Skip to content
Reports · Contract appendix & attestation

Bind the criteria into the deal. Sign the proof at hand-over.

The contract appendix turns agreed criteria — "CAI ≥ 80, no critical CVEs" — into a binding part of the deal. At delivery, the signed attestation verifies them: commit-pinned, suppressions disclosed, issued as a verdict PDF both sides can file. Neither party can move the number — not us, not you, not the other side.

SAMPLE · DELIVERY VERIFICATION — PAYMENTS-CORE

Proof of delivery

Contract profilev3 · rubric frozen at signature
Scan#14 · commit 8c41f2e
CAI 82 ≥ floor 80pass
Security & compliance 78 ≥ 75pass
Critical CVEs 0 (ceiling 0)pass
Suppressions disclosed2

Illustrative. Issued as a signed verdict PDF. What an 80 floor is made of: every always-on lens Strong or better, no lens Critical — decomposable, not opaque.

Why it holds

A stamp with structure behind it.

Commit-pinned

The attestation names the exact commit and rubric version it verifies. Re-run the scan on that commit and it re-scores to the same number — the verdict is re-derivable, not archival.

Suppressions disclosed

Anything suppressed is listed in the artifact itself. There is no quiet way past a finding — the honesty is part of the deliverable.

Frozen rubric

The rubric is pinned at contract signature, so the bar at hand-over is the bar that was agreed — no re-negotiation, no drift, no moving goalposts.

Providers: this is your side of the overlapBuild the code and want to prove it? Scan self-serve on Watchdog while you build — then activate the contract appendix and signed attestation here to prove the delivery. Quality as your bid weapon; the hand-over stamp as the receipt.

Hand over proof, not promises.

Priced per engagement · verdict issued as a signed PDF, suppressions disclosed.