QUILL turns public records into readable evidence trails.

The product goal is citizen clarity: show the official source, the exact evidence span, the plain-language story, the proof limit, the Atlas route, and the Sentinel review before a claim reaches the community.

Visible Sources

2 captured locally

Evidence Claims

span-backed only

Atlas Routes

why, where, what for

Community Rooms

Sentinel-routed

AUTH BOUNDARY

public GET surfaces are read-only

no claim of deployed SSO/OIDC until production identity provider, session security, and live domain probes are verified

CREDENTIAL GUARD

QUILL mutation routes reject bearer tokens, cookies, and API-key headers before persistence; public data never stores secret values

Authorization, Cookie, and API-key headers are rejected before persistence.

Rejected: authorization, cookie, x-api-key, x-openai-api-key, x-anthropic-api-key

FAILURE MODES

401 auth required · 403 role forbidden

false until Sentinel threshold and moderator review are both satisfied

Product Spine

Source Registry

•GovInfo Congressional Record: captured

•NSA FOIA Reports and Releases: captured

•FBI Vault: blocked http 403

•PACER / Court Records: owner gated

Evidence Intelligence

•2 documents with provenance

•3 exact evidence spans

•2 timeline anchors

•3 mapped entities

Citizen Reader

•Plain-language claim explanation

•What this proves / does not prove

•Official source trace

•Capture-state display

Community Trust

•Evidence-bound rooms

•Sentinel-before-amplification

•Blocked-source policy notices

•Proof-limit-first discussion

The Operating Model

QUILL is governed by source truth first. Atlas explains why each item exists and where it goes; Sentinel decides whether the evidence is strong enough for community alerting.

Truth Floor

Evidence-bound claims

No span, no public proof claim

Atlas Role

Map and explain

Why here, where next, what for

Sentinel Role

Gate amplification

Warn, route, or suppress