# Feature Specification: Governance Operator Outcome Compression

**Feature Branch**: `214-governance-outcome-compression`  
**Created**: 2026-04-19  
**Status**: Draft  
**Input**: User description: "Governance Operator Outcome Compression"

## Spec Candidate Check *(mandatory — SPEC-GATE-001)*

- **Problem**: Governance artifact surfaces still expose too many peer-level semantic axes directly to operators even after the underlying truth foundation became correct.
- **Today's failure**: Operators scanning baseline snapshots, evidence snapshots, reviews, packs, review-register rows, and related run detail still have to reconstruct three basic answers themselves: is this artifact usable, why not, and what should happen next.
- **User-visible improvement**: Governance artifact lists and details answer the primary workflow question first with one dominant operator statement, one short reason, and one next action while keeping diagnostics available behind that first read.
- **Smallest enterprise-capable version**: Apply one bounded compression layer to existing governance artifact truth and explanation inputs across the listed adoption surfaces without changing persistence, lifecycle ownership, or underlying truth semantics.
- **Explicit non-goals**: No new truth axes, no broad operations-list redesign, no global visual-polish initiative, no findings/workspace-overview rewrite, no compliance-export rewrite, and no notification-copy rewrite outside the covered artifact surfaces.
- **Permanent complexity imported**: One shared governance compression contract for primary/secondary/diagnostic rendering decisions, plus regression coverage for cross-surface consistency.
- **Why now**: Specs 156, 157, 158, and 161 established the vocabulary, translation, truth semantics, and explanation patterns; without this adoption slice the product remains semantically correct but operationally heavy on the surfaces MSP admins actually use.
- **Why not local**: The failure mode spans baseline, evidence, review, pack, register, and run-detail surfaces; local per-page copy cleanup would create diverging dialects on top of the same truth model.
- **Approval class**: Workflow Compression
- **Red flags triggered**: Cross-domain UI taxonomy risk and multi-surface rollout breadth. This remains defensible because it does not add new persisted truth, does not broaden governance scope, and is explicitly limited to compressing existing truth on established artifact surfaces.
- **Score**: Nutzen: 2 | Dringlichkeit: 2 | Scope: 2 | Komplexität: 1 | Produktnähe: 2 | Wiederverwendung: 2 | **Gesamt: 11/12**
- **Decision**: approve

## Spec Scope Fields *(mandatory)*

- **Scope**: workspace, tenant, canonical-view
- **Primary Routes**: `/admin/baseline-snapshots`, `/admin/baseline-snapshots/{record}`, `/admin/t/{tenant}/evidence`, `/admin/t/{tenant}/evidence/{snapshot}`, `/admin/t/{tenant}/reviews`, `/admin/t/{tenant}/reviews/{review}`, `/admin/t/{tenant}/review-packs`, `/admin/t/{tenant}/review-packs/{pack}`, `/admin/reviews`, `/admin/evidence/overview`, `/admin/operations/{run}` for artifact-oriented governance runs
- **Data Ownership**: Workspace-owned baseline snapshots, review-register summaries, and evidence-overview summaries remain authoritative. Tenant-owned evidence snapshots, tenant reviews, review packs, and tenant-bound governance runs remain tenant-owned. This feature changes presentation and prioritization, not ownership.
- **RBAC**: Existing workspace membership, tenant entitlement, and current view/manage capabilities for baseline, evidence, review, review-pack, and monitoring surfaces remain authoritative. No new capability is introduced by this compression slice.

For canonical-view specs, the spec MUST define:

- **Default filter behavior when tenant-context is active**: `/admin/reviews` and `/admin/evidence/overview` continue to open prefiltered to the active tenant through the existing tenant-prefilter mechanisms. Artifact-oriented Monitoring routes preserve active tenant context in related links without broadening back to all tenants implicitly.
- **Explicit entitlement checks preventing cross-tenant leakage**: Review-register rows, evidence-overview rows, artifact summary blocks, next-step hints, and run-detail links are only built after workspace membership and tenant-entitlement checks. Non-members or non-entitled viewers remain deny-as-not-found and must not learn whether another tenant has a current snapshot, review, pack, or degraded run.

- **List Surface Review Standard**: Because this feature changes Review Register, Evidence Overview, and governance-oriented list surfaces, implementation and review MUST follow `docs/product/standards/list-surface-review-checklist.md`.

## UI / Surface Guardrail Impact *(mandatory when operator-facing surfaces are changed; otherwise write `N/A`)*

| Surface / Change | Operator-facing surface change? | Native vs Custom | Shared-Family Relevance | State Layers Touched | Exception Needed? | Low-Impact / `N/A` Note |
|---|---|---|---|---|---|---|
| Baseline snapshot surfaces | yes | Native Filament + shared governance truth primitives | shared governance artifact family | list, detail | no | Workspace-scoped artifact trust compression only |
| Evidence snapshot surfaces | yes | Native Filament + shared governance truth primitives | shared governance artifact family | list, detail | no | Tenant-scoped artifact trust compression only |
| Tenant review surfaces | yes | Native Filament + shared governance truth primitives | shared governance artifact family | list, detail | no | Publication-readiness primacy clarified without new actions |
| Review pack surfaces | yes | Native Filament + shared governance truth primitives | shared governance artifact family | list, detail | no | Shareability and internal-use clarity only |
| Canonical review register | yes | Native Filament + shared governance truth primitives | shared governance artifact family | register | no | Read-only registry remains read-only |
| Evidence overview | yes | Native Filament + shared governance truth primitives | shared governance artifact family | overview | no | Read-only registry remains read-only |
| Artifact-oriented governance run detail | yes | Native Filament + existing Monitoring detail primitives | shared governance explanation family | detail | no | Scope limited to runs explaining baseline, evidence, review, or review-pack truth |

## Decision-First Surface Role *(mandatory when operator-facing surfaces are changed)*

| Surface | Decision Role | Human-in-the-loop Moment | Immediately Visible for First Decision | On-Demand Detail / Evidence | Why This Is Primary or Why Not | Workflow Alignment | Attention-load Reduction |
|---|---|---|---|---|---|---|---|
| Baseline snapshot surfaces | Secondary Context Surface | Decide whether a baseline artifact is usable for downstream comparison or review | One primary usability statement, short reason, current-vs-historical truth, next step | Item-level gaps, related run context, lower-level evidence facts | Secondary because the snapshot supports another governance decision rather than being the top-level queue itself | Follows baseline-capture and compare follow-up workflow | Removes the need to interpret several equal-weight snapshot signals before deciding whether to continue |
| Evidence snapshot surfaces | Secondary Context Surface | Decide whether evidence is trustworthy enough to reuse for review or publication work | One primary evidence-readiness statement, short reason, next step | Raw summary JSON, dimension-level freshness/completeness, linked run detail | Secondary because the snapshot supports review and publication workflows | Follows evidence capture and review preparation workflow | Replaces badge synthesis with a first-pass answer about evidence usability |
| Tenant review surfaces | Primary Decision Surface | Decide whether to publish, export, refresh, or hold a review | Primary publication/trust statement, short blocker or confidence reason, next step | Section detail, evidence basis, audit trail, related pack/run diagnostics | Primary because this is where operators decide whether a review is usable or publishable | Follows tenant governance release workflow instead of storage structure | Reduces cross-checking between review status, evidence quality, and pack state |
| Review pack surfaces | Primary Decision Surface | Decide whether a pack is ready to share, internal-only, stale, or needs regeneration | Primary shareability statement, short reason, next step | Linked review detail, pack generation context, low-level metadata | Primary because the pack is the last mile for stakeholder-facing governance output | Follows export and publication workflow | Stops downloadability from reading as automatic external-readiness |
| Canonical review register | Primary Decision Surface | Triage which tenant reviews need immediate follow-up and which are ready | One row-level outcome statement, short reason, next step, tenant scope | Tenant review detail, pack detail, filters, supporting artifact badges | Primary because it is the cross-tenant queue for review decisions | Follows portfolio review workflow, not per-tenant storage objects | Removes the need to decode several columns before identifying the next review action |
| Evidence overview | Secondary Context Surface | Identify which tenants currently have usable evidence and which need refresh | One row-level evidence-readiness statement, short reason, next step, tenant scope | Tenant evidence snapshot detail, freshness/completeness detail, filters | Secondary because it informs review and follow-up rather than being the final decision endpoint | Follows evidence-preparation workflow | Makes evidence utility scannable without row-by-row badge interpretation |
| Artifact-oriented governance run detail | Tertiary Evidence / Diagnostics Surface | Understand why a related artifact ended up trustworthy, limited, blocked, or stale after drilling in | Dominant artifact-impact statement, short reason, next step, linked artifact context | Raw run payloads, counters, provider diagnostics, multi-cause detail | Tertiary because operators usually arrive here only after a list/detail surface pointed them to deeper explanation | Follows drill-in workflow from artifact or queue surfaces | Keeps raw diagnostics available without forcing them into the first read |

## UI/UX Surface Classification *(mandatory when operator-facing surfaces are changed)*

| Surface | Action Surface Class | Surface Type | Likely Next Operator Action | Primary Inspect/Open Model | Row Click | Secondary Actions Placement | Destructive Actions Placement | Canonical Collection Route | Canonical Detail Route | Scope Signals | Canonical Noun | Critical Truth Visible by Default | Exception Type / Justification |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Baseline snapshot surfaces | List / Table / Bulk | Read-only Registry / Report Surface | Open a snapshot or decide it is not usable yet | Full-row click to immutable snapshot detail | required | Existing related links remain contextual on detail | none | `/admin/baseline-snapshots` | `/admin/baseline-snapshots/{record}` | Workspace scope, profile linkage, current-vs-historical status | Baseline snapshots / Baseline snapshot | Whether the snapshot is usable now and what follow-up is needed | none |
| Evidence snapshot surfaces | List / Table / Bulk | CRUD / List-first Resource | Open snapshot detail or refresh evidence context | Full-row click to snapshot detail | required | One `More` group for non-primary safe actions | `Expire snapshot` stays in `More` or detail header | `/admin/t/{tenant}/evidence` | `/admin/t/{tenant}/evidence/{snapshot}` | Tenant scope, freshness/completeness state, linked artifact context | Evidence / Evidence snapshot | Whether the evidence is usable now and why | none |
| Tenant review surfaces | List / Table / Bulk | CRUD / List-first Resource | Open review detail, publish, export, or refresh | Full-row click to review detail | required | One safe inline shortcut plus contextual detail actions | `Archive review` stays in the detail danger group | `/admin/t/{tenant}/reviews` | `/admin/t/{tenant}/reviews/{review}` | Tenant scope, review lifecycle, publication readiness, evidence basis | Reviews / Review | Whether the review is publishable, internal-only, blocked, or follow-up-needed | none |
| Review pack surfaces | List / Table / Bulk | CRUD / List-first Resource | Open or download the pack with the right trust expectation | Full-row click to pack detail | required | One safe inline shortcut plus contextual detail actions | `Expire` stays in overflow or detail header | `/admin/t/{tenant}/review-packs` | `/admin/t/{tenant}/review-packs/{pack}` | Tenant scope, linked review, pack state, freshness burden | Review packs / Review pack | Whether the pack is ready to share, internal-only, stale, or blocked | none |
| Canonical review register | List / Table / Bulk | Read-only Registry / Report Surface | Open the tenant review that needs attention | Full-row click to tenant review detail | required | Header `Clear filters` plus existing safe export shortcut only | none | `/admin/reviews` | `/admin/t/{tenant}/reviews/{review}` | Workspace scope, tenant-prefilter state, publication/trust summary | Reviews / Review | Which tenant reviews are ready or need action | canonical-view registry |
| Evidence overview | List / Table / Bulk | Read-only Registry / Report Surface | Open the tenant evidence snapshot that needs follow-up | Full-row click to tenant evidence detail | required | Header `Clear filters` only | none | `/admin/evidence/overview` | `/admin/t/{tenant}/evidence/{snapshot}` | Workspace scope, tenant-prefilter state, evidence readiness | Evidence / Evidence snapshot | Which tenants currently have usable evidence | canonical-view registry |
| Artifact-oriented governance run detail | Record / Detail / Edit | Detail-first Operational Surface | Inspect why the related artifact is trustworthy, limited, or blocked | Explicit run detail page | forbidden | Existing related navigation and diagnostics remain secondary | none | `/admin/operations` | `/admin/operations/{run}` | Workspace scope, tenant scope when applicable, related artifact context | Operation runs / Operation run | Dominant artifact impact and next step before raw diagnostics | canonical evidence detail |

## Operator Surface Contract *(mandatory when operator-facing surfaces are changed)*

| Surface | Primary Persona | Decision / Operator Action Supported | Surface Type | Primary Operator Question | Default-visible Information | Diagnostics-only Information | Status Dimensions Used | Mutation Scope | Primary Actions | Dangerous Actions |
|---|---|---|---|---|---|---|---|---|---|---|
| Baseline snapshot surfaces | Workspace manager | Decide whether snapshot truth is usable for downstream governance work | List/detail | Is this baseline artifact usable right now, and if not, what is the next step? | Primary usability statement, short reason, related profile, current-vs-historical status, next step | Item-level gaps, related run diagnostics, raw snapshot facts | lifecycle, usability, actionability | TenantPilot only | Open snapshot, open related record | none |
| Evidence snapshot surfaces | Tenant operator | Decide whether evidence can support review or publication work | List/detail | Is this evidence basis usable now, and why not if not? | Primary readiness statement, short reason, freshness/completeness posture, next step | Raw summary JSON, dimension-level freshness/completeness detail, run diagnostics | usability, freshness, completeness, actionability | TenantPilot only | Open snapshot, refresh evidence when already allowed | `Expire snapshot` |
| Tenant review surfaces | Tenant operator | Decide whether to publish, export, refresh, or hold a review | List/detail | Is this review ready for real use or publication, and what should happen next? | Primary publication/trust statement, blocker or confidence reason, evidence basis summary, next step | Full review sections, raw summary JSON, audit context, low-level evidence detail | lifecycle, publication readiness, freshness, completeness, actionability | TenantPilot only | Open review, export pack, refresh review, publish review where allowed | `Archive review` |
| Review pack surfaces | Tenant operator | Decide whether the pack is safe to share or needs internal-only handling | List/detail | Can this pack be shared externally, or is it only safe for internal use? | Primary shareability statement, short reason, linked review state, next step | Generation metadata, fingerprints, supporting evidence detail | lifecycle, freshness, publication readiness, actionability | TenantPilot only | Open pack, download, regenerate where allowed | `Expire` |
| Canonical review register | Workspace auditor or operator | Triage cross-tenant review work | Read-only registry | Which tenants have reviews I can trust right now, and which need follow-up? | Row-level primary outcome, short reason, next step, tenant scope | Tenant review detail, supporting artifact detail, filter state | publication readiness, freshness, completeness, actionability | none | Filter, inspect, open detail | none |
| Evidence overview | Workspace auditor or operator | Triage cross-tenant evidence readiness | Read-only registry | Which tenants already have usable evidence and which require refresh or follow-up? | Row-level primary outcome, short reason, next step, tenant scope | Tenant evidence detail, supporting freshness detail, filter state | usability, freshness, completeness, actionability | none | Filter, inspect, open detail | none |
| Artifact-oriented governance run detail | Workspace or tenant operator | Diagnose the dominant artifact-impact reason after drilling in | Detail | Why did this run leave the artifact trustworthy, limited, blocked, or stale? | Dominant artifact-impact statement, short reason, next step, linked artifact context | Raw payloads, provider diagnostics, multi-cause breakdown, counters | execution outcome, artifact usability, completeness, actionability | none | Open related artifact, inspect diagnostics | none |

## Proportionality Review *(mandatory when structural complexity is introduced)*

- **New source of truth?**: no
- **New persisted entity/table/artifact?**: no
- **New abstraction?**: yes
- **New enum/state/reason family?**: no
- **New cross-domain UI framework/taxonomy?**: yes
- **Current operator problem**: Governance artifact truth is accurate but too decomposed to scan quickly, forcing operators to assemble the answer from several adjacent status dimensions.
- **Existing structure is insufficient because**: Spec 158 defines the correct internal truth envelope and Spec 161 defines explanation patterns, but direct default rendering of those axes still leaves too many peer-level signals on artifact surfaces and allows local per-surface prominence rules to drift.
- **Narrowest correct implementation**: Add one bounded governance compression layer that consumes the existing truth, taxonomy, and explanation inputs and only decides which message is primary, secondary, or diagnostics-only on the listed artifact surfaces.
- **Ownership cost**: One shared mapping contract, one shared test vocabulary for covered artifact states, and regression coverage to keep list/detail/register/run-detail outcomes aligned.
- **Alternative intentionally rejected**: Local copy cleanup or badge hiding on each surface. That approach is cheaper short term but would recreate conflicting dialects and weaken the shared operator language promised by Specs 156, 157, 158, and 161.
- **Release truth**: Current-release truth. This is an adoption layer that makes the existing governance truth foundation operable now rather than future-proof scaffolding.

## Testing / Lane / Runtime Impact *(mandatory for runtime behavior changes)*

- **Test purpose / classification**: Feature
- **Validation lane(s)**: fast-feedback, confidence
- **Why this classification and these lanes are sufficient**: The change is proven by what operators see on existing list, detail, register, and run-detail surfaces. Focused feature tests over seeded governance artifacts are sufficient to prove the new information hierarchy without browser or heavy-governance expansion.
- **New or expanded test families**: Expanded Filament feature coverage for baseline snapshots, evidence snapshots, tenant reviews, review packs, review register, evidence overview, and artifact-oriented run detail.
- **Fixture / helper cost impact**: Moderate. Tests need reusable seeded artifact states such as trustworthy, stale, partial, internal-only, blocked, and follow-up-needed, but can reuse existing workspace, tenant, and entitlement setup.
- **Heavy-family visibility / justification**: none
- **Special surface test profile**: shared-detail-family
- **Standard-native relief or required special coverage**: Shared-detail coverage is required for artifact detail and run-detail hierarchy; list and registry surfaces remain ordinary native Filament feature coverage.
- **Reviewer handoff**: Reviewers must confirm that one primary operator statement is visible per covered artifact, that diagnostics remain secondary, that no new local badge language appears, and that the proof stays in focused feature lanes rather than expanding into browser or heavy-governance by default.
- **Budget / baseline / trend impact**: Low-to-moderate increase in feature assertions across existing governance surfaces; monitor only if shared fixtures become too broad.
- **Escalation needed**: none
- **Active feature PR close-out entry**: Guardrail
- **Planned validation commands**: `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=GovernanceOperatorOutcomeCompression`; `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=ReviewRegister`; `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=OperationRun`

## User Scenarios & Testing *(mandatory)*

### User Story 1 - Scan Artifact Surfaces Fast (Priority: P1)

A workspace or tenant operator scans governance artifact rows and needs the product to answer the primary workflow question first instead of presenting several equal-weight semantic badge columns.

**Why this priority**: This is the direct business value of the feature. If rows remain operator-heavy, the adoption slice fails even if the underlying truth and detail pages are correct.

**Independent Test**: Can be fully tested by seeding mixed baseline snapshots, evidence snapshots, review-register rows, and evidence-overview rows, opening those list surfaces, and verifying that each row presents one dominant operator outcome, one short reason, and one next step.

**Acceptance Scenarios**:

1. **Given** governance rows with mixed trustworthy, stale, partial, and blocked artifact states, **When** an operator scans the covered list and registry surfaces, **Then** each row answers the primary question first instead of exposing multiple equal-weight semantic columns.
2. **Given** a review row and a pack row where publication readiness is the main business question, **When** the operator scans them, **Then** the row states whether the artifact is publishable, internal-only, or follow-up-needed without forcing the operator to infer that from secondary badges.

---

### User Story 2 - Open Artifact Detail Without Losing Trust Meaning (Priority: P2)

A tenant operator opens an artifact detail page and needs the product to lead with outcome, short explanation, and next action before diagnostics.

**Why this priority**: Detail pages are where operators confirm whether to publish, refresh, regenerate, or hold work. If the hierarchy stays diagnostic-first, the feature does not materially reduce decision friction.

**Independent Test**: Can be fully tested by opening evidence snapshot, tenant review, review pack, and baseline snapshot detail pages for seeded current, stale, partial, and blocked artifacts and verifying that the first visible summary block is outcome-first and diagnostics remain secondary.

**Acceptance Scenarios**:

1. **Given** a tenant review is complete enough to exist but not strong enough to publish, **When** the operator opens review detail, **Then** the page leads with the publishability decision, the short reason, and the next step before any raw summary or diagnostic section.
2. **Given** an evidence snapshot is structurally complete but stale, **When** the operator opens evidence detail, **Then** the page answers whether the artifact is usable now and why, without making freshness diagnostics compete as equal first-level content.

---

### User Story 3 - Keep Run Detail and Artifact Meaning Aligned (Priority: P3)

An operator drills from an artifact surface into the related governance run detail and needs the dominant problem plus next action to stay understandable without reading raw JSON.

**Why this priority**: This is the companion adoption slice for deeper troubleshooting. It matters after list and detail compression are in place, but it is still valuable within the same bounded artifact workflow family.

**Independent Test**: Can be fully tested by opening artifact-oriented run detail for baseline, evidence, review, or review-pack runs that produced limited or blocked artifacts and verifying that the run-detail summary agrees with the related artifact's compressed outcome direction.

**Acceptance Scenarios**:

1. **Given** a governance run created a stale or partial artifact, **When** the operator opens the related run detail, **Then** the page names the dominant artifact-impact reason and next action before raw diagnostics and does not contradict the linked artifact surface.
2. **Given** a run completed technically but left an artifact unsuitable for publication or reuse, **When** the operator reviews run detail, **Then** execution success and artifact usability remain visibly separate.

### Edge Cases

- A review or pack can exist and remain downloadable while still being internal-only or follow-up-needed; compression must not let downloadability read as external-readiness.
- The same artifact can appear on a tenant detail surface and on a canonical overview/register surface; the primary compressed outcome direction must agree across both views.
- Multiple limiters can apply at once, such as stale evidence plus publication blocker; the surface must name one dominant outcome first while preserving the others in secondary detail.
- Raw diagnostics or supporting JSON can be absent or intentionally collapsed; the first-pass operator statement must still be understandable from persisted artifact truth alone.
- View-only users can see truth and next-step guidance on covered surfaces, but mutation affordances remain capability-aware and must not be implied by the compressed outcome.

## Requirements *(mandatory)*

**Constitution alignment (required):** This feature does not add Microsoft Graph calls, new writes, new scheduled work, or new queue types. It reorders and compresses existing governance artifact truth on operator-facing surfaces. Existing artifact and run observability remain authoritative.

**Constitution alignment (PROP-001 / ABSTR-001 / PERSIST-001 / STATE-001 / BLOAT-001):** The feature introduces one bounded shared abstraction for compression rules because current operator workflows need a single shared answer to which truth dimension is primary. A narrower per-page implementation is insufficient because it would reintroduce inconsistent status dialects. No new persistence or new state family is added.

**Constitution alignment (TEST-GOV-001):** Proof stays in focused feature coverage over existing artifact surfaces and run detail. No heavy-governance or browser requirement is introduced. Shared fixtures must stay explicit and limited to covered artifact truth scenarios.

**Constitution alignment (OPS-UX):** Existing `OperationRun` lifecycle rules remain unchanged. Where canonical Monitoring run detail is covered, the feature only changes the explanation hierarchy after a run already exists. No new toast, notification, or summary-count contract is introduced.

**Constitution alignment (RBAC-UX):** The feature spans the workspace-admin plane on `/admin/baseline-snapshots`, `/admin/reviews`, `/admin/evidence/overview`, and `/admin/operations/{run}` plus the tenant-admin plane on `/admin/t/{tenant}/evidence`, `/admin/t/{tenant}/reviews`, and `/admin/t/{tenant}/review-packs`. Non-members or non-entitled viewers remain `404`. In-scope members missing an existing capability remain `403` for the corresponding mutation. Server-side authorization remains authoritative for every existing action. Global search behavior remains unchanged and tenant-safe.

**Constitution alignment (OPS-EX-AUTH-001):** No `/auth/*` or synchronous identity-handshake behavior is introduced.

**Constitution alignment (BADGE-001):** Any changed badge or label emphasis on covered surfaces must continue to use existing centralized badge domains and reason translation families. This feature changes prominence and grouping, not semantic ownership.

**Constitution alignment (UI-FIL-001):** Covered admin surfaces continue to use native Filament tables, infolists, sections, and shared status primitives. Local replacement markup for status language is intentionally avoided. UI-FIL-001 is satisfied with no new exception.

**Constitution alignment (UI-NAMING-001):** The canonical nouns remain `Baseline snapshot`, `Evidence snapshot`, `Review`, `Review pack`, and `Operation run`. Existing operator verbs such as `Refresh evidence`, `Publish review`, `Export executive pack`, `Download`, and `Expire` remain unchanged. Architecture-first phrases such as `artifact truth`, `missing_input`, `metadata_only`, or `publication truth` must not dominate the primary operator summary.

**Constitution alignment (DECIDE-001):** Review register and tenant review/pack surfaces are the primary decision surfaces for this feature. Baseline and evidence artifact surfaces remain secondary context surfaces. Run detail remains tertiary evidence. Default-visible content must become calmer by making one governance case decidable in one focused context before diagnostics are opened.

**Constitution alignment (UI-CONST-001 / UI-SURF-001 / ACTSURF-001 / UI-HARD-001 / UI-EX-001 / UI-REVIEW-001 / HDR-001):** Each covered surface keeps one primary inspect model, existing navigation stays separate from mutation, secondary actions remain grouped and contextual, destructive actions remain in existing danger placements, and the canonical routes and nouns listed above remain unchanged. No new action-surface exception is introduced.

**Constitution alignment (ACTSURF-001 - action hierarchy):** The feature does not add new header, row, bulk, or workbench actions. Existing safe navigation and mutation separation remains intact. Compression must not become a reason to add explicit `View` actions where row click already owns inspection.

**Constitution alignment (OPSURF-001):** Default-visible content on covered `/admin` and `/admin/t/{tenant}/...` surfaces must be operator-first: primary artifact outcome, short reason, and next step before raw diagnostics. Execution outcome, artifact usability, freshness/completeness, and publication readiness remain separate concepts where relevant. Existing mutating actions keep their current mutation-scope communication.

**Constitution alignment (UI-SEM-001 / LAYER-001 / TEST-TRUTH-001):** Direct mapping from the canonical artifact truth envelope to default UI is insufficient because it exposes too many peer-level semantics at once. This feature adds one bounded interpretation layer for prominence rules only. It must not create a second truth source, persisted mirror, or page-local semantic wrapper. Tests must prove business consequences such as scanability, publication clarity, and list/detail agreement.

**Constitution alignment (Filament Action Surfaces):** The Action Surface Contract remains satisfied. Each affected Filament surface keeps exactly one primary inspect/open model, redundant `View` actions stay absent, empty `ActionGroup` and `BulkActionGroup` placeholders stay absent, and destructive actions keep their current confirmed placements. UI-FIL-001 is satisfied with no approved exception.

**Constitution alignment (UX-001 — Layout & Information Architecture):** Existing create/edit flows remain unchanged. Covered detail screens must continue using summary-first sections or infolists rather than disabled edit forms, status emphasis must remain badge-centralized, and list surfaces keep search, sort, and filter support on core dimensions. No UX-001 exemption is required.

### Functional Requirements

- **FR-214-001**: Covered governance artifact surfaces MUST derive a compressed operator-facing outcome from the existing artifact truth, taxonomy, reason translation, and explanation inputs without discarding any underlying semantic dimension.
- **FR-214-002**: The compressed operator outcome MUST identify exactly one primary operator statement, one short supporting reason, and one next-step category for the default-visible surface state.
- **FR-214-003**: Covered list and registry surfaces MUST stop presenting multiple equal-weight semantic outcome columns as the default mental model for a single artifact.
- **FR-214-004**: Covered detail surfaces MUST lead with primary state, explanatory reason, and next action before diagnostics, raw JSON, low-level reason trees, or renderer/support facts.
- **FR-214-005**: The same underlying artifact state MUST compress to the same decision direction across list, detail, register, overview, and review-pack surfaces that reference it.
- **FR-214-006**: Compression MUST preserve separate secondary visibility for artifact existence, freshness, completeness, usability, publication readiness, and actionability whenever those dimensions remain relevant to the operator.
- **FR-214-007**: Architecture-first labels such as `artifact truth`, `missing_input`, `metadata_only`, or `publication truth` MUST be translated or removed from the primary workflow summary on covered surfaces.
- **FR-214-008**: Tenant review and review-pack surfaces MUST explicitly communicate when publication or shareability is the primary business question and when an artifact is only suitable for internal use or follow-up.
- **FR-214-009**: Baseline snapshot and evidence snapshot surfaces MUST explicitly communicate whether the artifact is trustworthy and usable now, rather than treating low-level renderer or fidelity facts as the first operator message.
- **FR-214-010**: Artifact-oriented governance run detail MUST reuse the same compressed outcome direction as the related artifact and MUST keep execution outcome separate from resulting artifact usability.
- **FR-214-011**: Diagnostics, raw artifact context, audit context, and downstream API-visible truth MUST remain fully available after the compressed summary is applied.
- **FR-214-012**: Canonical review register and evidence overview MUST preserve tenant-prefilter continuity and entitlement safety while applying the compressed operator outcome.
- **FR-214-013**: The first implementation slice MUST cover baseline snapshot list/detail, evidence snapshot list/detail, evidence overview, tenant review list/detail, review register, review pack list/detail, and artifact-oriented governance run detail.
- **FR-214-014**: Covered surfaces MUST use existing centralized badge semantics and shared reason translation families rather than page-local status mappings.
- **FR-214-015**: The feature MUST not introduce a new persisted truth model, a new governance lifecycle state, or a new workflow action as part of compression.
- **FR-214-016**: When multiple limiters apply to one artifact, the default-visible summary MUST name the dominant operator outcome first while keeping the remaining limiters available in secondary detail.

## UI Action Matrix *(mandatory when Filament is changed)*

If this feature adds/modifies any Filament Resource / RelationManager / Page, fill out the matrix below.

For each surface, list the exact action labels, whether they are destructive (confirmation? typed confirmation?),
RBAC gating (capability + enforcement helper), whether the mutation writes an audit log, and any exemption or exception used.

| Surface | Location | Header Actions | Inspect Affordance (List/Table) | Row Actions (max 2 visible) | Bulk Actions (grouped) | Empty-State CTA(s) | View Header Actions | Create/Edit Save+Cancel | Audit log? | Notes / Exemptions |
|---|---|---|---|---|---|---|---|---|---|---|
| Baseline snapshot surfaces | `app/Filament/Resources/BaselineSnapshotResource.php` | none added | `recordUrl()` full-row click to immutable detail | `Open related record` where already present | none | none by design | `Open related record` where already present | n/a | no new audit behavior | Immutable resource behavior remains; this feature changes summary hierarchy only |
| Evidence snapshot surfaces | `app/Filament/Resources/EvidenceSnapshotResource.php` | `Create snapshot` remains | `recordUrl()` full-row click to snapshot detail | Existing safe actions, with `Expire snapshot` remaining destructive and confirmed | Existing grouped bulk actions unchanged | `Create first snapshot` remains | `Refresh evidence`, `Expire snapshot` remain | Existing create flow unchanged | existing evidence lifecycle audit remains | No new action is introduced; destructive placement unchanged |
| Tenant review surfaces | `app/Filament/Resources/TenantReviewResource.php` | `Create review` remains | `recordUrl()` full-row click to review detail | Existing safe shortcut such as `Export executive pack` remains; no new visible row action added | Existing grouped bulk actions unchanged | `Create first review` remains | `Open operation`, `View executive pack`, `View evidence snapshot`, `Refresh review`, `Publish review`, `Export executive pack`, `Create next review`, `Archive review` remain | Existing create flow unchanged | existing review lifecycle audit remains | Compression clarifies meaning, not action inventory |
| Review pack surfaces | `app/Filament/Resources/ReviewPackResource.php` | `Generate pack` remains | `recordUrl()` full-row click to pack detail | Existing safe shortcut such as `Download` remains | Existing grouped bulk actions unchanged | `Generate first pack` remains | `Download`, `Regenerate`, `Expire`, and existing related links remain | Existing create flow unchanged | existing pack lifecycle audit remains | Download remains safe action; `Expire` remains destructive and confirmed |
| Canonical review register | `app/Filament/Pages/Reviews/ReviewRegister.php` | `Clear filters` remains | `recordUrl()` full-row click to tenant review detail | Existing safe export shortcut only | none | `Clear filters` remains when relevant | n/a | n/a | no new audit behavior | Read-only registry remains read-only |
| Evidence overview | `app/Filament/Pages/Monitoring/EvidenceOverview.php` | `Clear filters` remains | Full-row click to tenant evidence detail | none | none | `Clear filters` remains when relevant | n/a | n/a | no new audit behavior | Read-only registry remains read-only |
| Artifact-oriented governance run detail | `app/Filament/Resources/OperationRunResource.php` | no new header action | Existing run-detail open remains canonical | none added | none | n/a | Existing related navigation remains | n/a | no new audit behavior | Action Surface Contract remains satisfied; explanation order changes only |

### Key Entities *(include if feature involves data)*

- **Compressed Governance Outcome**: A derived operator-facing summary for one governance artifact that identifies the dominant primary statement, short reason, and next-step direction while preserving the full underlying truth dimensions.
- **Rendering Tier Rule**: A shared decision rule that classifies existing semantic dimensions as primary operator view, secondary explanatory detail, or diagnostics-only for a covered surface family.
- **Artifact Decision Context**: The workflow-specific question a covered surface is answering, such as artifact usability, publication readiness, or shareability, which determines which existing truth dimension becomes primary.

## Assumptions & Dependencies

- Specs 156, 157, 158, and 161 remain the authoritative foundations for outcome taxonomy, reason translation, artifact truth semantics, and explanation-layer behavior.
- Existing shared governance detail templates and artifact-truth presenter surfaces already in flight can be extended rather than replaced.
- No additional governance domain, tenant dashboard, findings queue, or workspace overview surface is pulled into scope by this spec.
- Existing action labels, audit semantics, and authorization capabilities remain unchanged unless another spec explicitly changes them.

## Success Criteria *(mandatory)*

### Measurable Outcomes

- **SC-214-001**: In seeded acceptance review, an operator can determine within 10 seconds from any covered list or registry row whether the artifact is usable or publishable and what the next step is, without opening diagnostics.
- **SC-214-002**: In covered regression scenarios, 100% of paired list/detail or register/detail views for the same artifact agree on the primary decision direction, such as usable, internal-only, stale, blocked, or follow-up-needed.
- **SC-214-003**: In acceptance review across the covered detail pages, the first visible summary block communicates primary state, short reason, and next action before any raw JSON or diagnostic content in every tested stale, partial, blocked, and publishable case.
- **SC-214-004**: In release review, the covered governance artifact surfaces no longer require more than one dominant operator outcome statement per artifact in the default-visible scan layer.