPM keeps time, topic and trust as first-class dimensions.

Requirements

Original memory

Founding constraints, requirements, project principles and non-negotiable facts that agents must keep in view.

Truth

Current state

Accepted project state, latest architecture, active policy decisions and the facts agents should treat as current.

Run context

Working memory

Task-level context for active agent work, handoffs, temporary investigations and pending decisions.

Trace

History

Decisions, derivations, superseded states, agent actions and verification events kept as a temporal audit trail.

Temporal memory

Keeps original, current, working and historical memory separate but linked.

Thematic contexts

Organizes memory by topic and tag so agents can work inside bounded domains.

Intercontext graph

Connects requirements, decisions, agents, shares, policies and events through queryable relationships.

Context packs

Builds portable, policy-checked memory packages for MCP, API, CLI and external agents.

Agent hardening

Records project policies, preflight decisions, required tests, approvals and violations around agent actions.

Governed sharing

Shares context with provenance, safety previews, entitlements, access logs and revocation.

Marketplace substrate

Lets valuable context packs become listed, licensed and distributed with source and usage controls.

03 - api model

Use project-scoped endpoints as the official SPM contract.

SurfaceMethodEndpoint

Self-serve signup

Create a trial tenant, owner account, trialing plan, onboarding state, email verification challenge and browser session for Team/Business SaaS evaluation.

POST

/v1/auth/signup

Email verification status

Inspect whether the authenticated owner email is verified and whether the latest delivery was sent, skipped or needs configuration.

GET

/v1/auth/email-verification/status

Verify email token

Consume a signed email verification token without exposing raw tokens in the database or delivery ledger.

POST

/v1/auth/email-verification/verify

Resend verification

Revoke older pending verification tokens and send a fresh SMTP-backed verification email.

POST

/v1/auth/email-verification/resend

Memory objects

Create project-scoped memory objects with schema, provenance, policy state and indexing.

POST

/v1/projects/{project_id}/objects

Hybrid search

Retrieve policy-filtered memory through hybrid, context or kind-based recall.

POST

/v1/projects/{project_id}/search

Saved searches

List reusable project recall scopes so operators and agents can repeat approved searches without rebuilding filters.

GET

/v1/projects/{project_id}/saved-searches

Bundles

Persist selected memory as a reproducible bundle with object refs and manifests.

POST

/v1/projects/{project_id}/bundles

Signing status

Read active signing key health, attestation result, algorithm and public-key fingerprint without exposing key material.

GET

/v1/signing-keys/status

Bundle verification

Verify an exported bundle ZIP by checking file hashes, bundle hash consistency, signature envelope, manifest hash and public-key fingerprint.

POST

/v1/bundles/verify

Artifact manifest verification

Verify arbitrary context-pack or handoff manifests against supplied file bytes and optional package hash before agent injection.

POST

/v1/bundles/artifact-manifest/verify

Recent activity

Read project-filtered operational activity; project-scoped API tokens are constrained to their project activity window.

GET

/v1/activity

Operational runs

List project runs with status, tags, linked bundle ids and context-pack metadata for agent handoff history.

GET

/v1/runs

Operational run detail

Read one project run and verify its bundle/context-pack linkage before reusing its memory in an agent workflow.

GET

/v1/runs/{run_id}

Temporal events

Record original, current, working or history events with topics, tags and hashes.

POST

/v1/projects/{project_id}/temporal/events

Temporal state

Compare original memory, current state, working memory and historical tail.

GET

/v1/projects/{project_id}/temporal/state

Context packs

Generate injectable memory packages for agents, MCP, CLI and API consumers.

POST

/v1/projects/{project_id}/temporal/context-pack

Graph query

Traverse topics, tags, events, supersession and related context links.

POST

/v1/projects/{project_id}/temporal/graph-query

Agent connector recipes

List hash-stable Codex, Cursor, Claude Desktop, generic MCP and direct API setup recipes with scopes, install steps, verification steps, security notes and failure modes.

GET

/v1/productization/agent-connector/recipes

Agent connector export

Create a project-scoped agent connector ZIP with one-time token delivery, MCP config, context-pack request, graph query request, agent-specific recipes and verification scripts.

POST

/v1/productization/agent-connector/export

Memory triage

Classify incoming project context with the LLM-first Memory Agent and create or queue governed memory.

POST

/v1/projects/{project_id}/memory-agent/triage

Autonomous maintenance

Consolidate, promote, summarize or review-gate stale and conflicting memory.

POST

/v1/projects/{project_id}/memory-agent/maintenance/run

Maintenance reviews

Inspect risky maintenance operations before approving or rejecting project-memory changes.

GET

/v1/projects/{project_id}/memory-agent/maintenance/reviews

Conflict inbox

List conflict-gated maintenance reviews with assignment, severity and SLA state.

GET

/v1/projects/{project_id}/memory-agent/maintenance/conflicts

Maintenance diff

Compare the proposed maintenance operation with source memories, changed fields and conflict signals.

GET

/v1/projects/{project_id}/memory-agent/maintenance/reviews/{review_id}/diff

Review assignment

Assign a gated maintenance review, set severity, attach SLA and write assignment lineage.

PATCH

/v1/projects/{project_id}/memory-agent/maintenance/reviews/{review_id}/assignment

Maintenance policies

Schedule recurring LLM-first maintenance with confidence gates, scope and hash state.

POST

/v1/projects/{project_id}/memory-agent/maintenance/policies

Hosted billing checkout

Create a Stripe-hosted checkout session with SPM quote, tax, org, plan, checkout id and verification hash metadata.

POST

/v1/billing/checkout-sessions

Billing provider webhook

Verify Stripe-Signature or SPM HMAC webhooks, then complete checkout sessions only after event metadata matches SPM session hash, amount and currency.

POST

/v1/billing/webhooks/provider

Customer billing portal

Create a short-lived Stripe Customer Portal session for the linked billing customer without storing the raw portal URL.

POST

/v1/billing/customer-portal-sessions

Billing provider readiness

Run a launch preflight across Stripe API key state, hosted checkout, Customer Portal, webhook signing secrets, redirect origin, customer binding and operational evidence without returning raw secrets.

GET

/v1/billing/provider-readiness

Release readiness

Compute the commercial launch gates across demo data, trust, deployment, docs, visual QA and billing.

GET

/v1/productization/release-readiness

Launch operations

Turn release readiness, deployment, tenant isolation, backup/restore, rollback, pilot proof and health checks into a production go-live plan with evidence hashes.

GET

/v1/productization/launch-operations

Revenue readiness

Evaluate whether paid SaaS can open by combining provider readiness, checkout conversion, signed webhook processing, invoice payment, quota enforcement and reconciliation issues.

GET

/v1/productization/revenue-readiness

Revenue readiness export

Download a hash-verifiable ZIP with revenue readiness JSON, check CSV, runbook, billing usage, provider readiness and reconciliation evidence.

GET

/v1/productization/revenue-readiness/export

External evidence room

Aggregate customer pilot proof, privacy-safe reference hashes, benchmark value, production operability, trust controls and revenue readiness into a buyer-safe market evidence room.

GET

/v1/productization/external-evidence-room

External evidence room export

Download a hash-verifiable ZIP with external evidence checks, approval ledger, runbook, pilot validation, revenue readiness, trust report and latest operational evidence files.

GET

/v1/productization/external-evidence-room/export

Record external evidence approval

Record source-approved market proof with claim levels, privacy boundary, DPA state, expiry, revocation and reference hashes instead of raw customer material.

POST

/v1/productization/external-evidence-approvals

External evidence approvals

List active, warning, expired, revoked and invalid external approvals used to gate commercial evidence-room claims.

GET

/v1/productization/external-evidence-approvals

External evidence approval export

Download a hash-verifiable approval ZIP with approval JSON, governance checks, remediation notes and manifest hashes.

GET

/v1/productization/external-evidence-approvals/{approval_id}/export

Record restore drill

Record a signed, isolated restore drill with SHA-256 verification, tenant checks, app boot evidence, sample queries and rollback rehearsal.

POST

/v1/productization/restore-drills

Restore drill history

List the latest restore drills and expose their status to release readiness, launch operations and the private deployment console.

GET

/v1/productization/restore-drills

Restore drill export

Download a hash-verifiable ZIP with restore evidence, check CSV, operator runbook and manifest hashes.

GET

/v1/productization/restore-drills/{drill_id}/export

Record monitoring evidence

Record observed health, readiness, metrics, alert delivery, on-call, runbook and secret-reference evidence without storing raw monitoring credentials.

POST

/v1/productization/monitoring-evidence

Monitoring evidence history

List the latest monitoring records and expose their status to release readiness, launch operations and the private deployment console.

GET

/v1/productization/monitoring-evidence

Monitoring evidence export

Download a hash-verifiable ZIP with monitoring evidence, alert routes, check CSV, operator runbook and manifest hashes.

GET

/v1/productization/monitoring-evidence/{evidence_id}/export

Record production evidence

Record DNS, HTTPS, private access, runtime dependencies, background jobs, secret posture and shared-host safety for the live SPM environment.

POST

/v1/productization/production-evidence

Production evidence history

List live-environment evidence records and expose their status to release readiness, launch operations and the private deployment console.

GET

/v1/productization/production-evidence

Production evidence export

Download a hash-verifiable ZIP with production environment evidence, check CSV, operator runbook and manifest hashes.

GET

/v1/productization/production-evidence/{evidence_id}/export

Record visual QA evidence

Record tenant-scoped visual QA evidence from the generated frontend report, including public/private route coverage, failing checks, screenshot targets and design-system review state.

POST

/v1/productization/visual-qa-evidence

Visual QA evidence history

List visual QA records and expose the latest hash to release readiness, launch operations and the private deployment console.

GET

/v1/productization/visual-qa-evidence

Visual QA evidence export

Download a hash-verifiable ZIP with visual QA evidence, route checks, screenshot target CSV, operator runbook and manifest hashes.

GET

/v1/productization/visual-qa-evidence/{evidence_id}/export

Record pilot evidence

Record measured customer or design-partner pilot evidence with success criteria, SPM capability validation, trust review, buyer signal and privacy-safe external reference hashes.

POST

/v1/productization/pilot-evidence

Pilot evidence history

List external market proof records and expose their status to release readiness, launch operations and the private deployment console.

GET

/v1/productization/pilot-evidence

Pilot validation report

Aggregate multiple pilot records into a scored market-claim report with capability coverage, buyer signal, governance proof and privacy-safe external references.

GET

/v1/productization/pilot-evidence/validation-report

Pilot validation export

Download a hash-verifiable ZIP with aggregate pilot validation JSON, section CSV, record CSV, capability coverage CSV, runbook and manifest hashes.

GET

/v1/productization/pilot-evidence/validation-report/export

Pilot evidence export

Download a hash-verifiable ZIP with pilot evidence, measured outcomes, checks, runbook and manifest hashes.

GET

/v1/productization/pilot-evidence/{evidence_id}/export

Market readiness dossier

Aggregate release readiness, launch operations, billing provider readiness, production evidence, visual QA, benchmarks, pilot proof and evidence freshness into one market go/no-go dossier.

GET

/v1/productization/market-readiness-dossier

Market readiness dossier export

Download a hash-verifiable ZIP with the market dossier, section CSV, evidence freshness CSV, runbook, billing readiness and latest launch evidence records.

GET

/v1/productization/market-readiness-dossier/export

Memory benchmark

Generate synthetic enterprise projects and contrast expected recall, temporal coverage, context injection, context-pack verification, graph reachability, market-baseline advantage, public feature-claim gaps and token reduction against no-memory, flat-memory, naive keyword-context and market-class agent-memory baselines, with an opt-in real LLM judge for answer correctness, citation fidelity and contradiction control.

POST

/v1/productization/memory-benchmark/run

Memory benchmark history

List persisted benchmark runs with trend, latest score, value lift, context-injection answerability and hash-verifiable history for the private dashboard.

GET

/v1/productization/memory-benchmark/runs

Memory benchmark trend guard

Turn persisted benchmark history into operational evidence with status, continuity, regression alerts, LLM-evidence continuity and recommended remediation.

GET

/v1/productization/memory-benchmark/trend-report

Memory benchmark trend export

Download a ZIP trend package with trend points, regression alerts, Markdown summary and a hash manifest for release reviews.

GET

/v1/productization/memory-benchmark/trend-report/export

Memory benchmark policies

List scheduled benchmark evidence guards with cron schedule, score floor, LLM judge mode, next run, last run hash and regression state.

GET

/v1/productization/memory-benchmark/policies

Create memory benchmark policy

Create an organization-scoped scheduled benchmark guard that can run deterministic or real-LLM evidence checks.

POST

/v1/productization/memory-benchmark/policies

Run due memory benchmark policies

Claim due benchmark policies, execute them with scheduler locking, update policy state and return trend-alert evidence.

POST

/v1/productization/memory-benchmark/policies/run-due

Memory benchmark evidence

Produce a shareable evidence report with claims, limitations, benchmark metrics, evidence level and reproducible hashes.

GET

/v1/productization/memory-benchmark/runs/{run_id}/evidence-report

Memory benchmark evidence export

Download a ZIP evidence package with JSON, Markdown, claims, limitations, run detail and a hash manifest for sales or security review.

GET

/v1/productization/memory-benchmark/runs/{run_id}/evidence-report/export

Product access request

Capture a public product access request with plan, deployment preference, urgency and privacy-preserving request signals.

POST

/v1/productization/access-requests

Access request inbox

Let owners and admins triage access requests from the private SPM console.

GET

/v1/productization/access-requests

Access request notifications

Inspect signed webhook deliveries to sales, Slack, CRM or email-gateway systems without storing raw destination URLs.

GET

/v1/productization/access-requests/notifications

Readiness export

Download a hash-verifiable ZIP with readiness, trust, deployment and visual QA evidence.

GET

/v1/productization/release-readiness/export

Launch operations export

Download a launch evidence ZIP with phases, health checks, rollback plan, trust report, deployment tenancy and manifest hashes.

GET

/v1/productization/launch-operations/export

Marketplace

Discover governed context listings with provenance, safety and entitlement state.

GET

/v1/context-marketplace/listings

04 - mcp and cli

Context packs and review gates are the handoff format for external agents.

MCP

Expose context-pack, temporal-state, graph-query, maintenance review and marketplace import operations to agent tools.

CLI

Let builders script temporal state, maintenance policies, review gates, governance records, package export and verification.

API

Keep every operation project-scoped, authenticated, reviewable and auditable for production services.

MCP tool catalog

The public docs, private setup console and CLI use one generated catalog from the MCP server source. Re-run python scripts/sync_mcp_tool_catalog.py --check before changing tools.

ae22a703fecd7f03

total

read-only

read-write

writes

ToolCategoryAccessDefault

spm_temporal_event_createtemporal_memorywritegated

spm_temporal_statetemporal_memoryreadread-only

spm_temporal_context_packtemporal_memoryreadread-only

spm_temporal_context_pack_verifytemporal_memoryverifyread-only

spm_temporal_graph_querytemporal_memoryreadread-only

spm_temporal_artifact_exporttemporal_memoryexportread-only

spm_temporal_artifact_export_packagetemporal_memoryexportread-only

spm_temporal_artifact_verify_packagetemporal_memoryverifyread-only

spm_signing_status_getartifact_verificationreadread-only

spm_bundle_verifyartifact_verificationverifyread-only

spm_artifact_manifest_verifyartifact_verificationverifyread-only

spm_temporal_share_safety_previewcontext_sharingverifyread-only

spm_temporal_share_createcontext_sharingwritegated

spm_temporal_shares_listtemporal_memoryreadread-only

spm_temporal_share_access_logscontext_sharingreadread-only

spm_temporal_share_revokecontext_sharingwritegated

Full generated catalog: docs/mcp-tool-catalog.md.

05 - agent integration

Connect agents without duplicating memory.

SPM owns the memory infrastructure while agent tools request recall, temporal state, context packs, marketplace imports and MCP exports through the official contract.

Recall

Temporal state

Context packs

Maintenance reviews

Marketplace imports

06 - security

Governance is part of the product, not a later add-on.

Self-serve trust boundary

SaaS signup issues a tenant, trial plan and owner session only after rate-limit checks and optional Turnstile verification. SPM then creates a hashed email verification token, sends it through the configured SMTP transport and records a privacy-preserving delivery ledger without storing raw recipient or subject data.

email verificationSMTP delivery ledgerTurnstile optionalforced PostgreSQL RLS

Private tenant boundary

Role and scope checks

Temporal hash chains

Context pack verification

Source provenance

Safety previews

Entitlement logs

Retention controls

Legal holds

Provider budgets

BYOK direction

Audit exports

Provider-hosted checkout

Paid SaaS plans can redirect to Stripe Checkout while SPM keeps the source of truth for quote totals, tax evidence, checkout hashes, invoice generation and entitlement activation. Provider webhooks must include spm_checkout_session_id and spm_checkout_session_hash; mismatched amount, currency or hash events are retained for reconciliation and ignored. Linked customers can also open a Stripe Customer Portal session from SPM; SPM stores only the provider session id, return URL, portal URL hash and audit metadata while returning the short-lived raw URL once. Stripe webhooks are verified with the raw request body, Stripe-Signature, endpoint signing secrets, timestamp tolerance and rotated-secret support before SPM trusts the event. The private console also exposes a provider-readiness preflight that returns pass, warning and fail checks with secret fingerprints, readiness hashes and operational evidence, never raw Stripe keys or webhook secrets.

Stripe CheckoutStripe Customer Portalprovider readiness preflightsecret fingerprintsStripe-Signaturerotated webhook secretsone-time URL deliveryamount guardhash-bound webhook

07 - packaging

Package SPM as infrastructure, SaaS and marketplace substrate.

Core Local / MCP

Builders and small agent teams

Local or small-team SPM with CLI, MCP, context packs and limited projects.

Team SaaS

Product and engineering teams

Hosted dashboard, agent workspace integrations, temporal memory, sharing and governance basics.

Business

Teams with governed agent workflows

Advanced permissions, audit logs, higher quotas, private context sharing and provider budgets.

Enterprise

Security-conscious organizations

SSO, private deployment, BYOK/data-residency direction, legal controls, SLA and support.

Marketplace

Context publishers and buyers

Listings, entitlements, licensing, access history and revenue-share-ready context distribution.

08 - deployment

Run a deployment preflight before copying code to a shared server.

Shared-host safety

The deployment CLI inspects the remote Linux host over SSH, detects existing containers and occupied ports, verifies Docker and Compose, and recommends localhost high-port bindings so SPM does not take over other apps.

preflight

spm deploy preflight --mode shared-host --host <server-ip> --identity-file ~/.ssh/id_2020_rsa --json

Treat a blocked preflight as a hard stop; treat warnings as operator work before DNS or reverse-proxy routing.