{
  "schema": "capps-access-boundary-v1",
  "status": "public-production-access-boundary-live",
  "publishedAt": "2026-06-15T14:30:00Z",
  "route": "/capps-access-boundary.html",
  "positioning": "CAPPS Access Boundary defines the public/private split: chosen public routes stay open while repository, source, private and admin paths stay closed.",
  "allowedSurface": [
    "intentional public HTML routes",
    "public-safe aggregate JSON manifests",
    "selected static assets",
    "explicit public API routes"
  ],
  "deniedSurface": [
    "dotfiles",
    "git metadata",
    "GitHub workflows",
    "package metadata",
    "deployment scripts",
    "validator source",
    "service source",
    "private books",
    "logs",
    "environment files",
    "key files",
    "admin routes without deliberate authentication"
  ],
  "liveDeniedExamples": [
    "/.git/config",
    "/.github/workflows/public-safety.yml",
    "/package.json",
    "/package-lock.json",
    "/deploy-live-public-ui.sh",
    "/validate-public-ui-hardening.js",
    "/caps-guardian-shield/README.md",
    "/private-books/",
    "/logs/"
  ],
  "hardeningGates": [
    "local public bundle exposure validation",
    "live denied-path validation",
    "public bundle sensitive-boundary validation",
    "route validation",
    "hardened header verification"
  ],
  "privacyBoundary": [
    "no private child records",
    "no raw identity records",
    "no private health records",
    "no raw message records",
    "no contact records",
    "no live location",
    "no wallet signing credentials"
  ],
  "linkedRoutes": [
    "/capps-safety-suite.html",
    "/security-review-scope.html",
    "/capps-review-sprint.html",
    "/public-data/capps-access-boundary.json"
  ]
}