Limited requester
Own Billing Agent answers and constrained request status
policy-shaped1 bootstrap run
Bioness Medical Pilot
runtime verifiedcustomer gates pendingclient-pilot / bioness-medical-pilot / lightsail_single_host_pilot
Overview
Verified 2026-06-02T03:05:14.192Z
Runtime
8 services
Scheduler uses postgres_schedule_registry with bullmq_redis; 7/7 automations are active-ready and raw server cron is blocked.
Ingress
CloudFront + WAF
Stable Lightsail origin is protected by the origin verification header and direct-origin denial.
Data Plane
local_postgresql
PostgreSQL, Redis, artifacts, and parser are local to the single Lightsail host for this pilot profile.
Recovery
No backup
This pilot records cold rebuild evidence and no-restore risk acceptance instead of snapshots or managed backups.
Capacity
3 / 10 / 1
Lightsail pilot limits are 3 sync runs, 10 async runs, and 1 browser or sandbox run before upgrade review.
Observability
Postgres detail
Runtime egress trace detail returned metadata-only trace detail for trace:bioness:runtime:tool-egress-denial; customer data, raw payloads, external calls, and paid provider calls are blocked.
Identity
Shared app
Miranda uses the shared platform Entra app and Teams bot; Bioness tenant consent and group mapping remain onboarding gates.
Audit
Hash chain
Audit-critical mutation paths fail closed when local audit storage is unavailable; Object Lock exports require an upgrade.
Support
Preview gates
5 support action previews returned preview-only controls; commits, raw-payload access, customer notification delivery, compliance export, external calls, and paid provider calls remain blocked.
Model Spend
Stub only
OpenAI, Anthropic, and OpenRouter paid inference remains blocked without bounded approval evidence.
Governance
Fail closed
Scheduler create/edit/action controls return draft-only or preview-only records with confirmation, approval, readiness, and rollback gates before activation.
Deployment
Live bundle
Current c15ddf8c78c6; rollback none.
Rollout
Single pilot
Feature flags, environment pins, soak gates, and rollback manifests are Miranda-native records; second-customer rollout is blocked until soak evidence exists.
Role Home Screens
role filteredProcess owner
Billing workflow approvals, evals, and component status
onboarding gatecustomer process facts pending
Company admin
Users, roles, connector health, policy, budget, and audit summaries
onboarding gateinitial admin pending
Platform operator
Deployments, fleet health, support sessions, queues, and rollout state
verifiedruntime verified
Auditor
Audit search, approvals, policy decisions, retention, and evidence
profile riskimmutable evidence upgrade pending
| Item | Status | Owner | Evidence |
|---|---|---|---|
| billing-agent-bootstrap-allow | allowed | limited_requester | evals/billing-agent/bootstrap-cases.json |
| billing-agent-bootstrap-deny | denied | limited_requester | tooling/scripts/smoke-contracts.mjs |
| openwebui-chat-smoke | allowed | platform_operator | BIONESS-RUNTIME-DEPLOYMENT |
| browser-sandbox-policy-check | policy_ready_not_executed | platform_operator | runtime-policy:bootstrap-browser-sandbox-ready |
Costs And Model Routes
hard cap enforced- Soft warning
- $5,000 monthly
- Hard cap
- $15,000 monthly
- Per-run warning
- $10
- Per-run approval
- $100
Live provider routes remain disabled until model readiness, processor approval, budget binding, eval gate, and rollback target evidence pass.
Evidence
- Provisioning evidenceverified
- Plan execution checklistin_progress
- Runtime deployment evidenceverified
- Knowledge ingestion readinessgated
- Recovery and transaction safetybootstrap
- Sandbox runtime safetybootstrap
- Capacity planningbootstrap
- Observability, audit, and securitybootstrap
- Identity and API entrypointsbootstrap
- Connector and policy governancegated
- Release rollout and feature flagsgated
- Lifecycle and agent modelgated
- Shared skill lineagegated
- Knowledge RAG governancegated
- Memory and context governancegated