Plan to consolidate duplicated Azure functionality across the entra-servicenow and azure-foundry connectors (ARM RBAC role resolution, scope parsing, Entra Graph SP lookups, credential type detection) into a shared package.
Plan to add automated Claude-driven analysis and auto-fix of simple CI failures across the three sv0 repos, with reviewer-agent gating before human merge.
Tracks completed work (evaluator text, UI component rename, glossary), proposed next steps (UI label changes, 4-concept model adoption), and open naming decisions for execution chains and runtime c...
Sprint priority #1 plan: restructure overview, cluster-detail, and authority-path-detail surfaces to answer the three CISO questions (what happened, am I exposed, what should I do) within five seconds.
Sprint priority #2 plan: surface drift signals in a governance-conditions card (Status / Condition / Evidence) at both authority-path and cluster levels, extending the G3 backend with the Notion-spec card format.
Plan to wire execution evidence end-to-end: surface stored execution_evidence nodes via API + UI drilldown, and convert dangling ServiceNow execution refs into first-class evidence entities.
W1 Gap 1 plan: align the four exposure-aggregation endpoints (posture summary, risk-clusters, exposures list, exposure detail) with the W1 spec so the four UI pages render correct demo data.
Plan to give ServiceNow scheduled jobs that call Azure Function Apps via function-key auth a discoverable identity binding so they produce complete authority paths instead of unlinked workloads with empty execution_paths.
Plan to implement Sergey's UX feedback for the Overview page and Authority Exposure Brief: rename P0/P1/P2 to Critical/High/Moderate/Low and restructure the brief card.
Plan to harden scan safety (no automatic large soft-removals from a single suspect scan) and add connector observability after a fresh scan removed all 5 authority paths for the default tenant on 2026-02-26.
Plan to extend the azure-foundry connector to synthesize the data-plane authority chain (workload to RUNS_AS to identity to HAS_ROLE to role to GRANTS to permission to APPLIES_TO to resource) without platform-side changes.
Gap analysis comparing Sergey's Notion product updates (drift-ux, clarity, actionability, authority-paths-primer) against existing sv0 plans, with a coverage matrix and updated sprint priorities.
Plan to implement the authority-first UX correction: configuration discovery (authority paths) is the hero metric; execution proof is best-effort and labeled as observed.
Plan to migrate the custom @ai-metadata HTML-comment format to standard Obsidian YAML frontmatter, unlocking the properties panel, graph view, Dataview queries, backlinks, and tag browsing.
W1 Gap 2 plan: replace static one-size-fits-all remediation strings in evidence packs with context-aware content that names entities, roles, resources, sensitivity levels, and source systems.
W1 Gap 3 plan: enrich the scope-drift Finding Detail page so it tells the 'so what' story (which roles were added, what they grant, what changed) rather than only stating drift occurred.
Phased plan to upgrade SecurityV0 UI with enterprise-grade table capabilities, graph subgraph focus, in-context node detail inspection, and fixed graph-to-entity navigation
Plan to implement dual-mode user authentication for sv0-platform (GitHub OAuth for admins, email magic link for clients), replacing the REQUIRE_AUTH=false production bypass per ADR-012.
W1 (Wedge 1) post-demo gap analysis and sprint-priority alignment derived from Sergey's 2-3 week priorities email. Defines the G1-G6 gap workstreams.