Developer Handover · Finverse Agentic OS

OlympiadOS — Agentic ERP Platform

A 15-phase, AI-first, event-driven operations system for Olympiad management in India. Built on Next.js 15 App Router, Supabase Postgres, and Cloudflare Workers. Covers the full lifecycle: lead CRM → school registration → finance → exam production → results → certificates. All 288 agent implementations are advisory-only; business truth lives exclusively in Supabase.

288 Agent Implementations 18 Core Groups 2268 / 2268 Tests ✓ 15 Domain Phases 9 Portals 97 Migrations 7 CF Workers

What was built

Full implementation of all 15 domain phases, 18 agent groups, 9 portals, and the trust/observability layer. All 97 Supabase migrations are written and ordered. Deployment artifacts (GitHub Actions, wrangler.toml, Vercel config) are configured. 2268 tests pass locally.

Phase 1 · Lead CRM Phase 2 · Registration Phase 3 · Finance & Accounting Phase 4 · Exam + Results + Certs Phase 5 · AI Ops Orchestration Phase 6 · Online Exam PWA Phase 7 · Academic Intelligence Phase 8 · Multi-Portal Workspace Phase 9 · Trust Control Tower Phases 10–15 · SaaS / DevSecOps / AI Control Plane

Tech stack

Layer	Technology	Purpose
Frontend	Next.js 15 App Router + TypeScript	All portals, server components, API routes
Database	Supabase Postgres (ap-south-1)	Single source of truth — all business state
Auth	Supabase Auth + MFA	Session management, role-based access, OTP MFA for staff
Storage	Supabase Storage	Registration uploads, OMR scans, certificate PDFs, payment proofs
Agents / Edge	Cloudflare Workers + Durable Objects	288 agent DO files, 270 unique CF bindings, 7 cron/queue workers, WebSocket sessions
AI	Groq (via Cloudflare AI Gateway)	Agent LLM calls — advisory only, never direct DB mutations
Hosting	Vercel	Next.js production deployment, CI/CD on push to master
Payments	Razorpay	School fee collection, webhook-verified payment confirmation
Email	Resend	Notification worker outbound email

Production gap — top blockers

The codebase is complete locally. The following must be done before the first production deployment:

✅ 1 · 97 Supabase migrations applied — DONE 2026-06-06

All 97 migrations verified on cloud project finverse-agentic-os (ref zkdargzdtwiyjtsfpwsk, ap-south-1 Mumbai). Migration 0043 schema grant verified: all 6 schemas (app_core, authz, audit, events, workflows, ops) confirm service_role and postgres usage grants active.

✅ 2 · Agent session Cloudflare Worker deployed — DONE 2026-06-06

finverse-agent-session deployed and live at https://finverse-agent-session.mail2ratnakar.workers.dev. Version 5210682a. All 270 DO bindings active. Health: {"ok":true,"agents":288}. Remaining cron workers (outbox, notification, invoice-pdf, finance-reconciliation, cert-in-alert) still require wrangler deploy.

3 · Wire CERT-In alert webhook

Set CERT_IN_ALERT_WEBHOOK to a real Slack or PagerDuty endpoint. Mandatory under IT Act §70B — 6-hour incident reporting window.

4 · Configure all production secrets

Supabase service role key, Groq API key, Razorpay production keys + webhook secret, Resend API key — in both Vercel dashboard and wrangler secret put.

5 · Verify workers/.dev.vars is not in git history

Run git log --all --full-history -- workers/.dev.vars. If it appears, rotate the exposed Groq key immediately.

Complete Agent Reference

Agent Directory

288 agent implementations across 18 core groups + 10 H-11 domains. Advisory-only: agents never mutate business truth directly. All extend BaseFinverseAgent as Cloudflare Durable Objects with SQLite state and WebSocket hibernation.

288 Implementations 18 Core + 10 H-11 Groups All Production Ready High/Critical risk tools need approval

Search & Filter

1 CRM & Lead Generation 18 agents

Covers the end-to-end school lead lifecycle for Finverse Academy Olympiad operations. 18 agents handle inbound lead normalization, reply intent classification, school health profiling, conversion opportunity scoring, follow-up plan drafting, outreach campaign design, callback slot suggestion, fuzzy canonical school matching, campaign planning, lead import validation, reply followup, registration exceptions, invoice batch readiness, school onboarding, consent audit, data minimization, outreach quality, and school profile enrichment. All agents are purely advisory — no agent mutates business truth, sends external messages, or stores primary state in Cloudflare Durable Objects.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`lead_intake_agent`	Lead Intake	`LeadIntakeAgent`	medium	Normalizes inbound school leads, computes completeness scores and dedupe keys
`reply_classification_agent`	Reply Classification	`ReplyClassificationAgent`	medium	Classifies inbound coordinator replies into 7 CRM intents with SLA priority
`school_intelligence_agent`	School Intelligence	`SchoolIntelligenceAgent`	medium	Builds intelligence profiles with reliability and conversion scores
`opportunity_scoring_agent`	Opportunity Scoring	`OpportunityScoringAgent`	medium	Scores conversion opportunity 0-100 and assigns pipeline stage
`follow_up_agent`	Follow Up	`FollowUpAgent`	medium	Drafts follow-up plans with cadence gap and template key selection
`campaign_agent`	Campaign	`CampaignAgent`	medium	Designs outreach campaign sequences with channel mix and risk controls
`meeting_scheduler_agent`	Meeting Scheduler	`MeetingSchedulerAgent`	medium	Suggests up to 3 ranked callback time slots matched to availability signals
`school_mapping_agent`	School Mapping	`SchoolMappingAgent`	medium	Fuzzy-matches imported school name variants to canonical records (up to 500)
`campaign_planning_agent`	Campaign Planning	`CampaignPlanningAgent`	medium	Designs multi-step outreach campaign sequences for registration and awareness
`lead_import_validation_agent`	Lead Import Validation	`LeadImportValidationAgent`	medium	Validates and quality-checks bulk lead imports before CRM pipeline entry
`reply_followup_agent`	Reply Followup	`ReplyFollowupAgent`	medium	Combines reply classification with follow-up plan generation for inbound replies
`registration_exception_agent`	Registration Exception	`RegistrationExceptionAgent`	medium	Triages open registration exceptions by severity with resolution priorities
`invoice_batch_readiness_agent`	Invoice Batch Readiness	`InvoiceBatchReadinessAgent`	medium	Assesses school readiness for invoice batch generation
`school_onboarding_agent`	School Onboarding	`SchoolOnboardingAgent`	medium	Guides operators through school onboarding checklist for new schools
`registration_consent_audit_agent`	Registration Consent Audit	`RegistrationConsentAuditAgent`	medium	Audits consent and data-collection basis for registration batches (DPDP)
`registration_data_minimization_agent`	Registration Data Minimization	`RegistrationDataMinimizationAgent`	medium	Identifies fields exceeding data-minimization obligations (DPDP)
`outreach_quality_agent`	Outreach Quality	`OutreachQualityAgent`	medium	Reviews outbound campaign messages for quality, tone, and compliance
`school_profile_enrichment_agent`	School Profile Enrichment	`SchoolProfileEnrichmentAgent`	medium	Enriches school CRM profiles with additional metadata and research suggestions

lead_intake_agent Lead Intake medium ✓ production

CF Worker: LeadIntakeAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Normalizes inbound school leads from operator imports, CSV uploads, or web forms by cleaning names, emails, phones, board types, and website domains. Computes a completeness score and dedupe key for each lead, segments schools into premium/standard/emerging/unknown tiers, and surfaces operator-reviewable enrichment research suggestions where data is missing.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · render_table

Outcome: CrmAgentDecision with normalized leads array, importSummary (totalLeads, averageCompletenessScore, warningCount, suggestedNextStep), webEnrichmentBoundary statement, confidenceScore, and full CrmDecisionLogShape. humanReviewRequired is true when warningCount > 0.

Guardrails: Hard-blocked list (all CRM agents): post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. No arbitrary outbound web fetch. mutatesBusinessTruth: false; externalCommunicationSent: false.

reply_classification_agent Reply Classification medium ✓ production

CF Worker: ReplyClassificationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies inbound school coordinator replies (email, WhatsApp, phone notes, web forms) into one of 7 CRM intents: interested, not_interested, need_callback, need_pricing, need_brochure, registration_sent, or unclear. Scores signal strength via keyword matching, assigns SLA priority, and recommends the next operator action.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · render_card

Outcome: CrmAgentDecision with channel, intent (7 ReplyIntent values), displayIntent, matchedSignals, nextAction, slaPriority, suggestedResponseTone, confidenceScore (0.52-0.94), and CrmDecisionLogShape.

Guardrails: Advisory-only; classification requires operator confirmation before updating CRM intent fields. mutatesBusinessTruth: false; externalCommunicationSent: false.

school_intelligence_agent School Intelligence medium ✓ production

CF Worker: SchoolIntelligenceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Builds a comprehensive intelligence profile for a specific school computing reliability score (0-100), conversion likelihood (0-100), payment behavior label, participation pattern label, and CRM risk flags from historical participation, payment, completion, certificate delivery, and reply intent data. humanReviewRequired is always forced true.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · render_card

Outcome: CrmAgentDecision with reliabilityScore (0-100), conversionLikelihood (0-100), paymentBehavior label, participationPattern label, riskFlags array, rationale array (two sentences), confidenceScore, humanReviewRequired: true.

Guardrails: humanReviewRequired forced true unconditionally. schoolId redacted in all decision log outputs. mutatesBusinessTruth: false; externalCommunicationSent: false.

opportunity_scoring_agent Opportunity Scoring medium ✓ production

CF Worker: OpportunityScoringAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores a school's conversion opportunity on a 0-100 scale and assigns a pipeline stage (hot/warm/nurture/cold) based on reply intent, reliability score, previous registrations, campaign touches, days since last touch, coordinator engagement level, and exam window urgency.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · render_card

Outcome: CrmAgentDecision with conversionScore (0-100), stage (hot/warm/nurture/cold), reasons array, recommendedAction, freshness label, confidenceScore, humanReviewRequired: true.

Guardrails: humanReviewRequired forced true — stage must be operator-reviewed before queue re-prioritization. mutatesBusinessTruth: false; externalCommunicationSent: false.

follow_up_agent Follow Up medium ✓ production

CF Worker: FollowUpAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Drafts a follow-up plan for a school lead based on reply intent, no-response count, last touch timestamp, preferred channel, and school segment. Calculates cadence gap (1-7 days), selects template key, and flags whether plan should pause for operator review. Never sends any message.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · draft_follow_up · render_card

Outcome: CrmAgentDecision with follow-up plan (recommendedAction, cadence, nextTouchAt, templateKey, pauseForReview, channel). draft_follow_up carries requiresHumanApproval: true. humanReviewRequired: true always.

Guardrails: draft_follow_up requires human approval before any message is sent. not_interested schools automatically suppressed. After 4+ no-responses, plan is paused and routed to operator review queue. mutatesBusinessTruth: false; externalCommunicationSent: false.

campaign_agent Campaign medium ✓ production

CF Worker: CampaignAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Designs outreach campaign sequences, channel mixes, target segment logic, and risk control plans for awareness, registration, payment, or reengagement goals across premium, standard, emerging, or mixed school segments. Incorporates exam window urgency, open/reply rate signals, and PII minimization rules.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · draft_follow_up · render_table

Outcome: CrmAgentDecision with targetSegmentLogic, channelMix array, 3-step sequence (each requiresApprovalBeforeSend: true), riskControls array, humanReviewRequired: true.

Guardrails: Every sequence step requiresApprovalBeforeSend: true — no message dispatched. Exclusion list (withdrawn_consent, do_not_contact, active_payment_dispute) must be applied. Student/parent PII explicitly excluded from campaign prompts. mutatesBusinessTruth: false.

meeting_scheduler_agent Meeting Scheduler medium ✓ production

CF Worker: MeetingSchedulerAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Suggests up to 3 ranked callback time slots by matching availability signals (day-of-week, start/end time, timezone, confidence) against caller preference (morning/afternoon/any) and blackout dates. Never creates calendar events, sends invites, or books meetings.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · draft_callback_schedule · render_card

Outcome: CrmAgentDecision with suggestedSlots array (up to 3, each with date/dayOfWeek/startTime/endTime/timezone/confidence/reason), fallbackAction, schedulingBoundary confirming no calendar event is created. humanReviewRequired: true.

Guardrails: No calendar event ever created. draft_callback_schedule requiresHumanApproval: true. humanReviewRequired forced true. schoolId redacted. mutatesBusinessTruth: false; externalCommunicationSent: false.

school_mapping_agent School Mapping medium ✓ production

CF Worker: SchoolMappingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Fuzzy-matches an imported school name variant to a list of canonical school records (up to 500) using Jaccard token similarity and Dice coefficient bigram matching, boosted by city and state agreement. Returns ranked list of up to 5 candidate matches. Never links or merges records directly.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · read_school_match_candidates · render_table

Outcome: CrmAgentDecision with candidateName (normalized), bestMatch object or null, topMatches (up to 5), needsHumanReview: true always, mappingBoundary statement confirming no records are linked.

Guardrails: mappingBoundary embedded in every output: agent recommends only, never links records. needsHumanReview hardcoded true. Deterministic dedupe policy must confirm no conflict before any canonical link. mutatesBusinessTruth: false; arbitraryWebFetchBlocked: true.

campaign_planning_agent Campaign Planning medium ✓ production

CF Worker: CampaignPlanningAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Designs multi-step outreach campaign sequences for school registration, awareness, payment, and re-engagement goals. Used by the operator portal (phase2 CRM) to produce structured campaign plans with channel mix, template sequencing, risk controls, and segment-targeting logic before any message is scheduled.

Tools: read_crm_leads · read_campaign_status · get_school_status · read_registration_exceptions · draft_follow_up · render_table

Outcome: Structured campaign sequence object with target-segment logic, channel mix, step-by-step template keys, risk controls, and recommendation string — all pending operator approval before any message is dispatched.

Guardrails: All campaign drafts require operator approval before send. Student and parent PII suppressed from all campaign prompts. External messages never sent by agent. Advisory output only.

lead_import_validation_agent Lead Import Validation medium ✓ production

CF Worker: LeadImportValidationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates and quality-checks bulk lead imports before they enter the CRM pipeline, identifying missing fields, formatting errors, duplicate keys, and low-confidence records. Returns a validation report with per-row warnings and a recommended next step.

Tools: read_crm_leads · get_school_status · read_registration_exceptions · render_table

Outcome: Validation report containing normalized lead rows, per-row completeness scores and warning codes, duplicate-risk flags, and recommended next step (operator_quality_review or dedupe_and_segment).

Guardrails: Advisory output only — CRM records are not written by this agent. Duplicate resolution requires confirmed human action. No arbitrary outbound web fetch performed.

reply_followup_agent Reply Followup medium ✓ production

CF Worker: ReplyFollowupAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Combines reply classification intent with follow-up plan generation for inbound school replies, producing a tailored next-touch recommendation that respects channel preference, cadence rules, and no-response chain limits. Used immediately after a reply is classified.

Tools: read_crm_leads · read_campaign_status · get_school_status · draft_follow_up · render_card

Outcome: Follow-up plan containing recommended action, cadence label, next-touch ISO timestamp, template key, channel, and pauseForReview flag — all pending operator confirmation before any outbound message is drafted or sent.

Guardrails: No external message is sent — draft only. not_interested schools are automatically suppressed from follow-up. Requires human approval before any outbound communication.

registration_exception_agent Registration Exception medium ✓ production

CF Worker: RegistrationExceptionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages open registration exceptions by severity, groups them by entity and exception type, and recommends resolution priorities and operator actions. Surfaces critical and high-severity issues that block downstream invoice and exam workflows.

Tools: read_registration_exceptions · read_crm_leads · get_school_status · render_table · render_card

Outcome: Triage report listing open exceptions grouped by severity with recommended resolution actions, blocking-status flags, and priority ordering for operator review.

Guardrails: Exception resolution performed through deterministic platform workflows, not by this agent. Advisory output only — exception status is not updated by this agent.

invoice_batch_readiness_agent Invoice Batch Readiness medium ✓ production

CF Worker: InvoiceBatchReadinessAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assesses whether a school or cohort of schools is ready for invoice batch generation by checking registration completeness, exception clearance, and payment setup. Operates at the phase2/phase3 boundary to prevent premature invoice creation.

Tools: read_crm_leads · read_registration_exceptions · get_school_status · render_table

Outcome: Per-school readiness report with invoice-batch-ready boolean, list of blockers, and recommended operator actions — all advisory, with no invoice records created by the agent.

Guardrails: Invoice creation is performed by deterministic finance services, not by this agent. Advisory output only — no financial records are written.

school_onboarding_agent School Onboarding medium ✓ production

CF Worker: SchoolOnboardingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Guides operators through the school onboarding checklist for new schools joining the Finverse Academy Olympiad platform, verifying profile data, coordinator contact, board details, and consent records are complete before school activation.

Tools: read_crm_leads · get_school_status · read_registration_exceptions · render_card · render_table

Outcome: Onboarding readiness report with per-field completion status, a list of missing or unverified data points, and recommended next step — advisory, with school activation performed through the deterministic school-status workflow.

Guardrails: School status activation is performed by deterministic services, not by this agent. Consent records must be verified by a human before proceeding.

registration_consent_audit_agent Registration Consent Audit medium ✓ production

CF Worker: RegistrationConsentAuditAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Audits the consent and data-collection basis for school registration batches, verifying that coordinator consent has been captured, that student-data collection is within declared scope, and that no consent-gated fields are populated without a valid basis. Supports DPDP Act obligations.

Tools: read_crm_leads · get_school_status · read_registration_exceptions · render_table

Outcome: Consent-audit report listing per-school consent status, non-compliant or missing consent records, and recommended operator actions — advisory only, with no consent records written by this agent.

Guardrails: Consent records are written only through service-role RPCs, not by this agent. Advisory output only — findings must be actioned by a human operator.

registration_data_minimization_agent Registration Data Minimization medium ✓ production

CF Worker: RegistrationDataMinimizationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews registration intake batches and CRM records to identify fields that exceed the minimum data necessary for Olympiad operations, flagging excessive collection of student or school data in support of DPDP Act data-minimization obligations. All findings advisory.

Tools: read_crm_leads · get_school_status · read_registration_exceptions · render_table

Outcome: Data-minimization report identifying excess fields per school or batch, with recommended operator actions — advisory only, with no data deleted or redacted by this agent.

Guardrails: Data deletion or redaction must go through approved platform workflows, not this agent. Advisory output only — human confirmation required before any data changes.

outreach_quality_agent Outreach Quality medium ✓ production

CF Worker: OutreachQualityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews outbound campaign messages and follow-up drafts for quality, tone, compliance with consent and opt-out obligations, and alignment with Finverse Academy brand guidelines before messages are approved for dispatch.

Tools: read_campaign_status · read_crm_leads · render_card · render_table

Outcome: Quality-review report with dimension scores (tone, clarity, CTA, consent-respect, opt-out presence, PII exposure), flagged issues, improvement suggestions, and overall pass/flag decision — all advisory, with message dispatch gated on human approval.

Guardrails: No message is sent by this agent — dispatch requires human approval. Student and parent PII suppressed from all quality-review prompts. Advisory output only.

school_profile_enrichment_agent School Profile Enrichment medium ✓ production

CF Worker: SchoolProfileEnrichmentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Enriches existing school CRM profiles with additional metadata derived from CRM signals, campaign responses, and supplied enrichment hints, producing operator-reviewable research plans and field-update suggestions. No enrichment is written to the database without operator confirmation.

Tools: read_crm_leads · get_school_status · read_campaign_status · render_card

Outcome: Enrichment suggestion set with per-field recommended values, confidence scores, operator-research query strings, and requiredReview: true flags — no CRM profile is updated until a human operator confirms each suggestion.

Guardrails: No arbitrary outbound web fetch — enrichment suggestions are research plans for human action. All profile updates require operator confirmation through deterministic school-update workflows. Advisory output only.

2 Registration & Ingestion 6 agents

Covers the complete student registration lifecycle from raw file ingestion through to invoice readiness. The 6 agents operate as an advisory pipeline: the parsing agent maps raw CSV/XLSX column headers to canonical fields, the deduplication agent flags probable duplicate registrations, the validation agent checks each parsed row for completeness and rule compliance, the fee calculation agent produces per-student invoice line items, the exception resolution agent triages and guides operators through individual row blockers, and the school operations agent provides a holistic school-level dashboard and conversational task interface for school coordinators. No agent writes to registration tables, merges records, or creates invoices autonomously.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`registration_parsing_agent`	Registration Parsing Agent	`RegistrationParsingAgent`	medium	Parses uploaded CSV/XLSX intake files and maps raw column headers to canonical schema fields using dice-coefficient fuzzy matching
`deduplication_assistant_agent`	Deduplication Assistant Agent	`DeduplicationAssistantAgent`	medium	Scores a candidate registration row against up to 500 existing rows to detect probable duplicate student entries
`registration_validation_agent`	Registration Validation Agent	`RegistrationValidationAgent`	medium	Validates up to 200 parsed registration rows per invocation against a fixed rule set
`fee_calculation_agent`	Fee Calculation Agent	`FeeCalculationAgent`	medium	Calculates advisory invoice line items for up to 200 students per invocation
`exception_resolution_agent`	Exception Resolution Agent	`ExceptionResolutionAgent`	medium	Triages individual registration row exceptions across 5 categories with plain-English resolution guides
`school_operations_agent`	School Operations Agent	`SchoolOperationsAgent`	medium	Provides a conversational interface and school-level registration health dashboard for school coordinators

registration_parsing_agent Registration Parsing Agent medium ✓ production

CF Worker: RegistrationParsingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Parses uploaded CSV and XLSX registration intake files and maps raw column headers to canonical schema fields (studentName, email, phone, grade, schoolName, rollNumber, subject, dob, gender, subjectCount) using dice-coefficient fuzzy matching. Scores each header mapping by confidence, identifies unmappable or low-confidence columns, and surfaces missing critical fields.

Tools: get_registration_errors · render_table

Outcome: AgentDecision (decisionType: column_mapping_suggestion) containing per-header mappings array (rawHeader, canonicalField, confidence, alternativeSuggestions), unmappedHeaders list, missingCanonicalFields list, and a mappingSummary (totalHeaders, mappedCount, unmappedCount, averageConfidence, maxRows). Sensitive text is redacted in summary.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Agent maps column headers only; no row data is mutated. All output is advisory, logged, and schema-validated.

deduplication_assistant_agent Deduplication Assistant Agent medium ✓ production

CF Worker: DeduplicationAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores a candidate registration row against up to 500 existing rows to detect probable duplicate student entries using normalized name similarity (dice-coefficient), exact email/phone matching, school name similarity, and grade confirmation. Returns confidence-ranked match candidates and a recommendation of accept, manual_review, or merge. Never merges or deletes canonical records automatically.

Tools: get_registration_errors · render_card

Outcome: AgentDecision (decisionType: duplicate_recommendation) with recommendation (accept/manual_review/merge), topMatches array (up to 5 entries with index/studentName/schoolName/confidence/matchReasons), hasDuplicate boolean, forceHumanReview flag, confidenceScore, and dedupeBoundary statement. Student names redacted in summary.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Deduplication never merges or deletes canonical registration records. forceHumanReview is set to true for any non-accept recommendation. NEVER bypass RLS.

registration_validation_agent Registration Validation Agent medium ✓ production

CF Worker: RegistrationValidationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates up to 200 parsed registration rows per invocation against a fixed rule set covering required-field completeness (studentName, grade, schoolName), numeric grade range (1-12), email format, phone format, and school name minimum length. Classifies each violation as blocker or warning and aggregates counts.

Tools: get_registration_errors · render_table

Outcome: AgentDecision (decisionType: exception_priority) with rowResults array (rowNumber, isValid, blockerCount, warningCount, errors per violation), summary object (totalRows, validRows, invalidRows, totalBlockers, totalWarnings, schoolTier), validationBoundary statement, and recommendation.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Agent classifies errors only; no rows are deleted or corrected automatically. NEVER bypass RLS.

fee_calculation_agent Fee Calculation Agent medium ✓ production

CF Worker: FeeCalculationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Calculates advisory invoice line items for up to 200 students per invocation by applying base fee per subject, school-tier discounts (emerging: 10%, premium: 5%, standard: 0%), special-category discounts (scholarship: 15%, staff_ward: 10%, sibling: 5%), a configurable operator-level discount, and an 18% tax rate by default. All outputs are recommendations only.

Tools: get_invoice_status · render_table

Outcome: AgentDecision (decisionType: payment_match_recommendation) with lineItems array (redacted studentName, subjectCount, schoolTier, specialCategory, grossFee, discountPercent, discountAmount, netFee, taxPercent, taxAmount, totalFee) and summary object (totalRows, grandTotal, totalNetFee, totalTaxAmount, totalDiscountAmount). Total discount clamped to 50% max. feeBoundary notice included.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Fee calculation outputs are recommendations only; invoice records are created by approved platform workflows after operator confirmation. NEVER bypass RLS.

exception_resolution_agent Exception Resolution Agent medium ✓ production

CF Worker: ExceptionResolutionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages individual registration row exceptions across 5 categories (missing_required_field, invalid_format, duplicate_detected, fee_mismatch, school_not_found) and produces a structured plain-English resolution guide with step-by-step coordinator instructions and a corrective action code. Flags every exception for mandatory human review.

Tools: get_registration_errors · render_card

Outcome: AgentDecision (decisionType: exception_priority) with exceptionType, rowNumber, fieldName, plainEnglishExplanation, coordinatorInstructions (4 steps), correctiveAction code, optionally a redacted suggestedValue, forceHumanReview always true, and resolutionBoundary statement. No records are corrected automatically.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always set to true for every exception. Agent provides resolution guidance only; no records are corrected automatically. suggestedValue is always redacted. NEVER bypass RLS.

school_operations_agent School Operations Agent medium ✓ production

CF Worker: SchoolOperationsAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides a conversational interface and school-level registration health dashboard for school coordinators, allowing them to complete all registration, invoicing, exam-material, and results tasks through conversation. Computes readiness status (invoice_ready, needs_validation, or blocked) from validated-student ratio and pending exception count. Exposes a broad toolset covering registration summaries, invoice management, payment initiation, answer sheet processing, results, certificates, and team management.

Tools: get_registration_summary · get_invoice_status · get_exam_materials_status · create_invite_link · send_invite_emails · get_results_summary · trigger_certificate_generation · get_invoice_download_url · initiate_payment · process_excel_registration · process_payment_receipt · process_answer_sheets · get_question_paper_download · get_answer_sheet_download · create_invigilator · get_certificate_download · get_student_ranking · get_team_members · get_exam_schedule · request_reevaluation

Outcome: AgentDecision (decisionType: school_health_score) with redacted schoolId, readiness status (invoice_ready/needs_validation/blocked), completionPercent, pendingExceptionCount, totalRegisteredStudents, validatedStudents, invoiceReadyBatches, nextSteps array, forceHumanReview flag, operationsBoundary statement.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Agent provides advisory summary only; no school state is mutated. All data scoped to the requesting school only — cross-school data access not permitted. Approval-required tools (initiate_payment, create_invigilator, trigger_certificate_generation, request_reevaluation, process_answer_sheets) must be described to coordinator before execution. NEVER bypass RLS.

3 Finance & Accounting 22 agents

Covers all finance and accounting advisory operations. 22 agents span invoice review, payment reconciliation, collections management, refund eligibility, ledger explanation, CA-level period-close review, financial health summaries, payment reminder drafting, GST/TDS advisory, credit notes, revenue forecasting, dunning sequences, bank reference validation, settlement audit, tax invoice compliance, vendor payment TDS, RBI compliance, and ledger explainability. All agents are advisory-only — they produce recommendations, confidence scores, and human-review flags but never post ledger entries, approve refunds, or send external communications.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`invoice_assistant_agent`	Invoice Assistant	`InvoiceAssistantAgent`	high	Reviews invoice line items for amount anomalies, over-billing risks, and subject-count mismatches
`payment_reconciliation_agent`	Payment Reconciliation	`PaymentReconciliationAgent`	high	Performs fuzzy matching of incoming payments against open invoice candidates
`finance_collections_agent`	Finance Collections	`FinanceCollectionsAgent`	high	Prioritises overdue school balances by computing a risk score with escalation tiers
`refund_review_agent`	Refund Review	`RefundReviewAgent`	high	Evaluates refund eligibility against the 180-day window and amount limits
`accounting_explanation_agent`	Accounting Explanation	`AccountingExplanationAgent`	high	Translates individual ledger entries into plain-English explanations
`ca_review_assistant`	CA Review Assistant	`CaReviewAssistant`	high	Summarises ledger anomaly flags, GST mismatches, and suspicious rounding for CA review
`financial_review_agent`	Financial Review	`FinancialReviewAgent`	high	Produces high-level financial health summaries for CEO-level review dashboards
`reminder_agent`	Reminder	`ReminderAgent`	high	Drafts tiered payment reminder messages based on days overdue
`payment_reconciliation_assistant`	Payment Reconciliation Assistant	`PaymentReconciliationAssistantAgent`	high	Assists finance operators in matching bank payments to outstanding invoices with UTR scoring
`finance_invoice_review_agent`	Finance Invoice Review Agent	`FinanceInvoiceReviewAgent`	high	Reviews invoice batches for over-billing risks and subject count mismatches
`finance_payment_intake_agent`	Finance Payment Intake Agent	`FinancePaymentIntakeAgent`	high	Validates and triages incoming payment records at point of intake
`finance_duplicate_payment_agent`	Finance Duplicate Payment Agent	`FinanceDuplicatePaymentAgent`	high	Detects potential duplicate payment submissions using UTR/amount/school/date signals
`finance_refund_triage_agent`	Finance Refund Triage Agent	`FinanceRefundTriageAgent`	high	Triages incoming refund requests by evaluating eligibility against policy rules
`finance_credit_note_agent`	Finance Credit Note Agent	`FinanceCreditNoteAgent`	high	Reviews and recommends credit note issuance for over-billed invoices
`finance_revenue_forecast_agent`	Finance Revenue Forecast Agent	`FinanceRevenueForecastAgent`	high	Produces short-term revenue forecast signals across base/bull/bear scenarios
`finance_dunning_agent`	Finance Dunning Agent	`FinanceDunningAgent`	high	Orchestrates multi-stage dunning sequences for overdue school accounts
`finance_bank_reference_agent`	Finance Bank Reference Agent	`FinanceBankReferenceAgent`	high	Resolves and validates bank reference numbers (UTR, NEFT/RTGS/IMPS)
`finance_settlement_audit_agent`	Finance Settlement Audit Agent	`FinanceSettlementAuditAgent`	high	Performs post-settlement audit comparing settled amounts against reconciled invoice totals
`finance_tax_invoice_agent`	Finance Tax Invoice Agent	`FinanceTaxInvoiceAgent`	high	Reviews tax invoices for GST compliance — GSTIN, applicable rate, CGST/SGST split
`finance_vendor_payment_agent`	Finance Vendor Payment Agent	`FinanceVendorPaymentAgent`	high	Reviews vendor payment requests for TDS applicability under sections 194C, 194J, 194T
`finance_rbi_compliance_agent`	Finance RBI Compliance Agent	`FinanceRbiComplianceAgent`	high	Monitors payment transactions for RBI regulatory compliance including KYC and thresholds
`finance_ledger_explainability_agent`	Finance Ledger Explainability Agent	`FinanceLedgerExplainabilityAgent`	high	Explains ledger entries, journal postings, and reconciliation decisions in plain language

invoice_assistant_agent Invoice Assistant high ✓ production

CF Worker: InvoiceAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews invoice line items for amount anomalies, over-billing risks, and subject-count mismatches. Computes a variance percentage between actual and expected invoice amounts and flags invoices where the variance exceeds 10%. Used by finance operators and ops admins before any invoice is approved.

Tools: get_invoice_status · render_card

Outcome: AgentDecision with invoice summary, variancePercent, hasAnomaly flag, confidence score (0.72 for anomaly, 0.88 for clean), humanReviewRequired=true, and approvalBoundary statement confirming the agent cannot approve invoices.

Guardrails: Hard-blocked: post_ledger_entry, approve_refunds, change_score, publish_results, revoke_certificates, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory-only: agent cannot modify invoice amounts, post ledger entries, or trigger approval workflows directly. forceHumanReview is always true. Approval roles required: ops_admin, finance_user.

payment_reconciliation_agent Payment Reconciliation high ✓ production

CF Worker: PaymentReconciliationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Performs fuzzy matching of incoming payments against open invoice candidates using amount, UTR reference, and payer-name signals. Returns ranked match candidates with per-signal scores and a composite confidence score. Used by finance operators before any ledger posting is confirmed.

Tools: get_invoice_status · render_table

Outcome: AgentDecision with top-5 ranked invoice match candidates, per-signal scores (amount 60%, UTR 30%, payer 10%), bestMatchConfidence, redacted PII flags (utrProvided, payerNameProvided), and reconciliationBoundary stating no ledger entry is performed.

finance_collections_agent Finance Collections high ✓ production

CF Worker: FinanceCollectionsAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Prioritises overdue school balances by computing a risk score from days-overdue, invoice amount, and contact-attempt history. Assigns escalation tiers (standard/elevated/critical) and recommends collection action templates for operator review. Drafts collection plans without sending any external messages.

Tools: get_invoice_status · render_card

Outcome: AgentDecision with riskScore (0-100), escalationTier (standard/elevated/critical), templateKey for recommended communication template, schoolId (redacted in logs), daysOverdue, contactAttempts, and collectionsBoundary stating that sending requires human approval.

refund_review_agent Refund Review high ✓ production

CF Worker: RefundReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates refund eligibility by checking whether the request is within the 180-day window and does not exceed the original payment amount. Produces an eligibility determination with flags for partial-refund pro-rata checks and policy exceptions.

Tools: get_invoice_status · render_card

Outcome: AgentDecision with eligible boolean, eligibilityScore (0.4 or 0.8), isPartialRefund flag, policy violation flags array, refundRequestId, amounts, daysSincePayment, and approvalBoundary confirming the agent cannot approve or process refunds.

accounting_explanation_agent Accounting Explanation high ✓ production

CF Worker: AccountingExplanationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Translates individual ledger entries into plain-English explanations for finance coordinators and auditors. Maps account codes to asset/liability/revenue/expense categories and generates a human-readable description of the entry's purpose. Never modifies ledger records.

Tools: get_invoice_status · render_card

Outcome: AgentDecision with entryId, entryType (debit/credit), amount, accountCode, accountCategory, entryDate, relatedInvoiceId, plainEnglishExplanation string, confidenceScore (0.86), and ledgerBoundary confirming no posting or modification is performed.

ca_review_assistant CA Review Assistant high ✓ production

CF Worker: CaReviewAssistant extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Summarises ledger anomaly flags, GST mismatches, and suspicious rounding patterns for a given review period to assist chartered accountants before period close. Computes anomaly rates, identifies top anomaly types by frequency, and raises priority flags for CA sign-off.

Tools: render_table · render_card

Outcome: AgentDecision with reviewPeriod, totalEntries, anomalyFlagCount, anomalyRate, gstMismatchCount, roundNumberCount, priorityFlags list, top-5 anomaly type frequency table, confidence score (0.55-0.85), and reviewBoundary stating professional sign-off is required before corrective action.

financial_review_agent Financial Review high ✓ production

CF Worker: FinancialReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Produces high-level financial health summaries for CEO-level review dashboards by comparing invoice and payment aggregates for a period, computing reconciliation gaps, and detecting duplicate-amount risks. Flags significant gaps (>5% of invoice total) and duplicate payment patterns.

Tools: get_invoice_status · render_table

Outcome: AgentDecision with reconciliationGap, gapPercent, hasSignificantGap, duplicateAmountCount, duplicateRiskScore, anomalyFlags list, confidence score (0.67-0.87), and reviewBoundary confirming no ledger corrections or payment postings are performed.

reminder_agent Reminder high ✓ production

CF Worker: ReminderAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Drafts tiered payment reminder messages for school coordinators with overdue invoices, selecting the appropriate communication template (gentle nudge through final escalation warning) based on days overdue and prior reminder history. All drafts require operator approval before outbound send.

Tools: get_invoice_status · render_card

Outcome: AgentDecision with daysOverdue, amount, schoolTier, previousReminderCount, tier (tier1-tier5), templateKey, needsHumanEscalation, isFinalEscalation, confidence score (0.72 or 0.86), and reminderBoundary confirming human approval is required before any communication is sent.

payment_reconciliation_assistant Payment Reconciliation Assistant high ✓ production

CF Worker: PaymentReconciliationAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assists finance operators in matching incoming bank payments to outstanding invoices using UTR reference, amount, payer name, and school signals. Runs fuzzy-match scoring and returns ranked invoice candidates with confidence scores. Used during daily reconciliation workflows.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Ranked list of invoice match candidates with confidence scores, match explanations, and a human-review flag. No ledger entry or payment posting is performed by the agent.

finance_invoice_review_agent Finance Invoice Review Agent high ✓ production

CF Worker: FinanceInvoiceReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews invoice batches generated for school registration cycles, comparing billed amounts against expected amounts derived from student count, subject count, and fee schedule. Flags line-item anomalies, over-billing risks, and subject count mismatches for finance_user review before invoice batches are released to schools.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Structured invoice review report with per-invoice variance, anomaly flags, confidence scores (minimum 0.85), and a mandatory human-review flag. Agent cannot approve, modify, or release invoices.

finance_payment_intake_agent Finance Payment Intake Agent high ✓ production

CF Worker: FinancePaymentIntakeAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates and triages incoming payment records at the point of intake — bank statement CSV imports, manual payment proof uploads, and payment gateway webhooks. Checks for required fields (UTR, amount, date, school reference), identifies structurally malformed or incomplete records, and queues them for operator review.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Validated payment intake report with field-level errors for invalid records, a school-match confidence score for valid records, and routing recommendations. Agent does not post or mutate payment records.

finance_duplicate_payment_agent Finance Duplicate Payment Agent high ✓ production

CF Worker: FinanceDuplicatePaymentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects potential duplicate payment submissions by comparing incoming payment records against existing payments using UTR, amount, school, and date proximity signals. Surfaces high-confidence duplicate candidates with evidence for finance operator review to prevent double-counting in reconciliation.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Duplicate detection report listing candidate duplicate payments with similarity scores and evidence. Agent does not suppress or delete any payment record.

finance_refund_triage_agent Finance Refund Triage Agent high ✓ production

CF Worker: FinanceRefundTriageAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages incoming refund requests by evaluating eligibility against policy rules: 180-day payment window, requested amount not exceeding original paid amount, and valid documented reason. Classifies requests as eligible, partial-eligible, or ineligible and routes them to the correct approval workflow.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Refund eligibility report with eligibility score, policy flags, and routing recommendation. Agent cannot approve, process, or reject refunds.

finance_credit_note_agent Finance Credit Note Agent high ✓ production

CF Worker: FinanceCreditNoteAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews and recommends credit note issuance for over-billed invoices, cancelled registrations, or fee adjustment scenarios. Validates that the credit note amount does not exceed the original invoice, checks for GST reversal requirements, and prepares a structured recommendation for finance_user approval.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Credit note recommendation with eligibility assessment, GST reversal flag, and evidence refs. Agent does not generate or post credit note documents. GST reversal flag must be reviewed by CA before period close.

finance_revenue_forecast_agent Finance Revenue Forecast Agent high ✓ production

CF Worker: FinanceRevenueForecastAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Produces short-term revenue forecast signals by analysing registration pipeline depth, historical payment conversion rates, overdue aging buckets, and current-cycle invoiced totals. Surfaces projected collection shortfalls and upside scenarios for CEO-level review dashboards. Outputs are advisory estimates and do not update any accounting record.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Revenue forecast report with scenario projections (base/bull/bear), collection gap estimates, risk flags, and confidence score. Agent cannot post revenue or modify any financial record. DCF or valuation output requires CEO confirmation before external sharing.

finance_dunning_agent Finance Dunning Agent high ✓ production

CF Worker: FinanceDunningAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Orchestrates multi-stage dunning sequences for overdue school accounts by computing escalation tier based on days overdue, contact attempt history, and school tier. Drafts graduated reminder copy (gentle to final escalation) and recommends when to route cases to legal escalation. All draft messages require operator approval.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Dunning recommendation with escalation tier, draft template key, risk score (0-100), and human-review flag. Agent does not send messages, modify invoice status, or create legal filings. School ID redacted in audit log output.

finance_bank_reference_agent Finance Bank Reference Agent high ✓ production

CF Worker: FinanceBankReferenceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Resolves and validates bank reference numbers (UTR, NEFT/RTGS/IMPS transaction IDs) against the payment intake records to confirm uniqueness and format compliance. Surfaces references that appear malformed, duplicated, or mismatched against the declared payment mode.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Bank reference validation report with per-record format compliance status, duplicate flags, and exception routing recommendations. Agent does not modify payment records. UTR and bank reference values are redacted in decision audit logs.

finance_settlement_audit_agent Finance Settlement Audit Agent high ✓ production

CF Worker: FinanceSettlementAuditAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Performs a post-settlement audit of payment batches by comparing settled amounts against reconciled invoice totals, flagging short settlements, over-settlements, and unexplained residual amounts. Packages audit evidence including payment records, invoice matches, and audit trail entries for CA review.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Settlement audit report with variance analysis, per-school settlement status, and a packaged audit evidence bundle. Agent does not post corrective entries. CA portal access is strictly read-only.

finance_tax_invoice_agent Finance Tax Invoice Agent high ✓ production

CF Worker: FinanceTaxInvoiceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews tax invoices for GST compliance — validates GSTIN presence, applicable rate (18% inclusive), CGST/SGST split accuracy, and HSN/SAC code correctness before invoices are dispatched to schools. Surfaces mismatches between computed GST and declared tax amounts for finance_user correction.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: GST compliance review report with computed vs declared tax breakdown, GSTIN validation status, and correction recommendations. Agent does not modify or dispatch tax invoices. GST computation follows acc_gst_config rules; agent never hardcodes tax rates.

finance_vendor_payment_agent Finance Vendor Payment Agent high ✓ production

CF Worker: FinanceVendorPaymentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews vendor payment requests for TDS applicability and deduction thresholds under sections 194C, 194J, and 194T before payment runs are initiated. Computes cumulative YTD vendor payments to detect threshold breaches, flags TDS shortfalls, and recommends TDS amounts for deduction.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: TDS advisory report with threshold breach status, recommended deduction amount, section applicability, and human-review flag. Agent cannot initiate vendor payments or post TDS entries. TDS thresholds are always read from acc_settings; agent never hardcodes threshold amounts.

finance_rbi_compliance_agent Finance RBI Compliance Agent high ✓ production

CF Worker: FinanceRbiComplianceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors payment transactions and collection activities for RBI regulatory compliance — digital payment mode compliance, KYC linkage checks, and large transaction reporting thresholds (e.g., cash transaction reporting above ₹10 lakh). Surfaces compliance gaps for ops_admin review.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: RBI compliance assessment report with per-transaction exception flags, severity ratings, and escalation recommendations. Agent cannot file regulatory reports or modify payment records. PII fields (KYC identifiers) subject to DPDP data minimisation.

finance_ledger_explainability_agent Finance Ledger Explainability Agent high ✓ production

CF Worker: FinanceLedgerExplainabilityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Explains ledger entries, journal postings, and reconciliation decisions in plain language for finance coordinators, school operators, and auditors. Maps account codes to categories, narrates debit/credit movements, and surfaces related invoice and payment records as cross-references.

Tools: get_invoice_status · render_card · render_table · show_timeline

Outcome: Plain-English ledger explanation with account category, entry narrative, related record cross-references, and confidence score. Agent cannot post, modify, or approve ledger entries. COA code classification is advisory; authoritative codes are determined by acc_classification_rules rules engine only.

4 Exam Production & Logistics 17 agents

Covers the end-to-end physical production and delivery pipeline for Olympiad exam materials. 17 agents span OMR sheet quantity planning, print batch manifest generation, serial-number allocation, vendor SLA management, shipment tracking, school delivery confirmation, packaging validation, freeze readiness, print order planning, vendor SLA risk, reprint exceptions, logistics minimization, warehouse dispatch readiness, production capacity planning, and delivery exception triage. All agents are advisory-only and never directly mutate OMR allocations, vendor orders, dispatch records, or packaging manifests.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`production_planning_agent`	Production Planning Agent	`ProductionPlanningAgent`	medium	Estimates OMR sheet counts, print schedules, and vendor capacity requirements
`print_batch_generation_agent`	Print Batch Generation Agent	`PrintBatchGenerationAgent`	medium	Generates print batch manifests partitioned by exam center, grade, and subject
`omr_allocation_agent`	OMR Allocation Agent	`OmrAllocationAgent`	medium	Assigns OMR serial number ranges to exam centers with overlap detection
`vendor_coordination_agent`	Vendor Coordination Agent	`VendorCoordinationAgent`	medium	Reviews vendor SLA compliance and flags at-risk print jobs for escalation
`vendor_intelligence_agent`	Vendor Intelligence Agent	`VendorIntelligenceAgent`	medium	Scores vendor reliability from SLA adherence, dispute history, and on-time delivery
`logistics_tracking_agent`	Logistics Tracking Agent	`LogisticsTrackingAgent`	medium	Monitors dispatch and transit status, flags delivery exceptions
`school_confirmation_agent`	School Confirmation Agent	`SchoolConfirmationAgent`	medium	Tracks school acknowledgment of received exam material
`packaging_manifest_agent`	Packaging Manifest Agent	`PackagingManifestAgent`	medium	Validates packaging manifests for per-center completeness
`production_freeze_readiness_agent`	Production Freeze Readiness	`ProductionFreezeReadinessAgent`	medium	Assesses whether registration and production state is safe to freeze
`print_order_planning_agent`	Print Order Planning	`PrintOrderPlanningAgent`	medium	Translates confirmed registration headcounts into print order quantities
`shipment_tracking_agent`	Shipment Tracking	`ShipmentTrackingAgent`	medium	Monitors real-time dispatch and transit status of OMR packets
`vendor_sla_risk_agent`	Vendor SLA Risk	`VendorSlaRiskAgent`	medium	Evaluates in-flight production batches against contracted vendor SLA deadlines
`reprint_exception_agent`	Reprint Exception	`ReprintExceptionAgent`	medium	Triages incoming reprint exception requests by validating justification and capacity
`logistics_minimization_agent`	Logistics Minimization	`LogisticsMinimizationAgent`	medium	Recommends optimized dispatch routing and batching strategies
`warehouse_dispatch_agent`	Warehouse Dispatch	`WarehouseDispatchAgent`	medium	Monitors readiness of the warehouse dispatch queue
`production_capacity_agent`	Production Capacity	`ProductionCapacityAgent`	medium	Estimates available print and packaging capacity across registered vendors
`delivery_exception_agent`	Delivery Exception	`DeliveryExceptionAgent`	medium	Detects and triages delivery exceptions — overdue, count mismatch, damaged

production_planning_agent Production Planning Agent medium ✓ production

CF Worker: ProductionPlanningAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Estimates OMR sheet counts, print schedules, and vendor capacity requirements from registration headcounts and center allocations. Produces a regional batch plan with recommended print volumes and sequencing notes. Used by ops_admin and exam_ops roles before committing any print orders.

Tools: get_production_batch_status · get_vendor_delay_report · get_shipment_tracker · get_omr_intake_status · get_attendance_mismatches · get_evaluation_progress · freeze_registrations · approve_emergency_reprint · assign_vendor · confirm_shipment_delivery · read_exam_status · render_table

Outcome: AgentDecision (decisionType: orchestration_intent) with totalSheets, bufferQuantity, per-region batch recommendations, totalRecommendedBatches, sequencingNote, planBoundary caveat, confidenceScore (0.77-0.82), and human-review flag. freeze_registrations (critical) and approve_emergency_reprint (high) require Approval gate before execution.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory; vendor and center identifiers are redacted in decision logs via redactSensitiveText. No mutation tools registered unless noted. Plan/manifest/recommendation outputs require ops_admin approval before action.

print_batch_generation_agent Print Batch Generation Agent medium ✓ production

CF Worker: PrintBatchGenerationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates print batch manifests partitioned by exam center (school), grade, and subject with per-school OMR sheet counts and barcode range assignments. Takes batchId, list of schools with student counts and subjects, OMR sheets per student, and spare-sheet percentage to produce packaging instructions for each school.

Tools: read_exam_status · render_table

Outcome: AgentDecision (decisionType: orchestration_intent) with per-school manifest list (schoolId, studentCount, subjects, spareSheets, totalSheetsForSchool, packagingInstruction), batch summary (schoolCount, totalSheets), manifestBoundary caveat, confidenceScore (0.85). Vendor print commitment requires separate ops_admin approval.

omr_allocation_agent OMR Allocation Agent medium ✓ production

CF Worker: OmrAllocationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assigns OMR serial number ranges to exam centers with overlap detection and allocation conflict flagging. Accepts a batch of school allocations with student counts, a starting serial number, and any existing allocation ranges to check against, then proposes non-overlapping serial ranges.

Tools: read_exam_status · render_table

Outcome: AgentDecision (decisionType: anomaly_detection) with proposedAllocations list, duplicateDetected boolean, conflicts array, totalSerialsProposed, allocationBoundary caveat. confidenceScore 0.55 if duplicate detected, 0.88 otherwise. Writing allocations to the database requires an approved deterministic workflow.

vendor_coordination_agent Vendor Coordination Agent medium ✓ production

CF Worker: VendorCoordinationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews vendor SLA compliance against contracted timelines and flags at-risk print or packaging jobs for escalation. Accepts vendor ID, task type, days to deadline, order quantity, and current status to generate a draft communication and urgency classification. Exam_ops operators must review and approve the draft before any message is sent.

Tools: draft_email · render_card

Outcome: AgentDecision (decisionType: communication_draft) with vendorId, taskType, urgencyScore (critical/high/normal), slaRisk (high/medium), draftCommunication (subject, body, requiresOperatorApprovalBeforeSend flag), commercialTermsBoundary caveat. The operator must approve before any communication is dispatched.

vendor_intelligence_agent Vendor Intelligence Agent medium ✓ production

CF Worker: VendorIntelligenceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores vendor reliability from SLA adherence, dispute history, and on-time delivery records to surface procurement risk. Computes a delay risk score and reprint risk score from historical on-time rate, defect rate, order size, days to deadline, and previous delays, then classifies the vendor as low/medium/high risk.

Tools: read_exam_status · render_card

Outcome: AgentDecision (decisionType: vendor_risk_score) with vendorId, delayRiskScore (0-100), reprintRiskScore (0-100), prediction (low/medium/high_risk), factor breakdown, predictionBoundary caveat. Vendor decisions require ops_admin approval.

logistics_tracking_agent Logistics Tracking Agent medium ✓ production

CF Worker: LogisticsTrackingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors dispatch and transit status across exam centers, flags delivery exceptions, and recommends follow-up actions. Computes an impact score and escalation level (critical/high/medium) from student count and days to exam. autoEscalate=true if status is delayed or exception.

Tools: read_exam_status · render_card · escalate_conversation

Outcome: AgentDecision (decisionType: exception_priority) with shipmentId, schoolId, currentStatus, impactScore, escalationLevel, autoEscalate flag, trackingBoundary caveat. escalate_conversation tool requires operator confirmation before action. Actual rerouting or vendor reorder requires an approved ops workflow.

school_confirmation_agent School Confirmation Agent medium ✓ production

CF Worker: SchoolConfirmationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Tracks school acknowledgment of received exam material and flags missing confirmations before the exam window. Classifies delivery status as confirmed, partial, or missing and enumerates exception types. Used by exam_ops to trigger re-dispatch or exception workflows when discrepancies are detected.

Tools: read_exam_status · render_card · escalate_conversation

Outcome: AgentDecision with deliveryStatus (confirmed/partial/missing), packagesExpected/Received, missingPackages, omrSheetsExpected/Received, omrShortfall, damagedCount, hasException, exceptionTypes list, confirmationBoundary caveat. Actual logistics record updates require an approved update workflow.

packaging_manifest_agent Packaging Manifest Agent medium ✓ production

CF Worker: PackagingManifestAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates packaging manifests for per-center completeness and flags missing or surplus item counts. Produces a complete per-school package manifest with contents, extras, and labeling instructions for exam_ops and warehouse operators before initiating packing at the fulfillment center.

Tools: read_exam_status · render_table

Outcome: AgentDecision with per-school package list (schoolId, studentCount, subjectNames, spareSheets, contents with omrSheets per subject, extras, totalItemCount, packagingLabel), batch summary, manifestBoundary caveat, confidenceScore (0.86). Actual warehouse packing must be initiated through an approved ops workflow.

production_freeze_readiness_agent Production Freeze Readiness medium ✓ production

CF Worker: ProductionFreezeReadinessAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assesses whether the current registration and production state is safe to freeze for print-run finalization. Checks that registration batches are reconciled, payment statuses confirmed, and no open exceptions would invalidate a freeze. Does not execute the freeze itself — that requires a separate critical-risk approval gate.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Freeze-readiness advisory report with a pass/fail verdict, list of blocking items, and recommended next action for the ops_admin approval workflow.

print_order_planning_agent Print Order Planning medium ✓ production

CF Worker: PrintOrderPlanningAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Translates confirmed registration headcounts and center allocation data into print order quantities per grade, subject, and region. Used by the Operator portal in phase3 to generate the input manifest that vendors use to begin printing, ensuring buffer quantities and wastage margins are correctly factored.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Structured print order manifest with per-center, per-subject quantities including buffer margins — advisory payload ready for ops_admin approval. Buffer and wastage percentages are read from configuration; never hardcoded.

shipment_tracking_agent Shipment Tracking medium ✓ production

CF Worker: ShipmentTrackingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors the real-time dispatch and transit status of OMR packets across all exam centers, surfacing delayed or missing shipments requiring follow-up. Provides a consolidated view of which packets have been dispatched, are in transit, have been received, or are exceptions.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Shipment status dashboard payload grouped by status and region, with overdue packets flagged and escalation recommendations attached. Delivery confirmation uses the deterministic confirm_shipment_delivery tool.

vendor_sla_risk_agent Vendor SLA Risk medium ✓ production

CF Worker: VendorSlaRiskAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates in-flight production batches against contracted vendor SLA deadlines, computing risk scores for each batch based on remaining time and historical vendor delay patterns. Proactively surfaces batches at risk of breaching their planned dispatch date.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Ranked SLA risk report for in-flight production batches with breach probability scores and escalation recommendations. Does not reschedule or reassign batches.

reprint_exception_agent Reprint Exception medium ✓ production

CF Worker: ReprintExceptionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages incoming reprint exception requests by validating the justification, checking available production capacity, and recommending whether to approve or reject the emergency reprint workflow. The agent surfaces a recommendation that ops_admin must confirm before the approve_emergency_reprint approval gate is triggered.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Triage recommendation (approve/reject/escalate) for the reprint exception request, with supporting evidence and a confidence score, returned for ops_admin review. Duplicate reprint requests for the same batch are flagged and blocked.

logistics_minimization_agent Logistics Minimization medium ✓ production

CF Worker: LogisticsMinimizationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends optimized dispatch routing and batching strategies to minimize logistics cost and transit time across exam centers. Consolidates shipments, selects cost-effective carriers, and flags sub-optimal dispatch sequences before the warehouse releases packets.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Optimized dispatch routing plan with carrier recommendations, consolidation opportunities, and estimated cost savings — advisory payload for ops_admin confirmation. Cost and carrier data are estimates; final logistics decisions require ops_admin confirmation.

warehouse_dispatch_agent Warehouse Dispatch medium ✓ production

CF Worker: WarehouseDispatchAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors the readiness of the warehouse dispatch queue, verifying that all packets scheduled for dispatch have correct manifest data, assigned carriers, and no open exceptions before release. Provides a pre-dispatch checklist view surfacing packets that are not ready to leave the warehouse.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Dispatch readiness checklist with packets partitioned into ready and blocked states, including reason codes and resolution guidance for blocked items. Does not update omr_packets dispatch status — that is reserved for the deterministic confirm_shipment_delivery tool.

production_capacity_agent Production Capacity medium ✓ production

CF Worker: ProductionCapacityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Estimates available print and packaging capacity across registered vendors for the upcoming exam cycle and flags potential shortfalls relative to the projected print order volume. Computes committed versus available capacity per vendor to flag shortfalls by region or subject.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Vendor capacity utilization report with committed vs. available capacity per vendor, shortfall flags by region, and recommended reallocation or additional vendor engagement actions. Vendor capacity figures are estimates based on configured throughput.

delivery_exception_agent Delivery Exception medium ✓ production

CF Worker: DeliveryExceptionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects and triages delivery exceptions — packets not received within their SLA window, packets received with incorrect counts, or packets flagged as damaged — and recommends resolution actions including escalation, reshipment, or reprint. Provides a single view of all delivery anomalies.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Delivery exception triage report with all open anomalies classified by type (overdue, count_mismatch, damaged, or undelivered) and severity, including resolution recommendations and links to the appropriate deterministic approval workflows. Minimum confidence 0.75 before classifying a delivery exception as critical.

5 Exam Execution & Evaluation 24 agents

Covers the end-to-end operational chain from live exam day through OMR return, scan ingestion, evaluation pipeline, result integrity, and post-result corrections. 24 agents work sequentially through exam monitoring, attendance reconciliation, reverse logistics, OMR intake, scan quality, evaluation coordination, result integrity, score override, reevaluation, OMR evaluation submission, session planning, center readiness, scan intake, barcode mismatch, evaluation quality, score anomaly, publication readiness, certificate distribution, reevaluation triage, incident management, control tower, offline exam sync, result reporting, and holistic integrity audit. Every agent is advisory-only.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`exam_monitoring_agent`	Exam Monitoring Agent	`ExamMonitoringAgent`	high	Monitors live exam session health tracking attendance submission and OMR packet return rates
`attendance_reconciliation_agent`	Attendance Reconciliation Agent	`AttendanceReconciliationAgent`	high	Reconciles expected vs. actual attendance and OMR sheet counts for a specific school
`reverse_logistics_agent`	Reverse Logistics Agent	`ReverseLogisticsAgent`	high	Tracks the return shipment of OMR answer-script packets from exam centers to evaluation hubs
`omr_intake_agent`	OMR Intake Agent	`OmrIntakeAgent`	high	Validates OMR scan ingestion completeness by comparing received packet and sheet counts
`scan_quality_agent`	Scan Quality Agent	`ScanQualityAgent`	high	Assesses OMR scan image quality by measuring defect rates across unreadable, folded, partial-bubbling categories
`evaluation_coordination_agent`	Evaluation Coordination Agent	`EvaluationCoordinationAgent`	high	Monitors evaluation batch progress computing throughput rate, remaining sheets, and SLA risk
`result_integrity_agent`	Result Integrity Agent	`ResultIntegrityAgent`	high	Checks result dataset completeness and integrity before publication readiness is declared
`score_override_assistant`	Score Override Assistant	`ScoreOverrideAssistant`	high	Reviews score override requests against policy bounds, computing score delta and documentation requirements
`exam_reevaluation_agent`	Exam Reevaluation Agent	`ExamReevaluationAgent`	high	Triages reevaluation applications by eligibility criteria and recommends processing priority
`omr_evaluation_submission_agent`	OMR Evaluation Submission Agent	`OmrEvaluationSubmissionAgent`	high	Validates OMR evaluation CSV submission metadata — line counts, match rates, unmatched and duplicate counts
`exam_session_planning_agent`	Exam Session Planning Agent	`ExamSessionPlanningAgent`	high	Plans and validates exam session schedules across registered centers for a given exam cycle
`exam_center_readiness_agent`	Exam Center Readiness Agent	`ExamCenterReadinessAgent`	high	Assesses operational readiness of each exam center prior to session day
`omr_scan_intake_agent`	OMR Scan Intake Agent	`OmrScanIntakeAgent`	high	Validates completeness and integrity of OMR scan batches at point of intake
`barcode_mismatch_agent`	Barcode Mismatch Agent	`BarcodeMismatchAgent`	high	Detects and classifies OMR barcode mismatches between scanned sheets and the allocation manifest
`evaluation_quality_agent`	Evaluation Quality Agent	`EvaluationQualityAgent`	high	Monitors and assesses the quality of the evaluation process by analysing evaluator consistency
`score_anomaly_agent`	Score Anomaly Agent	`ScoreAnomalyAgent`	high	Detects statistical anomalies in score distributions across subjects, centers, and cohorts
`result_publication_readiness_agent`	Result Publication Readiness Agent	`ResultPublicationReadinessAgent`	high	Performs a comprehensive pre-publication readiness check across all gating criteria
`certificate_distribution_agent`	Certificate Distribution Agent	`CertificateDistributionAgent`	high	Monitors and validates the distribution pipeline for generated certificates
`reevaluation_triage_agent`	Reevaluation Triage Agent	`ReevaluationTriageAgent`	high	Triages incoming reevaluation applications by eligibility, reason type, and SLA priority
`exam_incident_agent`	Exam Incident Agent	`ExamIncidentAgent`	high	Captures, classifies, and prioritises exam-day incident reports from invigilators
`exam_control_tower_agent`	Exam Control Tower Agent	`ExamControlTowerAgent`	high	Serves as the central aggregation and prioritisation layer for all live exam day signals
`offline_exam_worker_agent`	Offline Exam Worker Agent	`OfflineExamWorkerAgent`	high	Monitors and validates offline exam session data synchronisation
`result_report_agent`	Result Report Agent	`ResultReportAgent`	high	Generates structured result report advisories for school/district/national level summaries
`exam_integrity_agent`	Exam Integrity Agent	`ExamIntegrityAgent`	critical	Performs holistic exam integrity audit by correlating malpractice flags, score anomaly signals, and proctoring patterns

exam_monitoring_agent Exam Monitoring Agent high ✓ production

CF Worker: ExamMonitoringAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors live exam session health on exam day by tracking attendance submission rates and OMR packet return rates across all registered schools. Computes an on_track/at_risk/critical status signal and surfaces priority flags for control-tower review.

Tools: read_exam_status · render_table

Outcome: AgentDecision with status (on_track/at_risk/critical), attendanceSubmissionRate, omrReturnRate, missingSchools count, omrPacketsDispatched/Received, confidenceScore, recommendation text, forceHumanReview=true.

Guardrails: Hard-blocked: change_score, publish_results, post_ledger_entry, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory only; corrective action requires operator approval. Student identifiers and roll numbers are redacted from decision logs. forceHumanReview is always true.

attendance_reconciliation_agent Attendance Reconciliation Agent high ✓ production

CF Worker: AttendanceReconciliationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reconciles expected vs. actual attendance and OMR sheet counts for a specific school on a given exam date. Computes the mismatch between present students and received OMR sheets and classifies severity as none/minor/significant/critical.

Tools: read_exam_status · render_card

Outcome: AgentDecision with mismatchSeverity classification, omrMismatch and registrationMismatch counts, absenteeRate, confidenceScore (base 0.90), recommendation, forceHumanReview=true, and advisoryBoundary confirming physical re-count requires operator-approved workflow.

reverse_logistics_agent Reverse Logistics Agent high ✓ production

CF Worker: ReverseLogisticsAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Tracks the return shipment of OMR answer-script packets from exam centers to evaluation hubs by monitoring courier status, dispatch dates, and evaluation deadlines. Classifies impact (low/medium/high/critical) and deadline risk (on_time/at_risk/missed_deadline/unknown).

Tools: read_exam_status · show_timeline

Outcome: AgentDecision with shipmentId, courierStatus, impactLevel, deadlineStatus, all date timestamps, confidenceScore (base 0.87), recommendation, forceHumanReview=true, and advisoryBoundary confirming recovery actions require operator-approved workflow.

omr_intake_agent OMR Intake Agent high ✓ production

CF Worker: OmrIntakeAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates OMR scan ingestion completeness by comparing received packet and sheet counts against expected manifest values, and measuring barcode readability. Classifies intake as pass/warning/fail and surfaces discrepancies for operator review before evaluation begins.

Tools: read_exam_status · render_table

Outcome: AgentDecision with intakeSeverity (pass/warning/fail), packetShortfall, sheetShortfall, unreadableRate, confidenceScore (base 0.90), recommendation, forceHumanReview=true, and advisoryBoundary confirming corrective holds require operator-approved workflow.

scan_quality_agent Scan Quality Agent high ✓ production

CF Worker: ScanQualityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assesses OMR scan image quality for a given batch by measuring defect rates across unreadable, folded, partial-bubbling, and barcode-failure categories. Computes a composite qualityScore and flags batches as pass/warning/critical to direct targeted re-scan operations before evaluation.

Tools: read_exam_status · render_card

Outcome: AgentDecision with qualityFlag (pass/warning/critical), qualityScore, defectRate, partialRate, per-defect-type counts, confidenceScore (base 0.89), recommendation, forceHumanReview=true, and advisoryBoundary confirming batch holds and re-scans require operator-approved workflow.

evaluation_coordination_agent Evaluation Coordination Agent high ✓ production

CF Worker: EvaluationCoordinationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors evaluation batch progress across all evaluators by computing throughput rate, remaining sheet count, estimated hours to completion, and SLA risk classification (on_track/at_risk/breached). Identifies stalled batches and recommends staffing or schedule adjustments for operator review.

Tools: read_exam_status · render_table

Outcome: AgentDecision with slaRisk classification, throughputRate (sheets/hr), remainingSheets, estimatedHoursLeft, completionPercent, evaluatorsCount, confidenceScore (base 0.87), recommendation, forceHumanReview=true, and advisoryBoundary confirming staffing adjustments require operator-approved workflow.

result_integrity_agent Result Integrity Agent high ✓ production

CF Worker: ResultIntegrityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Checks result dataset completeness and integrity before publication readiness is declared, by counting duplicate ranks, impossible scores, percentile anomalies, and suspected cheating flags. Computes an anomalyRate and integrityScore, and sets publicationBlocked=true when cheating flags are present.

Tools: read_exam_status · render_table

Outcome: AgentDecision with integrityScore, anomalyRate, per-category anomaly counts, mandatoryHumanReview boolean, publicationBlocked boolean, confidenceScore (base 0.88), recommendation, forceHumanReview=true. Agent CANNOT block or publish results directly — only flags.

score_override_assistant Score Override Assistant high ✓ production

CF Worker: ScoreOverrideAssistant extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews score override requests against policy bounds, computing the score delta and required documentation checklist based on magnitude and direction of the change. Returns an advisory approval or rejection recommendation with full documentation requirements for human decision. change_score is unconditionally hard-blocked.

Tools: read_exam_status · render_card

Outcome: AgentDecision with scoreDelta, riskLevel (low/medium/high), documentsRequired list, workflowRequired=score_override_approval_workflow, supportingEvidence references, confidenceScore (base 0.85), recommendation, forceHumanReview=true. Agent CANNOT apply score changes independently under any circumstances.

exam_reevaluation_agent Exam Reevaluation Agent high ✓ production

CF Worker: ExamReevaluationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages reevaluation applications by eligibility criteria and recommends processing priority, SLA timeline, evidence checklist, and workflow steps including re-scan authorization or fraud investigation escalation. Handles parent_dispute, scan_error, marking_error, and suspected_fraud.

Tools: read_exam_status · render_card

Outcome: AgentDecision with requestSLA (24h for scan_error, 72h otherwise), requiresRescan/requiresInvestigation flags, evidenceChecklist array, workflowSteps with per-step approval requirements, confidenceScore (base 0.86), recommendation, forceHumanReview=true.

omr_evaluation_submission_agent OMR Evaluation Submission Agent high ✓ production

CF Worker: OmrEvaluationSubmissionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates OMR evaluation CSV submission metadata — line counts, match rates, unmatched and duplicate counts, and impossible score counts — before advising on evaluation pipeline entry. Operates exclusively on aggregate validation metadata; raw scores and student identifiers are unconditionally excluded from its context by schema design.

Tools: read_exam_status · render_card

Outcome: AgentDecision with validationStatus (passed/has_gaps/failed), matchRate, errorRate, unmatchedCount, duplicateCount, impossibleScoreCount, totalErrors, confidenceScore (base 0.88). NEVER accept, process, or include raw exam scores or student identifiers in agent context.

exam_session_planning_agent Exam Session Planning Agent high ✓ production

CF Worker: ExamSessionPlanningAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Plans and validates exam session schedules across registered centers for a given exam cycle. Surfaces scheduling conflicts, seat capacity gaps, and center-readiness blockers before the session window opens. All output is advisory; session creation and lock-in requires operator approval.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Advisory decision payload with session planning status, capacity gap summary, conflict list, confidence score (>=0.85), and recommended corrective actions for operator approval. forceHumanReview=true for all scheduling mutations.

exam_center_readiness_agent Exam Center Readiness Agent high ✓ production

CF Worker: ExamCenterReadinessAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assesses operational readiness of each exam center prior to session day, covering infrastructure, invigilator confirmation, stationery receipt, and communication connectivity. Surfaces center-specific readiness scores and flags centers requiring pre-emptive intervention.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Readiness assessment payload per center including readiness tier (ready/at_risk/not_ready), dimension breakdown, overall readiness rate, confidence score, and escalation recommendations. Agent cannot modify center records, invigilator assignments, or stationery dispatch orders.

omr_scan_intake_agent OMR Scan Intake Agent high ✓ production

CF Worker: OmrScanIntakeAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates the completeness and integrity of OMR scan batches at the point of intake into the evaluation pipeline. Checks scan counts, barcode readability, and allocation manifest alignment before evaluation begins.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Advisory intake validation result with severity level (pass/warning/fail), shortfall counts, barcode failure rate, recommended disposition (proceed/rescan/hold), and confidence score. Agent cannot ingest raw answer data or student-OMR mappings.

barcode_mismatch_agent Barcode Mismatch Agent high ✓ production

CF Worker: BarcodeMismatchAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects and classifies OMR barcode mismatches between scanned sheets and the allocation manifest, distinguishing between unreadable codes, phantom barcodes, and cross-batch contamination. Identifies sheets requiring manual re-scan or physical re-verification before evaluation proceeds.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Mismatch classification report with per-type counts (unreadable, not-in-manifest, duplicate, cross-batch), mismatch rate, severity tier (acceptable/elevated/critical), affected sheet list references, and operator action recommendations.

evaluation_quality_agent Evaluation Quality Agent high ✓ production

CF Worker: EvaluationQualityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors and assesses the quality of the evaluation process by analysing evaluator consistency, inter-rater agreement rates, and marking scheme adherence across batches. Detects systematic marking errors or outlier evaluators before result integrity is compromised.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Evaluation quality report with per-evaluator consistency flags, batch-level quality risk tiers (acceptable/review_required/halt_recommended), anomaly counts, confidence score, and remediation recommendations. Individual student scores are never processed in LLM context.

score_anomaly_agent Score Anomaly Agent high ✓ production

CF Worker: ScoreAnomalyAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects statistical anomalies in score distributions across subjects, centers, and cohorts to surface potential marking errors, data corruption, or integrity violations before result publication. Provides a pre-publication anomaly gate. Individual student identifiers and raw scores are excluded from LLM context.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Score anomaly report with distribution statistics, anomaly type breakdown, severity level (none/minor/moderate/critical), publication hold advisory, and confidence score. Agent cannot modify scores or directly block publication — output is advisory only.

result_publication_readiness_agent Result Publication Readiness Agent high ✓ production

CF Worker: ResultPublicationReadinessAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Performs a comprehensive pre-publication readiness check across all gating criteria — data completeness, integrity anomalies, mandatory human review clearances, and regulatory compliance flags — before the result publication workflow is permitted to proceed.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Publication readiness verdict (ready/conditional/blocked), gating checklist with open items, compliance flag status, confidence score, and recommended workflow action. A "ready" verdict does not auto-publish; ops_admin must initiate the publication approval workflow independently.

certificate_distribution_agent Certificate Distribution Agent high ✓ production

CF Worker: CertificateDistributionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors and validates the distribution pipeline for generated certificates, tracking delivery to schools and flagging undelivered, bounced, or duplicate dispatch events. Ensures every eligible candidate receives their certificate and surfaces distribution exceptions for resolution.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Distribution status report with per-school delivery rates, exception type counts (undelivered/bounced/duplicate/expired-link), unresolved gap list, confidence score, and recommended follow-up actions. Re-dispatch decisions require operator approval via the designated certificate workflow.

reevaluation_triage_agent Reevaluation Triage Agent high ✓ production

CF Worker: ReevaluationTriageAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages incoming reevaluation applications by eligibility, reason type, and SLA priority to produce a prioritised processing queue. Prioritises: fraud > scan_error > marking_error > parent_dispute. Manages high-volume reevaluation request intake efficiently.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Triage report with a prioritised reevaluation queue, eligibility flags, SLA deadlines, recommended evaluator assignments, and confidence score. Agent cannot reject or approve reevaluation applications — recommendations only. Score corrections require a separate supervisor-approved workflow.

exam_incident_agent Exam Incident Agent high ✓ production

CF Worker: ExamIncidentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Captures, classifies, and prioritises exam-day incident reports from invigilators and center coordinators covering malpractice suspicions, centre disruptions, technical failures, and medical emergencies. Maintains a structured incident log and surfaces high-severity events requiring immediate escalation.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Structured incident classification with severity tier, recommended escalation path (control_tower_alert/regional_coordinator_notify/exam_ops_review/log_and_monitor), pattern cross-reference summary, confidence score. Agent cannot cancel exam sessions, disqualify candidates, or trigger law enforcement escalations directly.

exam_control_tower_agent Exam Control Tower Agent high ✓ production

CF Worker: ExamControlTowerAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Serves as the central aggregation and prioritisation layer for all live exam day signals — consolidating attendance rates, incident flags, OMR dispatch status, and centre connectivity into a unified operational picture. Real-time situational awareness hub for exam execution across all centers.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Control tower advisory with overall execution health score, ranked intervention list, center-level signal summary, confidence score, and recommended priority actions. Agent cannot directly dispatch field coordinators, send official communications, or halt exam sessions. Only aggregate metrics are processed in LLM context.

offline_exam_worker_agent Offline Exam Worker Agent high ✓ production

CF Worker: OfflineExamWorkerAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors and validates offline exam session data synchronisation from centres operating without live connectivity, ensuring queued submissions, autosave payloads, and QR fallback bundles are correctly received and reconciled once connectivity is restored.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Offline sync status report with per-session classification (fully_synced/partial_sync/sync_failed/awaiting_qr_fallback), payload gap counts, recovery recommendations, confidence score, and human-review flag for unresolved sessions. Agent cannot apply or merge synced payloads directly.

result_report_agent Result Report Agent high ✓ production

CF Worker: ResultReportAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates structured result report advisories for school-level, district-level, and national-level summaries after result publication clearance, including rank distribution analytics, participation rates, and subject-wise performance breakdowns. Processes aggregate statistics only; individual student PII excluded.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Structured result report advisory with rank distribution data, participation metrics, subject performance summaries, anomaly flags, and confidence score. Distribution to schools requires operator approval. Agent cannot access result records before publication has been cleared via the approved human workflow.

exam_integrity_agent Exam Integrity Agent critical ✓ production

CF Worker: ExamIntegrityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Performs a holistic exam integrity audit by correlating malpractice incident flags, score anomaly signals, attendance irregularities, and proctoring event patterns to surface coordinated integrity violations. Final integrity clearance gate before result publication is permitted.

Tools: read_exam_status · render_card · render_table · show_timeline

Outcome: Integrity audit advisory with per-center/session risk-level assignments (clear/elevated/high_risk/critical), correlated signal summary, recommended dispositions (clear_to_publish/hold_for_review/escalate_to_investigation), confidence score. Any "critical" integrity finding mandates mandatory human review by ops_admin before any downstream action. Agent does not gate publication directly — feeds result_publication_readiness_agent.

6 Results, Certs & Communication 8 agents

Covers the post-exam results lifecycle. 8 agents handle the sequential pipeline from result readiness validation through ranking integrity checks, certificate generation and revocation, award allocation, and parent/school communications. All agents are strictly advisory — they surface readiness status, flag anomalies, draft communications, and produce decision packets, but every mutation (publication, generation, revocation, award creation, message dispatch) is gated behind a human approval workflow.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`result_publication_agent`	Result Publication Agent	`ResultPublicationAgent`	high	Validates result dataset completeness before recommending publication approval
`ranking_integrity_agent`	Ranking Integrity Agent	`RankingIntegrityAgent`	high	Checks ranking consistency across score bands, ties, and merit criteria
`certificate_generation_agent`	Certificate Generation Agent	`CertificateGenerationAgent`	high	Validates certificate batch parameters and produces a generation plan estimate
`certificate_revocation_assistant`	Certificate Revocation Assistant	`CertificateRevocationAssistant`	high	Reviews certificate revocation requests — determines approver roles and evidence checklist
`award_allocation_agent`	Award Allocation Agent	`AwardAllocationAgent`	high	Allocates merit positions, subject toppers, and award categories based on result data
`parent_communication_agent`	Parent Communication Agent	`ParentCommunicationAgent`	high	Drafts result and certificate delivery communication intents for operator approval
`school_summary_agent`	School Summary Agent	`SchoolSummaryAgent`	high	Generates per-school performance summaries including attendance rate, pass rate, average scores
`parent_reevaluation_agent`	Parent Reevaluation Agent	`ParentReevaluationAgent`	high	Triages parent reevaluation requests by validating eligibility windows and SLA

result_publication_agent Result Publication Agent high ✓ production

CF Worker: ResultPublicationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates result dataset completeness by comparing processed results against total candidates and checking for pending verifications before recommending publication approval to an ops_admin human workflow gate. Computes a completion rate and assigns readiness states: ready_for_human_approval, pending_final_verification, or not_ready.

Tools: get_result_readiness · get_ranking_conflicts · get_reevaluation_queue · get_certificate_status · get_publication_checklist · get_award_allocation · approve_reevaluation · reject_reevaluation · publish_results · revoke_certificate

Outcome: AgentDecision with examId, completionRate, pendingVerifications, readinessStatus, advisoryBoundary, confidenceScore (0.82-0.87), forceHumanReview=true. publish_results requires critical-level Approval gate and is blocked from direct agent invocation. approve/reject_reevaluation require high-level Approval gate.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

ranking_integrity_agent Ranking Integrity Agent high ✓ production

CF Worker: RankingIntegrityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Checks ranking consistency across score bands, ties, and merit criteria by computing an anomaly rate from duplicate ranks, rank gaps, and percentile anomalies across a ranked candidate set. Classifies ranking integrity as clean, minor_issues, or integrity_risk.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision with examId, totalRanked, duplicateRanks, rankGaps, percentileAnomalies, anomalyRate, integrityStatus (clean/minor_issues/integrity_risk), advisoryBoundary, confidenceScore (0.82-0.90). Ranking corrections require dedicated integrity workflow.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

certificate_generation_agent Certificate Generation Agent high ✓ production

CF Worker: CertificateGenerationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates certificate batch parameters including eligible candidate count, template version, and customizations, then produces a generation plan estimating batch count and generation time before recommending ops_admin authorization. No certificates are created during agent execution.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision (decisionType: orchestration_intent) with batchId, eligibleCandidates, certificateTemplate, estimatedGenerationTimeMinutes, batchesRequired, batchSize, advisoryBoundary, confidenceScore 0.88, forceHumanReview=true. Certificate generation only proceeds after authorized workflow is triggered externally.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

certificate_revocation_assistant Certificate Revocation Assistant high ✓ production

CF Worker: CertificateRevocationAssistant extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews certificate revocation requests by evaluating the revocation reason, determining required approver roles, assigning a risk tier (exam_fraud/court_order → critical; identity_mismatch → high; data_correction → medium), and building a mandatory evidence checklist.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision (decisionType: exception_priority) with candidateId, certificateId, revocationReason, requiredApprovals, riskLevel, mandatoryEvidenceChecklist, advisoryBoundary, confidenceScore 0.91, forceHumanReview=true. revoke_certificates is hard-blocked for this agent — certificate revocation is irreversible.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

award_allocation_agent Award Allocation Agent high ✓ production

CF Worker: AwardAllocationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Allocates merit positions, subject toppers, and award categories based on result and ranking data by computing total awardees from a top percentage threshold and breaking down counts per award category rank range. Outputs require exam_ops review before any award records are created or announced.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision (decisionType: school_health_score) with examId, totalEligible, topPercent, totalAwardees, awardBreakdown per category, advisoryBoundary, confidenceScore 0.87, forceHumanReview=true. No award records are created until ops_admin approves through the designated workflow.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

parent_communication_agent Parent Communication Agent high ✓ production

CF Worker: ParentCommunicationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Drafts result and certificate delivery communication intents for operator approval, selecting the appropriate template key and SLA priority for each communication type (result_ready, certificate_ready, reevaluation_update, award_notification) and delivery channel (email, SMS, WhatsApp). No external message is sent by the agent.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision (decisionType: communication_draft) with candidateId, communicationType, templateKey, channel, slaPriority (same_day/one_business_day/two_business_days), advisoryBoundary, confidenceScore 0.85, forceHumanReview=true. No message is dispatched until ops_admin approves and triggers the send workflow.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

school_summary_agent School Summary Agent high ✓ production

CF Worker: SchoolSummaryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates per-school performance summaries including attendance rate, pass rate, average and top scores, subject breakdowns, and merit counts for coordinator dispatch. Classifies each school into a performance tier (outstanding/good/average/below_average) based on average score thresholds.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision (decisionType: school_health_score) with schoolId, examId, attendanceRate, passRate, averageScore, topScore, passCount, awardCount, schoolPerformanceTier, advisoryBoundary, confidenceScore 0.86. Summary is advisory for coordinator review; official results published through designated workflow.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

parent_reevaluation_agent Parent Reevaluation Agent high ✓ production

CF Worker: ParentReevaluationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages parent reevaluation requests by validating eligibility windows, confirming the SLA (72 hours), and summarizing supporting evidence requirements for exam_ops processing. Produces a structured advisory packet including required evidence items and the next-step instruction for submission to the ops_admin workflow.

Tools: (advisory classifier — no registered tools)

Outcome: AgentDecision (decisionType: orchestration_intent) with requestId, candidateId, parentName, subject, currentScore, requestReason, isEligible=true, slaHours=72, evidenceRequired checklist (reevaluation_request_form, parent_identity_proof, original_answer_sheet_copy), nextStep, advisoryBoundary, confidenceScore 0.84. No score is changed.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. No tools registered for most agents (advisory classifier); all actions require human-approved workflows.

7 Online Exam Platform 18 agents

Covers the full lifecycle of online exam delivery for the Finverse Academy Olympiad (Phase 6). 18 agents collectively handle candidate identity verification before session admission, real-time session health monitoring, proctoring signal analysis, connectivity disruption triage, submission integrity validation, evaluation pipeline tracking, live support ticket classification, session recovery, autosave monitoring, accessibility accommodations, network health monitoring, device risk assessment, timer integrity monitoring, and AI cheating signal analysis. All agents are strictly advisory.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`candidate_verification_agent`	Candidate Verification Agent	`CandidateVerificationAgent`	high	Evaluates candidate identity signals before online exam session admission
`exam_session_agent`	Exam Session Agent	`ExamSessionAgent`	high	Monitors real-time online exam session health by evaluating timer, completion rate, and connection drops
`anti_cheating_agent`	Anti-Cheating Agent	`AntiCheatingAgent`	high	Evaluates proctoring signals — tab-switches, copy-paste events, face-detection failures
`connectivity_recovery_agent`	Connectivity Recovery Agent	`ConnectivityRecoveryAgent`	high	Detects the impact of network interruptions on candidate exam sessions
`submission_integrity_agent`	Submission Integrity Agent	`SubmissionIntegrityAgent`	high	Validates the integrity of online exam submissions by checking checksum validity and timing anomalies
`online_evaluation_agent`	Online Evaluation Agent	`OnlineEvaluationAgent`	high	Tracks the MCQ auto-grading pipeline progress for online submissions
`online_support_agent`	Online Support Agent	`OnlineSupportAgent`	high	Classifies live exam support tickets by issue type and severity
`online_candidate_verification_agent`	Online Candidate Verification	`OnlineCandidateVerificationAgent`	high	Verifies candidate identity and eligibility before granting access to the online exam portal
`online_session_recovery_agent`	Online Session Recovery	`OnlineSessionRecoveryAgent`	high	Triages interrupted online exam sessions and recommends recovery actions
`online_proctoring_triage_agent`	Online Proctoring Triage	`OnlineProctoringTriageAgent`	high	Triages live proctoring alerts by severity and routes to appropriate review queue
`online_submission_integrity_agent`	Online Submission Integrity	`OnlineSubmissionIntegrityAgent`	high	Verifies integrity of online exam submissions — checksums, duplicates, timing anomalies
`online_autosave_monitor_agent`	Online Autosave Monitor	`OnlineAutosaveMonitorAgent`	high	Monitors the 30-second autosave cycle of the Phase 6 offline-first online exam PWA
`online_support_triage_agent`	Online Support Triage	`OnlineSupportTriageAgent`	high	Triages incoming online exam support tickets with SLA and escalation recommendations
`online_accessibility_agent`	Online Accessibility	`OnlineAccessibilityAgent`	high	Advises on accessibility accommodations for candidates with special needs
`online_network_health_agent`	Online Network Health	`OnlineNetworkHealthAgent`	high	Monitors network quality signals for active online exam sessions
`online_device_risk_agent`	Online Device Risk	`OnlineDeviceRiskAgent`	high	Assesses device-level risk signals for candidates attempting to join Phase 6 online exams
`online_exam_timer_agent`	Online Exam Timer	`OnlineExamTimerAgent`	high	Monitors server-authoritative exam timer state, detecting clock skew and timer manipulation
`online_ai_cheating_signal_agent`	Online AI Cheating Signal	`OnlineAiCheatingSignalAgent`	high	Analyses AI-assisted cheating signals — response patterns, timing anomalies, cross-candidate similarity

candidate_verification_agent Candidate Verification Agent high ✓ production

CF Worker: CandidateVerificationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates candidate identity signals — registration status, ID document submission, and face-match score — before online exam session admission. Produces verificationStatus (verified/face_match_failed/manual_review_required/id_missing/rejected) with a confidence score for the ops_admin approval workflow.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with verificationStatus enum, faceMatchScore, idType, examId, candidateId, confidenceScore, recommendation, advisoryBoundary, forceHumanReview=true. No session state is mutated. Session admission requires ops_admin approval through the identity verification workflow.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

exam_session_agent Exam Session Agent high ✓ production

CF Worker: ExamSessionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors real-time online exam session health by evaluating timer elapsed time, question completion rate, connection drop counts, and autosave failure counts. Surfaces sessionHealth classification (healthy/degraded/critical) with anomaly flags for ops_admin control-tower review.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with sessionId, candidateId, elapsedMinutes, completionRate, connectionDrops, autosaveFailures, sessionHealth (healthy/degraded/critical), confidenceScore (base 0.88, −0.02 per connection drop/autosave failure), forceHumanReview=true. Server-authoritative timers immutable to this layer.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

anti_cheating_agent Anti-Cheating Agent high ✓ production

CF Worker: AntiCheatingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates proctoring signals — tab-switch count, copy-paste events, face-detection failures, and multiple-person detection — to compute a risk score and suspicion level (low/medium/high/critical). Flags high and critical cases for super_admin review through the exam integrity workflow. Cannot invalidate attempts.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with sessionId, candidateId, riskScore (weighted sum), suspicionLevel, flaggedForReview boolean, anomalousBehaviorSignals list, confidenceScore (0.7 + riskScore × 0.3), forceHumanReview=true. Agent CANNOT invalidate candidates or exam attempts — disqualification requires super_admin approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

connectivity_recovery_agent Connectivity Recovery Agent high ✓ production

CF Worker: ConnectivityRecoveryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects the impact of network interruptions on candidate exam sessions by analysing disconnection duration, reconnection status, and autosave checkpoint timing. Produces recoveryStatus and timeExtensionRecommendationMinutes (0/5/min(ceil(duration/60), 30)) for ops_admin consideration.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with sessionId, candidateId, disconnectionDuration, recoveryStatus (disconnected/auto_recovered/recovery_pending_review/critical_intervention_required), lostWorkRisk, timeExtensionRecommendationMinutes, confidenceScore, forceHumanReview=true. Agent cannot modify exam sessions, timers, or extend time.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

submission_integrity_agent Submission Integrity Agent high ✓ production

CF Worker: SubmissionIntegrityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates the integrity of online exam submissions by checking checksum validity, duplicate submission flags, and client-to-server timestamp deltas (flagged if >30,000 ms). Produces integrityStatus and requiresInvestigation flag for ops_admin review.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with submissionId, candidateId, examId, checksumValid, duplicateSubmission, timeDeltaMs, integrityStatus (valid/checksum_failed/duplicate_submission/timing_anomaly), requiresInvestigation boolean, confidenceScore, forceHumanReview=true. Agent CANNOT accept or reject submissions.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_evaluation_agent Online Evaluation Agent high ✓ production

CF Worker: OnlineEvaluationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Tracks the MCQ auto-grading pipeline progress for online submissions by computing evaluation completion rate and time remaining against the evaluation deadline. Classifies pipeline status as complete/on_track/at_risk/critical and recommends operator intervention when falling behind.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with examId, totalSubmissions, evaluatedCount, autoGradableCount, manualGradingPending, completionRate, hoursRemaining, evaluationStatus, confidenceScore (base 0.87), forceHumanReview=true. Agent CANNOT modify or finalise any scores.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_support_agent Online Support Agent high ✓ production

CF Worker: OnlineSupportAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies live exam support tickets by issue type (login_failure, timer_discrepancy, submission_failure, proctoring_tech_issue, question_display_error) and severity to derive SLA deadlines and recommended response templates. Flags critical and submission/timer issues for immediate ops_admin escalation.

Tools: read_online_exam_status · render_card

Outcome: Structured JSON with ticketId, candidateId, issueType, severity, slaHours (critical=1/high=4/medium=12/low=24), escalationRequired boolean, responseTemplate name, confidenceScore, forceHumanReview=true. Technical interventions and session adjustments require ops_admin execution.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_candidate_verification_agent Online Candidate Verification high ✓ production

CF Worker: OnlineCandidateVerificationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Verifies candidate identity and eligibility before granting access to the online exam portal. Receives face-match scores, ID document metadata, and registration status, then produces an advisory verification decision (verified/face_match_failed/manual_review_required/id_missing/rejected).

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with verificationStatus, faceMatchScore, idType, confidenceScore, advisoryBoundary, humanReviewRequired=true, routed to the ops_admin identity verification approval workflow. NEVER admit or reject a candidate directly.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_session_recovery_agent Online Session Recovery high ✓ production

CF Worker: OnlineSessionRecoveryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages interrupted online exam sessions and recommends recovery actions when a candidate's session terminates abnormally (browser crash, forced logout, or platform error). Inspects session state, autosave timestamps, and elapsed time.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with recoveryRecommendation, dataLossRisk assessment, optional timeExtensionMinutes, humanReviewRequired=true, routed to the ops_admin session recovery approval workflow. NEVER modify exam session state or timers.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_proctoring_triage_agent Online Proctoring Triage high ✓ production

CF Worker: OnlineProctoringTriageAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages live proctoring alerts generated by the adaptive proctoring layer. Classifies incoming events (face detection failures, tab switches, audio anomalies, multiple persons detected) by severity and priority, then routes to the appropriate review queue.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with alertSeverity, escalationPath (invigilator queue for low/medium; ops_admin review queue for high/critical), triagePriority, humanReviewRequired=true. All proctoring events are append-only and cannot automatically invalidate attempts.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_submission_integrity_agent Online Submission Integrity high ✓ production

CF Worker: OnlineSubmissionIntegrityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Verifies the integrity of online exam submissions by inspecting checksums, detecting duplicate submissions, and flagging timing anomalies between client submission time and server receipt time. Pre-evaluation gate in the Phase 6 online exam submission pipeline.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with integrityStatus (valid/checksum_failed/duplicate_submission/timing_anomaly), requiresInvestigation flag, timeDeltaMs, humanReviewRequired=true, routed to ops_admin submission integrity approval workflow. NEVER accept or reject submissions.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_autosave_monitor_agent Online Autosave Monitor high ✓ production

CF Worker: OnlineAutosaveMonitorAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors the 30-second autosave cycle of the Phase 6 offline-first online exam PWA, detecting autosave failures, stale save timestamps, and IndexedDB sync gaps. Surfaces autosave health degradation so operators can intervene before candidate data is lost.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with autosaveStatus (healthy/degraded/at_risk_of_data_loss), consecutiveFailureCount, estimatedDataAtRisk, recommendedAction, humanReviewRequired flag (when degraded). Online exam timers are server-authoritative; autosave writes are service-role gated. NEVER modify session state, exam timers, or autosave cadence.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_support_triage_agent Online Support Triage high ✓ production

CF Worker: OnlineSupportTriageAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages incoming online exam support tickets raised by candidates during active exam windows, classifying them by issue type and severity to produce SLA-bound response and escalation recommendations. Routes critical and submission-related issues for immediate ops_admin escalation.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with ticketId, issueType, severity, slaHours, escalationRequired, responseTemplate, humanReviewRequired=true, surfaced in the support_user triage dashboard. NEVER perform technical interventions or session adjustments.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_accessibility_agent Online Accessibility high ✓ production

CF Worker: OnlineAccessibilityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Advises on accessibility accommodations for candidates with special needs during Phase 6 online exam sessions, including extended time eligibility, assistive technology compatibility, and screen reader guidance. Surfaces accommodation gaps and WCAG compliance flags.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with accommodationStatus, detectedGaps, complianceFlags, recommendedActions, humanReviewRequired=true, routed to the ops_admin accessibility review workflow. NEVER grant or modify exam accommodations.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_network_health_agent Online Network Health high ✓ production

CF Worker: OnlineNetworkHealthAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors network quality signals for active online exam sessions, analyzing bandwidth, latency, packet loss, and WebSocket stability to detect degradation before it causes session disruptions or data loss.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with networkHealthStatus (healthy/degraded/critical), thresholdBreaches, recommendedActions (reconnect/switch to mobile data/reduce background traffic), humanReviewRequired flag. NEVER modify exam session state or connectivity settings.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_device_risk_agent Online Device Risk high ✓ production

CF Worker: OnlineDeviceRiskAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assesses device-level risk signals for candidates attempting to join Phase 6 online exams, evaluating browser fingerprint anomalies, virtual machine indicators, emulator flags, unsupported OS/browser combinations, and rooted/jailbroken device signals.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with deviceRiskScore, riskClassification (low/medium/high/critical), riskFactors, recommendedAction (allow/flag-for-review/block-pending-review), humanReviewRequired=true. NEVER block or admit a candidate based on device signals alone.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_exam_timer_agent Online Exam Timer high ✓ production

CF Worker: OnlineExamTimerAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors server-authoritative exam timer state for Phase 6 online exam sessions, detecting clock skew between the client timer and the server-side countdown, flagging timer manipulation attempts when client remaining time exceeds server remaining time beyond threshold.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with skewSeconds, skewClassification (acceptable <5s/warning 5-30s/anomalous >30s), manipulationSuspected flag, serverRemainingSeconds, humanReviewRequired=true. NEVER modify exam timers or extend/reduce candidate time. Online exam timers are server-authoritative.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

online_ai_cheating_signal_agent Online AI Cheating Signal high ✓ production

CF Worker: OnlineAiCheatingSignalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Analyses AI-assisted cheating signals captured during Phase 6 online exam sessions, including suspicious response patterns consistent with AI-generated answers, answer-timing anomalies, and cross-candidate answer similarity spikes. Produces an advisory AI cheating risk score.

Tools: read_online_exam_status · render_card · render_table · show_timeline

Outcome: Governed AgentDecision with aiCheatingRiskScore, detectedPatterns, crossCandidateSimilarity, flaggedForReview flag, humanReviewRequired=true, routed to the super_admin exam integrity approval workflow. NEVER invalidate a candidate session or exam attempt based on AI signal alone.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory, schema-validated, and append-only logged. mutatesBusinessTruth=false enforced at runtime. Minimum confidence threshold 0.85 before routing to approval.

8 Learning, Course & Academic 21 agents

Covers the academic intelligence layer providing AI-assisted curriculum design, personalized learning support, and exam preparation for the Olympiad platform (Phase 7). 21 agents span syllabus mapping, course blueprinting, lesson generation, practice generation, content review, study path recommendations, spaced-repetition revision, mock test configuration, mistake analysis, exam readiness scoring, AI tutoring, motivational nudges, concept explanations, learning gap identification, practice recommendations, adaptive mock testing, question quality review, tutor guardrails, psychometric calibration, content safety review, and learning progress aggregation. All agents are strictly advisory.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`syllabus_mapping_agent`	Syllabus Mapping Agent	`SyllabusMappingAgent`	medium	Maps curriculum content items to syllabus taxonomy nodes for tracking coverage
`course_blueprint_agent`	Course Blueprint Agent	`CourseBlueprintAgent`	medium	Generates course structure blueprints aligned to learning objectives
`lesson_generation_agent`	Lesson Generation Agent	`LessonGenerationAgent`	medium	Recommends lesson content structures, learning objective sequences, and difficulty progressions
`practice_generation_agent`	Practice Generation Agent	`PracticeGenerationAgent`	medium	Recommends practice question set parameters aligned to diagnosed skill gaps
`content_review_agent`	Content Review Agent	`ContentReviewAgent`	medium	Reviews learning content quality across accuracy, clarity, age-appropriateness, and DPDP compliance
`study_path_agent`	Study Path Agent	`StudyPathAgent`	medium	Generates personalized study path recommendations from performance data and exam proximity
`revision_agent`	Revision Agent	`RevisionAgent`	medium	Recommends spaced-repetition revision schedules based on retention decay signals
`mock_test_agent`	Mock Test Agent	`MockTestAgent`	medium	Recommends mock test configurations including topic mix, difficulty distribution, and time allocation
`mistake_analysis_agent`	Mistake Analysis Agent	`MistakeAnalysisAgent`	medium	Identifies recurring mistake patterns and classifies student performance into tiers
`readiness_agent`	Readiness Agent	`ReadinessAgent`	medium	Scores exam readiness from practice performance, gap coverage, and mastery scores
`ai_tutor_agent`	AI Tutor Agent	`AiTutorAgent`	medium	Provides hint-level tutoring guidance within teacher-configured policy bounds
`motivation_agent`	Motivation Agent	`MotivationAgent`	medium	Generates motivational nudges and progress acknowledgment messages calibrated to scores/streaks
`versa_concept_agent`	Versa Concept Agent	`VersaConceptAgent`	low	Provides concise concept-level explanations calibrated to a student's IRT ability estimate (theta)
`learning_gap_agent`	Learning Gap	`LearningGapAgent`	medium	Identifies advisory learning gaps by comparing per-topic scores against a mastery threshold
`practice_recommendation_agent`	Practice Recommendation	`PracticeRecommendationAgent`	medium	Recommends targeted practice sessions based on diagnosed skill gaps and mistake patterns
`adaptive_mocktest_agent`	Adaptive Mocktest	`AdaptiveMocktestAgent`	medium	Recommends adaptive mock test configurations calibrated to ability estimates
`question_quality_agent`	Question Quality	`QuestionQualityAgent`	medium	Reviews question items for quality signals — accuracy, clarity, distractor effectiveness, DPDP compliance
`student_tutor_guardrail_agent`	Student Tutor Guardrail	`StudentTutorGuardrailAgent`	medium	Enforces teacher-configured hint policy boundaries and content safety constraints on tutor responses
`psychometric_calibration_agent`	Psychometric Calibration	`PsychometricCalibrationAgent`	medium	Provides advisory IRT calibration signals for exam items including difficulty and discrimination index
`academic_content_safety_agent`	Academic Content Safety	`AcademicContentSafetyAgent`	medium	Reviews learning content for safety violations — age-appropriateness, misinformation, DPDP, harmful language
`learning_progress_agent`	Learning Progress	`LearningProgressAgent`	medium	Aggregates and summarises a student's learning progress across topics, practice sessions, and revision completion

syllabus_mapping_agent Syllabus Mapping Agent medium ✓ production

CF Worker: SyllabusMappingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Maps curriculum content items to syllabus taxonomy nodes for tracking coverage across grades, subjects, and boards (CBSE, ICSE, Cambridge, State, IB). Computes coverage rate and determines mapping status (complete/partial/incomplete).

Tools: read_academic_summary · render_table

Outcome: AgentDecision (decisionType: column_mapping_suggestion) with coverageRate, mappingStatus (complete/partial/incomplete), unmapped topic count, confidenceScore (0.82-0.92), and advisoryBoundary confirming curriculum changes require academic committee approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

course_blueprint_agent Course Blueprint Agent medium ✓ production

CF Worker: CourseBlueprintAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates course structure blueprints aligned to learning objectives and syllabus coverage targets for human authoring review. Computes total hours, module count, and a skeletal weekly schedule from course duration and learning objective inputs.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: orchestration_intent) with courseId, totalHours, moduleCount, learningObjectiveCount, weeklySchedule anchor points (introduction + revision_and_assessment), advisoryBoundary. confidenceScore 0.78. Official course content requires academic committee review and approval before implementation.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

lesson_generation_agent Lesson Generation Agent medium ✓ production

CF Worker: LessonGenerationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends lesson content structures, learning objective sequences, and difficulty progressions for human content authors. Proposes a section count, estimated activities, and an ordered lesson structure based on topic, subject, grade, duration, and learning style.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: orchestration_intent) with sectionCount, estimatedActivities, lessonStructure array (introduction/core_concept/worked_examples/practice_exercise if ≥60min/summary), advisoryBoundary requiring teacher review before delivery to students. confidenceScore 0.76.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

practice_generation_agent Practice Generation Agent medium ✓ production

CF Worker: PracticeGenerationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends practice question set parameters aligned to diagnosed skill gaps and Bloom's taxonomy difficulty levels. Classifies practice sessions as standard or mistake-remediation based on recent error topics, and estimates session duration.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: orchestration_intent) with practiceType (standard_practice/mistake_remediation), estimatedDurationMinutes, focusedOnMistakes flag, recentMistakeTopics, advisoryBoundary requiring teacher approval for actual question delivery.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

content_review_agent Content Review Agent medium ✓ production

CF Worker: ContentReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews learning content quality across accuracy, clarity, age-appropriateness, and DPDP policy compliance, flagging concerns for editorial review. Accepts structured signals (factual errors, grammar errors, difficulty suitability) and produces a reviewStatus and priority classification.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: anomaly_detection) with issueCount, reviewStatus (approved/minor_revision_needed/major_revision_needed), reviewPriority (high if factual error, else medium), individual error flags, advisoryBoundary. Content publication is blocked until human SME review.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

study_path_agent Study Path Agent medium ✓ production

CF Worker: StudyPathAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates personalized study path recommendations from performance data, skill gaps, and exam proximity. Computes days remaining to exam, selects study intensity (intensive/focused/steady), and prioritizes weak topics (top 5 weak topics).

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: orchestration_intent) with daysRemaining, studyIntensity (intensive <14 days/focused <30/steady ≥30), weakTopicsCount, strongTopicsCount, priorityTopics list (up to 5), advisoryBoundary requiring teacher review before implementation.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

revision_agent Revision Agent medium ✓ production

CF Worker: RevisionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends spaced-repetition revision schedules based on retention decay signals, topic counts, and upcoming exam timelines. Computes a daily revision pace (revisionsPerDay = min(ceil(topics/max(daysToExam,1)), 10)) and priority level (high/medium/low).

Tools: read_academic_summary · render_table

Outcome: AgentDecision (decisionType: orchestration_intent) with daysToExam, topicCount, revisionsPerDay, revisionPriority (high ≤3 days/medium ≤7/low >7), suggestedSchedule text, advisoryBoundary. Actual sessions are guided by student and teacher.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

mock_test_agent Mock Test Agent medium ✓ production

CF Worker: MockTestAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends mock test configurations including topic mix, difficulty distribution, and time allocation for adaptive practice sessions. Validates that difficulty ratios sum to 1 (tolerance 0.01) and computes exact question counts per tier and an estimated passing score (questionCount × 0.6).

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: orchestration_intent) with easyCount, mediumCount, hardCount, timeAllotedMinutes, estimatedPassingScore, advisoryBoundary requiring teacher or platform workflow authorization for delivery. Difficulty distribution must sum to 1.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

mistake_analysis_agent Mistake Analysis Agent medium ✓ production

CF Worker: MistakeAnalysisAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Identifies recurring mistake patterns across topics and question types and classifies student performance into tiers (strong <20% error rate/developing <40%/needs_support ≥40%). Surfaces remediation priorities for teacher and tutor review by ranking topics by error count.

Tools: read_academic_summary · render_table

Outcome: AgentDecision (decisionType: anomaly_detection) with errorRate, performanceTier (strong/developing/needs_support), topMistakeTopics list (up to 5), incorrectAnswers, attemptedQuestions, advisoryBoundary. Performance intervention requires teacher review and action.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

readiness_agent Readiness Agent medium ✓ production

CF Worker: ReadinessAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores exam readiness from practice performance, gap coverage, and mastery scores across multiple topics. Classifies students as ready/borderline/not_ready relative to a configurable target score (default 60). Identifies weakest topics needing urgent attention.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: school_health_score) with avgMastery, readinessStatus (ready/borderline/not_ready), weakestTopics list (up to 5, below targetScore), topicsChecked, advisoryBoundary. Official exam entry decisions are governed by registration rules and administrator oversight.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

ai_tutor_agent AI Tutor Agent medium ✓ production

CF Worker: AiTutorAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides hint-level tutoring guidance within teacher-configured policy bounds across Olympiad subjects (Mathematics, Science, English, GK). Maintains per-session conversation history (up to 40 messages) in SQLite. Supports hintLevel: none/subtle/moderate/full — full_explanation triggers mandatory teacher review.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: communication_draft) with responseType (concept_pointer/leading_question/step_breakdown/full_explanation), requiresTeacherReview flag (true if hintLevel=full), hintLevel, advisoryBoundary blocking official answer evaluation, exam record modification, or replacement of teacher-led instruction. confidenceScore 0.75.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

motivation_agent Motivation Agent medium ✓ production

CF Worker: MotivationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates motivational nudges and progress acknowledgment messages calibrated to recent test scores, study streaks, and days remaining to exam. Selects from three templates (encouragement_excellence/encouragement_progress/encouragement_restart) based on motivationLevel classification (high/medium/low).

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: communication_draft) with motivationLevel (high/medium/low), messageTemplate, daysToExam, advisoryBoundary requiring teacher or parent portal review before any delivery to students. All student communications require teacher or parent portal review before delivery — no direct dispatch. confidenceScore 0.73.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

versa_concept_agent Versa Concept Agent low ✓ production

CF Worker: VersaConceptAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides concise (2-3 sentence) concept-level explanations calibrated to a student's IRT ability estimate (theta). Accepts message format CONCEPT:{uuid}|THETA:{float}|Q:{question}. Maps theta to level (beginner <-1/intermediate -1 to 1/advanced >1) and prepends ability directive before forwarding to LLM. Never reveals exam answers.

Tools: read_academic_summary · render_card

Outcome: AgentDecision (decisionType: communication_draft) with conceptId, theta, level (beginner/intermediate/advanced), question text, and advisoryBoundary — never reveals exam answers; all content is advisory and calibrated to student ability. confidenceScore 0.80.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

learning_gap_agent Learning Gap medium ✓ production

CF Worker: LearningGapAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Identifies advisory learning gaps by comparing a student's per-topic scores against a configurable mastery threshold. Used in the Academic Intelligence portal (phase7) by teachers, exam-ops coordinators, and the student portal to surface which topics fall below mastery.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with gapTopics array (ranked by ascending score with per-topic gap size), masteredTopics, overallReadiness (ready/partially_ready/not_ready), confidenceScore (0.82 + mastered count factor), advisory boundary. Cannot mutate official grades or progress records.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

practice_recommendation_agent Practice Recommendation medium ✓ production

CF Worker: PracticeRecommendationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends targeted practice sessions for individual students based on diagnosed skill gaps, recent mistake patterns, and Bloom's taxonomy difficulty levels. Actual question generation and delivery require separate teacher-authorized workflow steps.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with recommended practiceType, topic focus list, difficulty distribution, estimated session duration, and confidenceScore. Output is advisory and cannot directly trigger question delivery or mutate student progress records.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

adaptive_mocktest_agent Adaptive Mocktest medium ✓ production

CF Worker: AdaptiveMocktestAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends adaptive mock test configurations for students by calibrating topic mix, difficulty distribution, and time allocation based on current ability estimates and performance history. All configuration outputs require teacher or platform workflow authorization before delivery.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with recommended mock test parameters: question count, time allocation, per-tier difficulty counts, estimated passing score, and confidenceScore. Output is advisory only and cannot directly deliver or score any assessment.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

question_quality_agent Question Quality medium ✓ production

CF Worker: QuestionQualityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews individual question items for quality signals including accuracy, clarity, age-appropriateness, distractor effectiveness, and DPDP policy compliance. Used in the content governance workflow (phase7) before items are published to the item bank.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with reviewStatus (approved/minor_revision_needed/major_revision_needed), reviewPriority (high if factual errors/medium otherwise), issue count, per-criterion flags, and confidenceScore. Output is advisory; item edits, retirement, and publication decisions require content governance team approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

student_tutor_guardrail_agent Student Tutor Guardrail medium ✓ production

CF Worker: StudentTutorGuardrailAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Enforces teacher-configured hint policy boundaries and content safety constraints on AI tutor responses before they are delivered to students. Verifies responses do not exceed permitted hint level, contain unsafe content, or bypass subject and grade-level restrictions. All overrides are logged for teacher review.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with guardrail verdict (permit/downgrade/block), violation signals, hint-policy compliance status, and confidenceScore. Output governs tutor content delivery but cannot itself send messages to students — delivery requires downstream workflow authorization.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

psychometric_calibration_agent Psychometric Calibration medium ✓ production

CF Worker: PsychometricCalibrationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides advisory IRT calibration signals for exam items, including difficulty parameter estimates, discrimination index validation, and item fit statistics. All calibration outputs require content governance team approval before item labels or bank records are changed.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with calibrationAction (recalibrate/confirm/flag_for_review), empirical vs current label comparison, discriminationQuality rating (good/poor), and confidenceScore. Item label changes require content governance approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

academic_content_safety_agent Academic Content Safety medium ✓ production

CF Worker: AcademicContentSafetyAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews learning content, tutor responses, and practice materials for safety violations including age-inappropriate content, factual misinformation, DPDP policy non-compliance, and harmful language before delivery to students. Pre-publication safety gate operated by editorial administrators.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with safety verdict (safe/advisory_flag/block), violation category list, humanReviewRequired flag, and confidenceScore. Output gates content delivery but cannot itself publish or delete content — publication requires editorial workflow authorization.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

learning_progress_agent Learning Progress medium ✓ production

CF Worker: LearningProgressAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Aggregates and summarises a student's learning progress across topics, practice sessions, and revision completion to produce an advisory progress snapshot for teachers, parents, and the student portal. Surfaces mastery trajectory, study streak, and readiness delta over time.

Tools: read_academic_summary · render_card · render_table · show_timeline

Outcome: AgentDecision with progress tier (improving/stable/declining), mastery delta, study streak, revision coverage, practice frequency summary, and confidenceScore. Official progress reports, grade changes, and parent communications require teacher and academic coordinator authorization.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only: agents cannot mutate official exam result truth, student records, or official academic standing. No external communications. All output is advisory, logged, and schema-validated.

9 Portal Agents 27 agents

Contains 27 portal-facing agents powering the advisory intelligence layer across all Finverse multi-portal workspaces: student, parent, teacher, school coordinator, vendor, support, finance, and tenant admin portals (Phase 8). Every agent is strictly read-only and advisory — they read portal context, compute summaries, health scores, and routing recommendations, then render cards or tables to the appropriate portal. No agent in this group mutates business truth. All writes (payments, grade changes, certificate generation, exam scheduling) are blocked and must go through authorized human workflows.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`portal_workspace_router_agent`	Portal Workspace Router	`PortalWorkspaceRouterAgent`	low	Routes authenticated users to the correct portal workspace based on their assigned role
`parent_portal_summary_agent`	Parent Portal Summary	`ParentPortalSummaryAgent`	low	Generates a consolidated summary dashboard for parents aggregating linked children's registration, exam dates, results, and fee dues
`student_portal_companion_agent`	Student Portal Companion	`StudentPortalCompanionAgent`	low	Conversational assistant embedded in the student portal for exam journey navigation
`teacher_portal_assistant_agent`	Teacher Portal Assistant	`TeacherPortalAssistantAgent`	low	Unified portal assistant covering class performance overviews, at-risk signals, and grading backlog
`school_portal_ops_agent`	School Portal Ops	`SchoolPortalOpsAgent`	low	Provides school coordinators with a comprehensive operational status view
`vendor_portal_status_agent`	Vendor Portal Status	`VendorPortalStatusAgent`	low	Surfaces consolidated task and order status for vendors accessing the vendor portal
`finance_portal_assistant_agent`	Finance Portal Assistant	`FinancePortalAssistantAgent`	low	Assists finance staff with invoices, payment reconciliation, and collection-rate analytics
`support_portal_assistant_agent`	Support Portal Assistant	`SupportPortalAssistantAgent`	low	Provides support staff with a conversational assistant for triaging inbound tickets
`notification_preference_agent`	Notification Preference	`NotificationPreferenceAgent`	low	Helps portal users review and understand their current notification preferences
`multi_portal_permission_agent`	Multi-Portal Permission	`MultiPortalPermissionAgent`	low	Advises on cross-portal permission and access-scoping questions
`student_study_agent`	Student Study Agent	`StudentStudyAgent`	low	Surfaces personalised study recommendations on the student portal
`parent_summary_agent`	Parent Summary Agent	`ParentSummaryAgent`	low	Generates parent-facing progress summaries and key highlights for the parent portal
`teacher_insight_agent`	Teacher Insight Agent	`TeacherInsightAgent`	low	Surfaces class-level performance insights for teacher review on the teacher portal
`teacher_intervention_agent`	Teacher Intervention Agent	`TeacherInterventionAgent`	low	Recommends targeted interventions for at-risk students
`vendor_coordination_portal_agent`	Vendor Coordination Portal Agent	`VendorCoordinationPortalAgent`	low	Surfaces vendor task status and action items on the vendor portal
`support_routing_agent`	Support Routing Agent	`SupportRoutingAgent`	low	Classifies and routes support tickets to the correct internal team
`tenant_admin_agent`	Tenant Admin Agent	`TenantAdminAgent`	low	Assists tenant admins with configuration and onboarding monitoring on the admin portal
`school_coordinator_portal_agent`	School Coordinator Portal Agent	`SchoolCoordinatorPortalAgent`	low	Helps school coordinators understand registration status, batch uploads, and team members
`invoice_assistant_portal_agent`	Invoice Assistant Portal Agent	`InvoiceAssistantPortalAgent`	low	Helps school coordinators understand invoices, outstanding dues, payment history
`exam_monitor_portal_agent`	Exam Monitor Portal Agent	`ExamMonitorPortalAgent`	low	Helps school coordinators monitor exam readiness — admit cards, exam schedule, invigilators
`school_summary_portal_agent`	School Summary Portal Agent	`SchoolSummaryPortalAgent`	low	Helps school coordinators review student results and school performance analytics
`certificate_generation_portal_agent`	Certificate Generation Portal Agent	`CertificateGenerationPortalAgent`	low	Helps school coordinators check certificate status and track distribution
`exam_readiness_agent`	Exam Readiness Agent	`ExamReadinessAgent`	low	Interprets client-reported device and network check results for pre-exam device readiness
`ranking_display_agent`	Ranking Display Agent	`RankingDisplayAgent`	low	Displays a student's Olympiad ranking, percentile, and score with a motivational narrative
`progress_history_agent`	Progress History Agent	`ProgressHistoryAgent`	low	Narrates a student's multi-year Olympiad performance trajectory
`parent_consent_agent`	Parent Consent Agent	`ParentConsentAgent`	low	Provides parents with a transparent advisory summary of data held and DPDP rights (Group 9)
`parent_payment_agent`	Parent Payment Agent	`ParentPaymentAgent`	low	Provides parents with an advisory payment status summary

portal_workspace_router_agent Portal Workspace Router low ✓ production

CF Worker: PortalWorkspaceRouterAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Routes authenticated users to the correct portal workspace based on their assigned role (student/parent/teacher/school_coordinator/vendor/finance/support). Evaluates session role context and emits a redirect or workspace-load instruction so the portal shell renders the appropriate dashboard.

Tools: read_portal_context · render_card

Outcome: Structured routing decision with resolved portal workspace path, active session flag, and render_card payload for the portal shell. Actual navigation is enforced by the Next.js proxy (src/proxy.ts). NEVER redirect users to a workspace they do not have an RLS-verified role for.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. NEVER expose data outside the authenticated user's RLS-verified scope. All output is advisory and read-only; mutations require authorised human workflows.

parent_portal_summary_agent Parent Portal Summary low ✓ production

CF Worker: ParentPortalSummaryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates a consolidated summary dashboard for parents aggregating their linked children's registration status, upcoming exam dates, recent results, and outstanding fee dues. Serves the /parent dashboard route in Phase 8. Distinct from parent_summary_agent — operates at portal-session level across potentially multiple children.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Structured portal summary with per-child status cards, timeline of upcoming exam dates and deadlines, outstanding fee alerts, and advisory recommendation — all scoped to the authenticated parent's linked children. NEVER surface data for children not linked to the authenticated parent via RLS.

student_portal_companion_agent Student Portal Companion low ✓ production

CF Worker: StudentPortalCompanionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Acts as a conversational assistant embedded in the student portal, helping students navigate their exam journey — answering questions about admit cards, exam dates, result status, and study recommendations. Synthesises the student's current phase context and surfaces the most relevant next action.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Phase-aware summary card with the student's most relevant next action, plus answers to direct queries about registration, exam, results, or certificate — all scoped strictly to their own student record. NEVER expose another student's data. NEVER confirm result publication before qualification_status is set.

teacher_portal_assistant_agent Teacher Portal Assistant low ✓ production

CF Worker: TeacherPortalAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides teachers with a unified portal assistant covering class performance overviews, student at-risk signals, grading backlog status, and invigilator duty reminders. Combines the advisory insight capability of teacher_insight_agent with portal-session awareness. Serves all /teacher/* routes in Phase 8.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Class health dashboard card, prioritised list of at-risk students requiring attention, grading backlog status, and exam-day duty reminders — all advisory and scoped to teacher's own assigned classes. NEVER modify official grade records.

school_portal_ops_agent School Portal Ops low ✓ production

CF Worker: SchoolPortalOpsAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides school coordinators with a comprehensive operational status view of their school's Olympiad journey — synthesising registration health, exam kit readiness, invoice dues, and certificate pipeline into a single ops-level advisory. Primary agent for the school dashboard (/school) home panel.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Single-screen ops dashboard summarising registration health, exam readiness, finance status, and certificate pipeline with a prioritised action list and overall school Olympiad health score. NEVER expose data from other schools. NEVER trigger any operational workflow.

vendor_portal_status_agent Vendor Portal Status low ✓ production

CF Worker: VendorPortalStatusAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Surfaces consolidated task and order status for vendors accessing the vendor portal, showing open purchase orders, pending deliveries, overdue shipments, and outstanding coordination items. Portal-facing counterpart to vendor_coordination_portal_agent for the vendor's own authenticated session on /vendor.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Vendor dashboard card with open order count, pending delivery count, overdue items, and prioritised action items — all scoped to the authenticated vendor account. NEVER confirm dispatch or delivery — logistics mutations require ops_admin workflow.

finance_portal_assistant_agent Finance Portal Assistant low ✓ production

CF Worker: FinancePortalAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assists finance staff and school coordinators on the finance portal by answering questions about invoices, payment reconciliation, outstanding dues, and fee collection analytics. Targets finance-role users who need cross-school summaries, reconciliation status, and collection-rate analytics.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Collection analytics summary with outstanding balance, overdue count, reconciliation status, and anomaly flags — advisory and read-only, scoped to the authenticated user's access level. NEVER process or confirm payments; reconciliation performed by the deterministic finance workflow.

support_portal_assistant_agent Support Portal Assistant low ✓ production

CF Worker: SupportPortalAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides support staff with a conversational assistant on the support portal for triaging inbound tickets, looking up school and student context, and drafting scripted responses. Extends the routing logic of support_routing_agent within an authenticated support-staff portal session.

Tools: read_portal_context · render_card · render_table · show_timeline

Outcome: Ticket classification, contextual school/student data, draft scripted response, and escalation recommendation — advisory only; ticket resolution and communications require authorised support workflow execution. NEVER send communications to schools or parents directly.

notification_preference_agent Notification Preference low ✓ production

CF Worker: NotificationPreferenceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps portal users (students, parents, school coordinators, teachers) review and understand their current notification preferences — channels enabled (email, SMS, in-app), notification categories opted in or out, and digest frequency. Serves the notification preferences panel within any portal role. Does not mutate preferences directly.

Tools: read_portal_context · render_card · render_table

Outcome: Plain-language summary of notification preferences, list of active channels and opted-in categories, and advisory recommendations for any critical categories that appear disabled — read-only advisory output directing the user to the settings page. NEVER mutate notification preferences.

multi_portal_permission_agent Multi-Portal Permission low ✓ production

CF Worker: MultiPortalPermissionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Advises on cross-portal permission and access-scoping questions — explaining what data categories and portal routes a given role is permitted to access, and flagging any permission anomalies in the authenticated session. Translates technical permission boundaries into plain-language explanations.

Tools: read_portal_context · render_card · render_table

Outcome: Plain-language permission summary for the queried role, list of permitted portal routes and data categories, any detected permission anomalies, and escalation recommendation if anomalies are present — all advisory. Actual permission changes require super_admin action through the RLS configuration workflow.

student_study_agent Student Study Agent low ✓ production

CF Worker: StudentStudyAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Surfaces personalised study recommendations on the student portal. Given today's study hours, weekly totals, and upcoming exam schedule, classifies study status as on_track/light/minimal and recommends an adjusted daily target. Adds 2h if urgent exam (≤7 days), else 1h, capped at 8h.

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: communication_draft) with studyStatus classification, urgentExamName and daysUntilUrgentExam (null if none), recommendedDailyHours, advisory boundary. confidenceScore fixed at 0.72.

parent_summary_agent Parent Summary Agent low ✓ production

CF Worker: ParentSummaryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates parent-facing progress summaries and key highlights for the parent portal. Given a student's recent test scores and attendance rate, produces a performanceSummary (excellent/good/needs_attention) and attendanceSummary (excellent/satisfactory/low).

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: school_health_score) with avgScore, performanceSummary, attendanceSummary, attendanceRate, upcomingExamDays, advisory boundary. Confidence score ranges 0.70-0.85. Performance interventions require teacher communication through official channels.

teacher_insight_agent Teacher Insight Agent low ✓ production

CF Worker: TeacherInsightAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Surfaces class-level performance insights for teacher review on the teacher portal. Given class composition (total students, above/below average counts) and grading backlog, computes a class health score and trend classification.

Tools: read_portal_context · render_table

Outcome: AgentDecision (decisionType: school_health_score) with classHealthScore (aboveAverage/totalStudents × 100), classTrend (performing_well/mixed/needs_attention), gradingBacklog (high/medium/low), pendingAssignmentGrading, upcomingClassDays. confidenceScore fixed at 0.74.

teacher_intervention_agent Teacher Intervention Agent low ✓ production

CF Worker: TeacherInterventionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends targeted interventions for at-risk students and surfaces the appropriate communication template for teacher use. Triggered by interventionTrigger (low_test_score/attendance_drop/missing_assignments/parent_request).

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: communication_draft) with interventionTrigger, urgency level (high/medium), and selected interventionTemplate name. confidenceScore fixed at 0.71. Teacher communications must be sent through official school communication channels.

vendor_coordination_portal_agent Vendor Coordination Portal Agent low ✓ production

CF Worker: VendorCoordinationPortalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Surfaces vendor task status and action items on the vendor portal. Given a vendor's open orders, pending deliveries, and overdue items, classifies coordination status (escalation_needed/attention_required/on_track) and contact priority.

Tools: read_portal_context · render_table

Outcome: AgentDecision (decisionType: vendor_risk_score) with coordinationStatus, contactPriority, openOrders, pendingDeliveries, overdueItems, advisory boundary. Confidence score ranges ~0.23-0.73 depending on overdue count. Purchase orders and vendor communications require ops_admin action.

support_routing_agent Support Routing Agent low ✓ production

CF Worker: SupportRoutingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies and routes support tickets to the correct internal team (tech_support/finance_ops/exam_ops/registration_ops/certificate_ops). Computes SLA hours based on urgency (critical=2h/high=8h/medium=24h/low=48h) and sets escalateToManager flag for critical urgency.

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: reply_classification) with assignedTeam, slaHours, escalateToManager flag, issueCategory, urgency, reportedByRole. confidenceScore fixed at 0.78.

tenant_admin_agent Tenant Admin Agent low ✓ production

CF Worker: TenantAdminAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assists tenant admins with configuration and onboarding monitoring on the admin portal. Given a tenant's active user count, storage used, subscription tier, and enabled feature flags, assesses storage health and user density and surfaces actionable admin recommendations.

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: anomaly_detection) with storageHealthStatus (critical/warning/healthy), userDensity (activeUsers/userCapacity), featureFlagsCount, adminActions array. Confidence score ranges 0.70-0.75 based on storage health. Tenant configuration changes require super_admin action.

school_coordinator_portal_agent School Coordinator Portal Agent low ✓ production

CF Worker: SchoolCoordinatorPortalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps school coordinators understand their registration status, batch uploads, team members, and school journey through the Olympiad process on the /school/* portal routes. Reads live Supabase data via registered tools.

Tools: get_portal_registration_status · get_portal_batch_summary · get_portal_team_members · read_portal_context · render_card

Outcome: AgentDecision (decisionType: school_health_score) with registrationRate, registeredStudents/totalStudents counts, activeBatches, pendingExceptions, and recommendations array. Live data fetched from registration_batches, students, and school_sub_users tables.

invoice_assistant_portal_agent Invoice Assistant Portal Agent low ✓ production

CF Worker: InvoiceAssistantPortalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps school coordinators understand their invoices, outstanding dues, payment history, and reconciliation status on the /school/invoices portal page. Reads live Supabase invoice and payment data and surfaces total outstanding balances, overdue counts, and payment instructions.

Tools: get_portal_invoice_list · get_portal_outstanding_dues · get_portal_payment_history · read_portal_context · render_card · render_table

Outcome: AgentDecision (decisionType: anomaly_detection) with invoiceCount, totalOutstanding (INR), overdueCount, lastPaymentDate, and advisory boundary. Live invoice and payment records from invoices and payments tables. NEVER mark invoices paid or process payments.

exam_monitor_portal_agent Exam Monitor Portal Agent low ✓ production

CF Worker: ExamMonitorPortalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps school coordinators monitor exam readiness — admit card availability, exam schedule, invigilator assignments, and OMR upload guidance on the /school/exam-kit portal route. Surfaces a readiness checklist.

Tools: get_portal_exam_kit_status · get_portal_exam_schedule · get_portal_invigilator_assignments · read_portal_context · render_card · show_timeline

Outcome: AgentDecision (decisionType: school_health_score) with examReady boolean, readinessFlags array, invigilatorsAssigned count, admitCardsReady and omrUploaded booleans. Live session and invigilator data from exam_sessions and school_sub_users tables. NEVER schedule exams or assign invigilators.

school_summary_portal_agent School Summary Portal Agent low ✓ production

CF Worker: SchoolSummaryPortalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps school coordinators review student results, school performance analytics, and understand how their school performed in the Olympiad. Serves /school/results and /school dashboard routes. Uses two-step join (students.school_id → result_records.student_id) to scope results per school.

Tools: get_portal_student_results · get_portal_school_performance · read_portal_context · render_card · render_table

Outcome: AgentDecision (decisionType: school_health_score) with performanceRating (excellent/good/average/below_average), averageScore, passRate, topRank, totalStudentsExamined. Live results from result_records scoped via students.school_id join. NEVER modify or recalculate published results.

certificate_generation_portal_agent Certificate Generation Portal Agent low ✓ production

CF Worker: CertificateGenerationPortalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps school coordinators check certificate status, track which students have received certificates, and understand the certificate download process on the /school/certificates portal route. Uses two-step join (students.school_id → certificates.student_id) to scope data.

Tools: get_portal_certificate_status · get_portal_certificate_list · read_portal_context · render_card · render_table

Outcome: AgentDecision (decisionType: school_health_score) with totalEligible, certificatesGenerated, certificatesDistributed, pendingDistribution, pendingGeneration, distributionRate. Live data from certificates table scoped via students.school_id join. NEVER generate, revoke, or modify certificates.

exam_readiness_agent Exam Readiness Agent low ✓ production

CF Worker: ExamReadinessAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Interprets client-reported device and network check results to tell a student whether their device is ready for an online exam. Evaluates 5 checks: browser compatibility, camera access, audio access, network speed (minimum 2 Mbps), and fullscreen support.

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: school_health_score) with ready boolean, issues string array, checksPassed count (0-5), checksTotal (5). Confidence 0.95 if ready, 0.75 otherwise. Agent cannot grant or deny exam access — exam entry is controlled by the exam platform.

ranking_display_agent Ranking Display Agent low ✓ production

CF Worker: RankingDisplayAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Displays a student's Olympiad ranking, percentile, and score with a motivational narrative on the student portal results page. Produces a human-readable performance tier and encouragement message calibrated to the result.

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: school_health_score) with score, percentile, rank (all nullable), and narrative string. Official ranking data lives in result_records — this agent displays it for informational purposes only. Confidence 0.95 if rank is available, 0.70 otherwise.

progress_history_agent Progress History Agent low ✓ production

CF Worker: ProgressHistoryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Narrates a student's multi-year Olympiad performance trajectory by analysing score history across exam cycles. Classifies the trend as improving/declining/stable/insufficient_data and provides a personalised narrative.

Tools: read_portal_context · render_table

Outcome: AgentDecision (decisionType: school_health_score) with cycles array, trend enum (improving/declining/stable/insufficient_data), and trendNarrative string. Confidence 0.90 if ≥2 cycles, 0.60 for first-time student.

parent_consent_agent Parent Consent Agent low ✓ production

CF Worker: ParentConsentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides parents with a transparent advisory summary of what personal data is held about their children and how to exercise their rights under DPDP Act 2023. Displays consent version, data categories, and directs withdrawal requests to the support team. Serves /parent/* routes.

Tools: read_portal_context · render_card

Outcome: AgentDecision (decisionType: compliance_status_check) with hasChildren boolean, studentCount, dataCategories string, and consentVersion. Consent mutation requires human workflow approval and audit trail. NEVER auto-process consent withdrawals or delete personal data. Confidence 0.90 with confirmed children, 0.75 without.

parent_payment_agent Parent Payment Agent low ✓ production

CF Worker: ParentPaymentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides parents with an advisory payment status summary — outstanding invoice count, total amount due, and next steps. Classifies urgency (high >₹5000/medium >0/none) and directs parents to the Invoices page for payment via school payment link.

Tools: read_portal_context · render_table

Outcome: AgentDecision (decisionType: finance_payment_advisory) with allPaid boolean, outstandingCount, totalOutstandingAmount, currency, and urgency level. Confidence score fixed at 0.90. Actual payment processing is external to this system. NEVER process payments or mark invoices paid.

10 Content Governance & IP 10 agents

Covers the full lifecycle of content quality, intellectual property, rights management, and exam integrity. 10 agents work together as an advisory pipeline: provenance and rights agents gatekeep content at intake; similarity, academic, answer-key, translation, and quality agents enforce editorial and pedagogical standards; the publish-approval agent aggregates all sign-offs before a human can publish; and the takedown-triage and exam-leakage-risk agents handle reactive IP and security incidents. All agents are strictly advisory — no agent can mutate content, publish, remove, or freeze anything autonomously.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`provenance_agent`	Provenance Agent	`ProvenanceAgent`	critical	Traces authorship and revision history to assess chain-of-custody integrity
`rights_check_assistant`	Rights Check Assistant	`RightsCheckAssistant`	critical	Evaluates content usage rights by cross-referencing license type against intended usage context
`similarity_review_agent`	Similarity Review Agent	`SimilarityReviewAgent`	critical	Scores content similarity against existing exam corpus using n-gram and structural matching
`academic_review_assistant`	Academic Review Assistant	`AcademicReviewAssistant`	critical	Reviews academic content for factual accuracy, difficulty calibration, and curriculum alignment
`answer_key_review_agent`	Answer Key Review Agent	`AnswerKeyReviewAgent`	critical	Validates answer key completeness and flags disputed or unreviewed answers
`translation_qa_agent`	Translation QA Agent	`TranslationQaAgent`	critical	Assesses translated content quality against the source using word-count deviation and terminology issues
`content_quality_agent`	Content Quality Agent	`ContentQualityAgent`	critical	Scores content items across readability, completeness, media assets, broken links, and accessibility
`takedown_triage_agent`	Takedown Triage Agent	`TakedownTriageAgent`	critical	Triages incoming content takedown requests by classifying urgency and routing to appropriate authority
`exam_leakage_risk_agent`	Exam Leakage Risk Agent	`ExamLeakageRiskAgent`	critical	Evaluates signals of potential exam content leakage including search-engine exposure and social media references
`content_publish_approval_agent`	Content Publish Approval Agent	`ContentPublishApprovalAgent`	critical	Aggregates results of all upstream review gates to determine publish readiness

provenance_agent Provenance Agent critical ✓ production

CF Worker: ProvenanceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Traces the authorship and revision history of content items to assess chain-of-custody integrity. Scores provenance based on chain length and flags items with unclear, contested, or undocumented origin for IP review.

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with provenanceScore (0-1), provenanceStatus (clean ≥0.95/review_needed ≥0.80/suspect <0.80), chain length, source system, content type, prioritised recommendation, and advisoryBoundary statement. forceHumanReview=true always.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

rights_check_assistant Rights Check Assistant critical ✓ production

CF Worker: RightsCheckAssistant extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates content usage rights by cross-referencing license type against the intended usage context. Flags potential rights violations (e.g., proprietary content distributed outside internal systems) and recommends legal review before publication or distribution.

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with rightsStatus (cleared/unverified/potential_violation), requiresLegalReview boolean, license type, usage context, confidence score, and recommendation. All outputs are advisory; licensing decisions require legal team approval. forceHumanReview=true always.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

similarity_review_agent Similarity Review Agent critical ✓ production

CF Worker: SimilarityReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores content similarity against the existing exam corpus using n-gram and structural matching signals. Classifies plagiarism risk as low/medium/high and flags items exceeding configurable thresholds for editorial review.

Tools: read_compliance_controls · render_table

Outcome: AgentDecision with maxSimilarity (rounded to 2dp), highSimilarityCount, plagiarismRisk (low/medium/high), referenceCount, confidence score, and recommendation. maxSimilarity >0.9 → high; >0.7 → medium; else low. Plagiarism determination requires academic committee and legal review.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

academic_review_assistant Academic Review Assistant critical ✓ production

CF Worker: AcademicReviewAssistant extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews academic content for factual accuracy, difficulty calibration, and curriculum alignment against Bloom's taxonomy and syllabus standards. Produces a review verdict (approved/revision_required/rejected) and a priority classification for flagged items.

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with reviewVerdict (approved/revision_required/rejected), reviewPriority (critical if factual error/medium otherwise), factualAccuracy, difficultyCalibration, curriculumAlignment ratings, issueCount, confidence score. Content approval requires authorized reviewer sign-off.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

answer_key_review_agent Answer Key Review Agent critical ✓ production

CF Worker: AnswerKeyReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates answer key completeness and flags disputed or unreviewed answers ahead of candidate evaluation. Computes a verification rate and surfaces answer key status (verified/disputed/pending_review) with a risk classification.

Tools: read_compliance_controls · render_table

Outcome: AgentDecision with verificationRate, keyStatus (verified/disputed/pending_review), riskLevel (high >5 disputed/medium >0/low none), counts of verified/disputed/unreviewed answers, confidence score, recommendation. Answer key changes require exam controller approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

translation_qa_agent Translation QA Agent critical ✓ production

CF Worker: TranslationQaAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Assesses translated content quality against the source using word-count deviation, terminology issues, grammatical errors, and cultural adaptation signals. Outputs a QA score and status (pass/revision_required/failed) to guide professional translator review.

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with qaScore (0-1), qaStatus (pass ≥0.9/revision_required ≥0.7/failed <0.7), wordCountDeviation, terminologyIssues, grammaticalErrors, culturalAdaptationNeeded flag, totalIssues, recommendation. Translation revision and approval require professional translator and academic review.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

content_quality_agent Content Quality Agent critical ✓ production

CF Worker: ContentQualityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores content items across readability, completeness, media assets, broken links, and accessibility to determine publication readiness. Flags items below quality thresholds with publishable/needs_revision/blocked status. The only Group 10 agent with live database tools.

Tools: get_review_queue · get_ip_flags · get_answer_key_conflicts · get_translation_queue · get_leakage_risks · get_governance_log · approve_content_item · reject_content_item · flag_for_takedown · approve_translation · read_compliance_controls · render_table

Outcome: AgentDecision with qualityScore (0-1), qualityStatus (publishable ≥0.85/needs_revision ≥0.70/blocked <0.70), readabilityScore, completenessPercent, brokenLinksCount, accessibilityIssues, recommendation. approve_content_item, reject_content_item, approve_translation require explicit human confirmation. flag_for_takedown requires approval gate.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

takedown_triage_agent Takedown Triage Agent critical ✓ production

CF Worker: TakedownTriageAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages incoming content takedown requests by classifying urgency, routing to the appropriate review authority (super_admin_and_legal or ops_admin_and_legal), and recommending whether a content freeze is warranted. Handles reports from automated scans, school admins, legal notices, and regulatory bodies.

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with urgency (critical/high/medium), reviewRoute (super_admin_and_legal for critical; ops_admin_and_legal for high/medium), contentFreeze recommendation (boolean, true only for critical urgency), reportReason, reportedBy, confidence score, recommendation. Content removal and regulatory responses require super_admin and legal team approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

exam_leakage_risk_agent Exam Leakage Risk Agent critical ✓ production

CF Worker: ExamLeakageRiskAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates signals of potential exam content leakage including search-engine exposure, social media references, unauthorised downloads, and suspicious IP access patterns. Produces a composite riskScore and leakage risk level, and recommends containment actions.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with riskScore (0-1), leakageRisk (critical >0.50/high >0.20/medium >0.05/low ≤0.05), leakageSignals, socialMediaMentions, unauthorizedDownloads, suspiciousIPCount, recommendedActions array, confidence score. Exam postponement, legal action, and security escalation require exam controller and legal team approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

content_publish_approval_agent Content Publish Approval Agent critical ✓ production

CF Worker: ContentPublishApprovalAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Aggregates the results of all upstream review gates (academic, rights, quality, answer key) and tracks collected versus required human sign-offs to determine publish readiness. Surfaces a publish checklist for authorized human reviewers when all gates are passed, or blocks publication when hard gates are unresolved.

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with publishApprovalStatus (ready_for_human_publish_approval/not_ready/blocked), blockingGates count, missingSignoffs list, all upstream review statuses, confidence score. Actual content publication requires authorized human approval and a separate audited publish action. Approved roles: content_reviewer, academic_reviewer, super_admin.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. forceHumanReview is always true — output is advisory only. Agent cannot block, remove, modify, publish, or freeze any content item autonomously. All consequential actions require super_admin or ops_admin approval through the content governance workflow.

11 AI Governance & Safety 6 agents

Covers the AI governance and safety control plane for Finverse Agentic OS. All 6 agents operate in the ai_ops domain under phase5 and carry a critical risk classification. They collectively enforce guardrails on AI requests, evaluate prompt safety, audit AI decision logs for scope and confidence compliance, assess regulatory compliance posture, validate MCP tool invocations for policy adherence, and monitor model evaluation metrics for regressions. Every agent unconditionally sets humanReviewRequired: true, produces advisory-only output, and routes non-compliant findings to ops_admin or super_admin for remediation.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`ai_guardrail_agent`	AI Guardrail Agent	`AiGuardrailAgent`	critical	Evaluates incoming AI prompts and completions against registered guardrail policies
`prompt_governance_agent`	Prompt Governance Agent	`PromptGovernanceAgent`	critical	Classifies prompt templates for safety, bias, and compliance alignment before deployment
`ai_decision_audit_agent`	AI Decision Audit Agent	`AiDecisionAuditAgent`	critical	Audits AI decision log entries for scope compliance and confidence threshold adherence
`compliance_assistant_agent`	Compliance Assistant Agent	`ComplianceAssistantAgent`	critical	Evaluates AI governance posture against active compliance controls across DPDP/CERT-In/RBI/ISO27001/OWASP
`mcp_tool_security_agent`	MCP Tool Security Agent	`McpToolSecurityAgent`	critical	Validates MCP tool invocations against policy registration, schema validation, permission scope, and rate limits
`evaluation_review_agent`	Evaluation Review Agent	`EvaluationReviewAgent`	critical	Monitors model evaluation metrics against historical baseline thresholds to detect performance regressions

ai_guardrail_agent AI Guardrail Agent critical ✓ production

CF Worker: AiGuardrailAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates incoming AI prompts and completions against registered guardrail policies, detecting jailbreak attempts, blocked keywords, and sensitive-data exposure. Classifies the overall threat level as low/medium/high/critical and recommends an action (allow_with_logging/flag_for_monitoring/block_for_review/block_and_escalate).

Tools: read_runtime_status · render_card

Outcome: AgentDecision with requestId, agentName, jailbreakAttempted flag, triggeredPolicies list, blockedKeywords list, threatLevel, actionRecommended, advisoryBoundary note, confidenceScore (0.96 − triggeredPolicies.length × 0.01 − jailbreakAttempted ? 0.05 : 0). All enforcement requires super_admin approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. All output is advisory only — actual enforcement, blocking, policy updates, and model changes are implemented exclusively in the deterministic middleware layer or require super_admin approval through the AI governance workflow. humanReviewRequired is unconditionally true.

prompt_governance_agent Prompt Governance Agent critical ✓ production

CF Worker: PromptGovernanceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies prompt templates for safety, bias, and compliance alignment before deployment. Detects PII-extraction requests, system-prompt-leak attempts, and instruction injection risks, then assigns promptStatus (approved/review_required/rejected).

Tools: read_compliance_controls · render_card

Outcome: AgentDecision with promptId, agentName, promptVersion, governanceIssues array, promptStatus (approved/review_required/rejected), advisoryBoundary note, confidenceScore (0.95 − governanceIssues.length × 0.05). Agent cannot deploy, modify, or roll back prompt versions. Prompt rejection requires super_admin approval.

ai_decision_audit_agent AI Decision Audit Agent critical ✓ production

CF Worker: AiDecisionAuditAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Audits AI decision log entries for scope compliance (modelDecisionScope must be advisory), confidence threshold adherence (decisions below 0.85 must have humanReviewRequired flagged), and required input data category documentation. Enforces the advisory-only constraint across all 288 agent implementations.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with decisionId, agentName, decisionType, modelDecisionScope, auditStatus (compliant/non_compliant_scope/review_threshold_not_met/missing_data_categories), complianceScore, humanReviewRequired, inputDataCategoriesCount, advisoryBoundary. Agent CANNOT modify or delete logged AI decisions.

compliance_assistant_agent Compliance Assistant Agent critical ✓ production

CF Worker: ComplianceAssistantAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates AI governance posture against active compliance controls across frameworks including DPDP, CERT-In, RBI, ISO 27001, and OWASP Top 10. Scores each control's risk level and assigns remediationUrgency (immediate/within_30_days/routine).

Tools: read_compliance_controls · render_table

Outcome: AgentDecision with controlId, controlName, framework, currentStatus (compliant/partial/non_compliant/not_assessed), riskScore, remediationUrgency (immediate/within_30_days/routine), findingCount, advisoryBoundary. Remediation actions, compliance certifications, and regulatory submissions require compliance team and management approval.

mcp_tool_security_agent MCP Tool Security Agent critical ✓ production

CF Worker: McpToolSecurityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates MCP tool invocations against four security checks: policy registration, schema validation, permission scope, and rate limits. Derives securityStatus (approved/conditional/blocked) and sets blockRecommended when permission checks fail or two or more checks fail.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with toolName, requestingAgentName, individual check results (toolPolicyRegistered/schemaValidationPassed/permissionCheckPassed/rateWithinLimits), failedChecks count, securityStatus, blockRecommended flag, advisoryBoundary, confidenceScore (0.97 − failedChecks × 0.05). Tool blocking and permission changes require super_admin approval.

evaluation_review_agent Evaluation Review Agent critical ✓ production

CF Worker: EvaluationReviewAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors model evaluation metrics against historical baseline thresholds to detect performance regressions. Computes delta between current and baseline scores, classifies result as regression_detected/acceptable_degradation/improvement, and assigns alertLevel (critical/warning/none).

Tools: read_runtime_status · render_table

Outcome: AgentDecision with evaluationId, modelName, taskType, metricName, baseline, current, delta, sampleSize, isRegression flag, evaluationStatus (regression_detected/improvement/acceptable_degradation), alertLevel (critical if |delta| ≥0.1/warning if |delta| <0.1/none), advisoryBoundary. Model rollbacks require ML engineering team and ops_admin approval.

12 Control Tower & Ops Intelligence 8 agents

Provides cross-domain operational visibility and intelligence for the Finverse Academy Olympiad. 8 advisory agents spanning real-time ops status aggregation, exception triage, SLA forecasting, system health scoring, what-if simulation, school cycle tracking, financial anomaly detection, and vendor risk assessment. Every agent is classified critical, forces human review on every output, and is prohibited from mutating business truth. Together they form a unified control tower that gives ops_admin and super_admin roles a single pane of glass over all active exam cycles.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`ops_control_tower_agent`	Ops Control Tower Agent	`OpsControlTowerAgent`	critical	Provides unified cross-domain operational status summary spanning finance, production, exam, and academic domains
`exception_prioritization_agent`	Exception Prioritization Agent	`ExceptionPrioritizationAgent`	critical	Ranks individual operational exceptions by composite impact score (P1-P4 priority)
`sla_risk_prediction_agent`	SLA Risk Prediction Agent	`SlaRiskPredictionAgent`	critical	Predicts SLA breach probability by comparing current throughput against required throughput
`operational_health_agent`	Operational Health Agent	`OperationalHealthAgent`	critical	Scores operational health of a named system using uptime, error rate, response time, alerts, and incidents
`digital_twin_simulation_agent`	Digital Twin Simulation Agent	`DigitalTwinSimulationAgent`	critical	Runs what-if operational simulations without touching live data
`school_ops_summary_agent`	School Ops Summary Agent	`SchoolOpsSummaryAgent`	critical	Generates per-exam-cycle operational health summaries tracking school progress through 5 pipeline stages
`financial_anomaly_agent`	Financial Anomaly Agent	`FinancialAnomalyAgent`	critical	Detects unusual payment patterns, revenue deviations, and collection anomalies
`vendor_risk_agent`	Vendor Risk Agent	`VendorRiskAgent`	critical	Scores vendor risk from delivery reliability, quality score, on-time delivery rate, and payment disputes

ops_control_tower_agent Ops Control Tower Agent critical ✓ production

CF Worker: OpsControlTowerAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Provides a unified cross-domain operational status summary spanning finance, production, exam, and academic domains for ops_admin users. Surfaces live exception queues, SLA breach counts, pending approvals, and overall system health, and derives a priority action list.

Tools: get_registration_upload_summary · get_schools_operations_summary · get_exam_sessions_status · get_production_batch_status · get_results_publication_status · get_online_exam_monitor_status · get_academic_intelligence_summary · get_operations_finance_summary · assign_exception · resolve_exception · escalate_exception · hold_batch · approve_batch · read_runtime_status · render_table

Outcome: AgentDecision with opsStatus (critical/degraded/at_risk/healthy), criticalExceptions, slaBreaches, openExceptions, pendingApprovals, systemHealthScore, priorityActions array, confidenceScore, advisoryBoundary. resolve_exception and approve_batch require Approval gate (high-risk). assign_exception, escalate_exception, hold_batch require Confirm step.

Guardrails: HARD-BLOCKED: post_ledger_entry, change_score, publish_results, revoke_certificates, delete_audit_logs, bypass_rls. Advisory only — all remediation actions must flow through official ops_admin workflows. forceHumanReview is unconditionally true. All output is schema-validated and logged. RLS is never bypassed.

exception_prioritization_agent Exception Prioritization Agent critical ✓ production

CF Worker: ExceptionPrioritizationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Ranks individual operational exceptions by composite impact score derived from financial impact (40%), schools affected (30%), and exam days impacted (30%). Outputs a priority tier (P1-P4) and escalation route (super_admin_immediate/ops_admin_same_day/standard_queue).

Tools: read_runtime_status · render_card

Outcome: AgentDecision with exceptionId, exceptionType, affectedDomain (10 permitted enum values), financialImpact, schoolsAffected, examDaysImpacted, impactScore (0-1), priority (P1 ≥0.7/P2 ≥0.4/P3 ≥0.2/P4 otherwise), escalationRoute, confidenceScore, advisoryBoundary.

sla_risk_prediction_agent SLA Risk Prediction Agent critical ✓ production

CF Worker: SlaRiskPredictionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Predicts SLA breach probability for a named operational process by comparing current throughput against required throughput and time remaining until deadline. Surfaces breach risk as breached/at_risk/on_track to allow early intervention.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with processName, currentThroughput, requiredThroughput, throughputGap, hoursRemaining, estimatedHoursToComplete, backlogSize, slaRisk (breached/at_risk/on_track), confidenceScore, advisoryBoundary. SLA escalation and resource allocation require ops_admin approval.

operational_health_agent Operational Health Agent critical ✓ production

CF Worker: OperationalHealthAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores the operational health of a named system using uptime percentage (40%), error rate (40%), average response time penalty (10%), alert penalty (1% per alert), and incident penalty (2% per incident). Classifies system status as healthy/degraded/critical.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with systemName, uptimePercent, errorRate, avgResponseMs, activeAlerts, recentIncidents, healthScore (0-1), healthStatus (healthy ≥0.9/degraded ≥0.7/critical otherwise), confidenceScore (= healthScore), advisoryBoundary. Incident response and system restarts require ops_admin approval.

digital_twin_simulation_agent Digital Twin Simulation Agent critical ✓ production

CF Worker: DigitalTwinSimulationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Runs what-if operational simulations — including exam-day load surges, vendor failures, and registration spikes — against a baseline metrics snapshot without touching live data. Produces projected impact percentages with confidence bands and reliability classifications.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with simulationId, scenarioName, projectedImpactPercent, confidenceBand, simulationRunCount, metricsSimulated, impactDirection (positive/negative/neutral), projectionReliability (high ≥0.8/medium ≥0.5/low), simulationDisclaimer, advisoryBoundary. Simulations NEVER overwrite or modify operational truth. Management sign-off required before any action on simulation results.

school_ops_summary_agent School Ops Summary Agent critical ✓ production

CF Worker: SchoolOpsSummaryAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates per-exam-cycle operational health summaries tracking school progress through 5 pipeline stages: registration, fee payment, materials dispatch, exam conduct, and results publication. Derives stage completion rates and cycleStatus (on_track/partial/behind).

Tools: read_runtime_status · render_table

Outcome: AgentDecision with examCycleId, totalSchools, stageRates object (5 stage completion ratios), overallCompletion (0-1), cycleStatus (on_track ≥0.9/partial ≥0.6/behind otherwise), confidenceScore, advisoryBoundary.

financial_anomaly_agent Financial Anomaly Agent critical ✓ production

CF Worker: FinancialAnomalyAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects unusual payment patterns, revenue deviations, and collection anomalies by analysing transaction-level signals. Produces an anomalyScore and risk tier (high/medium/low) with an investigation priority recommendation. Identifies periods requiring audit and compliance escalation.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with reportingPeriod, totalTransactions, suspiciousTransactions, duplicatePayments, roundAmountFlags, unusualTimingFlags, anomalyRate, anomalyScore (0-1, clamp(anomalyRate×5 + roundAmountFlags×0.001 + unusualTimingFlags×0.001)), anomalyRisk (high ≥0.5/medium ≥0.2/low otherwise), advisoryBoundary. Agent CANNOT modify financial records.

vendor_risk_agent Vendor Risk Agent critical ✓ production

CF Worker: VendorRiskAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores vendor risk from delivery reliability score, quality score, on-time delivery rate, payment dispute count, and contract value. Produces a composite riskScore and tier (low/medium/high/critical). Recommends targeted actions such as escalate_to_procurement or schedule_vendor_review.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with vendorId, vendorName, contractValue, deliveryReliabilityScore, qualityScore, paymentDisputeCount, onTimeDeliveryRate, riskScore (0-1), vendorRiskTier (low <0.2/medium <0.4/high <0.6/critical ≥0.6), vendorActions array, advisoryBoundary. Contract actions, payments, and vendor termination require procurement and finance team approval.

13 Academic Intelligence & Analytics 8 agents

Covers psychometric analysis, student ability modeling, gap identification, misconception detection, adaptive practice recommendations, performance forecasting, cohort benchmarking, and item difficulty calibration for the Finverse Olympiad platform. All 8 agents are strictly advisory — they consume item response data, candidate performance metadata, and cohort statistics to surface insights for teachers, content teams, exam operations staff, and academic coordinators. No agent can mutate official exam results, student records, or item difficulty labels.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`item_difficulty_agent`	Item Difficulty Agent	`ItemDifficultyAgent`	medium	Classifies empirical item difficulty from candidate response data using facility index and distractor engagement
`ability_estimation_agent`	Ability Estimation Agent	`AbilityEstimationAgent`	medium	Estimates student's latent ability level from item response pattern using simplified IRT
`learning_gap_agent (G13)`	Learning Gap Agent	`LearningGapAgent`	medium	Identifies learning gaps by comparing per-topic scores against configurable mastery threshold
`misconception_tracking_agent`	Misconception Tracking Agent	`MisconceptionTrackingAgent`	medium	Tracks recurring misconceptions at the item level by analyzing distractor selection rates
`adaptive_recommendation_agent`	Adaptive Recommendation Agent	`AdaptiveRecommendationAgent`	medium	Recommends adaptive practice plan computing target difficulty level aligned to IRT ability estimate
`performance_forecasting_agent`	Performance Forecasting Agent	`PerformanceForecastingAgent`	medium	Forecasts student's exam performance trajectory projecting score improvement
`cohort_analytics_agent`	Cohort Analytics Agent	`CohortAnalyticsAgent`	medium	Generates cohort-level academic performance analytics including score distribution and intervention flags
`difficulty_calibration_agent`	Difficulty Calibration Agent	`DifficultyCalibrationAgent`	medium	Recommends item difficulty label recalibration when empirical response data diverges from human-assigned label

item_difficulty_agent Item Difficulty Agent medium ✓ production

CF Worker: ItemDifficultyAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies empirical item difficulty from candidate response data using facility index (pCorrect), distractor engagement rates, and average time spent. Assigns a difficulty level (easy/medium/hard) and an item quality verdict (good/review_needed/retire) and flags items where response patterns fall outside normal ranges.

Tools: read_academic_data · render_table

Outcome: AgentDecision with itemId, totalAttempts, pCorrect, difficultyLevel (easy ≥0.70/medium 0.40-0.69/hard <0.40), distractorEngagement, avgTimeSpentSeconds, itemQuality (good/review_needed/retire), confidenceScore (base 0.88 scaled by attempt count up to 500), forceHumanReview=true.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Advisory only — agents cannot mutate official exam result truth, student records, item labels, or official academic standing. Item retirement, difficulty label changes, and content edits require content team approval through the item governance workflow.

ability_estimation_agent Ability Estimation Agent medium ✓ production

CF Worker: AbilityEstimationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Estimates a student's latent ability level from their item response pattern using a simplified IRT signal. Takes per-item correctness and difficulty, applies a prior ability estimate, and outputs an ability score on a -4 to +4 scale with a proficiency band. For formative insight only — not linked to official results.

Tools: read_academic_data · render_card

Outcome: AgentDecision with candidateId, itemCount, correctCount, avgDifficulty, abilityEstimate (float -4 to +4), proficiencyBand (below_basic/basic/proficient/advanced), confidenceScore (base 0.75 scaled by item count up to 40), advisoryBoundary confirming estimates do not affect official standing.

learning_gap_agent Learning Gap Agent medium ✓ production

CF Worker: LearningGapAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Identifies learning gaps by comparing a student's per-topic scores against a configurable mastery threshold. Ranks gap topics by deficit magnitude, lists mastered topics, and assigns an overall readiness verdict (ready/partially_ready/not_ready).

Tools: read_academic_data · render_table

Outcome: AgentDecision with studentId, gapTopics array (topic, score, gap delta), masteredTopics array, overallReadiness (ready if 0 gaps/partially_ready if ≤30%/not_ready >30%), masteryThreshold, confidenceScore (0.82 + masteredTopics.length × 0.01), recommendation with top-3 focus topics. Curriculum changes require teacher approval.

misconception_tracking_agent Misconception Tracking Agent medium ✓ production

CF Worker: MisconceptionTrackingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Tracks recurring misconceptions at the item level by analyzing distractor selection rates and their associated misconception labels. Identifies the dominant misconception, classifies its prevalence (high ≥0.40/moderate 0.20-0.39/low <0.20), and raises a curriculum alert flag when high-prevalence misconception coincides with low correct-option uptake.

Tools: read_academic_data · render_card

Outcome: AgentDecision with itemId, topMisconception label, topMisconceptionRate, misconceptionPrevalence, correctOptionRate, needsCurriculumAlert boolean, confidenceScore (0.84 − (1 − correctOptionRate) × 0.10), forceHumanReview = needsCurriculumAlert. Curriculum corrections require content team and academic coordinator approval.

adaptive_recommendation_agent Adaptive Recommendation Agent medium ✓ production

CF Worker: AdaptiveRecommendationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends an adaptive practice plan for a student by computing a target difficulty level aligned to their current IRT ability estimate and Bloom's taxonomy progression. Selects up to 5 priority weak topics, determines an appropriate item count, and flags readiness for advanced content.

Tools: read_academic_data · render_card

Outcome: AgentDecision with studentId, targetDifficulty (float 0.10-0.90, set just above current ability), priorityTopics (top 5 weak topics), recommendedItemCount (clamp(10 - masteredTopics.length, 3, 20)), readinessForAdvanced boolean (true when abilityEstimate ≥1.5), confidenceScore, forceHumanReview=false (informational). Mandatory practice schedules require teacher approval.

performance_forecasting_agent Performance Forecasting Agent medium ✓ production

CF Worker: PerformanceForecastingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Forecasts a student's exam performance trajectory by projecting score improvement based on current score, practice session history, average improvement per session, and days remaining before the exam. Assigns a forecast band and urgency level and flags at-risk learners for early intervention.

Tools: read_academic_data · render_card

Outcome: AgentDecision with studentId, currentScore, projectedScore, forecastBand (below_passing <33/marginal 33-49/passing 50-74/distinction ≥75), daysUntilExam, urgency (high when below_passing AND <30 days/medium for marginal/low otherwise), confidenceScore (0.70 + min(sessions, 30) × 0.005), forceHumanReview = (urgency === high). Forecasts are probabilistic and do not affect official exam standing.

cohort_analytics_agent Cohort Analytics Agent medium ✓ production

CF Worker: CohortAnalyticsAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Generates cohort-level academic performance analytics including score distribution shape, mean, standard deviation, coefficient of variation, performance classification, and intervention flags. The only Group 13 agent with active read tools (6 analytics tools) providing access to cycle KPIs, revenue trends, school participation, subject performance, agent throughput, and CSV exports.

Tools: get_cycle_kpis · get_revenue_trends · get_school_participation · get_subject_performance · get_agent_throughput · export_aggregated_csv

Outcome: AgentDecision with cohortId, cohortSize, meanScore, stdDeviation, coefficientOfVariation, distributionShape (tight <0.15/normal 0.15-0.34/dispersed ≥0.35), cohortPerformance (below_average/average/above_average), interventionNeeded boolean, confidenceScore. All 6 tools strip PII — no individual student names or financial amounts returned; only aggregated metrics. Academic interventions require academic coordinator and institution approval.

difficulty_calibration_agent Difficulty Calibration Agent medium ✓ production

CF Worker: DifficultyCalibrationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends item difficulty label recalibration when empirical response data diverges from the human-assigned label. Computes an empirical difficulty classification from the facility index, evaluates the discrimination index for item quality, and recommends one of three actions: recalibrate/confirm/flag_for_review.

Tools: read_academic_data · render_card

Outcome: AgentDecision with itemId, currentDifficultyLabel, empiricalDifficulty, empiricalLabel, discriminationIndex, discriminationQuality (good ≥0.20/poor <0.20), labelMismatch boolean, calibrationAction (recalibrate if mismatch + good discrimination/flag_for_review if poor discrimination/confirm otherwise), confidenceScore, forceHumanReview = (calibrationAction !== confirm). Item difficulty label changes require content governance team approval through the item calibration workflow.

14 Integration & Data Warehouse 8 agents

Covers the data cloud domain (phase10-15) providing advisory monitoring across the entire integration and data pipeline stack. 8 agents collectively watch webhook delivery health, ETL job execution, dataset quality, feature store freshness, business intelligence metric deviations, cross-system synchronisation conflicts, BI dashboard signals, and MCP tool gateway governance. No agent in this group mutates any operational truth; every output is advisory, schema-validated, correlated with a UUID, and routed to ops_admin or ML-ops teams for human approval before any remediation action is taken.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`webhook_intelligence_agent`	Webhook Intelligence Agent	`WebhookIntelligenceAgent`	medium	Analyses inbound webhook delivery telemetry to detect failure rate spikes and latency anomalies
`etl_monitoring_agent`	ETL Monitoring Agent	`EtlMonitoringAgent`	medium	Monitors ETL pipeline job health by evaluating processing completion rates and error rates
`data_quality_agent`	Data Quality Agent	`DataQualityAgent`	medium	Scores dataset quality across completeness (null rates), consistency, and deduplication
`feature_store_agent`	Feature Store Agent	`FeatureStoreAgent`	medium	Validates feature store freshness by comparing stalest feature age against SLA thresholds
`bi_insight_agent`	BI Insight Agent	`BiInsightAgent`	medium	Summarises business intelligence dashboard signals by comparing metrics against historical benchmarks
`sync_conflict_agent`	Sync Conflict Agent	`SyncConflictAgent`	medium	Detects and triages data synchronisation conflicts between operational Supabase stores and downstream warehouse systems
`bi_dashboard_agent`	BI Dashboard Agent	`BiDashboardAgent`	medium	Surfaces BI dashboard signals from data warehouse query results, detects metric anomalies
`mcp_tool_gateway_agent`	MCP Tool Gateway Agent	`McpToolGatewayAgent`	medium	Governed gateway for MCP tool invocations routing and mediating tool calls through permission-checked boundary

webhook_intelligence_agent Webhook Intelligence Agent medium ✓ production

CF Worker: WebhookIntelligenceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Analyses inbound webhook delivery telemetry to detect failure rate spikes, latency anomalies, and degraded endpoint health. Classifies each webhook as healthy/degraded/failing and surfaces the last known failure reason.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with webhookId, failureRate (failedDeliveries/totalDeliveries), webhookHealth (healthy <5%/degraded 5-19%/failing ≥20%), avgLatencyMs, latencyStatus (normal <500ms/slow 500-1999ms/critical ≥2000ms), lastFailureReason, confidenceScore (0.88 − failureRate × 0.2), forceHumanReview when failing.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

etl_monitoring_agent ETL Monitoring Agent medium ✓ production

CF Worker: EtlMonitoringAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors ETL pipeline job health by evaluating processing completion rates, error rates, and run-duration ratios against expected baselines. Classifies each pipeline run as on_track/slow/failing and flags stalled or anomalously slow jobs.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with pipelineId, processingRate, errorRate, durationRatio, pipelineStatus (failing if errorRate ≥5% or processingRate <50%/slow if durationRatio >1.5x/on_track otherwise), confidenceScore (0.87 − errorRate × 0.5), forceHumanReview when failing.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

data_quality_agent Data Quality Agent medium ✓ production

CF Worker: DataQualityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores dataset quality across completeness (null rates per column), consistency (schema violation rate), and deduplication (duplicate rate) dimensions. Assigns qualityGrade (good ≥0.85/acceptable 0.60-0.84/poor <0.60) and identifies high-null columns (>10%) requiring remediation.

Tools: read_data_quality_summary · read_runtime_status · render_table

Outcome: AgentDecision with datasetId, totalRows, qualityScore (1 − maxNullRate×0.4 − duplicateRate×0.3 − schemaViolationRate×0.3), qualityGrade, highNullColumns list, duplicateRate, schemaViolationRate, confidenceScore, forceHumanReview when qualityGrade is poor.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

feature_store_agent Feature Store Agent medium ✓ production

CF Worker: FeatureStoreAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates feature store freshness by comparing the age of the stalest feature against defined SLA thresholds and computing a staleness ratio across the feature set. Classifies health as fresh/stale/critical and advises when feature refresh is required to prevent ML model accuracy degradation.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with featureSetId, stalestFeatureAgeHours, maxAllowedStalenessHours, staleRate, stalenessRatio, featureStoreHealth (critical ≥2.0/stale 1.0-1.99/fresh <1.0), confidenceScore (0.87 − stalenessRatio × 0.1), forceHumanReview when critical.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

bi_insight_agent BI Insight Agent medium ✓ production

CF Worker: BiInsightAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Summarises business intelligence dashboard signals by comparing current metric snapshots against historical benchmarks and computing relative deviations. Classifies insight priority as routine/noteworthy/critical based on deviation magnitude (>50% → critical; >20% → noteworthy).

Tools: read_runtime_status · render_table

Outcome: AgentDecision with reportName, periodLabel, metricCount, significantDeviationCount, insightPriority (critical/noteworthy/routine), confidenceScore (0.82 + metricCount × 0.01), forceHumanReview when critical. Business decisions based on BI data require management approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

sync_conflict_agent Sync Conflict Agent medium ✓ production

CF Worker: SyncConflictAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects and triages data synchronisation conflicts between operational Supabase stores and downstream warehouse systems by analysing conflict type, records affected, and auto-resolvability. Recommends resolution strategy (auto_resolve/manual_review/escalate) and classifies conflict severity.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with conflictId, conflictType, sourceSystem, targetSystem, recordsAffected, conflictSeverity (high >10k/medium 1k-10k/low ≤1k), resolutionStrategy (auto_resolve if autoResolvable and <100 records/escalate if >10k/manual_review otherwise), confidenceScore (0.85 − min(recordsAffected,10000)/100000), forceHumanReview for non-auto_resolve. Even auto_resolve recommendations require explicit ops_admin approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

bi_dashboard_agent BI Dashboard Agent medium ✓ production

CF Worker: BiDashboardAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Surfaces business intelligence dashboard signals from data warehouse query results, detects metric anomalies against historical baselines, and recommends investigation priorities for the ops portal. Monitors KPIs and flags critical deviations that require human review.

Tools: read_data_quality_summary · read_runtime_status · render_card · render_table · show_timeline

Outcome: Advisory AgentDecision with insight priority classification (routine/noteworthy/critical), count of significant metric deviations, rendered BI dashboard card or table, and a recommendation string. forceHumanReview set true when any metric deviates more than 50% from its benchmark. Minimum confidence threshold 0.75.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

mcp_tool_gateway_agent MCP Tool Gateway Agent medium ✓ production

CF Worker: McpToolGatewayAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Acts as the governed gateway for MCP tool invocations within the Finverse Agentic OS, routing and mediating tool calls from other agents through a permission-checked, schema-validated, and audited boundary. Enforces allowedTools constraints and blocks any action outside the safe tool catalog.

Tools: read_data_quality_summary · read_runtime_status · render_card · render_table · show_timeline

Outcome: Advisory AgentDecision containing the proxied tool output, tool name invoked, confidenceScore, humanReviewRequired flag, and audit-ready evidence reference. Any tool call outside the governed catalog is blocked and surfaced as a policy violation with forceHumanReview set true. Cannot initiate external MCP calls outside the safe tool catalog or bypass the Cloudflare AI Gateway DPA requirement.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. Advisory only — endpoint configuration changes, pipeline restarts, data remediation, and ETL reprocessing require ops_admin approval. Agent cannot halt, restart, or reconfigure any pipeline. All outputs include confidence score, human review flag, and correlation ID.

15 Mobile & Offline PWA 4 agents

Covers mobile-first and offline-capable Progressive Web App (PWA) operations for the Finverse Academy Olympiad platform. 4 agents collectively handle the complete lifecycle of offline data on mobile and PWA clients: the Offline Agent monitors device-level offline state and storage pressure, the Sync Resolution Agent triages conflicts that arise when offline records are submitted back to the server, the Mobile Support Agent classifies and routes app support queries from students and coordinators, and the Attendance Capture Agent validates biometric/QR/manual attendance records before they are accepted by the deterministic intake layer.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`offline_agent`	Offline Agent	`OfflineAgent`	medium	Monitors offline data capture status across mobile and PWA clients by evaluating device-level sync lag
`sync_resolution_agent`	Sync Resolution Agent	`SyncResolutionAgent`	medium	Triages synchronisation conflicts generated when offline mobile or PWA clients attempt to push records back
`mobile_support_agent`	Mobile Support Agent	`MobileSupportAgent`	medium	Classifies mobile application support queries from students and coordinators by platform and error code
`attendance_capture_agent`	Attendance Capture Agent	`AttendanceCaptureAgent`	medium	Validates attendance records captured from mobile and offline sources before sync confirmation

offline_agent Offline Agent medium ✓ production

CF Worker: OfflineAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors offline data capture status across mobile and PWA clients by evaluating device-level sync lag, pending operation count, and storage utilisation. Surfaces risk indicators (syncLag/storageRisk/syncPriority) to the mobile operations dashboard for operator review.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with deviceId, offlineDurationMinutes, pendingOperations, storageUsageRate, syncLag (minimal/moderate/critical), storageRisk (safe/warning/critical), syncPriority (immediate/scheduled/low), confidenceScore (base 0.84 − storage pressure penalty), forceHumanReview=true when syncPriority is immediate.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Agent CANNOT initiate sync, perform data merges, apply rollbacks, or switch capture methods directly — all such actions require ops_admin approval. No mutation of business truth under any condition. All output is advisory, logged, and schema-validated.

sync_resolution_agent Sync Resolution Agent medium ✓ production

CF Worker: SyncResolutionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Triages synchronisation conflicts generated when offline mobile or PWA clients attempt to push records back to the server. Recommends merge strategies (auto-merge vs. manual review) based on conflict count, auto-mergeability, server/client version authority, and data-loss risk.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with deviceId, totalConflicts, autoMergeableCount, manualReviewRequired, serverVersionWins, clientVersionWins, dataLossRisk flag, resolutionComplexity (simple ≤10/moderate 11-100/complex >100), confidenceScore (base 0.86 − manual-conflict ratio penalty), recommendation, advisoryBoundary. No data merge is performed by the agent.

mobile_support_agent Mobile Support Agent medium ✓ production

CF Worker: MobileSupportAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies mobile application support queries from students and coordinators by platform (Android/iOS/web), app version, and error code, then recommends the correct resolution path or escalation routing. Distinguishes between self-service, Tier 1 support, and engineering escalation scenarios.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with userId, devicePlatform, appVersion, errorCode (or null), supportCategory (self_service/tier1_support/engineering_escalation), confidenceScore (0.87 for known errors/0.72 for no-error), forceHumanReview=true for engineering_escalation. Agent CANNOT perform account fixes, app rollbacks, or forced app updates.

attendance_capture_agent Attendance Capture Agent medium ✓ production

CF Worker: AttendanceCaptureAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates attendance records captured from mobile and offline sources (biometric/QR code/barcode/manual) for completeness, failure rate, and time-window integrity before sync confirmation. Flags exam centres where capture rate is critically low or failure rate exceeds threshold.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with examCentreId, captureMethod, totalCandidates, capturedCount, failedCaptureCount, captureRate, failureRate, captureStatus (complete ≥95%/in_progress 60-94%/at_risk <60%), needsManualIntervention boolean, confidenceScore (base 0.88 − failure rate penalty), forceHumanReview=true when needsManualIntervention. Agent CANNOT write, correct, or delete attendance records.

16 Multi-tenant SaaS & Entitlements 5 agents

Covers the multi-tenant SaaS layer of Finverse Agentic OS, handling tenant lifecycle management, quota monitoring, feature entitlement evaluation, usage metering, and white-label configuration validation (phase10-15). All five agents operate in an advisory-only capacity. They surface health signals, quota anomalies, entitlement decisions, billing overages, and branding gaps to customer success, SaaS admins, and ops teams — but no agent directly mutates entitlement records, quota limits, billing configurations, or branding state.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`tenant_onboarding_agent`	Tenant Onboarding Agent	`TenantOnboardingAgent`	medium	Validates tenant onboarding checklist completion covering schema provisioning, RLS policy setup, admin user creation, and feature flag configuration
`tenant_admin_saas_agent`	Tenant Admin SaaS Agent	`TenantAdminSaasAgent`	medium	Summarises tenant-level usage health, quota utilisation, and subscription renewal urgency
`entitlement_enforcement_agent`	Entitlement Enforcement Agent	`EntitlementEnforcementAgent`	medium	Evaluates feature access requests against tenant entitlement plans (allow/upsell/block)
`usage_metering_agent`	Usage Metering Agent	`UsageMeteringAgent`	medium	Monitors tenant usage metrics including API calls, storage, active users, and exam seat consumption
`white_label_configuration_agent`	White Label Configuration Agent	`WhiteLabelConfigurationAgent`	medium	Validates white-label configuration completeness including branding assets and custom domain settings

tenant_onboarding_agent Tenant Onboarding Agent medium ✓ production

CF Worker: TenantOnboardingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates tenant onboarding checklist completion covering schema provisioning, RLS policy setup, admin user creation, and feature flag configuration. Computes a completion rate and classifies onboarding status as complete/in_progress/stalled, then derives churn risk level.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with tenantId, tenantName, plan (starter/growth/enterprise), completionRate, onboardingStatus (complete ≥1.0/stalled if >14 days + <50%/in_progress otherwise), churnRisk (high if stalled >21 days/medium if stalled/low otherwise), advisoryBoundary, recommendation (HIGH CHURN RISK alert when applicable), confidenceScore (0.82 + completionRate × 0.1), forceHumanReview when churnRisk is high.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Advisory only — account interventions, plan changes, quota enforcement, and billing adjustments require authorised ops_admin or SaaS admin approval. No mutation of tenant entitlement records, quota limits, or billing configurations. Tenant isolation enforced at RLS layer; outputs scoped to authenticated tenant only.

tenant_admin_saas_agent Tenant Admin SaaS Agent medium ✓ production

CF Worker: TenantAdminSaasAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Summarises tenant-level usage health, quota utilisation, and subscription renewal urgency for SaaS admin review. Computes storage and API usage rates, then classifies quota status (healthy/warning/critical) and renewal urgency (none/upcoming/immediate).

Tools: read_runtime_status · render_card

Outcome: AgentDecision with tenantId, storageUsageRate, apiUsageRate, quotaStatus (critical if either ≥0.9/warning if either ≥0.75/healthy otherwise), subscriptionRenewalDays, renewalUrgency (immediate ≤7 days/upcoming ≤30/none otherwise), advisoryBoundary, recommendation (CRITICAL QUOTA or RENEWAL URGENT alerts), confidenceScore (0.88 − max(storageUsageRate, apiUsageRate) × 0.1), forceHumanReview when critical or immediate.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Advisory only — account interventions, plan changes, quota enforcement, and billing adjustments require authorised ops_admin or SaaS admin approval. No mutation of tenant entitlement records, quota limits, or billing configurations. Tenant isolation enforced at RLS layer; outputs scoped to authenticated tenant only.

entitlement_enforcement_agent Entitlement Enforcement Agent medium ✓ production

CF Worker: EntitlementEnforcementAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates feature access requests against tenant entitlement plans and returns an advisory decision of allow/upsell/block with supporting plan evidence. Determines whether the current plan permits the requested feature and, if not, identifies the appropriate upgrade target.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with tenantId, featureName, plan, planAllowsFeature, decision (allow if planAllowsFeature/upsell if not enterprise and not allowed/block if enterprise and not allowed), upgradeTarget (growth if starter/enterprise if growth/null), advisoryBoundary, confidenceScore=0.99 (deterministic), forceHumanReview=false. Actual access enforcement handled by deterministic entitlement service.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Advisory only — account interventions, plan changes, quota enforcement, and billing adjustments require authorised ops_admin or SaaS admin approval. No mutation of tenant entitlement records, quota limits, or billing configurations. Tenant isolation enforced at RLS layer; outputs scoped to authenticated tenant only.

usage_metering_agent Usage Metering Agent medium ✓ production

CF Worker: UsageMeteringAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors tenant usage metrics including API calls, storage, active users, and exam seat consumption against included plan allowances for a given billing period. Computes per-dimension overage amounts and an aggregate overageScore, then classifies the billing flag.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with tenantId, billingPeriod, per-dimension overage breakdown (candidates/apiCalls/storageGb/computeUnits), hasOverage flag, billingFlag (clean/overage_advisory/overage_critical where critical ≥0.3), advisoryBoundary, recommendation (CRITICAL OVERAGE alert), confidenceScore (0.94 − overageScore × 0.05), forceHumanReview when overage_critical. Billing invoices handled by deterministic billing service.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Advisory only — account interventions, plan changes, quota enforcement, and billing adjustments require authorised ops_admin or SaaS admin approval. No mutation of tenant entitlement records, quota limits, or billing configurations. Tenant isolation enforced at RLS layer; outputs scoped to authenticated tenant only.

white_label_configuration_agent White Label Configuration Agent medium ✓ production

CF Worker: WhiteLabelConfigurationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates white-label configuration completeness including branding assets (logo, brand colour), custom domain settings, and overall completion rate for a tenant. Classifies configuration status as complete/partial/minimal and enumerates missing elements.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with tenantId, brandName, configCompletionRate, configStatus (complete ≥0.9/partial ≥0.5/minimal otherwise), missingElements list (customDomain/primaryColor/logoUrl if absent), advisoryBoundary, recommendation (lists missing elements or advises DNS verification), confidenceScore (0.86 + configCompletionRate × 0.1), forceHumanReview=false. Domain setup, SSL provisioning, and branding publish actions require ops_admin approval.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Advisory only — account interventions, plan changes, quota enforcement, and billing adjustments require authorised ops_admin or SaaS admin approval. No mutation of tenant entitlement records, quota limits, or billing configurations. Tenant isolation enforced at RLS layer; outputs scoped to authenticated tenant only.

17 AI Control Plane & Infrastructure 10 agents

Covers the AI operations control plane for Finverse Agentic OS. These 10 agents monitor and govern the AI infrastructure layer — model routing, provider fallback, rate limits, spend budgets, data loss prevention, agent memory, artifact lifecycle, sandbox security, circuit breaking, and per-agent health. All agents are purely advisory: they produce structured recommendations with confidence scores, decision logs, and correlation IDs but never mutate model configurations, provider credentials, billing settings, or rate-limit policy directly.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`model_gateway_routing_agent`	Model Gateway Routing Agent	`ModelGatewayRoutingAgent`	critical	Recommends model routing decisions for incoming AI requests based on latency, cost, capability, and context-length signals
`model_fallback_agent`	Model Fallback Agent	`ModelFallbackAgent`	critical	Detects AI model provider degradation signals and recommends fallback routing to alternative providers
`rate_limit_guard_agent`	Rate Limit Guard Agent	`RateLimitGuardAgent`	critical	Monitors API rate utilization across providers per tenant and recommends throttling interventions
`budget_enforcement_agent`	Budget Enforcement Agent	`BudgetEnforcementAgent`	critical	Tracks AI inference spend against per-tenant and aggregate budget limits and recommends cutover actions
`dlp_agent`	DLP Agent	`DlpAgent`	critical	Scans AI inputs and outputs for data loss prevention policy violations including PII exposure
`memory_governance_agent`	Memory Governance Agent	`MemoryGovernanceAgent`	critical	Audits agent memory stores for PII retention, scope boundary violations, and data retention policy compliance
`artifact_governance_agent`	Artifact Governance Agent	`ArtifactGovernanceAgent`	critical	Validates AI-generated artifact provenance, retention lifecycle, and access control policy compliance
`sandbox_monitor_agent`	Sandbox Monitor Agent	`SandboxMonitorAgent`	critical	Monitors agent sandbox activity for unexpected external resource access patterns
`circuit_breaker_agent`	Circuit Breaker Agent	`CircuitBreakerAgent`	critical	Detects cascading failure patterns across agent invocations and recommends circuit-break intervention
`agent_health_monitor_agent`	Agent Health Monitor Agent	`AgentHealthMonitorAgent`	critical	Monitors agent session health metrics including error rates, latency distributions, and guardrail violations

model_gateway_routing_agent Model Gateway Routing Agent critical ✓ production

CF Worker: ModelGatewayRoutingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Recommends model routing decisions for incoming AI requests based on latency, cost, capability, and context-length signals. Evaluates primary model availability and acceptable latency thresholds (acceptable if <3000ms) to decide between primary and fallback model paths.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with selectedModel, routingDecision (primary or fallback), primaryModelLatencyMs, estimatedTokens, confidence score (0.95 if primary available/0.78 if routing to fallback), advisoryBoundary. Gateway configuration changes require separate super_admin approval workflow.

Guardrails: Hard-blocked: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls. Never mutates model gateway configuration, provider credentials, billing settings, rate-limit policy, or agent guardrails directly. All routing changes, model rollbacks, sandbox terminations, and circuit state transitions require super_admin or AI ops approval. All outputs are advisory only and unconditionally require human review. No direct write access to any business truth table.

model_fallback_agent Model Fallback Agent critical ✓ production

CF Worker: ModelFallbackAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects AI model provider degradation signals and recommends fallback routing to alternative providers or local stubs. Evaluates the failed model, failure reason, task type, and ordered list of fallback candidates to produce a ranked recommendation.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with failedModel, recommendedFallback (first candidate in fallbackCandidates list), fallbackAvailable boolean, taskType (classification/generation/tool_use/embedding), confidence score (0.85 if available/0.50 if no fallback), advisoryBoundary. forceHumanReview forced to true when no fallback is available.

rate_limit_guard_agent Rate Limit Guard Agent critical ✓ production

CF Worker: RateLimitGuardAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors API rate utilization across providers per tenant and recommends throttling, queuing, or request-shedding interventions. Computes request and token usage rates against per-minute limits and classifies tenant status as allow/throttle/block.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with tenantId, requestUsageRate, tokenUsageRate, throttleStatus (block if either ≥1.0/throttle if ≥0.9/allow otherwise), confidence score (1 − max(usageRate) × 0.05), advisoryBoundary. Actual rate-limit enforcement and policy changes require AI ops approval.

budget_enforcement_agent Budget Enforcement Agent critical ✓ production

CF Worker: BudgetEnforcementAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Tracks AI inference spend against per-tenant and aggregate budget limits and recommends cutover or throttling actions when thresholds are approached or exceeded. Evaluates current spend, budget cap, and forecasted spend to classify budget health.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with tenantId, billingPeriod, spentUsdCents, budgetUsdCents, forecastedSpendUsdCents, spentRate, forecastedRate, budgetStatus (exceeded if spentRate ≥1/critical if forecastedRate ≥1/warning if either ≥0.8/healthy otherwise), confidence score, advisoryBoundary. AI feature suspension requires super_admin approval. forceHumanReview forced to true for exceeded and critical states.

dlp_agent DLP Agent critical ✓ production

CF Worker: DlpAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scans AI inputs and outputs for data loss prevention policy violations including PII exposure, sensitive schema leakage, and DPDP-restricted data categories. Evaluates detected pattern confidence scores to classify each request as pass/redact-advisory/block-advisory.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with requestId, detectedPatterns, maxConfidence, hasSensitiveContent, dlpAction (block_advisory if maxConfidence ≥0.9 + sensitive/redact_advisory if sensitive below threshold/pass otherwise), sourcePortal, confidence score, advisoryBoundary. Content blocking enforcement is executed by the deterministic middleware. forceHumanReview forced to true for block_advisory outcomes.

memory_governance_agent Memory Governance Agent critical ✓ production

CF Worker: MemoryGovernanceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Audits agent memory stores for PII retention, scope boundary violations, and data retention policy compliance. Evaluates memory usage rate, stale entry fraction, and the presence of sensitive entries to classify memory health and recommend pruning or immediate audit actions.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with agentId, memoryEntries, staleEntries, sensitiveEntries, usageRate (memoryEntries/maxAllowedEntries), staleRate, memoryHealth (critical if ≥0.9 or any sensitiveEntries/needs_pruning if ≥0.7 or staleRate ≥0.3/healthy otherwise), confidence score, advisoryBoundary. Never prunes, deletes, or modifies memory entries directly. forceHumanReview forced to true when sensitiveEntries > 0 or usageRate ≥ 0.9.

artifact_governance_agent Artifact Governance Agent critical ✓ production

CF Worker: ArtifactGovernanceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Validates AI-generated artifact provenance, retention lifecycle, and access control policy compliance. Checks whether an artifact's actual retention period violates policy limits and whether it contains PII, then classifies governance action as retain/flag-for-deletion/immediate-review.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with artifactId, artifactType (generated_report/model_output/evidence_bundle/audit_export), retentionDays, policyRetentionDays, retentionCompliant, piiRisk (high if containsPii/low otherwise), governanceAction (immediate_review if PII + non-compliant/flag_for_deletion if non-compliant without PII/retain otherwise), confidence score, advisoryBoundary. Never deletes artifacts or modifies retention policies directly. forceHumanReview forced to true for immediate_review outcomes.

sandbox_monitor_agent Sandbox Monitor Agent critical ✓ production

CF Worker: SandboxMonitorAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors agent sandbox activity for unexpected external resource access patterns, file-system anomalies, and policy boundary violations. Evaluates blocked tool call rates, external network attempts, CPU, and memory usage to classify sandbox status.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with sandboxId, blockRate (blockedToolCalls/toolCallsExecuted), externalNetworkAttempts, resourcePressure (low/medium/high), sandboxStatus (breach_attempt if any externalNetworkAttempts or blockRate ≥0.3/suspicious if ≥0.1/normal otherwise), confidence score, advisoryBoundary. Sandbox termination requires security team approval. forceHumanReview forced to true for breach_attempt outcomes.

circuit_breaker_agent Circuit Breaker Agent critical ✓ production

CF Worker: CircuitBreakerAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects cascading failure patterns across agent invocations and recommends circuit-break intervention to prevent runaway retry storms. Computes failure rate from success and failure counts and recommends the appropriate circuit state (closed/half_open/open).

Tools: read_runtime_status · render_card

Outcome: AgentDecision with serviceId, currentState (closed/open/half_open), recommendedState, failureRate, stateChange boolean, confidence score, advisoryBoundary. Never transitions circuit state directly — ops_admin approval required. forceHumanReview forced to true when recommending transition to open state. Service isolation actions require ops_admin approval.

agent_health_monitor_agent Agent Health Monitor Agent critical ✓ production

CF Worker: AgentHealthMonitorAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors agent session health metrics including error rates, latency distributions, guardrail violation counts, and Durable Object eviction signals, then recommends restart or escalation actions. Classifies each agent as healthy/degraded/critical based on 24-hour run history.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with agentSlug, totalRunsLast24h, errorRunsLast24h, errorRate, guardrailViolations, guardrailViolationRate, avgLatencyMs, agentHealth (critical if errorRate ≥0.2 or guardrailViolationRate ≥0.05/degraded if ≥0.05 or any violations/healthy otherwise), confidence score, advisoryBoundary. Agent disabling and rollback require AI ops approval. forceHumanReview forced to true when agentHealth is critical.

18 Security, Audit & Compliance 29 agents

Provides the Trust Control Tower's security, audit, and regulatory compliance layer for Finverse Agentic OS. 29 agents cover the full threat-to-compliance lifecycle: incident triage, breach detection, access governance, CERT-In regulatory reporting, DPDP Act 2023 compliance, consent health monitoring, data retention enforcement, vendor risk scoring, AI red-teaming, regulatory change readiness, compliance governance, IT compliance, OWASP audit, DPDP consent and children's guardian, RBI payment compliance, CERT-In incident structuring, privacy rights management, retention purge review, breach notification planning, security misconfiguration detection, dependency vulnerability monitoring, access control audit, secrets hygiene, SSRF egress guard, logging redaction audit, vendor DPA review, and parent consent advisory. All 28 core agents are critical-risk; the parent consent agent is low-risk.

Agent ID	Name	CF Worker Class	Risk	Purpose (brief)
`security_incident_triage_agent`	Security Incident Triage Agent	`SecurityIncidentTriageAgent`	critical	Classifies security incidents by severity and attack vector, determines escalation path
`access_governance_agent`	Access Governance Agent	`AccessGovernanceAgent`	critical	Reviews access grant history, unused permission accumulation, and privilege escalation patterns
`audit_evidence_agent`	Audit Evidence Agent	`AuditEvidenceAgent`	critical	Collects and summarizes audit evidence artifacts to determine audit readiness
`cert_in_reporting_agent`	CERT-In Reporting Agent	`CertInReportingAgent`	critical	Structures CERT-In cybersecurity incident reports within the mandated 6-hour initial reporting window
`dpdp_compliance_agent`	DPDP Compliance Agent	`DpdpComplianceAgent`	critical	Evaluates data processing activities against DPDP Act 2023 obligations
`consent_management_agent`	Consent Management Agent	`ConsentManagementAgent`	critical	Reviews consent records for completeness, currency, and withdrawal status
`data_retention_agent`	Data Retention Agent	`DataRetentionAgent`	critical	Evaluates data retention compliance by comparing actual record ages against defined retention policy bounds
`breach_detection_agent`	Breach Detection Agent	`BreachDetectionAgent`	critical	Analyzes access logs and anomaly signals to compute exfiltration likelihood and classify breach likelihood
`vendor_risk_assessment_agent`	Vendor Risk Assessment Agent	`VendorRiskAssessmentAgent`	critical	Scores third-party vendor data processing risk against DPA obligations
`ai_red_team_agent`	AI Red Team Agent	`AiRedTeamAgent`	critical	Systematically probes AI system components for adversarial vulnerabilities
`regulatory_change_agent`	Regulatory Change Agent	`RegulatoryChangeAgent`	critical	Monitors regulatory change signals across DPDP, RBI, CERT-In, and SEBI frameworks
`parent_consent_agent (G18)`	Parent Consent & Privacy Agent	`ParentConsentAgent`	low	Helps parents understand data held about their child and their DPDP Act 2023 rights (Group 18)
`compliance_governance_agent`	Compliance Governance	`ComplianceGovernanceAgent`	critical	Oversees overall compliance governance posture cross-referencing active regulatory obligations
`it_compliance_agent`	IT Compliance	`ItComplianceAgent`	critical	Evaluates IT infrastructure and software controls against ISO 27001, RBI IT framework, and CERT-In guidelines
`owasp_audit_agent`	OWASP Audit	`OwaspAuditAgent`	critical	Audits the Finverse Olympiad OS against the OWASP Top 10 and OWASP ASVS controls
`dpdp_consent_agent`	DPDP Consent	`DpdpConsentAgent`	critical	Reviews consent records for data principals against DPDP Act 2023 requirements
`dpdp_children_guardian_agent`	DPDP Children Guardian	`DpdpChildrenGuardianAgent`	critical	Enforces heightened DPDP Act 2023 protections for data belonging to children (minors under 18)
`rbi_payment_compliance_agent`	RBI Payment Compliance	`RbiPaymentComplianceAgent`	critical	Evaluates payment processing activities against RBI payment regulations
`cert_in_incident_agent`	CERT-In Incident	`CertInIncidentAgent`	critical	Structures and validates cybersecurity incident reports required under CERT-In directions
`privacy_rights_agent`	Privacy Rights	`PrivacyRightsAgent`	critical	Manages and tracks data principal rights requests under DPDP Act 2023 — access, correction, erasure, grievance
`retention_purge_agent`	Retention Purge	`RetentionPurgeAgent`	critical	Reviews data retention schedules and identifies records that have exceeded defined retention limits
`breach_notification_agent`	Breach Notification	`BreachNotificationAgent`	critical	Structures breach notification obligations following a confirmed or suspected data breach
`security_misconfiguration_agent`	Security Misconfiguration	`SecurityMisconfigurationAgent`	critical	Detects security misconfiguration risks across the Finverse Olympiad OS stack
`dependency_vulnerability_agent`	Dependency Vulnerability	`DependencyVulnerabilityAgent`	critical	Monitors npm and system dependency vulnerability signals for the Finverse Olympiad OS codebase
`access_control_audit_agent`	Access Control Audit	`AccessControlAuditAgent`	critical	Performs systematic access control audits across Supabase RLS policies and portal route guards
`secrets_hygiene_agent`	Secrets Hygiene	`SecretsHygieneAgent`	critical	Audits secret and credential management hygiene across the Finverse Olympiad OS deployment
`ssrf_egress_guard_agent`	SSRF Egress Guard	`SsrfEgressGuardAgent`	critical	Monitors and audits SSRF risk across Finverse Olympiad OS API routes and Cloudflare Worker egress patterns
`logging_redaction_agent`	Logging Redaction	`LoggingRedactionAgent`	critical	Audits application and infrastructure log pipelines for PII leakage and inadequate redaction
`vendor_dpa_agent`	Vendor DPA	`VendorDpaAgent`	critical	Reviews Data Processing Agreements with third-party vendors and sub-processors

security_incident_triage_agent Security Incident Triage Agent critical ✓ production

CF Worker: SecurityIncidentTriageAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Classifies security incidents by severity (critical/high/medium/low) and attack vector, evaluating containment status and affected system scope to determine escalation path. Recommends initial containment advisory and escalation priority (CISO immediate/security team urgent/standard) for the security team.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with incidentId, incidentType, affectedSystems list, containmentStatus, severity level, escalation path recommendation, advisoryBoundary, confidence score (base 0.88 − 0.05 if >5 affected systems). Agent CANNOT isolate systems, suspend accounts, or file CERT-In reports.

Guardrails: Hard-blocked: delete_audit_logs, post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, bypass_rls, access_service_role_secret, write_business_truth_directly, export_raw_pii, call_external_ai_without_dpa, store_primary_truth_in_durable_object. All output is advisory only; no operational mutation. forceHumanReview=true unconditionally. Requires super_admin or ops_admin approval before any downstream action. Minimum confidence threshold: 0.95.

access_governance_agent Access Governance Agent critical ✓ production

CF Worker: AccessGovernanceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews access grant history, unused permission accumulation, privilege escalation patterns, and dormant account signals for individual users. Computes an access risk score (low/medium/high) based on last login recency, unused permission count, and privileged access count.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with userId, currentRoles, lastLoginDays, dormantAccount flag (if >90 days), unusedPermissions list, privilegedAccessCount, accessRisk level, advisory boundary, confidence score (base 0.87 − privilegedAccessCount × 0.01). Agent CANNOT revoke roles, suspend accounts, or modify access control policies.

audit_evidence_agent Audit Evidence Agent critical ✓ production

CF Worker: AuditEvidenceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Collects and summarizes audit evidence artifacts from decision logs, access logs, and event store to determine audit readiness for internal, regulatory, customer, or penetration test audits. Computes an evidence collection rate and classifies readiness as ready/partial/not_ready.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with auditRequestId, auditType, evidenceCollected, evidenceRequired, collectionRate, auditReadiness (ready ≥0.95/partial ≥0.70/not_ready otherwise), gapAreas list, confidence score (0.84 + collectionRate × 0.10). Agent CANNOT submit evidence to auditors or issue compliance declarations.

cert_in_reporting_agent CERT-In Reporting Agent critical ✓ production

CF Worker: CertInReportingAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Structures CERT-In cybersecurity incident reports within the mandated 6-hour initial reporting window, computing hours remaining to deadline and classifying reporting urgency as submitted/scheduled/urgent/overdue. Validates whether CERT-In reporting is required based on incident severity.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with incidentId, incidentSeverity, hoursToDeadline, reportSubmitted flag, certInRequired flag (true if critical or high severity), reportingUrgency (submitted/overdue/urgent ≤6h/scheduled otherwise), confidence score (0.95 − 0.05 if certInRequired and not submitted). Agent CANNOT submit CERT-In reports.

dpdp_compliance_agent DPDP Compliance Agent critical ✓ production

CF Worker: DpdpComplianceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates data processing activities for a given dataset against DPDP Act 2023 obligations including consent coverage, data minimization, purpose limitation, cross-border transfer review, Data Protection Manager appointment, and children's data protections.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with datasetId, consentCoverageRate, complianceGaps list (incomplete_consent_coverage/cross_border_transfer_review/dpm_not_appointed), dpdpStatus (non_compliant/partial/compliant), crossBorderTransfer flag, dpmAppointed flag, confidence score (0.87 + consentCoverageRate × 0.05). Agent CANNOT execute remediation actions, appoint DPM, or file regulatory submissions.

consent_management_agent Consent Management Agent critical ✓ production

CF Worker: ConsentManagementAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews consent records for completeness, currency, and withdrawal status across a consent batch, computing active consent rate and expired consent rate to classify consent health as healthy/renewal_needed/critical. Recommends renewal campaign initiation.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with consentBatchId, consentVersion, totalSubjects, activeConsentRate ((consentedCount − withdrawnCount) / totalSubjects), withdrawnCount, expiredRate, consentHealth (critical if activeConsentRate <0.70 or expiredRate >0.30/renewal_needed if expiredRate >0.10 or activeConsentRate <0.85/healthy otherwise), confidence score (0.88 + activeConsentRate × 0.05). Agent CANNOT halt data processing, modify consent records, or trigger renewal campaigns.

data_retention_agent Data Retention Agent critical ✓ production

CF Worker: DataRetentionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates data retention compliance for a given data category by comparing actual record ages against defined retention policy bounds, computing an over-retention rate and classifying status as compliant/overdue/critical. Flags records exceeding retention limits for DPO-approved purge review without triggering any deletion.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with dataCategory, retentionPolicyDays, oldestRecordAgeDays, recordsOverRetention, overRetentionRate, retentionStatus (critical if ≥10% over or oldest >2x policy/overdue if any exceed policy/compliant otherwise), confidence score (0.90 − overRetentionRate × 0.20). Agent CANNOT delete records or modify retention policies.

breach_detection_agent Breach Detection Agent critical ✓ production

CF Worker: BreachDetectionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Analyzes access logs, audit events, and anomaly signals to compute exfiltration likelihood and classify breach likelihood as low/medium/high/confirmed. Assesses impact scale based on estimated affected record count and data categories involved.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with alertId, anomalySignals list, affectedRecordsEstimate, dataCategories, exfiltrationLikelihood, breachLikelihood (confirmed ≥0.80/high ≥0.50/medium ≥0.20/low otherwise), impactScale (severe ≥100k/significant ≥1k/minimal otherwise), confidence score (0.85 + exfiltrationLikelihood × 0.10). Agent CANNOT declare incidents, file CERT-In reports, or notify data subjects.

vendor_risk_assessment_agent Vendor Risk Assessment Agent critical ✓ production

CF Worker: VendorRiskAssessmentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Scores third-party vendor data processing risk against DPA obligations by evaluating data access level, Data Processing Agreement status, security certifications (ISO27001/SOC2/DPDP_DPA), and time since last assessment. Classifies vendor risk as low/medium/high/critical.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with vendorId, vendorName, dataAccessLevel, certifications list, lastAssessmentDays, contractualDpaInPlace, dpaRequired flag (true if personal or sensitive data access), vendorRisk (critical if sensitive data without DPA/high if personal without DPA/medium if >365 days or missing certs/low otherwise), confidence score (0.87 − 0.05 for critical risk). Agent CANNOT suspend data sharing, execute DPAs, or disqualify vendors.

ai_red_team_agent AI Red Team Agent critical ✓ production

CF Worker: AiRedTeamAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Systematically probes AI system components for adversarial vulnerabilities by analyzing results from prompt injection attempts, guardrail bypass attempts, and jailbreak attempts against a target agent. Computes a bypass rate and classifies security posture as robust/vulnerable/critical.

Tools: read_runtime_status · render_table

Outcome: AgentDecision with testRunId, targetAgentSlug, totalAttempts, successfulBypasses, bypassRate, securityPosture (critical if ≥0.05/vulnerable if ≥0.01/robust otherwise), confidence score (0.86 + (1 − bypassRate) × 0.10). Agent CANNOT disable agents, modify guardrails, or deploy emergency patches.

regulatory_change_agent Regulatory Change Agent critical ✓ production

CF Worker: RegulatoryChangeAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors regulatory change signals across DPDP, RBI, CERT-In, and SEBI frameworks by tracking compliance gaps and days until a regulation's effective date. Classifies preparedness urgency as compliant/planned/urgent/overdue.

Tools: read_runtime_status · render_card

Outcome: AgentDecision with regulationId, regulationName, jurisdiction, daysUntilEffective, complianceGapCount, impactAreas list, preparednessUrgency (compliant if 0 gaps/overdue if past effective date with gaps/urgent if ≤30 days/planned otherwise), confidence score (0.86 − complianceGapCount × 0.01). Agent CANNOT issue compliance declarations, update policies, or file regulatory submissions.

parent_consent_agent Parent Consent & Privacy Agent low ✓ production

CF Worker: ParentConsentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Helps parents understand what data Finverse holds about their children and how to exercise their rights under DPDP Act 2023 (access, correction, erasure, grievance). Explains data categories held (registration, results, AI tutor logs), guides consent status interpretation, and directs withdrawal requests to the support ticket workflow. Serves /parent/* routes.

Tools: get_parent_consent_status

Outcome: Advisory text response explaining consent status, data categories, or DPDP rights. When get_parent_consent_status is invoked, structured data includes active children count, consent status, and data category list. All consent mutations are deferred to the support ticket workflow. Agent CANNOT mutate consent records. requiresHumanApproval=false; all output is advisory and logged.

compliance_governance_agent Compliance Governance critical ✓ production

CF Worker: ComplianceGovernanceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Oversees the overall compliance governance posture of the Finverse Olympiad OS, cross-referencing active regulatory obligations (DPDP Act 2023, RBI, CERT-In, SEBI) against implemented controls. Used by ops_admin and super_admin in the Trust Control Tower portal to assess governance gaps and track remediation.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Prioritised compliance gap report with obligation-to-control mapping, severity scores, timeline of upcoming obligation deadlines, and remediation recommendations — all flagged for super_admin or ops_admin review. All output is advisory; no compliance control policy is created or modified. Minimum confidence threshold: 0.95.

it_compliance_agent IT Compliance critical ✓ production

CF Worker: ItComplianceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates IT infrastructure and software controls against relevant compliance frameworks including ISO 27001 controls, RBI IT framework requirements, and CERT-In guidelines applicable to Finverse Academy operations. Surfaces control gaps, misconfigured policies, and missing evidence items.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: IT compliance gap assessment showing control status, evidence gaps, severity classification (critical/high/medium), and recommended remediation steps — requiring ops_admin or super_admin sign-off. No system configuration changes are triggered.

owasp_audit_agent OWASP Audit critical ✓ production

CF Worker: OwaspAuditAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Audits the Finverse Olympiad OS application and API surface against the OWASP Top 10 and relevant OWASP ASVS controls. Identifies web application security risks including injection flaws, broken authentication, security misconfigurations, and vulnerable dependencies.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: OWASP audit report with per-category risk ratings (critical/high/medium/low), affected surface areas (portal routes/API endpoints), mitigation status, and prioritised remediation recommendations — gated behind super_admin approval before any action. Findings are advisory only; no code changes applied automatically.

dpdp_consent_agent DPDP Consent critical ✓ production

CF Worker: DpdpConsentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews consent records for data principals (students and parents) against DPDP Act 2023 requirements, checking for valid, informed, and freely given consent at each data processing stage. Flags missing, expired, or improperly recorded consent items for compliance remediation.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: DPDP consent compliance report identifying gaps by data principal, processing purpose, and regulatory obligation, with recommended remediation steps requiring human review. Consent records are never mutated directly; outputs contain aggregate gap summaries only, not raw PII.

dpdp_children_guardian_agent DPDP Children Guardian critical ✓ production

CF Worker: DpdpChildrenGuardianAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Enforces heightened DPDP Act 2023 protections for data belonging to children (minors under 18) enrolled in the Finverse Academy Olympiad. Reviews processing activities involving minor data principals for age verification, verifiable parental consent, and children-specific data minimisation obligations.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Children data protection compliance report detailing violations of DPDP Act 2023 children-specific obligations, with severity scores and remediation steps gated behind super_admin review. Minor PII is never exposed in outputs; reports reference only aggregate counts and anonymised gap identifiers.

rbi_payment_compliance_agent RBI Payment Compliance critical ✓ production

CF Worker: RbiPaymentComplianceAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Evaluates payment processing activities within Finverse Olympiad OS against RBI payment regulations including PPI guidelines, digital payment security standards, and payment aggregator norms. Reviews invoice, reconciliation, and payment proof workflows for regulatory compliance gaps.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: RBI payment compliance gap assessment with control mapping, regulatory exposure scores, and prioritised remediation recommendations — requiring human approval before any payment workflow change. No payment records, ledger entries, or reconciliation data are mutated.

cert_in_incident_agent CERT-In Incident critical ✓ production

CF Worker: CertInIncidentAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Structures and validates cybersecurity incident reports required under CERT-In directions within the mandated 6-hour initial reporting window. Distinct from cert_in_reporting_agent — specifically triages whether an incident crosses the CERT-In reportable threshold and maps incident attributes to CERT-In mandatory fields.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: CERT-In incident reportability assessment with draft mandatory fields pre-populated, 6-hour window status, and filing recommendations — gated behind authorized personnel review before any submission. Incident details are not exposed outside the Trust Control Tower security workflow.

privacy_rights_agent Privacy Rights critical ✓ production

CF Worker: PrivacyRightsAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Manages and tracks data principal rights requests under DPDP Act 2023 including rights of access, correction, erasure, and grievance redressal for students and parents. Reviews open rights requests for completeness, SLA compliance, and appropriate handling, surfacing overdue or mishandled requests.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Data principal rights requests compliance report showing SLA status, handling gaps, overdue items, and remediation recommendations — requiring ops_admin or super_admin review before action. No PII is exported; outputs reference request identifiers and aggregate SLA metrics only.

retention_purge_agent Retention Purge critical ✓ production

CF Worker: RetentionPurgeAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews data retention schedules and identifies records that have exceeded their defined retention limits across all Finverse Olympiad OS data stores, flagging candidates for purge review without triggering any actual deletion. Evaluates retention compliance against DPDP Act 2023 data minimisation requirements.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Retention compliance report listing overdue data categories with volumes, policy references, and a recommended purge schedule — advisory only, with purge execution requiring super_admin approval via a separate deterministic service. This agent NEVER triggers data deletion.

breach_notification_agent Breach Notification critical ✓ production

CF Worker: BreachNotificationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Structures breach notification obligations following a confirmed or suspected data breach affecting Finverse Olympiad OS data principals. Evaluates which regulatory notification requirements are triggered (DPDP Act 2023, CERT-In), identifies affected data principal categories, and drafts notification content and timelines.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Breach notification plan with regulatory obligation checklist, draft notification elements (breach description, affected data types, remediation steps, data principal rights guidance), affected data principal categories, and compliance timelines — gated behind super_admin approval before any notifications are dispatched. Draft content does not contain raw PII.

security_misconfiguration_agent Security Misconfiguration critical ✓ production

CF Worker: SecurityMisconfigurationAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Detects security misconfiguration risks across the Finverse Olympiad OS stack including Next.js security headers, Supabase RLS policy gaps, Cloudflare WAF settings, and environment-level configuration drift. Maps findings to OWASP A05 Security Misconfiguration and CIS benchmark controls.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Security misconfiguration findings report with per-layer risk scores, benchmark deviation details, and prioritised remediation steps — requiring super_admin review before any configuration change is applied. No configuration changes are applied automatically. Service role secrets and environment variable values are never surfaced in outputs.

dependency_vulnerability_agent Dependency Vulnerability critical ✓ production

CF Worker: DependencyVulnerabilityAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors npm and system dependency vulnerability signals for the Finverse Olympiad OS codebase, evaluating open CVEs at high or critical severity against the installed dependency tree. Surfaces prioritised upgrade recommendations and exploitability assessments. Consistent with the project's npm audit:high verification gate.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Dependency vulnerability assessment report with CVE mapping, CVSS scores, upgrade recommendations, and breaking change risk notes — advisory only, requiring super_admin review before any dependency updates are made. No package updates are applied automatically; agent does not execute npm commands or modify package.json.

access_control_audit_agent Access Control Audit critical ✓ production

CF Worker: AccessControlAuditAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Performs systematic access control audits across Finverse Olympiad OS Supabase RLS policies, portal route guards, and API permission boundaries. Reviews role-to-permission mappings for over-privilege, missing guards, and policy drift against the defined role hierarchy (super_admin/ops_admin/support_user/school_coordinator/student/parent).

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Access control audit report with per-role gap findings, RLS policy coverage map, and prioritised remediation recommendations — requiring ops_admin or super_admin review before any policy changes. No RLS policies or route guards are modified automatically. Agent reads control metadata only, does not bypass RLS to access protected data.

secrets_hygiene_agent Secrets Hygiene critical ✓ production

CF Worker: SecretsHygieneAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Audits secret and credential management hygiene across the Finverse Olympiad OS deployment, reviewing rotation schedules, environment variable exposure risks, service role key scoping, and Cloudflare Worker secret binding practices. Never reads or surfaces actual secret values.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Secrets hygiene audit report with rotation status, scoping violations, exposure risk scores, and remediation recommendations — advisory only; actual secret values are NEVER read, stored, or surfaced in any output under any circumstance. All rotation or re-scoping actions require super_admin approval.

ssrf_egress_guard_agent SSRF Egress Guard critical ✓ production

CF Worker: SsrfEgressGuardAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Monitors and audits Server-Side Request Forgery (SSRF) risk across Finverse Olympiad OS API routes and Cloudflare Worker egress patterns, reviewing URL validation logic, egress allow-lists, and external HTTP call surfaces. Consistent with OWASP A10 controls.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: SSRF egress risk report with per-route validation gap findings, egress policy coverage, exploitability scores, and recommended mitigations — advisory only, requiring super_admin review before any egress policy changes. Agent does not make outbound HTTP requests during its audit; it reviews control metadata only.

logging_redaction_agent Logging Redaction critical ✓ production

CF Worker: LoggingRedactionAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Audits application and infrastructure log pipelines in the Finverse Olympiad OS for PII leakage, sensitive field exposure, and inadequate redaction, ensuring logs comply with DPDP Act 2023 data minimisation requirements and Finverse logging security rules (audit logs are append-only; no raw PII in log outputs).

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Log redaction gap report with per-pipeline PII exposure findings, sensitivity classifications (PII/financial/health), and remediation recommendations — advisory only, requiring super_admin review before any log configuration changes. Audit and event logs are append-only; this agent never deletes or modifies log records. Raw log content containing PII is never exported.

vendor_dpa_agent Vendor DPA critical ✓ production

CF Worker: VendorDpaAgent extends BaseFinverseAgent · Durable Object · SQLite · WebSocket hibernation

Purpose: Reviews Data Processing Agreements (DPAs) with third-party vendors and sub-processors handling Finverse Olympiad OS data, assessing contractual coverage of DPDP Act 2023 obligations including data residency, sub-processor disclosure, breach notification obligations, and security certification requirements.

Tools: read_compliance_controls · read_runtime_status · render_card · render_table · show_timeline

Outcome: Vendor DPA compliance report with per-vendor obligation gap analysis, regulatory exposure scores, and contract remediation recommendations — advisory only, requiring super_admin approval before any DPA renegotiation or vendor offboarding. call_external_ai_without_dpa is hard-blocked — no AI inference on vendor data without a valid DPA in place.

Getting Started

Quick Start

From zero to a running local instance in under 10 minutes. Prerequisites: Node.js 20+, npm 10+, Supabase CLI (npm i -g supabase), Git.

1 · Clone and navigate

git clone <repo-url>
cd <repo-name>/OS        # all source lives inside the OS/ subfolder

2 · Configure environment

cp .env.example .env.local

Open .env.local and fill in:

Variable	Where to get it	Required
`NEXT_PUBLIC_SUPABASE_URL`	Supabase project → Settings → API	✅ Yes
`NEXT_PUBLIC_SUPABASE_ANON_KEY`	Supabase project → Settings → API	✅ Yes
`SUPABASE_SERVICE_ROLE_KEY`	Supabase project → Settings → API (secret)	✅ Yes
`GROQ_API_KEY`	console.groq.com → API Keys	✅ Yes (agent calls)
`RAZORPAY_KEY_ID` / `RAZORPAY_KEY_SECRET`	Razorpay dashboard → Settings → API Keys	⚪ Optional for local
`RESEND_API_KEY`	resend.com → API Keys	⚪ Optional for local

3 · Install and run

npm install
npm run dev

App available at http://localhost:3000. Health check: GET http://localhost:3000/api/health → {"status":"ok"}.

4 · Apply database migrations (first time only)

# Link to your Supabase project
supabase link --project-ref your-project-ref

# Push all 97 migrations
supabase db push

Data residency requirement

Create the Supabase project in region ap-south-1 (AWS Mumbai) — required for DPDP Act compliance. Data must reside in India.

5 · Verify everything passes

Run all checks before any PR or deployment:

npm run lint          # ESLint — must be zero warnings
npm run typecheck     # tsc --noEmit — must be zero errors
npm test              # Vitest — expect 2268 passing
npm run audit:high    # npm audit --audit-level=high — must be clean

npm run build         # Production build — must succeed with zero errors

Platform Architecture

Architecture

Event-driven, schema-first, defence-in-depth. Every business state change flows through Supabase Postgres. Agents are advisory layers — they never touch the database directly.

Stack diagram

Browser (React / Next.js App Router)
  │  Requests → Next.js on Vercel
  │  src/proxy.ts — auth guard + CSP nonce on EVERY request
  ▼
Next.js API Routes  (src/app/api/**)
  │  Server-only Supabase admin client  (src/lib/supabase/admin.ts)
  │  Deterministic service layer        (src/lib/services/**)
  ▼
Supabase Postgres  (ap-south-1 · AWS Mumbai)
  │  Business truth — source of record for ALL state
  │  RLS enforced on all protected tables
  │  Append-only audit_events + outbox_events
  ▼
Cloudflare Workers  (cron + queue + WebSocket)
  │  outbox-processor.ts      — polls outbox, dispatches effects
  │  notification-worker.ts   — sends email/push via Resend
  │  invoice-pdf-worker.ts    — PDF generation on demand
  │  finance-reconciliation-worker.ts — daily reconciliation
  │  cert-in-alert-worker.ts  — CERT-In 6hr reporting cron
  │  agent-session.ts         — WebSocket broker for agent DOs
  │  registration-workflow.ts — batch registration orchestration
  ▼
Cloudflare Durable Objects  (288 agent DOs, 270 CF bindings)
  │  All extend BaseFinverseAgent  (workers/agents/base-agent.ts)
  │  Advisory-only — read context, produce recommendations
  │  No Supabase client — no direct DB access
  │  High-risk tools → approval_queue → human approval gate
  ▼
External Services
  Groq (via Cloudflare AI Gateway) — LLM for agent reasoning
  Razorpay                         — payment collection
  Resend                           — transactional email

Architectural rules (non-negotiable)

Rule 1 — Business truth lives ONLY in Supabase/Postgres

No business state in Durable Objects, Redis, or local variables. DOs hold ephemeral session state only (chat messages, active tool calls).

Rule 2 — Agents are advisory only

Agents route, summarize, and recommend. Deterministic services mutate truth. BaseFinverseAgent has no Supabase client. High-risk tools require human approval before execution.

Rule 3 — src/proxy.ts is the single auth gate

Every request goes through src/proxy.ts. It checks Supabase session, enforces role-based portal access, and injects the CSP nonce. Do not add auth logic elsewhere.

Rule 4 — Schema-first development

Always read src/lib/supabase/database.types.ts before writing any query. Never assume column names. See Developer Guide for the full schema-first rule and two-step join pattern.

Portal map

Portal	Base path	Roles
Operator / Super Admin	`/operations/*`	super_admin, operator
Ops Workflows	`/ops/*`	super_admin, operator
School Coordinator	`/school/*`	school_admin, school_staff
Student	`/student/*`	student
Parent	`/parent/*`	parent
CA / Auditor	`/auditor/*`	ca_auditor (read-only finance)
Vendor	`/vendor/*`	vendor
Invigilator	`/invigilator/*`	invigilator
Teacher	`/teacher/*`	teacher
Online Exam	`/student/exam/*`	student (active session)
Coordinator	`/coordinator/*`	coordinator
AI Ops (CEO Agent)	`/ai-ops/*`	super_admin

Event system

All side effects (emails, PDF generation, agent triggers, audit entries) are driven by two append-only tables:

Table	Schema	Purpose
`audit_events`	public	Immutable audit trail — INSERT-only RLS, no UPDATE/DELETE ever
`outbox_events`	public	Transactional outbox — worker polls and dispatches effects, marks delivered

Workers use idempotency_key on all job writes. Queue claims use SELECT … FOR UPDATE SKIP LOCKED to prevent double-processing.

Worker topology

Worker file	Trigger	Purpose
`outbox-processor.ts`	Cron (every 30s)	Polls `outbox_events`, dispatches notifications and side effects
`notification-worker.ts`	Queue	Sends email/push via Resend; marks delivered
`invoice-pdf-worker.ts`	Queue	Generates invoice PDFs, uploads to Supabase Storage
`finance-reconciliation-worker.ts`	Cron (daily)	Bank statement reconciliation, anomaly detection
`cert-in-alert-worker.ts`	Cron (every 30 min)	Polls `cert_in_incident_reports`, fires alert webhook within 6h
`agent-session.ts`	WebSocket	Broker between frontend chat panel and agent Durable Objects
`registration-workflow.ts`	HTTP trigger	Orchestrates batch registration parse → validate → flag exceptions

Multi-Portal Platform

Portals

12 distinct portals, each role-scoped and guarded server-side by src/proxy.ts. All staff portals require MFA. The CA Auditor portal is strictly read-only — no write API routes are reachable from it under any circumstance.

Operator / Super Admin — `/operations/*`

Property	Value
Roles	super_admin, operator
MFA required	Yes
Auth gate	`src/proxy.ts` → `src/lib/auth/portal-access.ts`

Key pages

/operations/upload/operations/leads/operations/exceptions/operations/campaigns/operations/finance/operations/exams/operations/results/operations/ai-ops/operations/online-exams/operations/portals/operations/trust-control-tower/operations/compliance

Ops Workflows — `/ops/*`

Property	Value
Roles	super_admin, operator
MFA required	Yes

/ops/olympiad-workflow/ops/admit-card-lifecycle/ops/award-dispatch

School Coordinator — `/school/*`

Property	Value
Roles	school_admin, school_staff
MFA required	Yes
Auth gate	`src/proxy.ts`

Key pages

/school (dashboard)/school/admit-cards/school/fees/school/nominations/school/analytics/school/omr-tracking/school/exam-day/school/absentees/school/toppers/school/national-rank/school/export

Student — `/student/*`

Property	Value
Roles	student
MFA required	No

/student/learn/syllabus/student/learn/quiz/student/learn/study-plan/student/learn/recommendations/student/learn/merit/student/learn/trophies/student/learn/leaderboard/student/learn/analytics/student/exam/[id]/student/referral

Parent — `/parent/*`

Property	Value
Roles	parent
MFA required	No

/parent/progress/lms/parent/admit-cards/parent/digest/parent/tutor-recommendations/parent/level-up/parent/school-comparison/parent/siblings/parent/consent/parent/support

CA / Auditor — `/auditor/*`

Property	Value
Roles	ca_auditor
MFA required	Yes
Write access	None — strictly read-only

Read-only enforcement

No POST/PUT/PATCH/DELETE API routes are reachable from the CA portal. The accounting ledger, journal entries, and reports are accessible but immutable from this portal. Any accidental write attempt returns 403.

Vendor — `/vendor/*`

Property	Value
Roles	vendor
MFA required	Yes

/vendor/print-orders/[id]/vendor/shipments/[id]/vendor/omr-batches/[batchId]/vendor/performance/vendor/billing

Invigilator — `/invigilator/*`

Property	Value
Roles	invigilator
MFA required	Yes

/invigilator/room/[sessionId]/invigilator/attendance/[sessionId]/invigilator/seating/[sessionId]/invigilator/omr/[sessionId]/invigilator/incidents/[sessionId]/invigilator/dispatch/[sessionId]/invigilator/timer/[sessionId]/invigilator/history

Teacher — `/teacher/*`

Property	Value
Roles	teacher
MFA required	Yes

/teacher (dashboard)/teacher/classes/teacher/mock-performance

Online Exam — `/student/exam/[id]`

Property	Value
Roles	student (active session)
MFA required	No (pre-auth'd by main student login)
Special features	PWA offline-first, 30s autosave, AES-256-GCM encrypted questions, 3-layer submission chain

/student/exam/[id] (exam interface)/student/exam/[id]/result/student/exam/[id]/verify

Coordinator — `/coordinator/*`

Property	Value
Roles	coordinator
MFA required	Yes

/coordinator/exam/[id]/release/coordinator/exam/[id]/proctor-review

AI Ops / CEO Agent — `/ai-ops/*`

Property	Value
Roles	super_admin only
MFA required	Yes
Description	CEO-level strategic agent interface — cross-domain queries, scenario simulation, executive dashboards

Data Layer

Database

97 ordered Supabase migrations covering all 15 phases plus security hardening, compliance controls, and a full accounting module. Business truth lives exclusively here. RLS enforces row-level access on all protected tables. Apply with: supabase link --project-ref <ref> && supabase db push

Migration reference

Range	Files	Covers
0001	`0001_core_security.sql`	RLS baseline, roles, core security setup
0002	`0002_audit_event_foundation.sql`	audit_events append-only table
0003	`0003_workflow_foundation.sql`	workflow_instances, approval_requests skeleton
0004	`0004_phase1_core_expansion.sql`	Phase 1 CRM — leads, campaigns, outreach
0005–0006	`0005_phase2_school_registration_mvp.sql` – `0006_phase2_completion_surface.sql`	schools, students, registration_batches, completion surface
0007	`0007_phase3_finance_production.sql`	invoices, payments, shipments, print_orders
0008	`0008_phase4_exam_results.sql`	exam_sessions, omr_packets, result_records, certificates
0009	`0009_phase5_ai_ops_orchestration.sql`	Agent manifest registry, orchestration jobs
0010	`0010_phase6_online_exam_platform.sql`	Online exam sessions, proctoring events, submissions
0011	`0011_phase7_academic_intelligence.sql`	Psychometrics, adaptive practice, recommendations
0012	`0012_phase8_multi_portal_workspace.sql`	Workspace conversations, notifications
0013	`0013_phase9_trust_observability_digital_twin.sql`	Observability, compliance, digital twin simulation
0014–0019	`0014_…` – `0019_…`	Phases 10–15: cloud runtime, secure tooling, data warehouse, SaaS licensing, content governance, AI control plane
0020–0029	`0020_owasp_hardening.sql` – `0029_…`	OWASP hardening, DPDP compliance (3 migrations), RBI payment controls, CERT-In, AI governance
0030–0042	`0030_…` – `0042_…`	Agent manifest registry, BI RPCs, RLS hardening, CEO agent foundation (sessions, tools, snapshots, rate limits)
0043	`0043_fix_app_core_schema_grant.sql`	⚠️ PENDING — schema grant fix; apply before cloud deploy
0044–0076	`0044_…` – `0076_…`	AI/authz grants, tutor schema, school invite links, sub-users, LMS content pipeline, adaptive engine, gamification, study groups, sprint2 academic/ops, staff activation, parent portal agents, DPDP H-series hardening (0065–0068), payment guardrails (0069–0072), MFA evidence, staff portal closure, unified AI vector
0077–0097	`0077_acc_chart_of_accounts.sql` – `0097_audit_logs_retention_and_compliance.sql`	Full accounting module: CoA, periods, journal entries, classification rules, approval queue, KPI snapshots, reconciliation, GST engine, TDS engine, valuation, CA portal, settings, statutory filings, cash flow forecasts, anomaly detection, schema grants, RLS scope fix, audit log retention

⚠️ Two-step join pattern — mandatory for school-scoped queries

result_records, certificates, and exam_sessions have NO direct school_id column

These tables link to schools through student_id → students.school_id. Never add a school_id column or use a type cast — use the two-step pattern below. Breaking this rule causes silent data leaks across schools.

// STEP 1: Get student IDs for this school
const { data: studentRows } = await supabase
  .schema("ops")
  .from("students")
  .select("id")
  .eq("school_id", schoolId)
  .is("deleted_at", null);

const studentIds = (studentRows ?? []).map(s => s.id);
if (studentIds.length === 0) return []; // guard — never skip this

// STEP 2: Query target table filtered by student IDs
const { data } = await supabase
  .schema("ops")
  .from("result_records")   // or certificates, exam_sessions
  .select("...")
  .in("student_id", studentIds);

Tables with direct school_id (no join needed):

invoices registration_batches schools school_invite_links school_sub_users students

Before querying any new table, always verify: grep -n '"tableName"' src/lib/supabase/database.types.ts then read the Row type to check for school_id.

RLS summary

Schema	RLS	Access pattern
public	Enforced	Anon key for read-only data; service role for all writes via RPCs
ops	Enforced	Role-scoped — school_admin sees own school only; students see own records
accounting (acc_*)	Enforced	Service role only for writes; ca_auditor has SELECT via CA portal
security	Enforced	Service role only — CERT-In reports, compliance records

All write operations go through service-role-only RPCs. The browser anon key never reaches protected tables directly. admin.ts is guarded with import 'server-only'.

Accounting module rules

Never let AI decide COA codes — acc_classification_rules table is authoritative
All journal entries must pass balance check before insert (DB trigger trg_check_je_balance)
Locked periods cannot have new entries (hard gate in journal-generator.ts)
GST: check gst_enabled via acc_gst_config table before creating any GST transaction
TDS thresholds: 194T ₹20,000 / 194C ₹30,000 / 194J ₹30,000 — read from acc_settings, never hardcode
acc_journal_entry_lines amounts are BIGINT paise — divide by 100 for rupees display
invoices.total_amount is numeric(12,2) rupees — no division needed
CA portal (/auditor/*) is strictly read-only — no write operations ever

Agent Fleet

Agent Reference

288 agent implementations across 18 core domain groups + 10 H-11 extended domains. All agents extend BaseFinverseAgent (workers/agents/base-agent.ts), run as Cloudflare Durable Objects, and are advisory-only — they never mutate business truth directly.

288 Implementations 18 Core Groups 10 H-11 Extended 80 / 100 Production Score 2 Pending Blockers

Core groups (1–18)

Group	Domain	Agents	Health	Risk	Key agents
1	CRM / Outreach	8	✅	low–med	LeadIntakeAgent, ReplyClassificationAgent, SchoolIntelligenceAgent, OpportunityScoringAgent, FollowUpAgent, CampaignAgent, MeetingSchedulerAgent, SchoolMappingAgent
2	Registration & Ingestion	6	⚠️	medium	RegistrationParsingAgent, DeduplicationAssistantAgent, RegistrationValidationAgent, FeeCalculationAgent, ExceptionResolutionAgent, SchoolOperationsAgent
3	Finance & Accounting	8	⚠️	high	InvoiceAssistantAgent, PaymentReconciliationAgent, FinanceCollectionsAgent, RefundReviewAgent, AccountingExplanationAgent, CaReviewAssistant, FinancialReviewAgent, ReminderAgent
4	Exam Production & Logistics	8	⚠️	medium	ProductionPlanningAgent, PrintBatchGenerationAgent, OmrAllocationAgent, VendorCoordinationAgent, LogisticsTrackingAgent, SchoolConfirmationAgent, PackagingManifestAgent, VendorIntelligenceAgent
5	Exam Execution & Evaluation	10	✅	high	ExamMonitoringAgent, AttendanceReconciliationAgent, ReverseLogisticsAgent, OmrIntakeAgent, ScanQualityAgent, EvaluationCoordinationAgent, ResultIntegrityAgent, ScoreOverrideAssistant, ExamReevaluationAgent, OmrEvaluationSubmissionAgent
6	Results, Certs & Communication	8	✅	high	ResultPublicationAgent, RankingIntegrityAgent, CertificateGenerationAgent, CertificateRevocationAssistant, AwardAllocationAgent, ParentCommunicationAgent, SchoolSummaryAgent, RankingDisplayAgent
7	Online Exam Platform	7	⚠️	high	CandidateVerificationAgent, ExamSessionAgent, AntiCheatingAgent, ConnectivityRecoveryAgent, SubmissionIntegrityAgent, OnlineEvaluationAgent, OnlineSupportAgent
8	Learning & Course Academic	13	⚠️	low–med	SyllabusMappingAgent, CourseBlueprintAgent, LessonGenerationAgent, PracticeGenerationAgent, ContentReviewAgent, StudyPathAgent, RevisionAgent, MockTestAgent, MistakeAnalysisAgent, ReadinessAgent, AiTutorAgent, MotivationAgent, VersaConceptAgent
9	Portal & Workspace Communication	17	⚠️	medium	StudentStudyAgent, ParentSummaryAgent, TeacherInsightAgent, TeacherInterventionAgent, VendorCoordinationPortalAgent, SupportRoutingAgent, TenantAdminAgent, SchoolCoordinatorPortalAgent + 9 more
10	Content Governance & IP	10	⚠️	medium	ProvenanceAgent, RightsCheckAssistant, SimilarityReviewAgent, AcademicReviewAssistant, AnswerKeyReviewAgent, TranslationQaAgent, ContentQualityAgent, TakedownTriageAgent, ExamLeakageRiskAgent, ContentPublishApprovalAgent
11	AI Governance & Safety	6	✅	high	AiGuardrailAgent, PromptGovernanceAgent, AiDecisionAuditAgent, ComplianceAssistantAgent, McpToolSecurityAgent, EvaluationReviewAgent
12	Control Tower & Ops Intelligence	8	⚠️	medium	OpsControlTowerAgent, ExceptionPrioritizationAgent, SlaRiskPredictionAgent, OperationalHealthAgent, DigitalTwinSimulationAgent, SchoolOpsSummaryAgent, FinancialAnomalyAgent, VendorRiskAgent
13	Academic Intelligence & Analytics	8	✅	low	ItemDifficultyAgent, AbilityEstimationAgent, LearningGapAgent, MisconceptionTrackingAgent, AdaptiveRecommendationAgent, PerformanceForecastingAgent, CohortAnalyticsAgent, DifficultyCalibrationAgent
14	Integration & Data Warehouse	6	⚠️	medium	WebhookIntelligenceAgent, EtlMonitoringAgent, DataQualityAgent, FeatureStoreAgent, BiInsightAgent, SyncConflictAgent
15	Mobile & Offline / PWA	4	✅	low	OfflineAgent, SyncResolutionAgent, MobileSupportAgent, AttendanceCaptureAgent
16	Multi-tenant SaaS & Entitlements	5	⚠️	medium	TenantProvisioningAgent, EntitlementEnforcementAgent, UsageAnalyticsAgent, BillingEventAgent, UpgradeAssistantAgent
17	AI Control Plane & Infrastructure	6	⚠️	high	ModelRoutingAgent, PromptRegistryAgent, EvalHarnessAgent, FinetuneDataAgent, RateLimitGuardAgent, CostOptimizationAgent
18	Security, Audit & Compliance	7	✅	critical	SecurityScanAgent, VulnerabilityTriageAgent, ComplianceAuditAgent, PenTestAssistantAgent, IncidentResponseAgent, CertInReportingAgent, DataResidencyAgent

Governance model

Advisory-only — no direct database access

All agents extend BaseFinverseAgent which has no Supabase client. Agents route, summarize, and recommend. Deterministic services in src/lib/services/ mutate truth.

High-risk tools require human approval

Tools marked high-risk write to approval_queue in the DO's SQLite. A human must approve the queued action before the deterministic service executes it.

All tools are schema-validated, permission-checked, and audited

Tool registration validates input/output schemas. Every tool call is logged to audit_events. AI output is advisory and blocked from direct truth mutation.

DO SQLite tables (per agent instance)

messages · tool_calls · approval_queue · agent_metadata

Full agent directory

Each of the 288 agent implementations has a dedicated entry in docs/AGENTS.md covering: purpose, Cloudflare Worker class, registered tools, typical workflow steps, output format, and guardrails.

📄 docs/AGENTS.md

5 600+ lines · 288 agents · 18+10 groups · per-agent: tools, workflow, guardrails

📄 docs/API.md

3 900+ lines · all 351 routes · auth roles · error codes

📄 docs/mint.json

Mintlify config · 5 tabs · 18 agent sub-pages · ready to deploy

Documentation platform recommendation: Mintlify (primary) + Fern (API reference / SDK gen)

Mintlify ships an MCP server and /llms.txt — your docs become AI-readable, which is critical for a platform built on AI agents. Fern generates TypeScript / Python SDKs from your OpenAPI spec. Setup guide: docs/DOCUMENTATION_SETUP.md

BaseFinverseAgent pattern

All 288 agent implementations follow this structure. File: workers/agents/base-agent.ts

export abstract class BaseFinverseAgent extends DurableObject {
  // DO SQLite tables: messages, tool_calls, approval_queue, agent_metadata
  // NO Supabase client — advisory only

  abstract get agentId(): string;
  abstract get tools(): AgentTool[];

  // Override to handle tool execution (called after human approval for high-risk tools)
  async executeTool(toolName: string, args: unknown): Promise<unknown> { ... }

  // Built-in: WebSocket session, hibernation, tool registration, audit logging
}

To add a new agent: create a class extending BaseFinverseAgent in the appropriate workers/agents/group{N}-*.ts file, register it in wrangler.toml under [durable_objects.bindings], and add it to the agent manifest registry migration.

Model ID must come from environment — never hardcode

Use env.CLOUDFLARE_AI_MODEL (or equivalent env var) for the LLM model ID. Hardcoding claude-haiku-4-5-20251001 or similar is a deployment blocker — model IDs rotate.

API Reference

API Routes

All routes are under src/app/api/. Every protected route enforces auth via src/proxy.ts — role and session are checked on every request. Internal routes (/api/internal/*) are service-role only and not reachable from the browser.

Registration & Leads

Method	Path	Auth	Description
POST	`/api/school/upload`	school_admin	Upload registration Excel/CSV — triggers parse + preview
POST	`/api/phase2/registration/preview`	operator	Preview parsed registration rows before persist
POST	`/api/phase2/registration/persist`	operator	Persist validated registration batch to ops.students
POST	`/api/phase2/leads/preview`	operator	Preview parsed lead import
POST	`/api/phase2/leads/persist`	operator	Persist leads to CRM
POST	`/api/phase2/exceptions/resolve`	operator	Resolve a flagged registration exception
POST	`/api/phase2/campaigns/message`	operator	Send campaign message
POST	`/api/phase2/campaigns/reply`	operator	Record campaign reply
POST	`/api/phase2/ai/column-mapping`	operator	AI-assisted column mapping for Excel uploads
POST	`/api/register/validate`	school_admin	Validate a registration row before submission

Internal Batch Processing

Service-role only — not reachable from browser. Called by Cloudflare Workers and internal cron jobs.

Method	Path	Description
POST	`/api/internal/batches/[batchId]/validate`	Run validation on a registration batch
POST	`/api/internal/batches/[batchId]/score-duplicates`	Score duplicate registrations
POST	`/api/internal/batches/[batchId]/flag-exceptions`	Flag exceptions for operator review
POST	`/api/internal/batches/[batchId]/generate-invoice`	Generate invoice for a batch
POST	`/api/internal/batches/[batchId]/notify-operator`	Trigger operator notification

Finance & Production

Method	Path	Auth	Description
POST	`/api/phase3/invoices/from-batch`	operator	Generate invoice from a registration batch
POST	`/api/phase3/invoices/approve`	operator	Approve an invoice for payment
POST	`/api/phase3/freezes/create`	operator	Freeze a batch for production
POST	`/api/phase3/manifests/create`	operator	Create print manifest
POST	`/api/phase3/print-orders/create`	operator	Create print order for OMR sheets
POST	`/api/phase3/production/allocate-omr`	operator	Allocate OMR roll numbers
POST	`/api/phase3/production/from-freeze`	operator	Initiate production from freeze
POST	`/api/phase3/shipments/create`	operator	Create shipment record
POST	`/api/phase3/shipments/update-status`	operator	Update shipment tracking status
POST	`/api/finance/payments/[paymentId]/upload-proof`	school_admin	Upload payment proof document

Exam Production & Results

Method	Path	Auth	Description
POST	`/api/phase4/exams/create-session`	operator	Create exam session
POST	`/api/phase4/exams/start`	operator	Start exam session
POST	`/api/phase4/exams/complete`	operator	Mark exam session complete
POST	`/api/phase4/attendance/bulk-submit`	invigilator	Bulk submit attendance records
POST	`/api/phase4/omr-packets/create`	operator	Create OMR packet record
POST	`/api/phase4/omr-packets/update-status`	operator	Update OMR packet status
POST	`/api/phase4/scans/record`	operator	Record OMR scan result
POST	`/api/phase4/results/finalize`	super_admin	Finalize and publish results (requires approval)
GET	`/api/phase4/results/report`	operator	Download results report
POST	`/api/phase4/certificates/generate`	operator	Generate certificate batch
GET	`/api/phase4/certificates/render`	operator, student	Render single certificate PDF
POST	`/api/phase4/certificates/distribute`	operator	Mark certificates as distributed
POST	`/api/phase4/reevaluation/request`	school_admin	Submit reevaluation request

Online Exam Platform (Phase 6)

Method	Path	Auth	Description
POST	`/api/phase6/candidates/verify`	student	Verify candidate identity before exam start
POST	`/api/phase6/sessions/start`	student	Start online exam session (server-authoritative timer)
POST	`/api/phase6/sessions/event`	student	Record session lifecycle event
POST	`/api/phase6/responses/autosave`	student	30s autosave of answer responses (service-role gated)
POST	`/api/phase6/submissions/submit`	student	Final submission — 3-layer chain: realtime → background sync → QR fallback
POST	`/api/phase6/proctoring/event`	student	Record proctoring event (append-only, cannot auto-invalidate)
POST	`/api/phase6/evaluation/record`	operator	Record evaluation result
POST	`/api/phase6/support/create`	student, invigilator	Create support ticket
POST	`/api/phase6/support/escalate`	invigilator	Escalate support ticket

School Portal

Method	Path	Description
GET	`/api/school/admit-cards`	List admit cards for school
GET	`/api/school/admit-cards/[studentId]`	Single student admit card
GET	`/api/school/admit-cards/bulk-zip`	Bulk ZIP download of all admit cards
GET	`/api/school/student-status`	Student registration status summary
GET	`/api/school/omr-tracking`	OMR packet tracking for school
GET	`/api/school/nominations`	Nomination list
GET	`/api/school/exam-day`	Exam day logistics
GET	`/api/school/fees`	Fee payment status
GET	`/api/school/analytics`	School performance analytics
GET	`/api/school/analytics/benchmark`	School benchmark vs national
GET	`/api/school/national-rank`	School national ranking
GET	`/api/school/toppers`	School toppers list
GET	`/api/school/report-card/pdf`	School report card PDF
GET	`/api/school/lms/mastery`	LMS mastery data for school

Vendor Portal

Method	Path	Description
GET	`/api/vendor/dashboard`	Vendor dashboard summary
GET/POST	`/api/vendor/print-orders`	List / create print orders
GET/PATCH	`/api/vendor/print-orders/[id]`	Get or update a print order
GET/POST	`/api/vendor/shipments`	List / create shipments
GET/PATCH	`/api/vendor/shipments/[id]`	Get or update a shipment
GET	`/api/vendor/omr-pickups`	OMR pickup schedules
GET/POST	`/api/vendor/omr-batches`	OMR batch list / create
GET/PATCH	`/api/vendor/omr-batches/[batchId]`	OMR batch detail / update
GET	`/api/vendor/performance`	Vendor performance metrics
GET	`/api/vendor/billing`	Vendor billing summary
POST	`/api/vendor/otp/send`	Send OTP for vendor login

AI, Agents & Platform

Method	Path	Auth	Description
POST	`/api/phase5/orchestration/start`	operator	Start agent orchestration workflow
POST	`/api/phase7/recommendations/create`	student	Create adaptive learning recommendation
POST	`/api/phase7/tutor/log`	student	Log tutor interaction
POST	`/api/phase8/conversations/create`	authenticated	Create workspace conversation
POST	`/api/phase8/messages/post`	authenticated	Post message to conversation
POST	`/api/phase8/notifications/queue`	service-role	Queue notification for delivery
POST	`/api/phase9/twin/scenario`	super_admin	Run digital twin simulation scenario
POST	`/api/phase9/security/privileged-access`	super_admin	Request privileged access (requires approval)
POST	`/api/ceo-chat/session`	super_admin	CEO Agent chat session
POST	`/api/ceo-decisions`	super_admin	Record CEO agent decision
GET	`/api/compliance/status`	super_admin	Overall compliance posture status
POST	`/api/operations/lms/ingest`	operator	Ingest LMS content
POST	`/api/operations/lms/review`	operator	Review LMS content before publish

Engineering Guide

Developer Guide

Conventions, patterns, and workflows for contributing to this codebase. Read this before writing your first query or adding a new feature.

Repo structure

OS/
├── src/
│   ├── app/               Next.js App Router — pages + API routes
│   │   ├── api/           Server-side route handlers (phase2–phase9, internal, school, vendor…)
│   │   ├── operations/    Operator portal pages
│   │   ├── school/        School coordinator portal
│   │   ├── student/       Student portal (learn/, exam/)
│   │   ├── parent/        Parent portal
│   │   ├── vendor/        Vendor portal
│   │   ├── invigilator/   Invigilator portal
│   │   ├── teacher/       Teacher portal
│   │   ├── coordinator/   Coordinator portal
│   │   ├── ai-ops/        AI Ops / CEO Agent interface
│   │   └── (marketing)/   Public marketing pages
│   ├── lib/
│   │   ├── supabase/      client.ts, admin.ts (server-only), database.types.ts
│   │   ├── services/      Deterministic business logic (no AI, no side effects)
│   │   ├── agents/        group1-crm-agents.ts … group18-security-compliance-agents.ts
│   │   ├── auth/          portal-access.ts, mfa-policy.ts
│   │   └── security/      safe-logging.ts, PII redaction
│   └── proxy.ts           Auth gate + CSP nonce — runs on EVERY request
├── workers/               Cloudflare Workers (7 files)
│   └── agents/            288 agent DO implementations (116 in h11/)
├── supabase/
│   └── migrations/        97 ordered .sql files (0001–0097)
├── docs/
│   ├── AGENTS.md          Full agent directory (288 agents, 5 600+ lines)
│   ├── API.md             API reference (351 routes, 3 900+ lines)
│   ├── mint.json          Mintlify docs portal config
│   ├── DOCUMENTATION_SETUP.md  Platform comparison + setup guide
│   ├── finverse-agentic-os-handover.html  This document
│   └── design.md          Design system tokens (single source of truth)
├── README.md              GitHub landing page with Mermaid architecture diagram
├── CONTRIBUTING.md        Schema-first rule, agent governance, PR checklist
└── .github/workflows/     CI/CD pipeline (deploy.yml)

Documentation hub

Six reference files ship with the repo. Read these before writing code — they contain the patterns, constraints, and platform decisions that apply to every contribution.

File	Lines	What to use it for
`README.md`	381	GitHub landing page — architecture diagram, portal table, agent fleet, quick start
`docs/AGENTS.md`	5 600+	Full agent directory — 288 agent implementations documented with tools, workflows, outcomes, and guardrails
`docs/API.md`	3 900+	All 351 API routes — auth roles, request/response shapes, error codes
`CONTRIBUTING.md`	782	Schema-first rule, two-step join pattern, agent governance, PR checklist
`docs/mint.json`	442	Mintlify docs portal config — 5 nav tabs, 18 agent sub-pages, ready to deploy with `npx mintlify dev`
`docs/DOCUMENTATION_SETUP.md`	572	Platform comparison (Mintlify vs Fern vs 5 others), setup guide, migration path from this HTML to MDX

To launch the Mintlify docs portal locally

cd OS/docs
npx mintlify dev           # Preview at http://localhost:3333
# Deploy: push mint.json + MDX pages to GitHub — Mintlify auto-deploys on push

⚠️ Schema-first rule — read before every query

Always check database.types.ts before writing any Supabase query

Never assume column names exist. The following columns do NOT exist on the tables you might expect: school_id on result_records/certificates, total_marks on result_records, rank_school/rank_district/rank_state/rank_national on result_records, certificate_url on certificates.

# Find a table's Row type
grep -n '"tableName"' src/lib/supabase/database.types.ts
# Then read that line + 40 lines to see every column in the Row type

# Example: check result_records columns
grep -n '"result_records"' src/lib/supabase/database.types.ts

See Database → Two-Step Join Pattern for how to handle tables without a direct school_id.

Coding patterns

Pattern	Rule
Supabase client (server)	Use `createClient()` from `src/lib/supabase/client.ts` in server components and API routes
Supabase client (browser)	Use anon key client — never service role key in browser code
Admin client	`src/lib/supabase/admin.ts` is guarded with `import 'server-only'` — will throw at build time if imported from browser code
New ops schema tables	`const db = supabase as any` with `// eslint-disable-next-line @typescript-eslint/no-explicit-any` — until types are regenerated
Agent tools	Go in `workers/agents/group{N}-*.ts`, use `safeWorkerFetch()` for all outbound HTTP — SSRF protection
Accounting thresholds	Never hardcode TDS amounts — read from `acc_settings` table. Never hardcode COA codes — use `acc_classification_rules`
Logging / PII	All log output goes through `src/lib/security/safe-logging.ts` which redacts PII. Never use `console.log` directly with user data
Error codes	Accounting API routes use `FV-PLT-ACC-*` error codes. See `docs/errorcodes.md`

Testing strategy

All tests use Vitest. Run: npm test (expects 2268 passing). Test files live alongside source as *.test.ts.

Test type	Location	What it covers
Unit tests	`src/*/.test.ts`	Service functions, utility functions, deterministic logic
API route tests	`src/app/api/*/.test.ts`	Route handlers — request/response shapes, auth checks
Portal smoke tests	`src/app/{portal}/*/.test.ts`	Key portal flows — student, parent, school, invigilator
Safe-logging policy	`src/lib/security/safe-logging-policy.test.ts`	Scans ALL source files for `console.*` violations — fails CI if found

There is no enforced coverage threshold, but aim for >80% on the service layer in src/lib/services/.

Adding a new feature

Write migration in supabase/migrations/ — next sequential number (e.g. 0098_my_feature.sql)
Regenerate types: supabase gen types typescript --linked > src/lib/supabase/database.types.ts
Write deterministic service function in src/lib/services/
Write API route handler in src/app/api/ — check auth role in handler
Write UI page/component in src/app/{portal}/
If AI-assisted: add agent tool in workers/agents/group{N}-*.ts with Zod schema validation + audit log entry
Write tests in *.test.ts alongside each new file
Run npm run lint && npm run typecheck && npm test — all must pass
Run npm run audit:high — must be clean before merging

Deploy

Deployment

Three separate deployments: Supabase (database + auth + storage), Cloudflare Workers (agents + cron + WebSocket), and Vercel (Next.js app). All three must be deployed and configured before the system is operational.

Environment variables

Variable	Service	Source	Required
`NEXT_PUBLIC_SUPABASE_URL`	Next.js (public)	Supabase project → Settings → API	✅
`NEXT_PUBLIC_SUPABASE_ANON_KEY`	Next.js (public)	Supabase project → Settings → API	✅
`SUPABASE_SERVICE_ROLE_KEY`	Next.js server-only	Supabase project → Settings → API (secret)	✅
`GROQ_API_KEY`	Cloudflare Workers	console.groq.com → API Keys	✅
`RAZORPAY_KEY_ID`	Next.js	Razorpay dashboard → API Keys	✅ prod
`RAZORPAY_KEY_SECRET`	Next.js server	Razorpay dashboard → API Keys	✅ prod
`RAZORPAY_WEBHOOK_SECRET`	Next.js API route	Razorpay dashboard → Webhooks	✅ prod
`RESEND_API_KEY`	notification-worker	resend.com → API Keys	✅ prod
`CERT_IN_ALERT_WEBHOOK`	cert-in-alert-worker	Slack/PagerDuty webhook URL	✅ prod
`CLOUDFLARE_ACCOUNT_ID`	wrangler	Cloudflare dashboard	✅ CF deploy
`CLOUDFLARE_API_TOKEN`	wrangler	Cloudflare dashboard → API Tokens	✅ CF deploy

Never put secrets in wrangler.toml or .env files committed to git

Use wrangler secret put <NAME> for Cloudflare Worker secrets. Use Vercel dashboard environment variables for Next.js secrets. The NEXT_PUBLIC_* vars are safe to expose — they're the anon key only.

1 · Supabase setup

Create a new Supabase project — select region ap-south-1 (AWS Mumbai) mandatory for India DPDP compliance
Link: supabase link --project-ref <your-project-ref>
Push all 97 migrations: supabase db push
Create Storage buckets: registration-uploads, omr-scans, certificates, payment-proofs, invoice-pdfs
Configure Auth: enable email+OTP, set redirect URLs for production domain, enable MFA enforcement for staff roles

2 · Cloudflare Workers deploy

cd workers

# Deploy all 7 workers
wrangler deploy outbox-processor.ts
wrangler deploy notification-worker.ts
wrangler deploy invoice-pdf-worker.ts
wrangler deploy finance-reconciliation-worker.ts
wrangler deploy cert-in-alert-worker.ts
wrangler deploy agent-session.ts
wrangler deploy registration-workflow.ts

# Set secrets (never in wrangler.toml)
wrangler secret put SUPABASE_SERVICE_ROLE_KEY
wrangler secret put GROQ_API_KEY
wrangler secret put CERT_IN_ALERT_WEBHOOK
wrangler secret put RESEND_API_KEY

Durable Object bindings and cron triggers are configured in workers/wrangler.toml. Verify compatibility_date is set to a past date before deploying.

3 · Vercel deployment

# First time
vercel --prod

# Subsequent deployments happen automatically via GitHub Actions
# on every push to master (see .github/workflows/deploy.yml)

Set all environment variables in the Vercel dashboard (Project → Settings → Environment Variables) before the first deployment. The CI/CD pipeline runs: lint → typecheck → test → audit → build → deploy.

CI step	Command	Must pass
Lint	`npm run lint`	Zero warnings
Type check	`npm run typecheck`	Zero errors
Tests	`npm test`	All 2268 passing
Security audit	`npm run audit:high`	No high/critical CVEs
Build	`npm run build`	Zero errors

Security & Compliance

Security

Defence-in-depth spanning authentication, data residency (India), agent governance, OWASP hardening, and regulatory compliance. The audit trail is append-only and tamper-evident.

OWASP Top 10 CERT-In compliant DPDP Act 2023 RBI Payment Data RLS enforced Zero-trust agents

Security architecture

Layer	Control	Implementation
Authentication	Supabase session + MFA for staff	`src/lib/auth/`, OTP MFA enforced per `mfa-policy.ts`
Authorisation	Role-based + portal-scoped	`src/proxy.ts` checks role on every request
Transport	HTTPS enforced everywhere	HSTS 2-year max-age, preload flag in `next.config.ts`
Agent boundary	Advisory-only, no direct DB access	`BaseFinverseAgent` — no Supabase client
Data residency	India (ap-south-1)	Supabase Postgres in AWS Mumbai
Secrets	Server-only, never in browser bundle	`import 'server-only'` guard on `admin.ts`
Audit trail	Append-only, immutable	`audit_events` table — INSERT-only RLS, no UPDATE/DELETE
Egress	Allowlist-only from Workers	`safeWorkerFetch()` — SSRF protection with CGNAT blocklist
CSP	Strict-dynamic nonce	Injected by `src/proxy.ts` on every request
Dependencies	No high/critical CVEs	`npm audit --audit-level=high` enforced in CI

OWASP hardening

Control	Implementation
Content Security Policy	Strict-dynamic nonce — injected by `src/proxy.ts`, prevents XSS from injected scripts
HSTS	`Strict-Transport-Security: max-age=63072000; includeSubDomains; preload`
Clickjacking	`X-Frame-Options: DENY` + CSP `frame-ancestors 'none'`
MIME sniffing	`X-Content-Type-Options: nosniff`
SSRF	`safeWorkerFetch()` in `workers/lib/egress.ts` — blocklist includes RFC1918, loopback, CGNAT (100.64/10), benchmarking (198.18/15)
PII in logs	`safe-logging.ts` redacts PII before any log output; `safe-logging-policy.test.ts` scans all source for violations
SQL injection	Supabase parameterised queries only — no raw SQL in application code
Dependency CVEs	`npm audit --audit-level=high` in CI — build fails on any high/critical finding

CERT-In compliance

Under the IT (Amendment) Act 2008 and CERT-In Directions (2022), Finverse must report certain cybersecurity incidents within 6 hours of becoming aware.

Trigger	Examples
Unauthorised access	Account compromise, session hijack, privilege escalation
Data breach	PII exfiltration, database exposure
Ransomware / malware	Any encryption of operational data
Critical infrastructure scan	Targeted probing of production systems

# Worker polls every 30 minutes
workers/cert-in-alert-worker.ts
# Marks alert_sent before dispatch (prevents duplicate alerts)

# API to file an incident report
POST /api/phase9/security/privileged-access

CERT_IN_ALERT_WEBHOOK must be wired before production

Set CERT_IN_ALERT_WEBHOOK to a real Slack or PagerDuty endpoint via wrangler secret put. Failure to report within 6 hours is a punishable offence under Section 70B of the IT Act.

DPDP Act 2023

The Digital Personal Data Protection Act 2023 governs all personal data of Indian citizens processed by the platform.

Requirement	Implementation
Data residency	All data in ap-south-1 (AWS Mumbai). Supabase project must be created in this region.
Parental consent (minors)	Migration `0066_h4_parental_consent_runtime_gate.sql` — consent gate before any child data processing
Privacy rights workflows	Migration `0067_h4_privacy_rights_workflows.sql` — right to access, correction, erasure
Retention & deletion	Migration `0068_h4_retention_deletion_guardrails.sql` — data retention schedules and deletion workflows
Privacy notice	`/privacy/dpdp/en` and `/privacy/dpdp/hi` — English and Hindi versions

RBI Payment Data compliance

All payment data handling follows RBI guidelines on storage, processing, and residency of payment data.

Control	Implementation
Payment encryption guardrails	Migration `0069_h5_payment_encryption_guardrails.sql`
Webhook replay protection	Migration `0070_h5_payment_webhook_replay_guardrails.sql`
Ledger integrity validator	Migration `0071_h5_payment_ledger_integrity_validator.sql`
Residency evidence	Migration `0072_h5_payment_residency_evidence.sql`
Razorpay webhook verification	HMAC-SHA256 signature verification on every webhook — `RAZORPAY_WEBHOOK_SECRET` must be set

Key security files

src/proxy.ts                              — Auth gate + CSP nonce (every request)
src/lib/auth/portal-access.ts             — Role → portal path mapping
src/lib/auth/mfa-policy.ts                — MFA enforcement rules per role
src/lib/security/safe-logging.ts          — PII redaction before any log output
src/lib/security/safe-logging-policy.test.ts — Scans all source for console.* violations
workers/lib/egress.ts                     — SSRF-safe outbound fetch (allowlist)
workers/cert-in-alert-worker.ts           — CERT-In 6-hour reporting cron
infra/cloudflare/waf-rules.json           — Cloudflare WAF rules (rate limits)

Deployment Status

Production Readiness

The codebase is complete locally — 2268 tests passing, 288 agent implementations production-ready, 97 migrations written. The table below distinguishes what is done from what must be completed before first production deployment.

✅ Done — locally complete

All 15 domain phases implemented (Phases 1–15)

2268 / 2268 tests passing

288 agent implementations production-ready (80/100 score) — 18 core groups + 10 H-11 extended domains

97 migration files written and ordered (0001–0097)

7 Cloudflare Worker files ready for wrangler deploy

GitHub Actions CI/CD pipeline configured (.github/workflows/deploy.yml)

Security headers, RLS, append-only audit trail, CERT-In worker implemented

DPDP + RBI compliance migration guardrails in place (0021–0029, 0066–0072)

12 portals fully built with role guards, MFA enforcement, and design system

Full accounting module (CoA, journal entries, GST, TDS, CA portal) — migrations 0077–0097

🔲 Required before production go-live

✅ 1 · 97 Supabase migrations applied — DONE 2026-06-06

All 97 migrations verified on finverse-agentic-os (ref zkdargzdtwiyjtsfpwsk, ap-south-1). Migration 0043 schema grant confirmed: app_core, authz, audit, events, workflows, ops all return service_role_usage: true via has_schema_privilege().

⚠️ 2 · Cloudflare Workers — agent-session deployed; cron workers pending

finverse-agent-session ✅ live (version 5210682a, health verified). Remaining: outbox-processor, notification-worker, invoice-pdf-worker, finance-reconciliation-worker, cert-in-alert-worker — each requires wrangler deploy and secrets via wrangler secret put.

3 · Wire CERT_IN_ALERT_WEBHOOK to real Slack / PagerDuty channel

Mandatory under IT Act §70B. Failure to report within 6 hours is a punishable offence.

4 · Configure all production secrets in Vercel + Cloudflare dashboards

Supabase service role key, Groq API key, Razorpay production keys + webhook secret, Resend API key — in both Vercel dashboard and wrangler secret put.

5 · Verify workers/.dev.vars is not in git history

Run git log --all --full-history -- workers/.dev.vars. Rotate Groq key immediately if found.

6 · Obtain Razorpay production keys and configure webhook secret

Test key ≠ production key. Webhook secret must match what Razorpay signs events with.

7 · Enable Supabase MFA enforcement for all staff roles in Auth dashboard

Required for OWASP compliance and internal security policy. Enable in Supabase Auth → MFA settings.

✅ 8 · agentToken moved from URL to first WebSocket message — FIXED 2026-06-06

Token no longer appears in server access logs. use-agent-session.ts sends { type: 'auth', token } as the first WS message. BaseFinverseAgent.onMessage validates it against the AGENT_SECRET, stores the authenticated connection_id in SQLite auth_sessions, and gates all subsequent messages. Worker entry point (agent-session.ts) now allows browser WS upgrades through without URL token check. Deployed: version 5210682a.

9 · Fix compatibility_date in wrangler.toml

Currently set to a future date. Change to a past date matching the Cloudflare Workers compatibility you need.

10 · Add Zod validation to model-router.ts and cert-in-alert-worker.ts

Both currently cast res.json() without schema validation — add Zod schemas for LLM and CERT-In response shapes.

Go-Live Gate

Pre-Production Checklist

Complete every item before deploying to production. Items are grouped by category. All items must be ✅ before go-live.

Infrastructure

Supabase project created in ap-south-1 (AWS Mumbai) — India data residency for DPDP compliance
✅ All 97 migrations applied — DONE 2026-06-06 (verified on zkdargzdtwiyjtsfpwsk)
Storage buckets created: registration-uploads, omr-scans, certificates, payment-proofs, invoice-pdfs
Supabase Auth configured — email+OTP enabled, redirect URLs set for production domain
⚠️ Cloudflare: finverse-agent-session deployed (v5210682a); 270 DO bindings active. Cron workers pending deployment.

Application

All env vars set in Vercel dashboard (NEXT_PUBLIC_* and server-only vars)
All secrets set via wrangler secret put for each worker
npm run build succeeds with zero errors on the production branch
npm run lint && npm run typecheck && npm test — all green (2268 passing)
npm run audit:high — zero high or critical CVEs
wrangler.toml compatibility_date set to a valid past date

Security

CERT_IN_ALERT_WEBHOOK wired to real Slack or PagerDuty endpoint — fire a test alert to confirm
Razorpay production keys configured; webhook secret set and verified
MFA enabled for all staff roles in Supabase Auth dashboard
CSP headers verified via browser DevTools → Network → Response Headers on a protected route
HSTS preload header confirmed present on production domain
workers/.dev.vars confirmed absent from git history
✅ agentToken moved from URL query string to first WebSocket message — DONE 2026-06-06 (version 5210682a)

Smoke tests

School coordinator can upload a registration Excel and see validated preview
Registration batch can be approved → invoice generated → PDF downloadable
Student can log in, view results, and download certificate
CA / Auditor portal is read-only — attempt POST to any finance route → 403
Online exam session: start → autosave → submit → score recorded
Health endpoint GET /api/health returns {"status":"ok"}
CERT-In alert worker: file a test incident → webhook fires within 30-min poll window

Portal Reference

User Journeys & Data Flows

End-to-end journeys for every portal role: what the user sees, what APIs are called, what data flows in and out, what agents are involved, and the expected behaviour and error states at each stage.

Operator / Staff Journey

Staff is the control-plane of Finverse Academy. Nine distinct roles are supported, each mapping to an app_role enum value in authz.user_roles. Every privileged role requires TOTP MFA (AAL2) and is scoped via a role-based redirect after login.

Staff Role Registry

#	Role	app_role enum	Scope	MFA
1	CEO / Founder	`super_admin`	Global — all data, all agents, all portals	TOTP mandatory
2	Operations Manager	`ops_admin`	All ops workflows, exceptions, batches, logistics	TOTP mandatory
3	Finance Officer	`finance_user`	Invoices, payments, reconciliation, ledger, refunds	TOTP mandatory
4	Chartered Accountant	`finance_user` + CA flag	Ledger entries, GST, trial balance, audit evidence	TOTP mandatory
5	Exam Operations	`exam_ops`	OMR, logistics, vendor coordination, exam delivery	TOTP mandatory
6	Academic / Results	`academic_reviewer`	Rankings, results publication, re-evaluation, awards	TOTP mandatory
7	Content Reviewer	`content_reviewer`	Question content, answer keys, translations, IP rights	TOTP mandatory
8	Support Staff	`support_user`	Helpdesk, school/parent/student queries, escalations	TOTP mandatory
9	Viewer / Analyst	`viewer`	Read-only dashboards, reports — no mutations	TOTP recommended

Stage 1 — Login & MFA

URL: /login → Staff tab (default tab on page load). Method: Email + Password only. No Google OAuth, no Magic Link for staff — bypassing TOTP is not permitted.

Password rules: Minimum 12 characters; at least 1 uppercase, 1 number, 1 special character; cannot contain username or email; cannot be one of the last 5 passwords; expires every 90 days. Failed login lockout: 5 attempts → 15-minute lockout.

TOTP flow (first login): User enters credentials → TOTP setup screen → QR code → enrol in Google Authenticator or Authy → verify 6-digit code → AAL2 JWT issued.

TOTP flow (subsequent logins): Password → TOTP challenge → AAL2 session established. Session duration: 8 hours, then re-auth required.

TOTP fallback: Email OTP sent to registered staff email.

AAL2 check: Verified via JWT amr claim — no extra API call needed. Implemented in resolveStaffRole() at src/lib/queries/staff/resolve.ts.

LoginAgentWidget behaviour: Displays live auth steps — Credentials received → Cloudflare edge OK → Supabase API reachable → Email format valid → Verifying password → Password accepted → TOTP challenge. On error: shows LG-XXX error code + plain English resolution + "Send to IT helpdesk" button.

Post-login redirect by role:

Role	Redirect
super_admin	`/operations` (Ops Control Tower)
ops_admin	`/operations`
finance_user	`/finance`
finance_user + CA	`/finance/ledger`
exam_ops	`/operations/exams`
academic_reviewer	`/academic`
content_reviewer	`/content`
support_user	`/support`
viewer	`/analytics`

Stage 2 — Operations Manager Journey (`/operations`)

Page	Key UI & Data	APIs / Agents
`/operations`	Exception queue triage feed, workflow status board, agent activity stream, SLA risk alerts, 3-column dark shell	`OpsControlTowerAgent` — reads `ops.exceptions`, `workflows.workflow_instances`
`/operations/registrations`	Batch list, validation summary, exception resolution, approve/hold CTAs	`SchoolOperationsAgent` — `GET /api/ops/registrations`, reads `ops.registration_batches`
`/operations/schools`	School CRM list, city, status chip, registration count	Queries `ops.schools` + `ops.registration_rows` count
`/operations/exceptions`	Full exception triage, all severities, assign owner, bulk resolve	`ExceptionPrioritizationAgent` — `ops.exceptions`
`/operations/exams`	Production dashboard, vendor status, shipment tracking	`ExamMonitoringAgent`
`/analytics`	Batch throughput, exception resolution rate, SLA adherence	`CohortAnalyticsAgent` (read-only)

Chat widget greeting: "Operations dashboard ready. I'm watching 6 active agents — Registration, Exception, Finance, Mapping, Campaign, and Audit. What do you need?"

Key agent actions (all with approval gates): Approve batch (approve_batch tool — high risk, approval gate → triggers invoice generation workflow); Resolve exception (resolve_exception — medium, confirm + reason); Escalate exception (escalate_exception — medium, confirm); Hold batch (hold_batch — medium, confirm + reason).

Blocked pages: /finance/ledger, /academic, /content, /settings/team

Stage 3 — Finance Officer Journey (`/finance`)

Page	Data shown	Key API / Table
`/finance`	Revenue summary (B2B school + B2C parent), collection rate, overdue banner, payment anomalies	`FinancialReviewAgent` — `ops.invoices`, `ops.payments`
`/finance/invoices`	Invoice list filtered by status/school/cycle, generate invoice, download PDF, send invoice	`GET /api/finance/invoices` — `ops.invoices` with `schools(canonical_name)` join
`/finance/payments`	Payment log, UTR lookup, match payment to invoice, unmatched queue	`PaymentReconciliationAgent` — joins via `school_id`
`/finance/collections`	Overdue schools sorted by risk score (days × amount), send reminder CTA, escalate CTA	`FinanceCollectionsAgent` — `ops.invoices` where status != 'received'
`/finance/reconciliation`	Reconciliation queue, confidence scores, approve match / hold / escalate	`GET /api/finance/reconciliation` — `ops.payments` where status = 'received' and unmatched
`/finance/reports`	Collection forecast, cashflow summary, cycle revenue report, export CSV	6 report cards linking to finance sub-pages with row counts

Column corrections (actual schema): Use received_date (not payment_date); status = "received" (not "confirmed"); schools(canonical_name) (not school_name); payments join via school_id (not invoice_id).

Finance officer tool registry (11 tools): 7 read tools: get_invoice_list, get_overdue_schools, get_unmatched_payments, get_reconciliation_queue, get_revenue_summary, get_payment_anomalies, get_refund_requests. 4 mutation tools (medium risk, confirm gate): match_payment_to_invoice, send_payment_reminder, flag_payment_anomaly, generate_collection_report.

Blocked: Cannot post ledger entries (CA flag required). Cannot touch result or academic data. /finance/ledger is CA-only.

Stage 4 — Chartered Accountant Journey (`/finance/ledger`)

Page	What is shown
`/finance/ledger`	Running balance ledger from confirmed payments; total credited KPI; anomaly flags; period selector
`/finance/ledger/review`	CA review queue — AI-drafted entries awaiting sign-off; discrepancy detection between `paid_amount` and sum of received payments; delta column in red/green
`/finance/trial-balance`	5 GL accounts with debit/credit totals; balance check (debits = credits); unexplained variance flags
`/finance/pl`	Monthly revenue bar chart (CSS); KPI summary (total, avg, peak month)
`/finance/balance-sheet`	Assets vs liabilities two-column; receivables + collections on asset side
`/finance/gst`	GST at 18% per invoice; CGST/SGST breakdown; total tax summary
`/finance/audit`	`audit.audit_logs` with action / actor_user_id / subject_table columns

Critical rule: AI summarises and explains — CA signs off. No AI auto-posting ever. post_ledger_entry and approve_ledger_entry both require a non-empty audit_note parameter. The tool call fails without it. Every ledger entry requires CA sign-off; the UI is read-only without an active approval gate.

Accounting schema rules: acc_journal_entries actual schema uses entry_number, description, source_type (CHECK: 'manual'|'system'|'import'|'batch'), period_id (NOT NULL), created_by (NOT NULL). No entry_type, no reversal_of, no total_debit/total_credit. Journal entry lines use line_number (not line_order), amounts in BIGINT paise. acc_ledger_balances.closing_balance is BIGINT paise — divide by 100 for rupees.

Stage 5 — Exam Operations Journey (`/operations/exams`)

Page	Data / Tables	Agent
`/operations/exams`	Production batches, OMR allocation status, print orders, vendor summary	`ExamMonitoringAgent`
`/operations/exams/production`	Production batch list from `ops.production_batches`; freeze registration CTA; OMR allocation status; print order generation	`ProductionPlanningAgent`
`/operations/exams/vendors`	Vendor list, production status per vendor from `ops.vendors`; SLA tracker; escalate CTA	`VendorIntelligenceAgent`
`/operations/exams/logistics`	Shipment tracker from `ops.shipments`; ETA status; delayed shipments feed; emergency reprint CTA	`LogisticsTrackingAgent`
`/operations/exams/attendance`	Attendance submission status by school from `ops.attendance_records`; reconciliation mismatch feed	`AttendanceReconciliationAgent`
`/operations/exams/omr`	OMR intake log from `ops.omr_packets`; packet count vs expected; scan quality flags	`OMRIntakeAgent`
`/operations/exams/evaluation`	Evaluation progress; scan throughput; unreadable OMR queue	`OmrEvaluationSubmissionAgent` (advisory)

Approval gates: Registration freeze confirm (freeze_registrations — critical, approval gate); vendor reassignment confirm (assign_vendor — medium, confirm); emergency reprint confirm (approve_emergency_reprint — high, approval gate).

DB-backed routes added 2026-05-26: POST /api/invigilator/sessions/[id]/attendance calls ops.submit_attendance RPC; POST /api/invigilator/sessions/[id]/dispatch transitions OMR packet to "dispatched".

Stage 6 — Academic / Results Journey (`/academic`)

Page	Data / Tables	Agent
`/academic`	Results readiness dashboard — evaluation complete %, ranking conflicts, publication checklist	`ResultIntegrityAgent`
`/academic/results`	`result_records` via two-step join: `students.school_id → result_records.student_id`. Note: `percentile` stored 0–1 decimal → display ×100	`ResultIntegrityAgent`
`/academic/rankings`	Published results sorted by `rank` column (single column — no multi-level breakdown); duplicate rank flags; tie-break log	`RankingIntegrityAgent`
`/academic/reevaluation`	`reevaluation_requests` table; open/decided counts; evidence review	`ReEvaluationAgent`
`/academic/certificates`	Certificate management via two-step join: `students.school_id → certificates.student_id`; issued/pending counts; revoke CTA	`CertificateGenerationAgent`
`/academic/awards`	Award allocation — topper thresholds, scholarship eligibility, medal assignment status	Academic team tools
`/academic/publication`	5 pipeline stages with state detection; publish-ready checklist; approve cycle result publish CTA	`ResultPublicationAgent`

Hard rules: Score overrides require human approval + audit note — agent cannot change scores. publish_results tool requires publication_checklist_complete = true before the approval gate shows; agent blocks the CTA if checklist has incomplete items. Schema corrections: students.full_name (not name); no roll_number column; result_records and certificates have no direct school_id.

Stage 7 — Content Reviewer Journey (`/content`)

Three-layer content publication pipeline: AI generates → Human reviews → Human approves → Published.

AI-generated content (by LessonGenerationAgent, PracticeGenerationAgent, MockTestAgent) lands in draft status. Nothing is visible to students until approved.

Page	Tables used	Agent
`/content`	Content review dashboard — pending reviews, IP flags, similarity alerts, leakage risk	`AcademicReviewAssistant`
`/content/review`	`academic.question_items`: `stem`, `grade`, `review_status`, `item_type` columns	`ContentPublishApprovalAgent`
`/content/answer-keys`	Exam sessions per exam with answer key status; verify correct answers, flag ambiguous options	`AnswerKeyReviewAgent`
`/content/ip-rights`	Rights check queue, similarity score per item; takedown triage	`SimilarityReviewAgent`
`/content/translations`	Translation QA queue — English vs Hindi/regional; meaning preservation check	`TranslationQAAgent`
`/content/leakage`	Exceptions with leak types + entity_type/entity_id path; exposure risk score	`ExamLeakageRiskAgent`
`/content/governance`	`workflows.approval_requests` filtered to content type; `decided_at`/`decided_by` columns	Governance log agent

Schema corrections: academic.question_items: stem (not question_text), grade (not subject), review_status (not status), item_type (not difficulty). workflows.approval_requests: decided_at/decided_by (not approved_at/approver_id).

Official question paper pipeline: Draft → Academic Review Assistant → Answer Key Review → Content Reviewer sign-off → Similarity Review Agent → Exam Leakage Risk Agent → Academic Team final approval → approved_bank status → ExamPaperCompositionAgent assembles from approved bank only → super_admin or academic_reviewer approves full paper → Paper sealed immutable, locked behind time-controlled download. Every sealed-paper view is logged in audit_logs with timestamp, user, and IP.

Stage 8 — Support Staff Journey (`/support`)

Page	Data / Tables
`/support`	4 KPI cards (Total, Open, Critical, Resolved this month) from `ops.exceptions`; 10-row recent table
`/support/tickets`	Open exceptions sorted critical → high → medium → low; severity chip; entity/notes preview
`/support/schools`	All schools + open exception count (entity_type = 'school' grouping); contact details (read-only); registration status; invoice paid/unpaid — no amounts
`/support/parents`	`parent_messages` — placeholder until typed schema includes this table. Shows paid/unpaid only — no financial amounts
`/support/students`	50 most recent students; `full_name` column; join to `schools(canonical_name, display_name)`. Login status only — no scores
`/support/diagnostics`	`workflows.job_queue`, `workflows.workflow_instances`, `workflows.approval_requests` — 3 KPI sections
`/support/escalations`	Critical + high open exceptions; SLA breach detection (>48h open = "SLA Breached" red badge)

Data access limits enforced at tool level: lookup_student strips theta_score, item_responses, any academic performance. lookup_school strips invoice amount fields — returns only paid/unpaid boolean. lookup_parent strips payment amounts — returns only paid/unpaid boolean. No bulk student PII visible at any support page.

Stage 9 — Viewer / Analyst Journey (`/analytics`)

Page	What is shown
`/analytics`	Cycle KPI overview: schools, students, completed exam sessions, avg score
`/analytics/schools`	Per-school performance ranked by avg score; progress bars
`/analytics/academic`	Subject-level accuracy stacked rows from `result_records`
`/analytics/exams`	Exam participation from `attendance_records` (correct table — not `exam_attendance`)
`/analytics/revenue`	Monthly revenue bar chart + outstanding metric — aggregated, no individual amounts
`/analytics/export`	4 CSV download cards with row counts — no PII in exports

Hard block: All mutation CTAs disabled. Widget returns data only; no approval gates visible. viewer role has 6 read-only tools: get_cycle_kpis, get_revenue_trends, get_school_participation, get_subject_performance, get_agent_throughput, and export_aggregated_csv (low risk, confirm only).

Approval Gate Matrix

Action	Who can approve
Registration batch freeze	ops_admin, super_admin
Invoice generation	ops_admin, super_admin
Invoice dispatch to school	finance_user, super_admin
Payment reconciliation match	finance_user, super_admin
Large payment write-off	super_admin only
Refund processing	finance_user, super_admin
Ledger entry posting	finance_user + CA flag only
Vendor reassignment	exam_ops, super_admin
Emergency reprint	exam_ops, super_admin
Result publication	academic_reviewer, super_admin
Rank override	academic_reviewer + audit note, super_admin
Re-evaluation decision	academic_reviewer, super_admin
Certificate revocation	academic_reviewer, super_admin
Content item publish	content_reviewer, super_admin
IP takedown	content_reviewer, super_admin
Bulk email to schools/parents	ops_admin, finance_user, super_admin
Any action above ₹50,000	super_admin only

Staff FAQ Routing

The matchStaffFaq() function in src/lib/staff-faq.ts intercepts queries before any LLM call. 28 entries total: 18 Category A (local, <50ms) and 10 Category B (LLM reasoning required).

Staff portal detection: any path starting with /operations, /finance, /academic, /content, /analytics, or /support.

Category A examples (no LLM): "exception queue" → OpsControlTowerAgent; "batch status" → SchoolOperationsAgent; "unmatched payments" → PaymentReconciliationAgent; "ranking conflicts" → RankingIntegrityAgent; "ledger entries pending" → CAReviewAssistant.

Category B examples (LLM required): "explain this ledger entry" → AccountingExplanationAgent; "expected collections by month end" → SLARiskPredictionAgent; "anomalies this week" → FinancialReviewAgent; "audit evidence for INV-XXXX" → AuditEvidenceAgent.

Total PAGE_CONTEXT entries: 171 (across all staff routes). Error codes: 154 total (LG-30 + SL-26 + SCH-38 + PAR-26 + INV-20 + TCH-4 + OPS-6 + CRD-4).

DPDP Data Rules — What Goes to LLM vs What Stays in DB

Student-level Rasch scores are never sent raw to any LLM prompt. They are computed deterministically in Supabase functions and stored with RLS. When LLM is called, only aggregated category is passed:

STAYS IN DB (never sent to LLM):
  student_id: uuid
  theta_score: 0.73
  item_responses: [{item_id, response, correct, time_ms}]
  misconception_tags: ['fraction_addition_error', 'place_value_confusion']

GOES TO LLM (aggregated, anonymised):
  weak_topic: "fractions"
  specific_error_pattern: "adds numerators and denominators separately"
  suggested_focus: "fraction addition with unlike denominators"
  grade_level: 7

School Coordinator Journey

School coordinators access the portal at /school/*. The ChatAgentWidget is served by 5 dedicated Group 9 school portal agents and a local FAQ pre-interceptor (src/lib/school-faq.ts) that answers ~60% of queries without LLM calls.

Agent Coverage

Agent	Workflows	Description
`school_coordinator_portal_agent`	1–5, 13–14, 18	Registration, batch management, exceptions, team
`invoice_assistant_portal_agent`	6–9	Invoice, payment, reconciliation
`exam_monitor_portal_agent`	10–12, 19	Exam kits, schedule, invigilators, OMR
`school_summary_portal_agent`	15, 17, 20	Results, reports, analytics
`certificate_generation_portal_agent`	16	Certificate generation and distribution

Stage 1 — Discover & Onboard

Workflow 1: Check student registration status
Entry: /school/registrations. Tools: getRegistrationStatus → returns total registered, batch breakdown, pending verifications. FAQ triggers: "how many students are registered", "registration count".

Workflow 2: View batch summary
Entry: /school/registrations. Tools: getBatchSummary → lists batches with upload date, student count, validation status. FAQ triggers: "show batch summary", "batch status", "batch overview".

Stage 2 — Registration

Workflow 3: Upload new registration batch
Entry: ChatAgentWidget file upload (paperclip icon). API: POST /api/school/upload → validates MIME/size → uploads to school-uploads bucket. Tools: uploadBatchFile → triggers intake validation worker. FAQ triggers: "how do I upload a new batch", "upload excel", "submit new students".

Workflow 4: Check batch payment/invoice status
Entry: /school/invoices. Tools: getInvoiceStatus → invoice list with amounts and payment state. FAQ triggers: "payment status", "invoice status", "is my invoice paid".

Stage 3 — Finance

Workflow 5: Download invoice PDF
Entry: /school/invoices. API: GET /api/school/invoices → signed PDF URL. FAQ triggers: "download invoice", "invoice pdf".

Workflow 6: Pay invoice / get payment instructions
Tools: getPaymentInstructions → bank transfer details. FAQ triggers: "how do I pay", "payment instructions".

Workflow 7: Upload payment proof
Entry: ChatAgentWidget file upload. API: POST /api/school/upload (MIME: PDF/JPG). Tools: uploadPaymentProof → queues reconciliation worker. FAQ triggers: "upload payment proof", "submit payment receipt".

Workflow 8: Check payment reconciliation status
Tools: getReconciliationStatus → confirms payment match within 24h. FAQ triggers: "is my payment confirmed", "payment reconciliation".

Workflow 9: View outstanding dues
Entry: /school/invoices. Tools: getOutstandingDues → total + per-batch breakdown with due dates. FAQ triggers: "outstanding dues", "how much do I owe".

Stage 4 — Exam Preparation

Workflow 10: Download exam kit / admit cards
Entry: /school/exam-kit. API: GET /api/school/exam-kit. Tools: getAdmitCardDownload → signed PDF admit card bundle. FAQ triggers: "download exam kit", "admit cards", "hall tickets".

Workflow 11: Check exam schedule
Tools: getExamSchedule → exam date, time, mode per registered group. FAQ triggers: "when is the exam", "exam date".

Workflow 12: Check invigilator assignments
Tools: getInvigilatorAssignment → lists invigilators per room and slot. FAQ triggers: "invigilator assignment", "who is the invigilator".

Stage 5 — Exam Execution

Workflow 13: Download question papers / OMR sheets
Entry: /school/exam-kit. Tools: getQuestionPaperDownload → signed download link within release window only. FAQ triggers: "download question paper", "omr sheet".

Workflow 14: Upload completed OMR answer sheets
API: POST /api/school/upload (MIME: PDF/JPG). Tools: uploadAnswerSheet → queues OMR scan worker.

Stage 6 — Results

Workflow 15: Check student results
Entry: /school/results. API: GET /api/school/results → two-step join: students.school_id → result_records.student_id. Returns scores, percentile, qualification status. FAQ triggers: "student results", "are results out".

Workflow 16: Generate/download student certificates
Entry: /school/certificates. API: GET /api/school/certificates → two-step join: students.school_id → certificates.student_id. Tools: getCertificateDownload → signed PDF per student using certificate_code. FAQ triggers: "student certificates", "download certificates".

Workflow 17: Download student result reports
Tools: downloadResultReport → generates CSV/PDF with all student scores and ranks. FAQ triggers: "download result report", "export results".

Stage 7 — Analytics

Workflow 18: View rankings / leaderboard
Entry: /school/results. Tools: getStudentRanking → uses single rank column (no rank_school/district — matches schema). FAQ triggers: "student rankings", "leaderboard", "merit list".

Workflow 19: Check school performance summary
Entry: /school dashboard. Tools: getSchoolPerformanceSummary → average score, pass rate, national comparison.

Stage 8 — Administration

Workflow 20: Manage team / sub-users / invite links
Entry: /school/team, /school/invite. Tools: manageSchoolTeam, generateInviteLink.

API Routes — School Portal

Route	Method	Auth	Description
`/api/school/registrations`	GET	school_user	Registration list scoped to school
`/api/school/batches`	GET	school_user	Batch summary
`/api/school/invoices`	GET	school_user	Invoice list
`/api/school/results`	GET	school_user	Result records (two-step join)
`/api/school/certificates`	GET	school_user	Certificate records (two-step join)
`/api/school/upload`	POST	school_user	File upload to school-uploads bucket
`/api/school/exam-kit`	GET	school_user	Exam kit status + download links
`/api/school/classes`	GET	school_user	Classes with student count per class
`/api/school/analytics`	GET	school_user	Score distributions, subject performance
`/api/school/fees`	GET	school_user	Invoice status, due dates, payment history per student
`/api/school/announcements`	GET/POST	school_user	School-wide announcement board
`/api/school/report-card/pdf`	GET	school_user	Per-student report card PDF (requires results)
`/api/school/admit-cards`	GET	school_user	Hall ticket PDFs per student
`/api/school/admit-cards/bulk`	GET	school_user	ZIP download of all student hall tickets
`/api/school/exam-logistics`	GET/POST	school_user	10-item pre-exam checklist with DB persistence
`/api/school/results/export`	GET	school_user	Full result CSV with all columns
`/api/school/omr`	GET	school_user	OMR packet receipt and scan status
`/api/school/nominations`	GET/POST	school_user	Merit nomination submission
`/api/school/invigilators`	GET/POST	school_user	Assign teachers to rooms and slots

FAQ Pre-Interceptor

40 FAQ entries covering all 20 workflows + 5 general entries. Algorithm: token-overlap ratio + 0.15 per keyword boost, threshold 0.55. ~60% of coordinator queries answered locally in <1ms. CTA chips route canonical tool-trigger phrases to the LLM path when clicked.

handleSend(text)
  ├─ isSchoolPortal && !attachment → matchSchoolFaq(text)
  │     ├─ match ≥ 0.55 → local agent message + optional CTA (zero LLM call)
  │     └─ no match → fall through to Groq
  └─ classifyInteraction() → stateless → /api/agents/chat → Groq

Security

All school portal API routes require requireApiRole(["school_user", "super_admin", "ops_admin"]). Every query is scoped to resolved.schoolId. Tables without school_id (certificates, result_records) are scoped via the two-step join pattern: students.school_id → student_id. FAQ answers are local and informational only — never expose data or mutate state.

Cloudflare Agent Workers

File	Class	DO Binding
`school-coordinator-portal-agent.ts`	`SchoolCoordinatorPortalAgent`	`SCHOOL_COORDINATOR_PORTAL_AGENT`
`invoice-assistant-portal-agent.ts`	`InvoiceAssistantPortalAgent`	`INVOICE_ASSISTANT_PORTAL_AGENT`
`exam-monitor-portal-agent.ts`	`ExamMonitorPortalAgent`	`EXAM_MONITOR_PORTAL_AGENT`
`school-summary-portal-agent.ts`	`SchoolSummaryPortalAgent`	`SCHOOL_SUMMARY_PORTAL_AGENT`
`certificate-generation-portal-agent.ts`	`CertificateGenerationPortalAgent`	`CERTIFICATE_GENERATION_PORTAL_AGENT`

Shared tools: workers/agents/group9/school-portal-tools.ts — 11 read-only tools using adminClient() (service role key) and resolveStudentIds() two-step join. 12 additional CF tools: get_classes_summary, get_school_analytics, get_fees_summary, get_announcements, get_nps_score, get_teachers_list, get_admit_card_status, get_student_exam_status, get_omr_tracking_summary, get_nominations_status, get_exam_day_dashboard, get_absentees_summary.

Student Journey

Students access the portal at /student/*. 10 stages cover registration through post-exam preparation. The ChatAgentWidget uses a 25-entry FAQ interceptor (src/lib/student-faq.ts) answering ~60% of queries locally.

Agent Coverage

Agent	Pages	Description
`student_study_agent`	/student, /student/exam-kit	Dashboard companion, hall ticket queries
`ai_tutor_agent`	/student/learn	AI tutor with SQLite conversation memory (last 40 messages, loads 20 for LLM context)
`mock_test_agent`	/student/mock-tests	Mock test coach
`readiness_agent`	/student/readiness	Exam readiness advisor
`ranking_display_agent`	/student/results	Results and ranking explainer
`certificate_generation_agent`	/student/certificates	Certificate download and verification
`exam_readiness_agent`	/exam/check	Device/network check advisor
`progress_history_agent`	/student (post-exam)	Performance history across cycles

Stage 1 — Discovery & Registration

Student receives invite link from school coordinator. Completes registration form (name, grade, subjects, exam mode). Account created with synthetic email {roll_no}@student.finverse.in. FAQ: "am I registered", "registration confirmed".

Stage 2 — Student Login

Route: /api/auth/student-login — uses roll_no + school_id + DOB. No email/password. LoginAgentWidget provides live authentication steps. On success: redirects to /student. FAQ: "how to login", "forgot credentials". Error codes: LG-series displayed with "Send to support" button.

Stage 3 — Dashboard (`/student`)

Metrics: status, grade, latest score, percentile, readiness %, certificate status. Quick actions: Learn, Mock Test, Results, Hall Ticket. XP bar updated on practice completion. Level badge shown (L1 Bronze → L1 Silver → L1 Gold → L2) driven by score thresholds.

API: GET /api/student/dashboard → student info, latest result, readiness %, cert status. Auth: requireApiRole(["viewer","school_user","super_admin","ops_admin"]) + resolveStudentId().

Stage 4 — Learning & Preparation (`/student/learn`)

Study path: enrolled subjects with score and gap indicators. Practice tab (IRT adaptive question via selectPracticeItem()) — GET /api/student/learn/practice — answered inline with Check Answer / Next Question flow. Quick links to mock tests, readiness, results.

AI Tutor: conversation memory preserved via Cloudflare DO SQLite (last 40 messages, loads last 20 for LLM context). Hard constraints: never reveal raw theta scores; only aggregated category labels go to LLM.

LearningTabs client component toggles between Study Path and Practice sub-views.

Stage 5 — Mock Tests (`/student/mock-tests`)

Catalogue of practice tests derived from enrolled subjects. Timed runner: /student/mock-tests/[id] — countdown timer, question grid navigation, per-answer selection, auto-submit on timeout. Questions generated deterministically via generateMockQuestions(testId, count) with imul hash (40 MCQs, correctOption stripped from response).

Result page: /student/mock-tests/[id]/result — score %, correct/total, time taken, tier badge, full breakdown table. Scoring via evaluateMcqSubmission().

API: GET /api/student/mock-tests/[id] → 40 questions. POST /api/student/mock-tests/[id]/submit → score + breakdown.

Stage 6 — Official Online Exam (`/exam/check` → `/exam/online`)

Device check page at /exam/check: browser, camera, microphone, network, fullscreen. All checks must pass before "Enter Exam" button enables. On pass: router.push("/exam/online").

Phase 6 API routes accept viewer role — students can autosave (30s autosave), submit, and receive proctoring events. Session timers are server-authoritative. Autosave and submission writes are service-role gated. Proctoring events are append-only; they cannot automatically invalidate candidate attempts.

Offline-first: PWA + Service Worker + IndexedDB. 3-layer submission chain: realtime → background sync → QR fallback. AES-256-GCM encrypted questions stored locally.

Stage 7 — Official Offline Exam (Hall Ticket)

Hall ticket downloadable from /student/exam-kit. API: GET /api/student/exam-kit/download → raw PDF with hall ticket, exam centre, instructions. Also shows medal eligibility indicator and what-to-bring checklist.

Stage 8 — Results (`/student/results`)

Latest / All Results tabs via ResultsTabs client component. Latest tab: hero card with score, percentile, rank, qualification status. All Results tab: full table with published date.

API: GET /api/student/results → all result records scoped to authenticated studentId. Single rank column displayed as "Rank" — matches result_records schema (no multi-level breakdown at schema level, though display shows school rank alongside national rank from supplementary query).

Stage 9 — Certificates (`/student/certificates`)

Certificate cards with download PDF and verify links. API: GET /api/student/certificates/[id]/download → raw PDF stream built by buildCertificatePdf(). Revoked certificates return HTTP 410. Certificate download is student-scoped — no cross-student access possible. certificate_code column used for verification token.

Stage 10 — Post-Exam Preparation

Performance history across cycles: progress_history_agent. Readiness for next cycle: /student/readiness. API: GET /api/student/readiness → computes readiness % + tier (Exam Ready / Almost Ready / In Progress / Needs Work) + focus areas from result_records.

All Student API Routes

Route	Method	Returns
`/api/student/dashboard`	GET	student info, latest result, readiness %, cert status
`/api/student/learn/path`	GET	study path modules with scores
`/api/student/learn/gaps`	GET	topic gap analysis
`/api/student/learn/practice`	GET	one adaptive question via IRT SAMPLE_ITEMS
`/api/student/learn/mistakes`	GET	error log (returns empty — tutor_interactions not yet typed)
`/api/student/mock-tests`	GET	available mock tests by subject
`/api/student/mock-tests/[id]`	GET	40 deterministic MCQ questions (correctOption stripped)
`/api/student/mock-tests/[id]/submit`	POST	score via evaluateMcqSubmission(), return breakdown
`/api/student/results`	GET	all result records scoped to student
`/api/student/certificates`	GET	certificate records
`/api/student/certificates/[id]/download`	GET	raw PDF stream (buildCertificatePdf), 410 if revoked
`/api/student/exam-kit`	GET	hall ticket data + instructions
`/api/student/exam-kit/download`	GET	admit card PDF with centre info
`/api/student/readiness`	GET	readiness %, tier, focus areas

Security

All /api/student/* routes require requireApiRole + student scope via resolveStudentId(). No student can read another student's data — all queries scoped to authenticated studentId. AI Tutor DO SQLite conversation history is namespaced per DO instance — no cross-student leakage. Certificate download: pre-signed Supabase storage URL served, never exposes direct bucket URL. Student login uses synthetic email {roll_no}@student.finverse.in + HMAC credential.

Key Error States

Login failure: LG-series error code displayed with plain English explanation and support link.
Certificate revoked: HTTP 410 from download endpoint — student sees revocation message with contact information.
Mock test timeout: Auto-submits with answers recorded up to timeout — no loss of partial work.
Offline exam submission: 3-layer fallback ensures submission is captured even without network — realtime → background sync → QR code scan fallback.
Device check failure: Individual check failures shown with specific remediation steps — "Enter Exam" button remains disabled until all pass.

Parent Journey

The parent portal (/parent/*) is a mobile-first, read-only view of a child's Olympiad journey. Parents log in with their registered email, see all children linked to that account, and access results, invoices, certificates, and progress data.

Auth Model

resolveParentId() returns { userId, parentEmail, studentIds: string[] }. Rejects @student.finverse.in emails. Scopes all data to parent_email = user.email — no cross-parent leakage. Multi-child: returns all student IDs linked to that parent email.

Portal Pages

Route	Purpose	Key Data / Tables
`/parent`	Dashboard — metrics, children list, quick actions	`GET /api/parent/dashboard` → latest result, readiness %, cert status per child. Multi-child: child switcher dropdown
`/parent/invoices`	Fee invoices — summary + table with status chips	`GET /api/parent/invoices` — two-step join: `studentIds → school_ids → invoices.school_id`. Payment alert banner for outstanding dues
`/parent/exam-info`	Exam session cards, hall ticket status	`GET /api/parent/exam-info` — `studentIds → school_ids → exam_sessions.school_id`. Admit card download: `GET /api/parent/exam-info/download`
`/parent/results`	Published results table with percentile/rank	`GET /api/parent/results` — `.in("student_id", studentIds)` on `result_records`. Child score vs school average shown
`/parent/certificates`	Certificate cards with verification token	`GET /api/parent/certificates` — `.in("student_id", studentIds)` on `certificates`
`/parent/progress`	Readiness %, learning gaps, result history	Level-up alert when child advances (Bronze → Silver → Gold). AI tutor suggestions surfaced in plain language. "Focus on X this week" card
`/parent/awards`	Medals, scholarships, certificates earned	Queries `ops.result_records` scoped to parent's `studentIds`, showing rank/tier/percentile
`/parent/profile`	Parent email + children list + notification preferences	`GET/POST /api/parent/notification-prefs` — upserts by `parent_user_id`
`/parent/consent`	DPDP Act 2023 data categories, rights, consent status	Advisory only — consent mutations trigger support tickets/workflows, no direct DB writes
`/parent/messages`	Message school coordinator	`GET/POST /api/parent/messages` → `ops.parent_messages`. POST fetches `school_id` via students secondary query
`/parent/announcements`	School-broadcast messages visible to parent	School announcements board; GET shows active announcements with read counts
`/parent/support`	FAQ shortcuts, contact options	Local FAQ chips + escalation contact

Database Join Patterns

Tables with direct student_id — use .in("student_id", studentIds) directly: result_records, certificates.

Tables requiring two-step join — no direct student_id: invoices requires studentIds → school_ids → invoices.school_id; exam_sessions requires studentIds → school_ids → exam_sessions.school_id.

Agents

Agent	Group	Tools	Behaviour
`parent_consent_agent`	18	`get_parent_consent_status`	Advisory only — never mutates consent records
`parent_payment_agent`	3	`get_parent_invoices`, `get_parent_payment_history`	Advisory only — never mutates ledger entries or invoice status

Additional CF tools: get_parent_announcements, get_parent_exam_day_status, get_parent_notification_prefs, get_parent_messages.

FAQ Pre-Interceptor

20 entries covering 6 categories: invoices, exams, results, certificates, progress, account. Token overlap + 0.15 per keyword hit, threshold 0.55. Matched questions answered locally without LLM call. CTA links route to the relevant portal page.

Notification Preferences (`/api/parent/notification-prefs`)

Upserts by parent_user_id. Boolean fields: results_push, results_email, invoice_push, invoice_email, announcement_push, announcement_email, learning_digest_email. Defaults: results push+email on; invoices push+email on; announcements push on / email off; digest email on. GET returns defaults if no row exists.

Security

Parent data strictly scoped to parent_email = user.email. No cross-parent data leakage possible. All API routes use requireApiRole + resolveParentId(). Hard-blocked tools: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls.

Key States & Error Handling

No children linked: Dashboard shows "No children found" with contact support link.
Results not published: Results page shows "Results have not been published yet" — no partial scores shown.
Certificate not generated: Certificates page shows pending status with expected timeline.
Outstanding invoice: Red banner shown on dashboard and invoices page with amount and due date.
Consent revocation: Triggers a support ticket/workflow — no immediate data deletion; DPDP processing timeline shown.

Vendor Journey

Three vendor types are supported, each with a distinct workflow. Vendors authenticate via Supabase email/password. Identity is resolved server-side from app_metadata via resolveVendorId(). All pages and routes enforce vendor-type guards — a printing vendor cannot see shipments, a logistics vendor cannot see print orders.

Vendor Types

Type	Primary Workflow	Key Tables
`printing`	Receive → Accept/Reject → Progress → Complete/Handover	`print_orders`, `packaging_manifests`
`logistics`	Shipment dispatch → Tracking → Delivery OTP → OMR pickup	`shipments`, `omr_packets`
`evaluation`	OMR packet intake → Scan quality → CSV submit → Complete OTP	`omr_packets`

Stage 1 — Authentication & Identity Resolution

resolveVendorId() reads from user.app_metadata: vendor_id, vendor_type, assigned_batch_ids. Returns null if not a vendor session. All pages call this first and redirect to /login if null.

Logistics and evaluation vendors scope data via assignedBatchIds: .in("production_batch_id", vendor.assignedBatchIds). Printing vendors scope via .eq("vendor_id", vendor.vendorId). Note: shipments table has no vendor_id column — all scoping is via production_batch_id.

Email OTP Gate (High-Risk Confirmations)

OTP is required for: print order complete, courier handover, delivery confirm, OMR intake batch complete.

Client calls POST /api/vendor/otp/send → server looks up ops.vendors.contact_email → calls signInWithOtp({ email, shouldCreateUser: false })
User enters 6-digit token from email
Client sends otpToken in confirmation request body
Server calls verifyOtp({ email, token, type: "email" }) — OTP verified server-side, never trusted from client. 10-minute expiry.
Status transition proceeds only after verifyOtp succeeds

Stage 2 — Printing Vendor Journey

Dashboard: /vendor → GET /api/vendor/dashboard → active jobs from print_orders (count by status), nearest deadline.

Order list: /vendor/orders → GET /api/vendor/print-orders → scoped by .eq("vendor_id", vendor.vendorId).

Order detail: /vendor/print-orders/[id] → GET /api/vendor/print-orders/[id] → order metadata + packaging_manifests join. Actions available:

Action	Route	Status transition	Gate
Accept	POST `/accept`	→ `accepted` (validates current: generated/draft)	None
Reject	POST `/reject`	→ `cancelled` + Zod reason (min 10 chars)	None
Report Progress	POST `/progress`	Advisory note only — no status change	None
Report Defect	POST `/defect`	→ `defect_reported` with itemType enum	None
Request Reprint	POST `/reprint`	→ `reprint_requested` with itemType/count/reason	None
Mark Complete	POST `/complete`	→ `completed` + `completed_at`	OTP required
Confirm Handover	POST `/handover`	Logs courier name + packageCount	OTP required

Manifest: /vendor/print-orders/[id]/manifest → renders packaging_manifests.contents JSON as school-wise pack quantity table.

Stage 3 — Logistics Vendor Journey

Shipment list: /vendor/shipments → GET /api/vendor/shipments → scoped via .in("production_batch_id", assignedBatchIds).

Shipment detail: /vendor/shipments/[id] → school name, status, tracking number, courier, dispatch date. Actions:

Action	Route	Status transition	Gate
Confirm Pickup	POST `/pickup`	→ `in_transit`	None
Update Tracking	POST `/tracking`	Updates `tracking_number` / `courier_name`	None
Set ETA	POST `/eta`	Sets estimated delivery date (YYYY-MM-DD validated)	None
Report Exception	POST `/exception`	Logs exception reason (z.enum of valid reasons)	None
Upload Proof	POST `/proof`	Records `proof_file_path`	None
Confirm Delivery	POST `/deliver`	→ `delivery_confirmed` + `delivered_at`	OTP required

Reverse logistics (OMR pickup): /vendor/reverse-logistics → lists omr_packets with status = "dispatched" scoped to assignedBatchIds. Pickup confirmation: POST /api/vendor/omr-pickups/[packetId]/confirm (OTP-gated) → status → received + received_count.

Stage 4 — OMR Evaluation Vendor Journey

Note: There is no omr_batches table — batches are groups of omr_packets sharing the same production_batch_id.

Batch list: /vendor/omr-batches → GET /api/vendor/omr-batches → aggregated stats (total/received/completed/exception packet counts).

Batch detail: /vendor/omr-batches/[batchId] → packet-level detail table + OTP-gated intake confirmation flow.

Action	Route	Status transition	Gate
Batch Intake	POST `/intake`	Loops `intakeRecords[]` → each packet → `intake_verified`	OTP required
Log Exception	POST `/exception`	Per-packet exception with reason	None
Scan Quality	POST `/scan-quality`	→ `scan_completed` + `quality: "good" \| "review" \| "rejected"`	None
Submit CSV	POST `/submit`	CSV validation → `validationStatus: "passed" \| "has_gaps"`	None
Resubmit CSV	POST `/resubmit`	Accept corrected `csvData` + `correctionNote`	None
Complete Batch	POST `/complete`	All non-exception packets → `evaluation_completed`	OTP required

CSV submit page (/vendor/omr-batches/[batchId]/submit): CSV paste area → calls /submit for validation → shows validation results (matched/unmatched/duplicates/impossible score counts) → OTP-gated complete confirmation. OmrEvaluationSubmissionAgent advises on pipeline entry — validation metadata only, never raw scores or student PII.

Shared Vendor Pages (All Types)

Page	API	Content
`/vendor`	`GET /api/vendor/dashboard`	Type-aware metrics: printing → print_orders counts; logistics → shipments counts; evaluation → omr_packets counts
`/vendor/profile`	n/a (server read)	Vendor name, contact email, type, assigned batch count from `ops.vendors`. "Contact account manager for changes"
`/vendor/performance`	`GET /api/vendor/performance`	SLA score (on-time / total completions), completed job count, defect/exception count
`/vendor/billing`	`GET /api/vendor/billing`	Printing only — completed orders with `paymentStatus: "pending" \| "paid"`. No amounts, no invoice details

Security

Print files — NEVER in LLM context. Student names, roll numbers, OMR→student mappings — NEVER in LLM context. Raw exam scores — NEVER sent to any LLM. Billing: paymentStatus: "pending" | "paid" only — no amounts or invoice details. OTP verified server-side inside each confirmation endpoint; never trusted from client.

Hard-blocked agent actions: post_ledger_entry, change_score, publish_results, revoke_certificates, approve_refunds, delete_audit_logs, bypass_rls, write_business_truth_directly.

OmrEvaluationSubmissionAgent (Agent #152)

Group 5 (Exam Execution & Evaluation). riskLevel: "high", requiresHumanApproval: true. Input: validation metadata only — csvLineCount, matchedCount, unmatchedCount, duplicateCount, impossibleScoreCount, evidenceRefs. Output: validationStatus: "passed" | "has_gaps" | "failed" with match rate, error rate, advisory recommendation. The agent advises on evaluation pipeline entry — it cannot start, modify, or approve the pipeline.

Vendor FAQ Interceptor

src/lib/vendor-faq.ts — 20 entries, 7 stages (Login, Dashboard, Printing, Logistics, OMR Pickup, Billing, Performance). Token-overlap threshold 0.55. Each entry has vendorOnly?: "printing" | "logistics" | "evaluation" | "all" — only returned for matching vendor type. matchVendorFaq(input, vendorType?).

Invigilator Journey

Invigilators are school sub-users (school_sub_users with role=invigilator) accessing the portal at /invigilator/*. Their scope is determined via the school_user role + resolveInvigilatorContext() helper. They manage exam rooms on exam day — attendance, incidents, OMR collection, and dispatch.

Stage 1 — Authentication

Login: same /login page, school portal tab. Invigilator accounts are created by the school coordinator via /school/invigilators (assigns teachers to rooms/slots).

resolveInvigilatorContext() reads authz.user_roles for role = "school_user" + scope_type = "school" + is("revoked_at", null). Returns { userId, schoolId, userEmail } or null. Null → redirect to /login.

API auth: requireApiRole(["viewer", "school_user", "super_admin", "ops_admin"]) on all invigilator routes.

Stage 2 — Dashboard (`/invigilator`)

Assigned exam sessions list. Each session card shows: subject, grade, room number, exam date/time, student count, status. Quick links to room view, attendance, and OMR collection for each session.

API: GET /api/invigilator/sessions → queries ops.exam_sessions scoped to schoolId. Returns session list with assigned room and timing.

Stage 3 — Room View (`/invigilator/room/[sessionId]`)

Student list for assigned room. Columns: roll number, name, grade, seat number. Pre-exam checklist: question papers received, OMR sheets ready, extra sheets available, clock set, no phones visible.

API: GET /api/invigilator/sessions/[sessionId]/students → returns student list for the session.

Stage 4 — Digital Attendance (`/invigilator/attendance/[sessionId]`)

Digital attendance sheet — each student's name with Present/Absent toggle. Submit attendance button becomes active once all students are marked. Bulk "Mark All Present" shortcut available.

API: POST /api/invigilator/sessions/[sessionId]/attendance → calls ops.submit_attendance RPC. Returns { acknowledged, submittedCount, presentCount, absentCount }.

Data flow: Attendance records written to ops.attendance_records via service-role RPC. Ops staff sees attendance submission status at /operations/exams/attendance — reconciliation mismatches flagged if submitted count != registered count.

Error state: If RPC fails, returns graceful error with local state preserved — invigilator can retry. Attendance is idempotent — resubmission overwrites previous record for the session.

Stage 5 — Question Paper Access (`/invigilator/question-paper/[sessionId]`)

Time-locked download — paper is only accessible within the release window (exam start time ± 30 minutes). Before window: shows countdown timer. Within window: Download button enabled, shows sealed paper PDF.

Every download is logged in audit_logs with timestamp, user, and IP. Invigilators see exam paper PDF only — never the answer key.

Coordinator release panel: /coordinator/exam/[id]/release — school coordinator must unlock the paper for distribution. Invigilator download only becomes active after coordinator releases. Error codes CRD-011 (network error), CRD-012 (server non-ok response) displayed as ErrorBox with badge.

Stage 6 — OMR Collection (`/invigilator/omr/[sessionId]`)

OMR collection checklist: for each student, confirm OMR sheet collected (checkbox), sheets folded correctly (checkbox), roll number verified (checkbox). Running count: X of Y sheets collected. "Mark collection complete" CTA — enabled when all sheets collected.

Data flows into ops.omr_packets. Ops staff sees packet counts at /operations/exams/omr.

Stage 7 — Incident Reporting (`/invigilator/incidents/[sessionId]`)

Report exam incidents: type (malpractice / disturbance / medical / technical / other), description (free text), student roll number (optional), severity (low/medium/high).

API: POST /api/invigilator/sessions/[sessionId]/incidents → inserts into ops.exam_incidents using (supabase as any) pattern (table is migration-0014, not in generated types). Returns { acknowledged: true, incidentId }.

Proctoring events are append-only — cannot automatically invalidate candidate attempts. Coordinator review panel at /coordinator/exam/[id]/proctor-review handles triage. Error codes CRD-001 (network error), CRD-002 (non-ok response).

Stage 8 — Post-Exam Dispatch (`/invigilator/dispatch/[sessionId]`)

Post-exam OMR dispatch confirmation. Packet count confirmation (must match collected count). Seal verification (packet sealed and signed). Courier handover details (courier name, tracking slip photo upload). Dispatch confirmation — marks OMR packet as "dispatched" in ops.omr_packets.

API: POST /api/invigilator/sessions/[sessionId]/dispatch → transitions OMR packet to "dispatched" via ops.update_omr_packet_status RPC. Falls back to exam_incidents insert if no packet record found.

Data flow: Logistics vendor picks up dispatched OMR packets via /vendor/reverse-logistics → confirm pickup (OTP-gated) → status → received. Evaluation vendor then processes at OMR evaluation stage.

Agent Widget

ChatAgentWidget has PAGE_CONTEXT entries for all 6 /invigilator/* routes and /coordinator/exam routes. ExamSessionAgent is the primary agent for coordinator/invigilator workflows.

CF tools in workers/agents/group9/invigilator-portal-tools.ts (5 tools): get_session_student_list, get_room_checklist_status, get_omr_collection_status, get_incident_log, get_dispatch_status.

Coordinator tools in workers/agents/group7/coordinator-tools.ts (5 tools): get_exam_release_status (low risk), get_proctor_review_queue (low), resolve_proctor_incident (medium — requires coordinator auth, updates exam_incidents.status), get_coordinator_session_list (low), get_coordinator_incident_summary (low).

Error States

Session not found: Redirect to dashboard with "No sessions assigned to your account" message.
Attendance RPC failure: Local state preserved, retry button shown. No data loss.
Paper release not yet unlocked: Countdown timer shown with coordinator contact button.
OMR count mismatch: Warning shown — cannot complete dispatch until count matches collected value.
Incident submission failure: Local draft preserved with retry option.

Teacher Journey

The teacher portal is a Phase 7 (Academic Intelligence) future role. Teachers access class-level aggregated performance data to identify intervention clusters. Individual student PII and raw scores are never exposed to teachers — only cohort-level aggregates.

Role Definition

app_role: Future teacher_user role (not yet in production enum). Currently teachers are modelled as school_sub_users with role = "teacher". Error codes TCH-series (4 total) are allocated.

Data scope: Aggregate only — no individual student PII, no raw scores, no individual Rasch estimates. Class-level and subject-level aggregates only.

Agent: TeacherInsightAgent + TeacherInterventionAgent (Phase 7, Group 8).

Stage 1 — Login

Login via /login → School portal tab. Teacher accounts created by school coordinator via /school/teachers (teacher roster — add, view, assign to classes). API: GET/POST /api/school/teachers.

Teacher is authenticated as school_user with sub-user role = "teacher". No separate teacher login flow — uses school portal credentials.

Stage 2 — Class Dashboard

Teacher sees their assigned classes. Each class card shows: subject, grade, student count, avg readiness %, topic coverage %. Quick link to class analysis view.

Data shown (aggregate only): Class average score per subject; percentage of class in each readiness tier (Exam Ready / Almost Ready / In Progress / Needs Work); top 3 weak topics for the class; number of students needing intervention.

Stage 3 — Class Performance Analysis

Subject-level class performance. Shown as aggregate distributions — no individual student identification:

Score distribution histogram (buckets of 10%)
Weak topic clusters — topics where >30% of class scored below 50%
Misconception patterns — common error types detected across the class
Time-on-task distribution — how long students spent per topic (aggregate)
Practice completion rate — % of class completing assigned practice

Agent: TeacherInsightAgent — uses CohortAnalyticsAgent data source. Output is aggregate, anonymised. Cohort weak areas and intervention clusters only.

Stage 4 — Intervention Planning

Teacher can see AI-suggested interventions based on class-level weakness patterns.

Agent: TeacherInterventionAgent — takes class-level aggregate weakness profile → generates intervention plan: suggested lesson topics, teaching sequence, practice exercises, timeline. Does not identify individual students in the output.

DPDP rule: Teacher sees: "35% of your Grade 7 Maths class struggle with fraction addition — specifically adding unlike denominators. Suggested: 2 lessons on unlike denominator addition with worked examples." Teacher does NOT see: which students, their individual scores, or their names.

Stage 5 — Mock Test Assignment

Teachers can assign mock tests to their class from the approved question bank (questions in approved_bank status only). Assignment creates a session entry — students see the assigned mock test in their /student/mock-tests catalogue.

Teacher views class-level mock test results: average score, completion rate, score distribution. No individual scores shown.

Stage 6 — Announcements

Teachers can post class-scoped announcements visible to students in their assigned class. POST to /api/school/announcements with classId scope. Announcements visible to students at /student/learn and to parents at /parent/announcements.

Data Access Policy

Data type	Teacher can see	Level of detail	Source agent
Student names	No	Never	n/a
Individual scores	No	Never	n/a
Rasch theta scores	No	Never	n/a
Class average score	Yes	Aggregate per subject/topic	TeacherInsightAgent
Weak topics	Yes	Topic-level aggregate (>30% below threshold)	TeacherInsightAgent
Misconception patterns	Yes	Class-level pattern only	TeacherInterventionAgent
Intervention suggestions	Yes	Class-level, no student ID	TeacherInterventionAgent
Mock test results	Yes — aggregate	Distribution only, no individual	CohortAnalyticsAgent
Invoice / payment data	No	Never	n/a
Official exam scores	No	Never	n/a

Key States & Error Handling

No classes assigned: Dashboard shows "No classes assigned. Contact school coordinator." with link to /school/teachers.
Results not yet published: Performance analysis shows "Exam results not yet available for this cycle" — no partial data shown.
Intervention agent unavailable: Falls back to static topic difficulty data from question bank aggregate stats.
Mock test assignment blocked: If no approved questions available for the subject/grade, assignment is disabled with explanation.
TCH error codes: 4 codes allocated (TCH-001 through TCH-004) for teacher portal-specific errors — displayed via ErrorBox component.

Product & Business

Business Requirements

What this platform does, who it serves, and the business rules it enforces. Essential reading before designing any new feature.

1. System Overview

Finverse Olympiad OS (also referred to internally as OlympiadOS) is a full-stack, multi-tenant, multi-portal operating system for running academic Olympiad competitions at national scale across India. The platform manages every stage of the Olympiad lifecycle — from school outreach and student registration through exam production, logistics, offline and online exam execution, OMR scanning, result publication, certificates, and post-exam academic analytics — within a single governed, compliance-ready codebase.

The Problem

Running a large-scale Olympiad in India involves dozens of interdependent workflows spread across schools, logistics vendors, printing vendors, examination halls, scanning bureaus, and thousands of students and their parents. Before this platform, these workflows were managed through disconnected spreadsheets, manual email chains, and paper-based reconciliation. The result was missed deadlines, fee reconciliation errors, certificate integrity failures, and an inability to provide students with timely results or meaningful academic feedback.

What the Platform Solves

Problem Domain	Platform Solution
Fragmented school outreach and lead management	CRM with campaign tracking, reply logging, and school intelligence profiles
Error-prone CSV/Excel registration intake	Deterministic parser with duplicate detection, exception queues, and AI column mapping
Manual invoice generation and payment chasing	Invoice lifecycle engine, payment proof upload, bank statement import, and automated reconciliation
Uncontrolled OMR printing and logistics	Production batch management, immutable OMR allocation, vendor workflows, shipment tracking
Paper-based attendance and exam execution	Digital invigilator portal, time-locked question paper release, digital attendance, incident reporting
Manual scan and result finalization	OMR scan upload, approval-gated result publication, integrity-protected result records
No academic feedback loop for students	Rasch IRT adaptive learning engine, spaced repetition, AI tutoring, concept mastery tracking
No parent visibility	Parent portal with child progress, fee alerts, exam-day hub, and certificate downloads
Compliance blindspot on child data and payments	DPDP Act 2023, CERT-In, RBI, and IT Act 43A controls built into every workflow

Who the Customers Are

Finverse (the platform operator) — runs the Olympiad, owns the commercial relationships with schools, and is the data fiduciary responsible for student and parent data under DPDP Act 2023.
Participating schools — pay registration fees, manage their student cohort, coordinate exam logistics, and communicate results to parents and students.
Students — sit the examination and use the learning platform to prepare for and improve across Olympiad cycles.
Parents / guardians — the legally recognized data principals for minor students; provide verifiable consent and track their child's performance and fees.
Logistics and print vendors — handle OMR sheet printing, packaging, and physical delivery to exam centres.

2. Stakeholder Map — 12 Portal Roles

The platform serves twelve distinct portal roles. Every feature you build must identify its target role(s) and must not allow cross-role data leakage.

Role	Portal Path	Primary Needs	Data Access Boundary
super_admin	`/operations`	Full platform visibility; board-level reports; compliance monitoring; AI governance oversight; result publication approval	All tenants, all schemas
ops_admin	`/operations`	School management; registration intake; exception resolution; exam production; CRM campaigns; agent approvals	ops schema; school/registration/production data
finance_user	`/finance`	Invoice generation; payment reconciliation; bank statement import; GST reporting; ledger and trial balance; TDS management	Finance schema; invoices; payments; ledger; accounting
exam_ops	`/operations`	Exam session management; OMR upload; result processing; certificate lifecycle; re-evaluation queue	Exam, result, certificate tables
academic_reviewer	`/academic`	Question bank governance; answer key management; content sign-off; rankings publication; scholarship tracking	Academic, content governance schemas
content_reviewer	`/content`	LMS content review queue; lesson approval/rejection; IP rights management; question governance; leakage tracking	Content schema; LMS tables
support_user	`/support`	Helpdesk ticket management; student/school lookup; parent query resolution; escalation tracking; diagnostics	Read-only cross-portal; support ticket schema
school_user (coordinator)	`/school`	Student registration management; invoice and payment tracking; exam kit management; results and certificates for their school; teacher management	Scoped to their `school_id` only
student_user	`/student`	Learning preparation; mock tests; online exam participation; results; certificate download; AI tutor	Scoped to their `student_id` only
parent_user	`/parent`	Child progress monitoring; fee payment tracking; exam-day information; certificate and admit card download	Scoped to linked child student records; consent-gated
vendor_user	`/vendor`	Print order and packaging manifest visibility; shipment status updates; dispatch confirmation	Scoped to their vendor assignments and production batches
invigilator	`/invigilator`	Assigned room view; digital attendance marking; time-locked question paper access; OMR collection checklist; incident reporting; dispatch confirmation	Scoped to their assigned exam sessions only

Portal Access Rule: Every portal route and every API endpoint is protected server-side by a role and scope check. Scope is not implied — it is resolved from the authenticated session and validated against the target resource before any query runs. The viewer pseudo-role covers student access to Phase 6 online-exam routes. There is no unauthenticated access to any operational data.

3. Core Business Processes — 15 Phases

The Olympiad lifecycle is organized into 15 domain phases. These are not technical implementation phases — they are sequential business processes. Each phase has a clear trigger, outputs, and hand-off to the next phase.

#	Phase Name	Business Trigger	Key Outputs	Owner Role(s)
0	Platform Foundation	Platform deployment or new cycle initialization	Audit trail, event schema, workflow engine, approval framework, health endpoint	super_admin / engineering
1	Core Workflow Engine	Foundation phase complete	Event registry, outbox/inbox idempotency, workflow state machine, approval RPCs	super_admin / engineering
2	School Outreach & Registration	Cycle opens for registrations	School leads, CRM campaigns, registration batches, validated student lists, exception queue clearance, invoice-ready batch gate	ops_admin
3	Finance & Production Operations	Registration batch declared invoice-ready	School invoices, payment records, ledger entries, production batches, OMR allocations, print orders, vendor assignments, packaging manifests, shipments	finance_user, ops_admin
4	Exam Execution & Results	Exam date reached; OMR sheets returned from exam centres	Exam sessions, attendance records, OMR scan intake, result finalization, approval-gated result publication, certificate issuance, re-evaluation queue	exam_ops, super_admin
5	AI Operations & Orchestration	Operational data available; agents require governed runtime	Agent registry, prompt governance, decision logs, human approval gates, tool registry, orchestration sessions	super_admin, ops_admin
6	Online Exam Platform	Online exam cohort registered and confirmed	Offline-first PWA exam runner, AES-256-GCM encrypted questions, adaptive proctoring, 3-layer submission chain, coordinator release panel	exam_ops, coordinator, student_user
7	Academic Intelligence	Student enrolled in learning platform	Rasch IRT adaptive engine, spaced repetition, concept taxonomy, psychometrics, tutor guardrails, teacher controls, learning recommendations	academic_reviewer, student_user
8	Multi-Portal Workspace	All portals active and users onboarded	Shared workspaces, ChatAgentWidget per portal, conversation history, notification centre, AI tutor identity per role	All portal roles
9	Trust Control Tower	Platform reaches production scale	Observability infrastructure, security incident management, CERT-In compliance evidence, digital twin simulation, compliance agent answers	super_admin, engineering
10	Cloud Runtime & DevSecOps	Pre-deployment hardening complete	GitHub Actions CI/CD, Cloudflare Worker deployment, Supabase migration management, environment hardening, health gates	engineering
11	Secure Tooling & Integrations	External vendor integrations required	Payment gateway (Razorpay) integration, inbound email routing, WhatsApp campaign adapters, vendor API connectors	ops_admin, finance_user
12	Data Warehouse & BI Feature Store	Cycle data available for reporting	Analytical read models, revenue reports, participation metrics, school performance rankings, academic analytics exports	super_admin, analytics viewer
13	SaaS Licensing & Entitlements	Multi-tenant or multi-client deployment required	Tenant entitlement model, feature flags, per-tenant plan enforcement, usage metering	super_admin
14	Content Governance & Offline Sync	LMS content authored and offline distribution needed	Content authorship workflow, multi-level sign-off, IP rights records, offline content sync for low-connectivity schools	content_reviewer, academic_reviewer
15	AI Control, Evaluation & Readiness	AI agents deployed at production scale	Model evaluation cases, red-team evidence, AI safety readiness scorecard, compliance agent audit answers, model routing governance	super_admin, AI governance team

4. Business Rules

These are hard rules enforced at the database and service layer. No feature, agent, or UI action may bypass them. If a business process appears to require an exception, it must go through a formal workflow approval — never a code bypass.

4.1 Invoice and Payment Rules

Invoice Threshold Gate: A registration batch cannot generate an invoice until it is declared invoice-ready. Invoice-readiness requires all registration rows to pass validation, all exceptions to be resolved, and the batch freeze guard to be applied. The invoice_ready record is append-only — a batch cannot become un-invoice-ready once confirmed.

Rule	Enforcement
Invoice amounts are in Indian Rupees, stored as `numeric(12,2)` — no paise conversion required	Database column type; service layer validates before insert
Payment allocation must not cross school boundaries — a payment for School A cannot be applied to School B's invoice	Service-role RPC rejects cross-school allocation; tested by deterministic tests
Duplicate UTR (Unique Transaction Reference) numbers are blocked — the same bank transfer cannot be applied twice	Unique index on UTR digest; duplicate detection in payment intake service
Ledger entries are append-only — no DELETE or UPDATE on ledger rows	RLS and RPC design; reverse entries use a new credit/debit pair, never modification
Razorpay webhooks require HMAC signature verification before any state change	Webhook route verifies `x-razorpay-signature` on raw body before parsing
Payment proof upload triggers a reconciliation job — it does not immediately mark a payment as received	Worker-based reconciliation; status remains `pending` until match is confirmed

4.2 Approval Gates

Result Publication Gate: Results cannot be published to students, parents, or schools without a completed result.publication workflow approval record. This is a hard database gate — no API route, agent, or background worker may publish results without this approval existing and being in approved state.

Action	Approval Required	Who Approves
Result publication	Yes — `result.publication` workflow approval	super_admin
Certificate issuance	Yes — results must be published before certificates can be issued	exam_ops after result publication approval
Certificate revocation	Yes — requires explicit revocation gate; revoked certificates return HTTP 410	exam_ops or super_admin
High-risk AI agent actions	Yes — agent tool calls marked `requires_human_approval` create an approval request before execution	ops_admin or super_admin
Student data deletion / anonymization	Yes — deletion scheduling requires operator confirmation and is safe-mode-only by default	ops_admin or super_admin
Registration freeze	Yes — batch freeze is irreversible; no row changes after freeze	ops_admin

4.3 Period Locking

Accounting Period Lock: Once a financial period is locked in acc_periods, no new journal entries may be posted against it. This is enforced by a hard gate in journal-generator.ts and a Postgres period lock check before any journal entry insert. Attempting to post to a locked period returns a business error — it is not a permissions error.

4.4 TDS Thresholds

TDS Section	Threshold	Applies To
Section 194T	₹20,000	Payments to partners
Section 194C	₹30,000 (single) / ₹1,00,000 (aggregate per FY)	Payments to contractors (printing, logistics vendors)
Section 194J	₹30,000	Professional and technical service fees

TDS thresholds are stored in acc_settings and are configurable per cycle. They must never be hardcoded in business logic. Any change to TDS rates requires a settings update, not a code change.

4.5 GST Rules

Rule	Enforcement
GST transactions may only be created when `gst_enabled = true` in `acc_gst_config`	Code gate in accounting service; any GST transaction without this flag throws a business error
GST filing periods must match `acc_periods` — no GST posting outside a defined period	Period lock check applies to GST entries as well as journal entries
COA (Chart of Accounts) codes for GST are determined by the rules engine (`acc_classification_rules`) — AI must not decide COA codes	Rules engine is authoritative; AI suggestions are logged but not auto-applied

4.6 Certificate Lifecycle Rules

Immutability Rule: Once a certificate is issued, its certificate code, verification hash, student reference, result reference, and issued timestamp cannot be changed. These are protected by database constraints. A certificate can only be revoked — never edited. Revocation requires an explicit operator action and creates an audit record.

State	Student Can Download?	API Response
issued	Yes	200 with PDF
distributed	Yes — both digital and physical	200 with PDF
revoked	No	410 Gone
not yet issued	No	404

4.7 OMR Integrity Rules

Rule
OMR allocations are append-only — once an OMR sheet is allocated to a student, the allocation cannot be changed
Scan records are append-only — each scan event creates a new record; previous scan records cannot be modified
Finalized score, percentile, rank, qualification status, student reference, session reference, and scan reference on a result record cannot be changed after finalization
Published results cannot be unpublished

5. Compliance Requirements

Finverse Olympiad OS handles personal data of minors, school financial data, and payment instrument references in India. The following regulatory frameworks apply and are non-negotiable at every layer of the system.

5.1 DPDP Act 2023 (India Digital Personal Data Protection Act)

Finverse is the Data Fiduciary under DPDP Act 2023. Schools and vendors operating on the platform are Data Processors. The platform must enforce all Data Principal rights — including access, correction, erasure, and withdrawal of consent — for every student and parent.

Control	Business Requirement
D1 — Consent	Every student registration requires a verifiable, timestamped, purpose-specific consent record. Consent must specify purpose, notice version, language, and collection channel.
D2 — Child data gate	No student record may be created without verified parental consent. Weak school-attestation is not sufficient — only OTP, email OTP, digital signature, or verified parent portal evidence is accepted.
D3 — Data minimization	Registration intake must not collect fields beyond what is required for the current Olympiad purpose. AI prompts and exports must use pseudonymous identifiers by default.
D4 — Rights fulfilment	Access, correction, erasure, export, restriction, and grievance request APIs must exist and be reachable by authenticated parents and students.
D5 — Breach notification	Any personal data breach affecting student or parent data must be reported to the Data Protection Board within 72 hours. A breach incident record with this deadline must be created at breach detection.
D6 — Retention policy	Registration data, exam records, and academic analytics have defined retention periods. Data beyond retention must be scheduled for anonymization or deletion. Deletion scheduling is operator-confirmed and safe-mode-only.
D7 — Export pseudonymization	Default exports and AI decision logs use pseudonymous learner references. Direct identifiers in exports require explicit operator opt-in.
D8 — Privacy notice at intake	Registration upload UI must display DPDP privacy notice (in English and Hindi) before file preview is shown.

5.2 CERT-In Directions 2022

Control	Business Requirement
CE1 — Log retention	All ICT system logs, audit records, and access logs must be retained for a minimum of 180 days in India-hosted storage. Logs must be tamper-evident (hash-chained).
CE2 — Incident reporting	Any security incident must be reported to CERT-In within 6 hours of detection. The platform must create a `cert_in_report_due_at` deadline automatically when an incident is logged.
CE3 — Privileged access logging	All access by privileged roles (super_admin, ops_admin, finance_user) must be logged with user, method, path, IP address, user-agent, role set, and correlation ID before the protected work executes.
CE4 — Dependency security	No high or critical severity npm dependency advisories may be present in the production build. The CI/CD gate `npm audit --audit-level=high` must pass before every deployment.
CE5 — MFA for privileged roles	All privileged internal staff roles require Supabase MFA (TOTP, AAL2) before accessing protected staff portals and APIs. MFA bypass is strictly prohibited in production environments.

5.3 RBI Payment Data Requirements

Control	Business Requirement
P1 — Data residency	All payment records and ledger truth must be stored in an India-hosted PostgreSQL database (Supabase `ap-south-1`). Cloudflare Durable Objects may hold transient session state but never become the primary store for payment records.
P2 — Encryption at rest	UTR numbers, bank references, payer names, payment amounts, and allocation amounts must be stored in encrypted, digested, or tokenized form. Plaintext payment references are blocked by database constraint.
P3 — No raw card data	No card numbers, CVVs, or card expiry dates may be stored anywhere in the system. Card processing is gateway-tokenized through Razorpay only.
P4 — Immutable payment evidence	Every payment receipt must post an immutable ledger entry and a `ledger.entry_posted.v1` event. Payment history must be reconstructable from these immutable events alone.
P5 — Idempotency and deduplication	Manual payment recording and webhook intake require idempotency keys. Duplicate UTR/bank references must be detected and rejected. Replay webhooks are marked as dead-letter, not re-processed.

5.4 IT Act 43A and SPDI Rules 2011

Rule	Business Requirement
Section 43A — Reasonable security	The platform must maintain documented security practices covering all Sensitive Personal Data or Information (SPDI). A security policy, access controls, audit trails, and breach evidence must be maintained.
Rule 3 — SPDI classes	Financial information (invoices, payments), health data, and biometrics are SPDI. The current platform scope covers financial SPDI only. Health and biometric data collection is out of scope unless a new approved purpose is created.
Rule 5 — Grievance Officer	A named Grievance Officer with public contact details and a one-month resolution SLA must be designated before the platform goes live with SPDI collection.
Rule 6 — Third-party disclosure	SPDI may only be shared with vendors under a signed Data Processing Agreement. Vendors may not publish or further disclose SPDI. All vendor transfers must be recorded in the compliance evidence register.

5.5 OWASP Top 10

Risk	Business Requirement
A01 — Broken Access Control	All portal and API routes enforce server-side role and scope validation. No client-side access control. RLS is enabled and tested on all protected tables.
A03 — Injection	All JSON request bodies are parsed through bounded readers and Zod schemas before use. LIKE wildcard injection is prevented by an `escapeLike()` helper. No raw string concatenation into database queries.
A05 — Security Misconfiguration	CSP, X-Content-Type-Options, X-Frame-Options, and other security headers are set on all responses. No default credentials or placeholder secrets are permitted in production builds.
A07 — Authentication Failures	MFA is required for privileged roles. Production MFA bypass is blocked by a runtime assertion. Login failures are logged with the `auth.login_failed` audit event type.
A10 — SSRF	Server-side and Worker outbound fetch calls are limited to an explicit allowlist. Arbitrary URL fetch from user input is blocked.

6. Data Ownership & Privacy

6.1 Who Owns What

Data Category	Data Principal / Owner	Access Rights	Notes
Student personal data (name, DOB, grade, roll number, contact)	Parent / guardian (while minor); student (when of age)	Access, correction, erasure, export via privacy request APIs	Finverse is Data Fiduciary; school is Data Processor for collection
Exam results and performance data	Student (and parent while minor)	Read access after publication; correction via re-evaluation request	Cannot be corrected unilaterally — re-evaluation workflow required
Certificates	Student	Download via student/parent portal after issuance; verification via public hash check	Revocation by Finverse removes access; public verification hash remains valid for 7 years
Invoice and payment records	School (the contracting party)	Read access via school portal; no deletion rights (financial record retention)	Minimum 7-year financial record retention per IT Act / GST rules
Learning analytics, IRT theta scores, concept mastery	Student (and parent while minor)	Displayed in student portal; included in parent portal feed; not shared externally without consent	Purpose-specific consent required before use in AI models
Parental consent records	Parent / guardian	Withdrawal via consent withdrawal API; withdrawal is logged but does not retroactively erase already-processed lawful records	Consent records are append-only audit evidence — the withdrawal record is added, not the original deleted
Operator audit logs	Finverse (platform operator)	No external access; CERT-In mandates 180-day India retention	Append-only; tamper-evident hash chain

6.2 Retention Policy

Data Type	Minimum Retention	Action After Retention
Student registration profiles	3 years after last exam participation	Anonymize on operator schedule; erasure on verified request
Exam result records	7 years (academic record integrity)	Anonymize student identifiers; retain statistical aggregate
Certificate records	10 years (certificate verification use case)	Revoke and archive; remove personal identifiers from public lookup after 10 years
Payment and invoice records	7 years (GST and IT Act financial retention)	No deletion; archive to cold storage
Audit and event logs	180 days minimum (CERT-In); 3 years recommended	Export to cold India-hosted storage
Online exam proctoring events	1 year	Anonymize student references; retain aggregate anomaly statistics
AI decision logs	3 years	Anonymize student PII; retain decision metadata for audit

6.3 Child Data Rules

Minor Data Handling: The majority of students on this platform are minors (under 18). The following rules apply to all data about minors and may not be relaxed without legal counsel approval.

No student data may be used as input to an external AI model without: (a) purpose-specific child consent from a verified parent, (b) a signed Data Processing Agreement with the AI provider, (c) a restricted or confidential data classification, and (d) human review of the decision to share.
AI tutor output is filtered through a minor content safety review before being returned to a student.
Proctoring events are append-only and cannot automatically invalidate a student's exam attempt — only a human decision after review can do so.
Student login uses a synthetic non-PII email format ({roll_no}@student.finverse.in) to avoid exposing personal email addresses in auth infrastructure.
AI learning recommendations that are surfaced to parents must carry plain-English, parent-safe explanations — no raw model outputs.

6.4 Deletion Rights

Erasure requests from parents or students are processed through the privacy rights API (/api/privacy/rights). Deletion jobs are:

Target-ID-specific — a deletion job applies only to the specific student ID in the request, never a bulk sweep.
Safe-mode only by default — the operator must explicitly confirm before any irreversible anonymization runs.
Audit-evidenced — each deletion scheduling action and completion creates an append-only evidence record.
Not immediate — legal holds (e.g., active dispute, financial record retention) may delay or block erasure of specific data categories. The system communicates delays to the requester.

7. Financial Model

7.1 Revenue Flow

Finverse earns registration fees from schools per enrolled student per Olympiad cycle. The commercial relationship is between Finverse and the school — not between Finverse and individual students or parents. Schools collect fees from students/parents through their own processes before submitting the registration batch and paying the invoice.

7.2 Invoice Lifecycle

Step	Trigger	Actor	System Action
1. Invoice generation	Registration batch declared invoice-ready	ops_admin	Invoice record created with line items per student category; PDF generated by background worker
2. Invoice delivery	Invoice PDF generated	System (notification worker)	Invoice PDF link sent to school coordinator via notification; accessible in school portal
3. Payment	School makes bank transfer, UPI, or cheque payment	school_user	School uploads payment proof (challan screenshot, UTR) via school portal or agent chat
4. Reconciliation	Payment proof uploaded or bank statement imported	finance_user / reconciliation worker	Bank statement imported as CSV; worker matches transactions to invoices by UTR/amount; confirmed matches update invoice status to `paid`
5. Ledger entry	Payment confirmed	System (ledger worker)	Immutable journal entry posted; `ledger.entry_posted.v1` event emitted
6. Overdue follow-up	Invoice past due date with no payment	finance_user / CRM agent	Overdue invoice surfaced in finance collections view; CRM agent can draft follow-up campaign messages

7.3 GST Model

Platform services are subject to GST. GST transactions are created when gst_enabled is set to true in the cycle configuration. The platform supports CGST, SGST, and IGST based on the school's state. HSN/SAC codes are managed through acc_hsn_master. GST filing period summaries are available to finance_user through the /finance/gst portal view.

7.4 TDS Model

TDS is applicable on payments to print vendors (Section 194C) and professional service providers (Section 194J). The accounting module tracks TDS deductions in acc_tds_deductions, challans in acc_tds_challans, and deposits in acc_tds_deposits. All thresholds are sourced from acc_settings and must not be hardcoded.

7.5 Chart of Accounts (COA) Rules

AI must not decide COA (Chart of Accounts) codes. The rules engine (acc_classification_rules) is the single authoritative source for GL account classification. AI may suggest classifications for operator review, but the rules engine decision overrides any AI suggestion.

7.6 CA (Auditor) Portal

The CA portal at /auditor/* is strictly read-only. No write operation of any kind — including journal entries, period locks, reconciliation confirmations, or setting changes — may ever be executed from the auditor portal. This is a hard product rule, not a permissions configuration.

8. Exam Operations Model

The exam production lifecycle runs from school confirmation through physical certificate distribution. Each stage has a clear responsible party and a deterministic system state transition.

Stage	Activity	Responsible Party	System State Change
1. School confirmation	School pays invoice and confirms participation	school_user	Invoice status → `paid`; batch → eligible for production
2. OMR allocation	Roll numbers and OMR serial ranges assigned per school batch	ops_admin	Immutable `omr_allocations` record created; append-only
3. Print order	OMR sheets and question papers sent to print vendor	ops_admin	Print order and print items created; vendor notified via vendor portal
4. Packaging	Printed materials sorted, packaged per school, and manifested	vendor_user	Packaging manifest created with per-school item counts; vendor confirms
5. Shipment	Packages dispatched to exam centres / schools	vendor_user	Shipment record created; states: `preparing → dispatched → delivered`
6. Admit card generation	Admit card PDF generated per student with roll number, exam centre, date, time	ops_admin / system worker	Admit card available in school portal for bulk download; student portal for individual download
7. Exam day — attendance	Invigilator marks students present/absent at the exam centre	invigilator	`attendance_records` created; append-only
8. Exam day — OMR collection	Invigilator collects OMR sheets, confirms count, and records dispatch	invigilator	OMR collection checklist completed; dispatch confirmation recorded
9. OMR scanning	Scanning bureau scans returned OMR sheets; scan data uploaded	exam_ops	`scan_records` created; append-only; each scan event is immutable
10. Evaluation	Scan data matched to answer key; scores computed by background worker	System (evaluation worker)	Result records created in `pending_finalization` state
11. Result finalization	Scores, percentiles, and ranks computed and locked	exam_ops	Result records transition to `finalized`; no further score changes possible
12. Approval gate	super_admin reviews and approves result dataset	super_admin	`result.publication` workflow approval record created with `approved` status
13. Publication	Results published and made visible to students, parents, and schools	System (publication worker, gated by approval)	Result records transition to `published`; visible in all downstream portals
14. Certificate issuance	Certificates generated for qualifying students	exam_ops / system worker	Certificate records created; verification hash generated; PDF available for download
15. Certificate distribution	Digital certificates available online; physical certificates dispatched	exam_ops / vendor_user	Certificate status → `distributed`

Level 2 Qualification: High-performing students at Level 1 (school/city round) qualify for Level 2 (national round). Level 2 nominations are managed by the school coordinator after Level 1 result publication. Level 2 has its own separate exam session, production batch, and result lifecycle.

Online Exam Variant: Some Olympiad categories offer an online exam option. Online exams follow the same lifecycle stages but with critical differences: (a) question papers are AES-256-GCM encrypted and decrypted only at session start time by a coordinator release action; (b) submissions follow a 3-layer chain (realtime → background sync → QR fallback) to handle connectivity loss; (c) online exam timers are server-authoritative — client-side timer manipulation cannot extend the exam window; (d) proctoring events are append-only and cannot automatically invalidate an attempt without a human decision.

9. AI Governance Policy

9.1 The Advisory-Only Principle

Core Rule: AI is advisory. AI output informs human decisions — it does not make them. No AI agent, language model, or automated inference may directly mutate financial records, payment data, exam scores, result records, certificates, audit logs, or Row-Level Security truth. Any AI output that affects these domains must first create an advisory record for human review and then be executed by a deterministic, human-approved service.

9.2 What AI Can Do

Capability	Permitted	Constraints
Student tutor — answer subject questions, explain concepts	Yes	Output filtered through minor content safety review; rate-limited to 10 concept summaries per student per day; conversation scoped to enrolled subjects
Adaptive quiz item selection (Rasch IRT)	Yes	IRT theta and question parameters are deterministic math; AI is not used for item selection — the algorithm is deterministic
Registration column mapping suggestions	Yes	Requires ENABLE_AI_COLUMN_MAPPING flag; suggestions are logged and shown to operator for confirmation; not auto-applied
Anomaly detection on financial data	Yes (read-only advisory)	Anomalies flagged in `acc_anomalies`; operator must review; no automatic financial action taken
CRM campaign message drafting	Yes	Draft surfaced to ops_admin for review and send confirmation; AI does not send messages autonomously
Compliance agent answering control questions	Yes	Answers must resolve to catalog control keys; evidence-bound; AI cannot invent new controls
Learning recommendations for students	Yes	Recommendations must cite evidence (IRT theta, mastery scores); parent-safe explanations only; purpose-specific consent required for external AI model use

9.3 What AI Cannot Do

The following actions are permanently blocked from AI agents. These are hard system constraints enforced by the agent tool registry and guardrail service — they are not permission settings that can be changed without a security review and legal sign-off.

Score, finalize, publish, revoke, or issue exam results or certificates
Post, modify, or reverse journal entries or ledger records
Confirm, allocate, or reconcile payments
Create, update, or delete RLS policies
Approve or deny result publication workflow approvals
Schedule or execute student data deletion or anonymization
Send payment instructions or bank transfer details to users
Access or transmit raw student PII (full name, DOB, contact) to external AI providers without verified parental consent and a signed DPA
Mark exam attendance or record OMR dispatch confirmations

9.4 High-Risk Action Approval Flow

When an AI agent requests a tool call marked as requires_human_approval, the following flow applies:

Agent creates an approval request record with the proposed action, parameters, and confidence score.
Approval request is surfaced in the operator portal under Agent Approvals.
ops_admin or super_admin reviews the proposed action and either approves or rejects.
On approval, the deterministic service executes the action (not the agent).
Both the approval decision and the deterministic execution are recorded in the audit trail with a shared correlation ID.

9.5 AI Decision Logging

Field	Purpose
model	Which AI model was used (provider + model name)
confidence	Model's stated confidence for this output
data_categories	Types of data included in the prompt (pseudonymous identifiers only)
prompt_digest	SHA-256 digest of the prompt (not the raw prompt — avoids PII in logs)
explanation	Human-readable plain-English summary of what the AI decided and why
human_review_state	pending / approved / rejected
approval_reference	Foreign key to the approval record if human review was required

All AI decision logs are subject to the same 3-year retention policy as other operational logs. Logs are pseudonymized at creation — student direct identifiers are removed before the log record is persisted.

10. Success Metrics & KPIs

A successful deployment of Finverse Olympiad OS is measured across five dimensions: operational throughput, financial accuracy, student experience, compliance posture, and platform reliability. These KPIs are the primary lens through which product and engineering decisions should be evaluated.

10.1 Operational Throughput

KPI	Target	Why It Matters
Registration batch processing time (upload → validated)	< 5 minutes for batches up to 500 students	School coordinators upload during working hours; slow processing creates drop-off and support tickets
Exception resolution rate	> 95% exceptions resolved before invoice-ready gate	Unresolved exceptions block invoice generation and delay the production schedule
Invoice generation latency	< 2 minutes from batch invoice-ready declaration to PDF available	Schools need the invoice immediately to process payment; delays cause follow-up support load
Payment reconciliation cycle time	< 24 hours from payment proof upload to reconciliation confirmation	Schools wait for confirmation before dispatching exam preparation materials; delays block the production schedule
OMR scan intake to result finalization	< 72 hours from last batch scan upload to finalized results	Parents and students expect timely results; delays generate high support volume
Certificate PDF generation (bulk)	< 30 minutes for up to 10,000 certificates after result publication	School coordinators need bulk PDFs for distribution; delayed generation blocks the post-exam logistics

10.2 Financial Accuracy

KPI	Target	Why It Matters
Payment reconciliation accuracy	> 99.5% of confirmed payments matched to correct invoice without manual intervention	Mismatched payments create financial discrepancies and require costly manual reconciliation sprints
Duplicate UTR rejection rate	100% — zero duplicate payments accepted	Duplicate payments create accounting errors and potential fraud exposure
Journal entry balance pass rate	100% — zero unbalanced journal entries in production	The `trg_check_je_balance` DB trigger enforces this; any unbalanced entry is a code defect
GST filing data completeness	100% of invoiced transactions have a corresponding GST record when GST is enabled	Incomplete GST data causes filing errors and regulatory penalties

10.3 Student Experience

KPI	Target
Student FAQ self-service rate via ChatAgentWidget	> 60% of student queries answered by local FAQ interceptor without LLM call
Adaptive quiz response time	< 200ms for IRT item selection (deterministic; no LLM involved)
Online exam submission success rate	> 99.9% — 3-layer submission chain (realtime → background sync → QR fallback) ensures no lost answers
Result visibility (time from publication to student portal display)	< 5 minutes
Certificate PDF download success rate	> 99.9% — revoked certificates return 410, issued certificates return valid PDF

10.4 Compliance Posture

KPI	Target
DPDP consent coverage	100% of active student registrations linked to a verified parental consent record before any data processing
Privacy rights request response SLA	Access and export requests fulfilled within 30 days; erasure requests acknowledged within 72 hours
CERT-In incident reporting latency	100% of qualifying security incidents reported within 6 hours of detection
Log retention compliance	100% of audit/ICT logs retained in India-hosted storage for minimum 180 days
Dependency security gate	Zero high or critical npm advisories in any production deployment
Privileged MFA enforcement	100% of privileged staff roles enrolled in Supabase TOTP MFA before production access is granted
Security score (internal audit)	Minimum 80/100 on internal security audit scorecard (currently 77/100 at local release-candidate; 80+ target before live deployment)

10.5 Platform Reliability

KPI	Target
API uptime during exam window	> 99.9% (exam days are business-critical; outages during exam windows constitute operational incidents)
Test suite pass rate	100% — 2268/2268 tests must pass before any deployment; zero test failures are accepted in CI
TypeScript compilation errors	Zero — the `npm run typecheck` gate must pass in CI with no errors
Worker deployment dry-run pass rate	100% — Wrangler dry-run must pass for all 288 Cloudflare agent implementations before any production agent deployment
Cloudflare Agent idle cost	Zero idle token or runtime loops — all 288 agents use wake-on-event, hibernation-compatible WebSockets, and no autonomous alarms

Baseline as of 2026-06-04: 2268/2268 tests passing across 298 test files, 0 TypeScript errors, 0 lint errors, 97 Supabase migrations, 288 governed Cloudflare agent implementations, 12 portal roles, 15 domain phases, security score 77/100. All local release-candidate gates pass. Pending: live infrastructure wiring (Supabase, Cloudflare, GitHub, Docker) and legal / vendor evidence for production launch.

Operations

Operations Requirements

Infrastructure, monitoring, incident response, and operational procedures required to run Finverse Agentic OS in production. Read this document end-to-end before connecting the first production request.

Do not connect production traffic until all secrets are configured, 97 migrations are applied, live RLS and storage smoke tests pass, Cloudflare Logpush is writing to Supabase, and the compliance evidence buckets are updated with production proof. Payment truth must reside in India-hosted Postgres at all times.

1. Infrastructure Requirements

1.1 Supabase

Supabase is the system of record for all business data. Payment truth, student data, audit logs, and CERT-In ICT logs must remain in the India-hosted region at all times to satisfy DPDP Act 2023 data-residency requirements and RBI payment data controls.

Parameter	Required Value	Notes
Region	`ap-south-1` (Mumbai)	Mandatory for DPDP data residency. No other region is acceptable.
Plan	Pro or higher	Required for PITR, custom storage policies, and production SLA.
PITR	Enabled — minimum 7-day window	Required for rollback safety and compliance evidence.
Migrations	0001–0097 applied in order	Run `bash scripts/migrate-production.sh` — see Section 4.
Auth providers	Email/password + Google OAuth	Google OAuth callback must resolve to `APP_BASE_URL/auth/callback`.
MFA enforcement	AAL2 required for privileged roles	Roles: `super_admin`, `ops_admin`, `finance_user`, `exam_ops`, `support_user`. Enforced by shared API guard. Evidence in `authz.role_security_requirements`.
RLS	Enabled and validated on all protected tables	Validate with staff, school, parent, student, vendor, CA-auditor, and service-role smoke accounts post-migration.
Storage buckets	6 buckets required (see below)	Storage policies must be applied alongside migrations.
Log retention	180-day minimum	CERT-In Directions 2022 CE1. Configured in `compliance.cert_in_log_retention_controls`.

Required Storage Buckets

Bucket Name	Purpose	Access Policy
`registration-uploads`	School registration CSV/XLSX files	Service-role write; staff read with RLS scope
`lead-imports`	CRM lead import files	Service-role write; ops_admin read only
`omr-scans`	Scanned OMR answer sheets	Service-role write; exam_ops read with audit log
`certificates`	Generated student certificates (PDF)	Service-role write; school/parent/student read after publication
`invoice-pdfs`	Generated invoice PDFs	Service-role write; finance_user/school read
`vendor-proofs`	Payment and vendor evidence uploads	Service-role write; finance_user read
`audit-artifacts`	Compliance evidence exports	Service-role write; super_admin read

1.2 Cloudflare Workers

Paid plan required. The free plan caps Durable Object classes at 100 and Workers requests at 100,000/day. The fleet requires 270 DO bindings (288 agent files, 269 unique class names + AgentSessionDO) and exceeds 100K requests on any exam day. Provision the Workers Paid plan before deploying.

Requirement	Value / Action
Account plan	Workers Paid plan. Free plan will fail with Error 1027 on exam day.
Durable Object classes	288 agent files; 269 unique class names + AgentSessionDO = 270 CF DO bindings. Paid plan limit: 500. Fits comfortably. (19 H-11 agents share class names with core agents, exported as H11Xxx aliases.)
DO SQLite storage	Paid plan: unlimited per account. Per-instance limit: 10 GB. Transient-pointer-only mode keeps per-instance storage minimal.
DO request rate	1,000 req/sec per individual instance (soft limit). On peak exam days, add queuing at the Next.js API layer to prevent a hot agent DO from hitting this.
Worker bundle size	10 MB compressed limit. Current target exports all 288 agent implementations from a single entry point. Split by group if real tool imports grow materially.
Worker memory	128 MB per isolate. Monitor via Cloudflare Observability dashboard.
CPU time	30 sec default per request/message/cron. Can be raised to 5 min via Wrangler config.
AI Gateway	1 gateway required (`finverse-ai-gateway`). Configure caching (1-month TTL) before switching from `local_stub` to real model routes to stay within 300 req/min Workers AI text-generation cap.
Logpush	Create Logpush job using `infra/cloudflare/logpush-supabase.example.json`. Dataset: `workers_trace_events`. Destination: `https://YOUR_APP_HOST/api/phase9/observability/cloudflare-logpush`. Configure `Authorization: Bearer CLOUDFLARE_LOGPUSH_SHARED_SECRET` header. Complete the ownership challenge. Verify rows appear in `observability.structured_logs`.
WAF rules	Configure rules for auth, registration, payment, agent ingress, webhook, and admin routes. See Section 7.
Routes / zones	Configure production route and zone in `wrangler.toml` before first deploy.
Secrets	13 production secrets set via `wrangler secret put`. Never in `wrangler.toml` or environment variables in plaintext. See Section 2 for the full list.
Compatibility date	`2026-05-15` with `nodejs_compat` flag.

1.3 Vercel / Next.js Hosting

Requirement	Value / Action
Node version	20.x LTS (as specified in `package.json` engines field).
Build command	`npm run build`
Verify gate	CI must pass `npm run verify` before each deploy. This runs lint, typecheck, env preflight, route-auth map, portal smoke, migration preflight, Cloudflare preflight, tests, build, and high audit.
Environment variables	All variables from `.env.production.example` injected at build and runtime. See Section 2 for the complete table.
Edge runtime	`src/proxy.ts` acts as Next.js 16 proxy, protecting all portal routes, injecting CSP nonce, and handling Supabase session refresh.
Security headers	HSTS, CSP, X-Content-Type-Options, X-Frame-Options configured in `next.config.ts`. Fallback headers are injected by `src/proxy.ts`.
MFA bypass assertion	`ENABLE_DEV_MFA_BYPASS` must be `false`. The startup assertion in `src/lib/env.ts` will crash the server if this is `true` in production.
CA token salt	`CA_TOKEN_SALT` must be at least 32 characters. A missing or short salt crashes startup — no fallback since the 2026-06-03 security fix.
Health endpoints	`GET /api/health` (public) and `GET /api/internal/health` (token-gated). Both must return 200 before production traffic.
GitHub branch protection	Protect default branch with required CI checks: `npm run verify`, `npm run security:policy`, `npm run compat:cloudflare-agents`, `npm run smoke:agents:strict`, Worker typecheck, Wrangler dry-run.

2. Environment Configuration

All variables are set in the Next.js hosting environment from .env.production.example. Cloudflare Worker secrets are set separately via wrangler secret put. NEXT_PUBLIC_* variables are embedded in the client bundle — never place secrets in them.

Run npm run env:preflight locally and node scripts/check-env-contract.mjs --production in CI before every deploy. Missing required variables fail the preflight check and abort deployment.

2.1 App Origin Variables

Variable	Required	Example Value	Purpose
`APP_BASE_URL`	Required	`https://os.finverse.in`	Canonical application URL. Used in email links, OAuth callbacks, CORS checks.
`NEXT_PUBLIC_APP_URL`	Required	`https://os.finverse.in`	Client-side URL for API calls from the browser.
`NEXTJS_BASE_URL`	Required	`https://os.finverse.in`	Used by Cloudflare Workers to call Next.js internal API endpoints.
`NEXTJS_INTERNAL_URL`	Required	`https://os.finverse.in`	Internal service-to-service communication URL. May differ from public URL in VPC setups.

2.2 Supabase Variables

Variable	Required	Example Value	Purpose
`NEXT_PUBLIC_SUPABASE_URL`	Required	`https://abcd1234.supabase.co`	Supabase project URL. Embedded in client bundle. Never the service role key.
`SUPABASE_URL`	Required	`https://abcd1234.supabase.co`	Server-side Supabase URL used by server components and API routes.
`NEXT_PUBLIC_SUPABASE_ANON_KEY`	Required	`eyJhbGc...`	Anon key for browser-side Supabase client. Subject to RLS. Safe to embed in bundle.
`SUPABASE_SERVICE_ROLE_KEY`	Required	`eyJhbGc...`	Service-role key. Bypasses RLS. Server-only. Never expose to browser.
`SUPABASE_JWT_SECRET`	Required	32+ char random string	JWT signing secret. Used for server-side token verification.
`SUPABASE_PROJECT_REF`	Required	`abcd1234efgh5678` (20 chars)	Supabase project reference. Used by migration guard script.
`SUPABASE_REGION`	Required	`ap-south-1`	Enforces India-region deployment assertion. Must be `ap-south-1`.
`SUPABASE_REGISTRATION_UPLOAD_BUCKET`	Required	`registration-uploads`	Storage bucket name for registration file uploads.
`SUPABASE_LEAD_IMPORT_BUCKET`	Required	`lead-imports`	Storage bucket name for CRM lead import files.

2.3 Data Residency & Mode Variables

Variable	Required	Production Value	Purpose
`PAYMENT_DATA_RESIDENCY`	Required	`IN`	Asserts payment data must stay in India. RBI compliance gate.
`PAYMENT_DATA_PRIMARY_STORE`	Required	`postgres`	Payment truth storage type. Must be `postgres` (Supabase). No other value is permitted.
`AGENT_DURABLE_OBJECTS_ENABLED`	Required	`true`	Enables Cloudflare Durable Object agent routing in the API layer.
`AGENT_DURABLE_OBJECTS_DATA_MODE`	Required	`transient_pointer_only`	Agents store only session pointers in DO SQLite. Authoritative data lives in Supabase Postgres.

2.4 Cloudflare Agent & AI Gateway Variables

Variable	Required	Example Value	Purpose
`CF_AGENT_URL`	Required	`https://finverse-agents.account.workers.dev`	Public URL of the deployed Cloudflare agent-session Worker.
`NEXT_PUBLIC_CF_AGENT_URL`	Required	`https://finverse-agents.account.workers.dev`	Client-side agent URL for WebSocket connections from the browser chat panel.
`CF_AGENT_SECRET`	Required	32+ char random string	Shared secret between Next.js and the Cloudflare agent Worker. Must match `AGENT_SECRET` exactly.
`AGENT_SECRET`	Required	Same value as `CF_AGENT_SECRET`	Server-side copy of the agent gateway secret. Used to sign and verify inbound agent requests.
`CF_API_TOKEN`	Required for deploy	`cloudflare-api-token...`	Cloudflare API token with Workers deploy scope. Only needed in CI/CD, not at runtime.
`CF_ACCOUNT_ID`	Required for deploy	32-char hex string	Cloudflare account ID. Required for Wrangler commands.
`CF_AI_GATEWAY_ID`	Required	`finverse-ai-gateway`	AI Gateway ID for routing LLM calls through Cloudflare caching and rate-limiting.
`AI_GATEWAY_ID`	Required	`finverse-ai-gateway`	Server-side alias for the AI Gateway ID. Must match `CF_AI_GATEWAY_ID`.

2.5 Internal Service & Security Variables

Variable	Required	Min Length	Purpose
`NEXTJS_SERVICE_TOKEN`	Required	32 chars	Authenticates Cloudflare Worker calls to Next.js internal API routes (`/api/internal/*`).
`BATCH_SYSTEM_USER_ID`	Required	Valid UUID	System user ID for batch operations. Default: `00000000-0000-0000-0000-000000000001`.
`CA_TOKEN_SALT`	Required	32 chars	Salt for CA portal token derivation. Startup crashes if missing or shorter than 32 chars.
`STUDENT_AUTH_SECRET`	Required	32 chars	Secret for student roll-number login token generation.
`CRON_SECRET`	Required	32 chars	Authenticates cron trigger API calls.
`INBOUND_EMAIL_SECRET`	Required	32 chars	HMAC secret for inbound email webhook authentication.
`QR_HMAC_SECRET`	Required	32 chars	HMAC secret for QR-code based exam submission fallback chain integrity.
`ENABLE_DEV_MFA_BYPASS`	Required	—	Must be `false` in production. Startup assertion crashes the server if `true`.

2.6 Compliance, Privacy & Finance Variables

Variable	Required	Min Length	Purpose
`RAZORPAY_KEY_ID`	Required	—	Razorpay live key ID. Use `rzp_live_*` prefix in production.
`RAZORPAY_KEY_SECRET`	Required	—	Razorpay live secret key. Server-only. Never expose to browser.
`RAZORPAY_WEBHOOK_SECRET`	Required	32 chars	HMAC secret for verifying Razorpay webhook payloads. Duplicate webhooks are rejected by idempotency guard.
`DPDP_REGISTRATION_SEALING_KEY`	Required	32 chars	AES key for sealing DPDP consent registration records. Changing this key invalidates existing sealed records.
`PARENT_CONSENT_EVIDENCE_SECRET`	Required	32 chars	HMAC secret for parent consent evidence records. Required for DPDP children's data controls.
`FINANCE_REFERENCE_PROTECTION_KEY`	Required	32 chars	Encryption key for protecting finance reference numbers in transit.
`IT_ACT_SPDI_PROTECTION_KEY`	Required	32 chars	Protection key for IT Act / SPDI sensitive personal data handling.
`CLOUDFLARE_LOGPUSH_SHARED_SECRET`	Required	32 chars	Bearer token for authenticating inbound Cloudflare Logpush events to the observability endpoint. Wire before configuring the Logpush job.
`CERT_IN_ALERT_WEBHOOK`	Required	Valid HTTPS URL	Slack / PagerDuty webhook URL for CERT-In 6-hour incident deadline alerts. Must be wired before go-live. Set as a Cloudflare Worker secret.

2.7 Rate Limiting & Feature Flags

Variable	Required	Production Value	Purpose
`RATE_LIMIT_STORE`	Required	`redis` or `memory`	Rate limit backend. Code fails closed in production unless `ALLOW_IN_MEMORY_RATE_LIMITS=true` is explicitly set. Use Redis or a deployable store in production.
`ALLOW_IN_MEMORY_RATE_LIMITS`	Required	`false`	Must be `false` to enforce distributed rate limiting. Set `true` only for single-instance staging.
`ENABLE_AI_CHAT`	Optional	`true`	Enables AI chat panels across all portals.
`ENABLE_CEO_CHAT`	Optional	`true`	Enables the CEO agent panel in the Ops portal.
`ENABLE_AI_COLUMN_MAPPING`	Optional	`false`	Enables AI-assisted CSV column mapping in registration intake. Off by default — requires DPA with AI provider.

2.8 AI Provider Variables

Variable	Required	Example Value	Purpose
`AI_PROVIDER`	Required	`groq`	Primary AI provider. Supported: `groq`, `openai`, `anthropic`.
`AI_MODEL`	Required	`llama-3.3-70b-versatile`	Default model for agent LLM calls. Configurable per tenant via `TENANT_MODEL_CONFIG_JSON`.
`AI_PROVIDER_FAILOVER`	Optional	`openai,anthropic`	Comma-separated list of failover providers.
`GROQ_API_KEY`	Required (if Groq)	`gsk-...`	Groq API key. Route through AI Gateway — do not call Groq directly from agents.
`ANTHROPIC_API_KEY`	Optional	`sk-ant-...`	Anthropic API key. Required if `anthropic` is in the provider or failover list.
`OPENAI_API_KEY`	Optional	`sk-...`	OpenAI API key. Required if `openai` is in the provider or failover list.
`TENANT_MODEL_CONFIG_JSON`	Optional	`{}`	JSON string for per-tenant model overrides.

3. Deployment Prerequisites

Complete these steps in order before the first production request.

3.1 Local Verification Gates

All of the following must pass cleanly in CI before any deployment proceeds:

# Full verification suite
npm run verify

# Security policy coverage
npm run security:policy

# Cloudflare agent compatibility (288 agent files, 288 exports, 270 DO bindings)
npm run compat:cloudflare-agents

# Strict agent smoke test
npm run smoke:agents:strict

# Worker TypeScript compilation
npx tsc -p workers/tsconfig.json

# Wrangler dry-run (validates wrangler.toml without deploying)
npx wrangler deploy --config wrangler.toml --dry-run

# High-severity dependency audit
npm audit --audit-level=high

3.2 Supabase Prerequisites

Provision Supabase project in region ap-south-1 (India).
Set all SUPABASE_* environment variables from .env.production.example.

Run the migration preflight check:

npm run env:preflight
npm run migrations:preflight

Apply all 97 migrations using the production guard script:

CONFIRM_PRODUCTION_MIGRATION=YES \
SUPABASE_PROJECT_REF=<20-char-ref> \
bash scripts/migrate-production.sh

Regenerate TypeScript database types from the live schema:
```
REGENERATE_LOCAL_TYPES=YES npm run types:gen
```
This resolves the 402 as any casts that exist locally due to pre-migration type generation.
Configure all 7 Storage buckets with appropriate RLS policies.
Validate RLS with smoke accounts for each role: super_admin, ops_admin, finance_user, exam_ops, support_user, school, parent, student, vendor, ca_auditor, service_role.
Enable Supabase MFA for all privileged staff before assigning elevated roles.

3.3 Cloudflare Prerequisites

Confirm the Cloudflare account is on the Workers Paid plan.

Set 13 production secrets via wrangler secret put:

wrangler secret put AGENT_SESSION_SECRET
wrangler secret put AGENT_APPROVAL_SECRET
wrangler secret put NEXTJS_TOOL_GATEWAY_SECRET
wrangler secret put NEXTJS_SERVICE_TOKEN
wrangler secret put CLOUDFLARE_LOGPUSH_SHARED_SECRET
wrangler secret put CERT_IN_ALERT_WEBHOOK
wrangler secret put SUPABASE_URL
wrangler secret put SUPABASE_SERVICE_ROLE_KEY
wrangler secret put NEXTJS_BASE_URL
wrangler secret put NEXTJS_INTERNAL_URL
wrangler secret put GROQ_API_KEY
wrangler secret put ANTHROPIC_API_KEY
wrangler secret put OPENAI_API_KEY

Deploy workers to staging first:

CONFIRM_CLOUDFLARE_DEPLOY=YES bash scripts/deploy-workers.sh

Verify Durable Object migrations for AgentSessionDO and all 288 agent implementations are applied.
Confirm workers/agents/wrangler-additions.toml is synchronized with root wrangler.toml.
Create Logpush job using infra/cloudflare/logpush-supabase.example.json, complete the ownership challenge, and verify rows in observability.structured_logs.
Configure WAF rules and rate limiting (see Section 7).
Monitor with wrangler tail for the first 30 minutes post-deploy watching for Error 1027 / 1102.

3.4 Compliance Prerequisites

Confirm CERT_IN_ALERT_WEBHOOK is wired to a live Slack/PagerDuty endpoint.
Verify DPDP consent, child data, privacy notice, and rights workflows work end-to-end.
Confirm payment truth is exclusively in India-hosted Postgres (RBI requirement).
Update all four compliance evidence buckets (code, infrastructure, legal, vendor) from pending to production-backed.
Capture penetration test or significant-upgrade audit evidence.

4. Migration Safety

97 migrations must be applied in strict sequence 0001–0097. Never skip, reorder, or roll back applied migrations destructively. All rollback is forward-only via new fix migrations.

4.1 Migration Phases Overview

Range	Phase / Content
`0001–0013`	Core security, audit, event foundation, workflow, and all 9 domain phases (CRM, registration, finance, production ops, exam, results, AI ops, online exam, academic intelligence, multi-portal workspace, trust observability)
`0014–0019`	Phases 10–15: cloud runtime, secure tooling, data warehouse/BI/feature store, SaaS licensing, content governance, AI control and eval readiness
`0020–0032`	OWASP hardening, DPDP compliance, RBI payment controls, CERT-In directions, AI governance, RLS scope hardening, compliance portal seed
`0033–0043`	Login CMS, CEO agent foundation (sessions, query log, RPCs, rate limiting), schema grants
`0044–0075`	Schema grants, school portal agents, student portal agents, LMS pipeline, hardening phases H2/H4/H5/H9/H12/H13
`0076`	Missing staff roles: `content_reviewer`, `academic_reviewer`
`0077–0094`	Full accounting module: chart of accounts, journal entries with balance-check trigger, GST engine, TDS deductions, reconciliation batches, CA portal, anomaly detection
`0095`	Custom schema exposure for `acc` schema
`0096`	Accounting RLS scope fix — removes `USING(TRUE)` from 10 accounting tables, replaces with role-scoped policies
`0097`	Audit log retention configuration and `auth.login_failed.v1` event type registration

4.2 Preflight Rules

npm run migrations:preflight blocks the following automatically. Any violation aborts the migration and must be resolved before proceeding:

Duplicate numeric migration version numbers in supabase/migrations/
Dev/demo/sample/mock/fixture seed migrations in the production path
Migrations marked as development seed data
Destructive SQL (DROP TABLE, DROP SCHEMA, TRUNCATE TABLE, DELETE FROM) without an explicit production-migration-allow-destructive justification comment
Obvious hard-coded secret assignments

4.3 Production Push Guard

The migration script requires two environment guards to prevent accidental application:

CONFIRM_PRODUCTION_MIGRATION=YES \
SUPABASE_PROJECT_REF=<20-character-project-ref> \
bash scripts/migrate-production.sh

The script internally runs node scripts/check-production-migrations.mjs --production before supabase db push. Local type generation is opt-in:

REGENERATE_LOCAL_TYPES=YES bash scripts/migrate-production.sh

4.4 Dev Seed Quarantine

supabase/dev-migrations/0048_dev_seed_data.sql is quarantined outside supabase/migrations/. It is available for local smoke setup only and is never applied to production. The preflight script enforces this boundary.

4.5 Rollback Strategy

Do not roll back applied database migrations destructively. Applied migrations are immutable. All fixes use forward-only new migration files.

Stop new traffic at Cloudflare route or load balancer.
Roll the Worker back to the previous deployed version via Cloudflare dashboard or wrangler rollback.
Roll the Next.js app back to the previous immutable image tag.
Write a forward-fix migration (e.g., 0098_fix_<issue>.sql) to address the data problem.
Pause background workers that could replay side effects during the fix window.
Preserve incident and audit logs. Open a security incident record if the rollback is security-related.
Record rollback evidence in compliance and audit evidence registers.

5. Monitoring & Observability

5.1 Cloudflare Logpush to Supabase

Cloudflare Worker trace events are pushed via Logpush to the Next.js observability endpoint, which writes them to observability.structured_logs in Supabase. This provides CERT-In compliant 180-day ICT log retention in India.

Configuration Parameter	Value
Logpush job name	`finverse-cert-in-supabase-log-backup`
Dataset	`workers_trace_events`
Destination	`https://YOUR_APP_HOST/api/phase9/observability/cloudflare-logpush`
Authentication	`Authorization: Bearer CLOUDFLARE_LOGPUSH_SHARED_SECRET`
Max upload records	500 per push
Max upload bytes	1 MB per push
Filter	Outcome != unknown (excludes noise)
Config file	`infra/cloudflare/logpush-supabase.example.json`

5.2 structured_logs Schema

All structured logs land in observability.structured_logs. Each row carries:

Retention metadata — 180-day minimum, India storage region assertion, Cloudflare export evidence
Tamper evidence — hash-chain field for CERT-In log integrity requirements
Correlation ID — links Worker trace events to Supabase audit events
Source type — worker_trace, api_access, audit_event
Timestamp, method, path, outcome, IP, user-agent

5.3 Key Metrics to Watch

Metric	Alert Threshold	Where to Check
Worker error rate	> 1% over 5 minutes	Cloudflare Observability dashboard / `wrangler tail`
Worker CPU time	Approaching 30 sec limit (Error 1102)	Cloudflare Observability — CPU time histogram
DO request rate	Approaching 1,000 req/sec per instance on exam day	Cloudflare Durable Objects analytics
Outbox event lag	Unprocessed events > 30 seconds old	`SELECT COUNT(*) FROM outbox_events WHERE processed_at IS NULL`
Notification intent lag	Undispatched intents > 5 minutes old	`SELECT COUNT(*) FROM ops.notification_intents WHERE dispatched_at IS NULL`
CERT-In report deadline	Any queued report within 60 minutes of `report_due_at`	Automatically alerted by `cert-in-alert-worker` every 30 minutes
Failed outbox jobs	Any job with > 3 retries	`SELECT * FROM outbox_events WHERE failed_at IS NOT NULL ORDER BY failed_at DESC`
Workers AI rate limit	Approaching 300 req/min text generation cap	Cloudflare AI Gateway usage dashboard
API health	`/api/health` returns non-200	External uptime monitor (e.g., Cloudflare Health Checks)
Supabase connection pool	> 80% pool utilization	Supabase dashboard — Database / Connections

5.4 Alerting Setup

Configure Cloudflare notification alerts for Worker error rate and CPU limit breaches.
Set up an external uptime monitor for /api/health with a 1-minute interval.
Wire CERT_IN_ALERT_WEBHOOK to a PagerDuty/Slack channel that is monitored 24x7.
Set up Supabase database alert for connection pool utilization > 80%.
Add a daily SQL job to check observability.structured_logs row count and confirm Logpush is active.

6. CERT-In Compliance Operations

Legal obligation: 6-hour incident reporting. CERT-In Cybersecurity Directions 2022 require security incidents to be reported to CERT-In within 6 hours of discovery. Failure to report is a punishable offence under the Information Technology Act 2000.

6.1 Control Implementation Status

Control	Requirement	Implementation	Status
CE1	180-day ICT log retention in India	`compliance.cert_in_log_retention_controls`, `observability.structured_logs` with retention + hash-chain tamper evidence, Cloudflare Logpush to Supabase India	Code complete — requires live Logpush configuration
CE2	6-hour incident reporting deadline	`security.cert_in_incident_reports` with `cert_in_report_due_at` field, CERT-In alert worker (30-min cron), `/api/phase9/security/cert-in-report` operator endpoint	Code complete — requires webhook wired in production
CE3	Privileged access logging with IP and user-agent	Centralized access log in shared API guard writes user, method, path, IP, user-agent, role set, correlation ID before route work. `data.export` audit record for result CSV exports.	Complete
CE4	Security vulnerability management	`npm run audit:high` enforced in CI. High-severity findings fail the build.	Complete
CE5	MFA for privileged internal roles	AAL2 enforcement in shared API guard. Role requirements in `authz.role_security_requirements`. Policy evidence in `src/lib/auth/mfa-policy.ts`.	Code complete — requires live MFA enrollment for privileged staff

6.2 cert-in-alert-worker Operation

workers/cert-in-alert-worker.ts runs on a 30-minute Cloudflare cron trigger. It queries security.cert_in_incident_reports for any queued report whose report_due_at is within the next 60 minutes, marks the incident as alert_sent in the database (preventing duplicate alerts), and posts to CERT_IN_ALERT_WEBHOOK.

The webhook delivery is non-fatal — if it fails, the incident remains alert_sent in the database. Operators must monitor Cloudflare Worker logs for webhook delivery errors. Retry is possible by resetting cert_in_reporting_status to queued directly in the database.

6.3 Incident Response Procedure

Discovery (T+0): On detecting a security incident, immediately create a record in security.incidents via the compliance portal or direct DB insert. This starts the 6-hour reporting clock (cert_in_report_due_at = NOW() + INTERVAL '6 hours').
T+0 to T+30 min: cert-in-alert-worker detects the new incident on its next 30-minute poll cycle and fires the webhook alert.
T+0 to T+5h30m: Investigate, contain, and gather evidence. Use /api/phase9/security/cert-in-report to queue the CERT-In report payload.
By T+6h: Submit the CERT-In report to incident@cert-in.org.in via the operator portal. Update the incident record with cert_in_reference number.
Post-incident: Capture all evidence in the compliance portal evidence buckets. Update report_status to submitted.

6.4 Evidence Requirements

Evidence Type	Location	Retention
ICT system logs	`observability.structured_logs` (Supabase India)	180 days minimum
Privileged access logs	`audit.audit_events` with role set and IP	180 days minimum
Incident records	`security.incidents` and `security.cert_in_incident_reports`	5 years (IT Act)
CERT-In report submissions	Compliance portal evidence bucket — Legal And Policy Evidence	5 years
Login failure audit records	`audit.audit_events` with event type `auth.login_failed.v1`	180 days minimum
MFA enrollment evidence	Supabase Auth MFA records + `authz.role_security_requirements`	During employment + 1 year

7. Security Operations

7.1 WAF Rules Configuration

Configure Cloudflare WAF rules for the following route categories before accepting production traffic:

Route Pattern	Rule Type	Action
`/api/auth/*`	Rate limit	10 requests per IP per minute. Block with 429 on breach. Prevents credential stuffing.
`/api/registration/*`	Rate limit + bot management	50 requests per IP per 5 minutes. Challenge suspected bots. Prevents bulk registration abuse.
`/api/payment/`, `/api/webhooks/`	IP allowlist + HMAC enforcement	Allow only Razorpay IP ranges on payment webhooks. HMAC validation enforced at application layer.
`/api/agents/*`	Rate limit + signature check	Require valid `X-Agent-Secret` header. 100 requests per session per minute.
`/api/internal/*`	Origin restriction	Block all requests not originating from the Cloudflare Worker IP range or trusted VPC CIDR.
`/operations/`, `/admin/`	MFA + geo-restriction (optional)	Enforce AAL2 session. Consider geo-restricting to India in early launch.
All routes	OWASP core rule set	Enable Cloudflare Managed Rules (OWASP CRS). Set to block mode after false-positive tuning.

7.2 Rate Limiting Strategy

The application ships with a fail-closed rate limiting policy. In production, RATE_LIMIT_STORE must be set to a deployable store (Redis or equivalent). If set to memory, ALLOW_IN_MEMORY_RATE_LIMITS must be true to prevent the server from refusing all requests at startup — acceptable only for single-instance staging environments.

Route Category	Limit	Window	Consequence
Login / auth	10 req	1 minute	429 + lockout record
Registration intake	50 req	5 minutes	429
PDF generation	20 req	1 minute	429
Agent WebSocket	100 messages	1 minute per session	Session throttle
CERT-In report API	5 req	1 minute	429
CEO chat	20 req	1 minute per user	429

7.3 Audit Log Retention (180-Day Rule)

Migration 0097_audit_logs_retention_and_compliance.sql configures the following retention controls in compliance.cert_in_log_retention_controls:

Minimum retention: 180 days for all ICT logs (CERT-In CE1)
Storage region: ap-south-1 (India) — asserted in retention control record
Tamper evidence: hash-chain on observability.structured_logs
Backup requirement: Supabase PITR enabled (Pro plan) with 7-day minimum window
Event type auth.login_failed.v1 registered in the audit event type registry

Do not set up automated log deletion jobs that purge records before 180 days. Any scheduled cleanup must respect the cert_in_log_retention_controls policy.

7.4 Privileged Access Monitoring

All requests to protected API routes write to audit.audit_events with user ID, method, path, IP address, user-agent, role set, and correlation ID before route-level work begins.
Result CSV exports write an explicit data.export audit record with user identity and export scope.
CA portal (/auditor/*) is strictly read-only — acc_ca_access_log records every query.
Board report endpoint (super_admin only) logs access with full context.
Review privileged access logs weekly. Investigate any access from unexpected IP ranges or outside business hours.

7.5 Dependency Security

# Run before every deploy
npm audit --audit-level=high

# Current known acceptable moderate advisories (do not force-fix):
# - next/postcss upstream advisories
# - wrangler/miniflare/ws advisories
# High and critical findings MUST be resolved before deployment.

8. Worker Operations

The platform deploys 7 Cloudflare Workers. All workers require the Paid plan. All are cron-triggered unless noted otherwise.

outbox-processor

File	`workers/outbox-processor.ts`
Trigger	Cloudflare cron — every 30 seconds
Purpose	Polls `outbox_events WHERE processed_at IS NULL LIMIT 50` and marks each event processed. Acts as the fanout trigger for downstream workers.
Secrets required	`SUPABASE_URL`, `SUPABASE_SERVICE_ROLE_KEY`
Success metric	Events are marked `processed_at` within 30 seconds of creation.
Failure mode	Supabase unreachable or service-role auth failure. Events remain unprocessed. Downstream workers are not triggered.
Recovery	Fix Supabase connectivity. The worker self-heals on the next cron cycle — no manual replay needed.
Monitor	`SELECT COUNT(*) FROM outbox_events WHERE processed_at IS NULL AND created_at < NOW() - INTERVAL '2 minutes'` — alert if > 0.

notification-worker

File	`workers/notification-worker.ts`
Trigger	Cloudflare cron — every 5 minutes
Purpose	Polls `ops.notification_intents WHERE dispatched_at IS NULL LIMIT 50` and marks each intent dispatched. Currently uses `noop` provider — wire to a real SMS/email provider before go-live.
Secrets required	`SUPABASE_URL`, `SUPABASE_SERVICE_ROLE_KEY`
Success metric	Notification intents dispatched within 5 minutes. Zero undispatched intents older than 10 minutes.
Failure mode	Supabase unreachable. Notification provider API failure. Intents accumulate — parents and students do not receive notifications.
Recovery	Fix Supabase/provider connectivity. Intents self-heal on the next cron cycle.
Note	Provider is currently `noop` (logs only). Replace with Twilio/MSG91/SendGrid before sending to real users.

invoice-pdf-worker

File	`workers/invoice-pdf-worker.ts`
Trigger	Cloudflare cron — polls outbox for `invoice.approved.v1` events
Purpose	Claims batches of up to 20 `invoice.approved.v1` outbox events via `rpc/claim_outbox_batch` (row-lock with SKIP LOCKED). Calls `/api/internal/finance/generate-invoice-pdf` for each. Marks processed or failed with 5-minute retry delay.
Secrets required	`SUPABASE_URL`, `SUPABASE_SERVICE_ROLE_KEY`, `NEXTJS_BASE_URL`, `NEXTJS_SERVICE_TOKEN`
Idempotency	Outbox claim uses row-locks with SKIP LOCKED. Each event is claimed by exactly one worker instance.
Failure mode	Network error to Next.js or PDF generation failure. Event is marked failed and retried after 300 seconds. After 3 retries, event enters the dead-letter state.
Monitor	Check `outbox_events WHERE event_type = 'invoice.approved.v1' AND failed_at IS NOT NULL`.

finance-reconciliation-worker

File	`workers/finance-reconciliation-worker.ts`
Trigger	Cloudflare cron — polls outbox for `payment.received.v1` events
Purpose	Claims batches of up to 20 `payment.received.v1` outbox events. Calls `/api/internal/finance/reconcile` to match payments against invoices and update ledger balances.
Secrets required	`SUPABASE_URL`, `SUPABASE_SERVICE_ROLE_KEY`, `NEXTJS_BASE_URL`, `NEXTJS_SERVICE_TOKEN`
Idempotency	Row-lock claim with SKIP LOCKED prevents double-reconciliation.
Failure mode	Reconciliation failure leaves the payment unmatched. Finance team will see unreconciled transactions in the finance portal. Retry after 300 seconds.
Monitor	Check `outbox_events WHERE event_type = 'payment.received.v1' AND failed_at IS NOT NULL`. Also monitor `acc_reconciliation_batches` for stalled batches.

cert-in-alert-worker

File	`workers/cert-in-alert-worker.ts`
Config	`workers/wrangler.cert-in-alert.toml`
Trigger	Cloudflare cron — every 30 minutes
Purpose	Queries `security.cert_in_incident_reports WHERE report_status = 'queued' AND report_due_at <= NOW() + INTERVAL '1 hour'`. Marks each as `alert_sent` and posts to `CERT_IN_ALERT_WEBHOOK`.
Secrets required	`SUPABASE_URL`, `SUPABASE_SERVICE_ROLE_KEY`, `CERT_IN_ALERT_WEBHOOK`
Critical requirement	`CERT_IN_ALERT_WEBHOOK` must be wired to a 24x7 monitored channel before go-live. An unwired webhook means the 6-hour CERT-In deadline may be silently missed.
Failure mode	DB update failure skips the webhook to prevent duplicate alerts. The incident remains `queued` and is retried on the next 30-minute cycle. Webhook delivery failure is non-fatal but is logged in Cloudflare Worker traces.
Monitor	Monitor Cloudflare Worker logs for webhook delivery errors. Check `security.incidents WHERE cert_in_reporting_status = 'queued' AND created_at < NOW() - INTERVAL '5 hours'` daily.

registration-workflow

File	`workers/registration-workflow.ts`
Trigger	HTTP trigger from Next.js API (Cloudflare Workflow — durable, resumable)
Purpose	Processes registration batch uploads as a durable step workflow. Each step delegates mutations back to Next.js internal API to preserve RLS and the audit trail. Handles normalization, validation, deduplication scoring, and exception queueing.
Secrets required	`NEXTJS_BASE_URL`, `NEXTJS_SERVICE_TOKEN`, `SUPABASE_URL`, `SUPABASE_SERVICE_ROLE_KEY`
Idempotency	Workflow steps are idempotency-keyed. A workflow instance can be safely resumed after failure.
Failure mode	Step failure pauses the workflow at that step. Operators can view paused workflows in the Cloudflare dashboard and retry or cancel them.
Monitor	Cloudflare Workflows dashboard — check for stuck or failed instances. Also check `ops.registration_batches WHERE status = 'processing' AND updated_at < NOW() - INTERVAL '30 minutes'`.

agent-session

File	`workers/agent-session.ts`
Config	`wrangler.toml` (main entry point)
Trigger	HTTP/WebSocket — browser chat panel connections
Purpose	Durable Object hub for browser WebSocket sessions. Each open chat session is an `AgentSessionDO` instance keyed by session UUID. Uses the Hibernation API — DOs sleep between messages and wake on demand. Routes to all 288 agent DO implementations.
Secrets required	`AGENT_SESSION_SECRET`, `AGENT_APPROVAL_SECRET`, `NEXTJS_TOOL_GATEWAY_SECRET`, `NEXTJS_SERVICE_TOKEN`, `NEXTJS_BASE_URL`, AI provider keys (if real model routes active)
Session validation	Signed session tokens validated before WebSocket upgrade. Unknown agents and invalid signatures are rejected with 401.
High-risk tools	Tools flagged as high-risk require human approval via the `/operations/agent-approvals` portal before execution. The DO queues the approval request and waits. This is a hard gate — not advisory.
Failure mode	DO hibernation failure causes session reconnect. Browser clients auto-reconnect via the chat panel. Approval queue items persist in DO SQLite storage.
Monitor	Cloudflare DO analytics — active instances, request rates. `wrangler tail` for session errors. Check `/operations/agent-approvals` for stuck approval queue items.

9. Agent Fleet Operations

9.1 Fleet Overview

Metric	Value
Total governed agents	288 agent DO files (270 unique CF bindings: 269 class names + AgentSessionDO)
Agent groups	18 groups (CRM, Registration, Finance, Production Ops, Exam, Results, Online Exam, Academic Intelligence, Portals, Content Governance, AI Governance, Control Tower, Psychometrics, BI/Analytics, LMS, CEO, School Portal, Student Portal)
Agent posture	Advisory only, event-driven. Agents route, summarize, and recommend. Deterministic services mutate truth.
High-risk tools	Require human approval via `/operations/agent-approvals` before execution
Data mode	`transient_pointer_only` — agents store session pointers in DO SQLite; authoritative data lives in Supabase Postgres
AI output	Advisory, schema-validated, logged to decision audit trail

9.2 Smoke Testing

# Basic agent smoke (all 288 agent implementations instantiate without error)
npm run smoke:agents

# Strict smoke (must pass in CI — validates all 288 exports, 270 bindings, and SQLite migration classes)
npm run smoke:agents:strict

# Cloudflare agent compatibility check
npm run compat:cloudflare-agents

The strict smoke test verifies: 288 agent files exported (269 unique class names; 19 H-11 use H11Xxx aliases), 270 Durable Object binding entries in wrangler.toml, and 18 new_sqlite_classes entries (one per agent group).

9.3 Approval Queue Monitoring

High-risk agent tool calls are queued for human approval in the /operations/agent-approvals portal. Monitor this queue daily. Approval items that are not actioned within 24 hours should be escalated to the responsible operator. An unreviewed approval queue can block legitimate agent workflows.

-- Check for stale approval queue items
SELECT * FROM ops.agent_approval_queue
WHERE status = 'pending'
  AND created_at < NOW() - INTERVAL '4 hours'
ORDER BY created_at ASC;

9.4 Idle Hibernation

All agent DOs use the Cloudflare Hibernation API. DOs automatically sleep between WebSocket messages and wake on the next inbound message. This means:

Zero idle cost — sleeping DOs do not consume CPU or memory billing.
Wake latency is typically < 50ms. No special warm-up procedures are needed.
In-memory state is lost on hibernation. All persistent state uses DO SQLite (for pointers) or Supabase Postgres (for truth).
DO alarm handlers can be used to schedule deferred cleanup — max 15-minute wall time per alarm.

9.5 SQLite Storage Limits

Limit	Value	Finverse Usage
Storage per DO instance	10 GB	Each agent stores only session pointers and transient chat context — well under 1 MB per instance in normal operation.
Total SQLite per account	Unlimited (paid plan)	No account-level risk.
Key + value per row	2 MB	Agent session context is JSON — keep message history window bounded to prevent this limit. Default context window is 20 messages.
Max SQL columns per table	100	Agent schemas use far fewer columns. No risk.
Max SQL statement length	100 KB	No agent statement approaches this. No risk.

9.6 Workers AI Rate Limiting

Critical bottleneck when going live. The default Workers AI text-generation cap is 300 req/min across all agents. At exam day scale, this will be hit within minutes if AI Gateway caching is not enabled. Route all LLM calls through finverse-ai-gateway with 1-month cache TTL enabled before switching from local_stub to real model routes.

Do not run load tests against Workers AI from local wrangler dev — it consumes production quota.

10. Backup & Recovery

10.1 Supabase PITR

Setting	Required Value	Purpose
PITR enabled	Yes (Pro plan required)	Allows point-in-time recovery for any data loss or corruption event.
Retention window	Minimum 7 days	Covers most data loss scenarios. Extend to 30 days for examination periods.
Daily backups	Enabled (Supabase automatic)	Supabase Pro creates daily backups automatically. Download and archive weekly.
Manual export	Before each major migration batch	Run `supabase db dump --file pre-migration-backup.sql` before applying migrations.

10.2 Migration Rollback

Database migrations are always forward-only. The rollback procedure for a bad migration is:

Stop application traffic at the Cloudflare route / load balancer level.
Pause all Cloudflare cron Workers to prevent background writes.
Diagnose the exact scope of the data issue using Supabase PITR timeline.
Write a forward-fix migration (e.g., 0098_fix_<issue>.sql) that corrects the data state without destructive SQL.
Run the new migration through the preflight + production guard pipeline.
If data must be restored from PITR, do so only on a staging clone first, verify the restore, then apply to production during a maintenance window with all traffic stopped.
Record the incident and rollback evidence in the compliance portal.

10.3 Worker Rollback Procedure

In the Cloudflare dashboard, navigate to Workers > Your Worker > Deployments.
Select the last known-good deployment and click "Rollback to this deployment".
Alternatively, use wrangler rollback with the deployment ID.
Verify the rollback is live with wrangler tail.
For Next.js app rollback: redeploy the previous immutable image tag via the hosting platform's rollback function.
Confirm both the Worker and the Next.js app are on compatible versions — the CF_AGENT_SECRET and AGENT_SECRET must match across both.

10.4 Compliance Log Backup

observability.structured_logs must be archived beyond the Supabase PITR window for the full 180-day CERT-In retention period. Configure an automated export job to write log rows older than 30 days to cold storage (e.g., Cloudflare R2 or AWS S3 India region) monthly. Retain exports for 6 months minimum.

11. Go/No-Go Checklist

All GO criteria below must be met before the first production request. Any NO-GO condition is a hard blocker — do not proceed until resolved.

11.1 Code & CI Gates (GO required)

Gate	Command	Status
Full verification suite	`npm run verify`	Must pass — lint, typecheck, env preflight, route-auth map, portal smoke, migration preflight, Cloudflare preflight, 2268 tests, build, high audit
Security policy suite	`npm run security:policy`	Must pass — covers OWASP, DPDP, children's data, RBI, IT Act/SPDI, CERT-In, AI governance, egress, logging, MFA, migration, workflow policies
Cloudflare agent compatibility	`npm run compat:cloudflare-agents`	Must pass — 288 agent files, 288 exports, 270 bindings (269 class names + AgentSessionDO)
Strict agent smoke	`npm run smoke:agents:strict`	Must pass
Worker TypeScript	`npx tsc -p workers/tsconfig.json`	Must pass — 0 TypeScript errors
Wrangler dry-run	`npx wrangler deploy --config wrangler.toml --dry-run`	Must pass — no config errors
High audit gate	`npm audit --audit-level=high`	Must exit 0 — no high or critical dependency vulnerabilities

11.2 Infrastructure Gates (GO required)

Gate	How to Verify
Supabase India region confirmed	Dashboard shows `ap-south-1`. `SUPABASE_REGION=ap-south-1` in env.
All 97 migrations applied	`SELECT version FROM schema_migrations ORDER BY version DESC LIMIT 1` returns `0097`.
Live RLS smoke passed	All 11 role smoke accounts verified. Accounting tables scoped to finance roles only. CA portal cannot write.
Storage buckets and policies applied	All 7 buckets exist with correct RLS policies in Supabase Storage dashboard.
Cloudflare Workers deployed	`wrangler tail` shows active traces. All 7 workers respond.
DO migrations applied	270 Durable Object classes registered in Cloudflare dashboard (288 agent files; 269 unique class names + AgentSessionDO). 19 H-11 agents share class names with core agents (H11Xxx alias exports).
Logpush writing to Supabase	`SELECT COUNT(*) FROM observability.structured_logs WHERE created_at > NOW() - INTERVAL '5 minutes'` returns > 0 after triggering a Worker request.
WAF rules active	Cloudflare Security > WAF shows rules for auth, registration, payment, agent ingress, and internal routes.
Rate limiting store active	`RATE_LIMIT_STORE` is not `memory` with `ALLOW_IN_MEMORY_RATE_LIMITS=false`. Test by hitting an auth route 15+ times in 1 minute and confirming 429 responses.
Health endpoints respond	`GET /api/health` → 200. `GET /api/internal/health` without token → 401. With token → 200.

11.3 Compliance & Legal Gates (GO required)

Gate	Owner
CERT-In alert webhook wired and tested	Platform engineering + operations
Privileged staff MFA enrolled	IT administration
DPDP consent and children's data flows verified end-to-end	Platform engineering + compliance
RBI payment truth in India Postgres confirmed	Platform engineering + finance
Signed DPAs with AI, vendor, logistics, payment, and cloud providers	Legal / procurement
Grievance officer contact, escalation channel, and approval record in place	Compliance / operations
Incident contact channels (email/SMS/on-call) tested	Operations
Privacy notice and security policy published at public URLs	Legal / compliance
Compliance evidence buckets updated from pending to production-backed	Compliance / platform engineering

11.4 NO-GO Conditions (Hard Blockers)

Do not proceed if any of the following is true:

Any critical or high local-code security finding is open.
Service-role API routes are unguarded or accessible without authentication.
Payment truth is stored outside India-hosted Postgres.
Child data is processed by AI without verified parental consent and guardrails.
AI can change high-risk outcomes (results, certificates, payments) without human approval.
ENABLE_DEV_MFA_BYPASS=true in the production environment.
CA_TOKEN_SALT is missing or shorter than 32 characters.
CERT_IN_ALERT_WEBHOOK is not wired to a live, tested channel.
Supabase region is not ap-south-1.
Cloudflare account is on the Free plan.

12. Post-Launch Operations

12.1 Ongoing Compliance Evidence

The compliance portal at /operations/compliance surfaces four evidence buckets. All four must be actively maintained — the portal reflects live evidence status, not documentation alone.

Evidence Bucket	Update Frequency	Owner
Local Code Evidence	With every deployment — CI gates enforce freshness.	Engineering
Live Infrastructure Evidence	After each infrastructure change — WAF rule update, Logpush reconfiguration, new Worker deployment.	Platform engineering
Legal And Policy Evidence	On policy update, regulatory change, or grievance officer change. Privacy notice must reflect current data practices.	Legal / compliance
Vendor And DPA Evidence	On vendor onboarding, contract renewal, or DPA update. Each AI provider, cloud provider, logistics partner, and payment processor requires a signed DPA.	Procurement / compliance

12.2 Routine Compliance Checks

Check	Frequency	How
CERT-In incident queue	Daily	Check `security.incidents WHERE cert_in_reporting_status = 'queued'`. Any item must be actioned within 6 hours of discovery.
Privileged access log review	Weekly	Export `audit.audit_events` for privileged roles. Investigate any unexpected access patterns, off-hours logins, or unusual IP ranges.
Structured log retention check	Monthly	Confirm `observability.structured_logs` row count for the previous month. Verify Logpush is still active. Archive logs older than 30 days to cold storage.
Dependency audit	Weekly in CI; manual monthly	`npm audit --audit-level=high`. Review new moderate advisories monthly.
MFA enrollment verification	Monthly	Confirm all privileged staff have AAL2 enrolled in Supabase Auth. Revoke elevated roles for any staff whose MFA is removed.
Vendor DPA renewal	Annual or on contract change	Review all signed DPAs. Renew before expiry. Update compliance portal evidence bucket.
DPDP rights request processing	Within 30 days of each request	Data subject access, correction, and deletion requests must be actioned within 30 days per DPDP Act 2023. Monitor the rights request queue in the compliance portal.
Agent approval queue	Daily	Review `/operations/agent-approvals`. Approve or reject all pending high-risk agent tool requests. Escalate items older than 4 hours.

12.3 Annual Audit Requirements

IT Act / SPDI annual audit: Conduct an annual security audit per IT Act Section 43A and SPDI Rules 8. Engage a CERT-In empanelled auditor for a significant-upgrade audit after any major architectural change.
DPDP consent record review: Annually review all parental consent records for children's data. Archive expired consent records per the retention schedule.
AI governance review: Annual review of AI decision logs (ops.ai_decision_logs) for bias, drift, and policy compliance. Update model cards and training data evidence in the AI Governance evidence bucket.
Penetration test: Annual penetration test by a CERT-In empanelled auditor or equivalent. All critical and high findings must be resolved within 30 days.
Compliance control catalog review: Annually review all 42 controls across OWASP (A01–A10), DPDP (D1–D8), Children Data (C1–C5), IT Act/SPDI (I1–I4), RBI (P1–P5), CERT-In (CE1–CE5), and AI Governance (AI1–AI5). Update the canonical catalog at src/lib/compliance/control-catalog.ts if the regulatory landscape changes.
Disaster recovery drill: Annual DR drill using Supabase PITR restore to a staging environment. Document the RTO and RPO achieved.

12.4 Operational Runbooks Quick Reference

Scenario	First Action	Escalation
Security incident detected	Create incident record in compliance portal immediately. Start 6-hour CERT-In clock.	Notify grievance officer and legal within 30 minutes.
Worker Error 1102 (CPU exceeded)	`wrangler tail` to identify which Worker and which request. Optimize the offending handler or raise CPU limit via Wrangler config.	Rollback Worker if error rate > 5%. Open engineering issue.
Outbox events stalled	Check Supabase connectivity from the Worker. Check service-role key validity.	Manually mark stuck events as failed via DB update and trigger replay.
CERT-In alert not firing	Check `CERT_IN_ALERT_WEBHOOK` is set and valid. Check Cloudflare Worker logs for the cert-in-alert-worker.	Manually check `security.cert_in_incident_reports` and submit report directly.
Agent approval queue stuck	Access `/operations/agent-approvals` portal. Review and action pending approvals.	If DO is unresponsive, rollback agent-session worker to previous version.
Supabase PITR restore needed	Stop all traffic and cron Workers. Engage Supabase support to initiate PITR restore to staging clone. Verify integrity. Then restore production during maintenance window.	Notify all portal operators of downtime window. Record incident.
Workers AI rate limited (300 req/min)	Confirm AI Gateway caching is enabled on `finverse-ai-gateway`. Check cache hit rate in AI Gateway dashboard.	Temporarily throttle agent sessions. Contact Cloudflare to raise Workers AI quota.

Finverse Agentic OS — Operations Requirements
Document version: 2026-06-07 • 97 migrations applied • 288 agent implementations (270 CF DO bindings) • 2268/2268 tests • Security score 80/100

History

Changelog

Complete build history from first audit to deployment-ready state. Every sprint, every architectural decision, every test count milestone.

2026-05-14 → 2026-06-07 24+ sprints 2268/2268 tests 288 agents built 77/100 security score

2026-06-07

Session Wrap-Up — All Blockers Cleared Except CERT-In Webhook

Production-ready

Complete documentation and status update across the 2026-06-05 → 2026-06-07 session. All pre-production blockers resolved except the CERT_IN_ALERT_WEBHOOK which requires a live Slack/PagerDuty channel to be wired.

Item	Status	Detail
H-11 19 agent verification	PASS	All 19 targeted agents confirmed in DO files, wrangler.toml bindings, and index.ts H11-prefixed exports. Zero gaps.
Definitive agent inventory	VERIFIED	288 agent class files · 270 CF DO bindings (269 unique class names + AgentSessionDO) · 288 index.ts exports · 0 gaps. Reconciled 150/269/316 count discrepancy.
CF Workers deployment	LIVE	`finverse-agent-session` at `https://finverse-agent-session.mail2ratnakar.workers.dev`. Version `5210682a`. Health `{"ok":true,"agents":288}`.
Supabase migration 0043	APPLIED	Version `20260531114720` on `zkdargzdtwiyjtsfpwsk` (Mumbai). All 6 schema grants verified via `has_schema_privilege()`.
P1 security: agentToken URL exposure	FIXED	Token removed from URL query string. First WS message is now `{ type: 'auth', token }`. `auth_sessions` SQLite table gates all subsequent messages. Version `5210682a`.
Handover HTML	CURRENT	Updated with 288/270 counts, 2026-06-05 inventory audit, 2026-06-06 security fix, 2026-06-07 session wrap-up. Deployed to `finverse-agentic-os-handover.pages.dev`.
CERT_IN_ALERT_WEBHOOK	OPEN	Only remaining blocker. Run `wrangler secret put CERT_IN_ALERT_WEBHOOK` with a real Slack/PagerDuty URL. Required under IT Act §70B — 6-hour incident reporting window.

2026-06-06

P1 Security Fix · Deployment Confirmation · Migration Verified

Workers v5210682a live

Three production blockers resolved. CF Workers confirmed deployed, Supabase migration status verified, and the P1 agentToken URL-exposure security flaw fixed and redeployed.

Change	Files	Detail
P1 Security: agentToken out of URL	`src/hooks/use-agent-session.ts` `workers/agent-session.ts` `workers/agents/base-agent.ts`	Token was in the WS URL query string and appeared in Cloudflare server access logs. Fix: browser sends `{ type: 'auth', token }` as the first WS message. Worker entry now allows WS upgrades without URL token check (non-WS HTTP still requires `X-Agent-Secret`). `BaseFinverseAgent.onMessage` validates signature + TTL + agent + session, writes `connection_id` to new SQLite `auth_sessions` table, replies with `pong` on success or closes with error. All subsequent messages gated on `auth_sessions` row. `onClose` handler cleans up the row. `setIsConnected(true)` deferred to pong receipt (auth confirmed), not WS open.
CF Workers deployment confirmed	`OS/wrangler.toml`	Initial deploy: version `b1b8ac1e` (2026-06-05). Post-fix deploy: version `5210682a` (2026-06-06). Live at `https://finverse-agent-session.mail2ratnakar.workers.dev`. Health: `{"ok":true,"service":"agent-session-worker","agents":288}`. All 270 DO bindings registered (288 agent files, 269 unique class names + AgentSessionDO).
Supabase migration 0043 verified	`supabase/migrations/0043_fix_app_core_schema_grant.sql`	Migration already applied on cloud project `finverse-agentic-os` (ref `zkdargzdtwiyjtsfpwsk`, Mumbai) as version `20260531114720`. Verified via `has_schema_privilege()`: all 6 schemas (`app_core`, `authz`, `audit`, `events`, `workflows`, `ops`) return `service_role_usage: true` and `postgres_usage: true`. No pending migrations remain.

Remaining open item: Wire CERT_IN_ALERT_WEBHOOK to a real Slack/PagerDuty endpoint via wrangler secret put CERT_IN_ALERT_WEBHOOK before CERT-In compliance is live. All other pre-production blockers are cleared.

2026-06-05

Definitive Agent Inventory Audit

288 implementations verified

Three-source cross-reference audit confirmed all agent implementations are fully configured. Prior session built 19 H-11 worker class implementations (wrangler.toml bindings, index.ts exports, CF DO files) — all 19 verified PASS. Full inventory reconciled the 150/269/316 count discrepancy.

Source	Count	Notes
Agent class files on disk (`workers/agents/`)	288	316 raw .ts files minus 28 non-agent files (tests, base class, *-tools.ts helpers, index)
wrangler.toml DO bindings	270	269 unique agent class names + 1 AgentSessionDO infrastructure binding
index.ts exports	288	269 plain exports + 19 H11-prefixed alias exports for class-name duplicates
Gaps (missing from any source)	0	All 288 implementations fully wired in all 3 locations

Number reconciliation: 316 = raw file count; 288 = agent class files; 270 = CF DO bindings; 269 = unique class names (288 − 19 h11 class-name duplicates); 150 = early pre-H11 milestone count. The 19 H-11 agents that share TypeScript class names with core group agents are exported from index.ts with an H11Xxx alias and carry their own wrangler binding under the shared class name.

2026-05-14

Initial Codebase Audit (Read-Only)

Audit only — no changes

Full 7-step audit of the codebase before any sprint work. Assessed completeness, architecture violations, security posture, and hybrid runtime wiring. Identified that 140 declared agents were 100% stubs with zero LLM calls, @cloudflare/agents was not installed, no real wrangler.toml existed, database.types.ts was a hand-written 17-line stub, and the Cloudflare Worker runtime had never been built.

Area	Score	Key finding
Core auth & security middleware	9/10	MFA, SSRF, PII logging, CSP all present
Supabase schema / RLS	7/10	Two isolation gaps in approval_requests and ledger finance_user
Phase 2 MVP (Excel→batch)	6/10	Excel runs in-process; no invoice event emission
Phase 3 finance	5/10	No ₹50k approval gate; no TS-layer event emission
Agent system	4/10	Manifest complete, guardrails correct, zero runtime
Cloudflare infrastructure	1/10	Only wrangler.toml.example; no packages, no classes
Database type safety	0/10	Stub file — zero type coverage
Tests	9/10	All real assertions, dev server clean

Priority blockers identified: Install @cloudflare/agents, implement AgentSessionDurableObject, create real wrangler.toml, fix SUPABASE_SERVICE_ROLE_KEY crypto misuse (used as AES-GCM and HMAC key fallback in two files), fix RLS gaps on approval_requests and ops.ledger_entries, add human approval gate for invoices >₹50,000.

2026-05-18 → 2026-05-19

Sprints 1–4 — Cloudflare Runtime + Critical Security Fixes

140 agents wired

Resolved all P1 blockers identified in the initial audit. Installed the Cloudflare Agents SDK, implemented the AgentSessionDurableObject class with WebSocket hibernation and SQLite state, created the real wrangler.toml with DO and AI bindings, and wired all 140 agents to Anthropic LLM via BaseFinverseAgent. Fixed the SUPABASE_SERVICE_ROLE_KEY crypto misuse by replacing both fallbacks with dedicated secrets (DPDP_REGISTRATION_SEALING_KEY and FINANCE_REFERENCE_PROTECTION_KEY). Fixed RLS isolation gaps in migration 0032. Three ops pages (campaigns, finance, exceptions) converted from mock data to real Supabase queries.

Audit finding	Sprint	Resolution
`@cloudflare/agents` not installed	1	agents ^0.12.4 installed
`AgentSessionDurableObject` missing	1	`workers/agent-session.ts` (AgentSessionDO) created
`wrangler.toml` only .example	1	Real `wrangler.toml` with DO + AI bindings
140 agents = 100% stubs	1–3	All 140 agents wired to Anthropic LLM via BaseFinverseAgent
Phase 5 routes missing Zod validation	1	`orchestration/start` has full Zod parse
SUPABASE_SERVICE_ROLE_KEY as crypto fallback	1	Replaced with dedicated DPDP + Finance keys
approval_requests RLS gap	1	Fixed in migration 0032
ops.ledger_entries / payment_allocations RLS gap	1	Fixed in migration 0032
Cloudflare Workflow definition missing	1	`workers/registration-workflow.ts` created
Audit relay route missing	1	`/api/agents/audit` with X-Agent-Secret
Agent session creation route missing	1	`/api/agents/session` with requireApiRole

2026-05-21

School Portal Sprint

793/793 tests ✓

Complete school portal implementation — metrics, invite links, team management, real Supabase data across 5 sub-pages, and the ChatAgentWidget wired to 8 named school agents. All 10 items delivered at 100%.

#	Deliverable
1	`getSchoolPortalMetrics` scoped to `authz.user_roles`; returns null for onboarding
2	Migration 0049 `ops.school_invite_links` (RLS, public-read policy, 4 event types)
3	ChatAgentWidget prefix matching; 8 school pages wired to named agents
4	5 sub-pages with real Supabase data: registrations, invoices, exam-kit, results, certificates
5	7 tools on SchoolOperationsAgent (registration, invoices, exam materials, invite, results, certs)
6	Invite API (GET/POST/DELETE), send-invite API, public validate + student-register routes, invite UI
7	Migration 0050 `ops.school_sub_users` + /school/team page (invite, edit role, revoke)
8	`src/lib/excel/parse-registration.ts` adapter + `/api/email/inbound` webhook handler
9	tsc --noEmit (0 errors) · npm test (793/793)

Security: All new school API routes use requireApiRole(["school_user"]) for CERT-In-compliant audit logging. Public routes use invite-token and HMAC-secret auth and are listed in the security policy test whitelist.

2026-05-21

School FAQ Interceptor + 5 School Portal Agents

845/845 tests ✓

Built a 40-entry FAQ dictionary with token-overlap fuzzy matching (threshold 0.55, ~60% local hit rate) for the school portal. Added 5 new Group 9 agents to the manifest and created their CF Worker class files extending BaseFinverseAgent. Agent count moved from 140 to 145. Locked 4 schema bugs into CLAUDE.md that were discovered during implementation.

New agent	Group	Tools
school_coordinator_portal_agent	9	Registration status, batch summary, team members
invoice_assistant_portal_agent	9	Invoice list, outstanding dues, payment history
exam_monitor_portal_agent	9	Exam kit status, exam schedule, invigilator assignments
school_summary_portal_agent	9	Student results, school performance
certificate_generation_portal_agent	9	Certificate status, certificate list

Schema bugs locked in CLAUDE.md: result_records.rank (not rank_school/district/state/national); certificates.certificate_code (not certificate_number); exam_sessions has no grade column; two-step join pattern required for certificates and result_records (no direct school_id).

140 → 145 agents

2026-05-21

Cloudflare Agent SDK Deployment — 5 School Portal Worker Classes

845/845 tests ✓

The 5 school portal agents from the prior sprint existed only as Next.js runner functions. This sprint created their full CF Worker class files with Durable Object WebSocket sessions, hibernation, SQLite state, and Groq LLM loop. Created a shared school-portal-tools.ts with 11 read-only Supabase tools, the resolveStudentIds() two-step join helper, and 5 named tool set exports. All 5 agents registered in wrangler-additions.toml as DO bindings and new_sqlite_classes entries.

File	Description
`workers/agents/group9/school-portal-tools.ts`	11 read-only tools across 5 tool sets; resolveStudentIds() two-step join helper
`workers/agents/group9/school-coordinator-portal-agent.ts`	SchoolCoordinatorPortalAgent — DO class
`workers/agents/group9/invoice-assistant-portal-agent.ts`	InvoiceAssistantPortalAgent — DO class
`workers/agents/group9/exam-monitor-portal-agent.ts`	ExamMonitorPortalAgent — DO class
`workers/agents/group9/school-summary-portal-agent.ts`	SchoolSummaryPortalAgent — DO class
`workers/agents/group9/certificate-generation-portal-agent.ts`	CertificateGenerationPortalAgent — DO class
`workers/agents/wrangler-additions.toml`	5 DO bindings + 5 new_sqlite_classes entries

2026-05-21

Workers TypeScript Zero-Error Debt

845/845 tests ✓ · 0 workers/ errors

Fixed 14 TypeScript errors across 7 worker files that prevented clean compilation of the workers/ directory. Root causes: Supabase join array type mismatch (always Array<{...}>, never single object), ScheduledEvent renamed to ScheduledController in newer @cloudflare/workers-types, and DOM global conflicts between @cloudflare/workers-types and @supabase/auth-js resolved with skipLibCheck: true scoped to workers/tsconfig.json.

File	Error category	Fix
`group2/school-tools.ts` (×2)	Supabase join typed as single object not array	Changed to `Array<{...}>`, access via `[0]?.`
`outbox-processor.ts`	ScheduledEvent → ScheduledController	Updated parameter type
`notification-worker.ts`	Same ScheduledController mismatch	Same fix
`invoice-pdf-worker.ts`	Same ScheduledController mismatch	Same fix
`finance-reconciliation-worker.ts`	Same ScheduledController mismatch	Same fix
`agent-session.ts`	match[1] typed string \| undefined	Non-null assertion match[1]!
`registration-workflow.ts`	statusMatch[1] typed string \| undefined	Non-null assertion statusMatch[1]!
`workers/tsconfig.json`	115 node_modules type conflicts	Added skipLibCheck: true

2026-05-22

Student User Journey

894/894 tests ✓

Full 10-stage student user journey covering: Discovery & Registration, Student Login, Dashboard, Learning & Preparation, Mock Tests, Official Online Exam (device check), Official Offline Exam (hall ticket), Results, Certificates, Post-Exam Preparation. 8 new portal pages, 12 new API routes, 3 new agents (exam_readiness_agent, ranking_display_agent, progress_history_agent), a 25-entry student FAQ interceptor, and AI Tutor SQLite memory in DO. Agent count moved from 145 to 148.

Category	Count	Details
New portal pages	8	/student, /student/learn, /student/mock-tests, /student/readiness, /student/results, /student/certificates, /student/exam-kit, /exam/check
New API routes	12	/api/student/dashboard, learn/path, learn/gaps, mock-tests, results, certificates, exam-kit + resolveStudentId + student-faq
New agents	3	exam_readiness_agent (G7), ranking_display_agent (G6), progress_history_agent (G13)
Student FAQ interceptor	25 entries	Token-overlap + keyword boost, threshold 0.55, ~60% local hits
AI Tutor SQLite memory	1	DO SQLite conversation_history — stores 40, loads 20
New tests	49	student-faq (41) + group9-portal-agents expanded to 35 tests

145 → 148 agents

2026-05-22

Student Portal Agent CF-Readiness Upgrade

894/894 tests ✓

The 3 student portal agents registered in wrangler-additions.toml had no tool implementations (tools: []). This sprint created workers/agents/student-portal-tools.ts with 6 read-only Supabase tools and upgraded all 3 agents with full allowedTools arrays, rich system prompts, and tool descriptions. All tools query ops schema only, no mutations. ExamReadinessAgent uses a two-step join: students.school_id → exam_sessions.school_id.

Tool	Agent	Description
get_student_results	RankingDisplayAgent	All published result_records — score, percentile, rank, subject
get_student_rank_context	RankingDisplayAgent	Best rank, avg percentile, per-subject breakdown
get_student_exam_info	ExamReadinessAgent	Upcoming exam session — date, mode, center, admit card status
get_student_performance_history	ProgressHistoryAgent	Full result history grouped by exam cycle
get_student_topic_gaps	ProgressHistoryAgent	Subjects below 60% (gaps) vs above 60% (strong)
get_student_readiness_metrics	ProgressHistoryAgent	Readiness % + tier (Strong / Moderate / Needs Improvement)

2026-05-22

Parent User Journey

929/929 tests ✓

Complete parent portal implementation — 9 pages, 7 API routes, a 20-entry FAQ interceptor, dark-glass sidebar, and 2 new CF-deployable agents (parent_consent_agent, parent_payment_agent). Multi-child architecture with resolveParentId() returning studentIds: string[]. All routes support optional ?studentId= scoping. Agent count moved from 148 to 150.

Item	Files
9 portal pages	/parent, /parent/invoices, /parent/exam-info, /parent/results, /parent/certificates, /parent/progress, /parent/profile, /parent/consent, /parent/support
7 API routes	/api/parent/{children, invoices, results, certificates, progress, exam-info, dashboard}
20-entry parent FAQ	src/lib/parent-faq.ts — 29 tests
CF agents (×2)	workers/agents/group18/parent-consent-agent.ts, workers/agents/group3/parent-payment-agent.ts
CF tools	workers/agents/parent-portal-tools.ts — 3 read-only tools
DO bindings	2 new DO bindings + 2 new_sqlite_classes in wrangler-additions.toml

148 → 150 agents

2026-05-22

Design UI/UX Audit — Full Token Compliance Pass

929/929 tests ✓

Full design compliance audit against docs/design.md across all portal pages and ChatAgentWidget. Fixed all violations in-place. ChatAgentWidget CSS module received 15 targeted corrections. All 8 school portal pages and all 7 student portal pages rewritten from old indigo brand palette (#070B3B, #6369A3, #3D47ED) to canonical design.md tokens. Parent pages received 3 metric card fixes.

Component	Changes
ChatAgentWidget.module.css	15 fixes: panel height, border-radius, header height/opacity/bg, bubble font/radius/max-width, blockCard bg/border, input radius/font/min-height, inputArea bg
8 school portal pages	Full rewrite: bg → 4-stop canvas; card → .glass const; text canonical; CTAs #1042FF; STATUS_COLORS to React.CSSProperties
7 student portal pages	Same canonical token migration
Parent pages (×2)	Metric values 24px / -0.04em; finance-green gradient + border on summary card

2026-05-22

Staff User Journey — 9 Roles, 5 Portal Shells

948/948 tests ✓

Full staff portal journey implementation covering 9 roles, 10 stages, 28-entry staff FAQ interceptor, 5 new portal layouts (content, analytics, academic, finance expansion, support), and 1 new CF agent (ContentPublishApprovalAgent). Agent count: 150 → 151. All staff portal layouts follow the operations layout pattern with dark sidebar, breadcrumb header, and mobile pill-nav fallback.

Portal	New pages
Content portal	dashboard, review, answer-keys, ip-rights, translations, leakage, governance
Analytics portal	overview, revenue, schools, exams, academic, export
Academic portal expansion	results, rankings, reevaluation, certificates, awards, publication
Finance portal expansion	collections, reconciliation, reports, ledger, ledger/review, trial-balance, pl, balance-sheet, gst, audit
Support portal expansion	tickets, schools, parents, students, diagnostics, escalations

Security: resolveStaffRole() checks AAL2 JWT amr claim — non-AAL2 sessions rejected (except viewer). Support pages: no invoice amounts, no raw scores, paid/unpaid flags only.

150 → 151 agents

2026-05-22

Student Journey Gap Fix — 10 Gaps Closed

960/960 tests ✓

Audit-identified 10 gaps in the student journey (5 critical/blocking, 5 functional) were all closed in one sprint. Critical fixes: Phase 6 API auth excluded viewer role (blocking online exam), /api/agents/session excluded viewer (no AI Tutor memory), mock test runner was absent (Start Test was a <span> with no navigation), certificate PDF download returned 404, and /exam/check Enter Exam button had no onClick handler.

Gap type	#	Fix
Critical	1	Added "viewer" role to 8 Phase 6 API routes (sessions, autosave, submit, proctoring, candidates, evaluation)
Critical	2	Added "viewer" to /api/agents/session route — AI Tutor DO memory now available to students
Critical	3	Mock test runner page, submit API, result page, and Start Test link all built
Critical	4	Certificate PDF download route /api/student/certificates/[id]/download created; revoked → 410
Critical	5	/exam/check Enter Exam button wired with useRouter + router.push("/exam/online")
Functional	6–8	Practice API, Mistakes API, Readiness API all created
Functional	9	/student/learn: LearningTabs component with Study Path / Practice tab switcher
Functional	10	/student/results: ResultsTabs component with Latest / All Results toggle

Architecture decisions: Deterministic mock questions via Math.imul hash seeding; scoreMockSubmission wraps existing evaluateMcqSubmission (no duplication); sessionStorage for result pass-through (avoids extra round-trip); correctOption stripped server-side before client response.

2026-05-23

7-Dimension Full-Portal Audit & Fix — 128/128 Pages

1028/1028 tests ✓

All ~130 pages across all portals audited and fixed on 7 dimensions: (1) Page Identity — auth, role scope, redirect, loading, error boundary, empty state, mobile; (2) Design — canonical 4-stop gradient, glass card spec, brand palette; (3) Page Elements & Buttons; (4) API Routes — Zod validation, tenant scope, service role, audit trail, idempotency; (5) Agent Chat Widget; (6) Security & Compliance — OWASP, RLS, PII, audit trail; (7) Edge Cases — empty data, network timeout, session expiry, duplicate submission. src/middleware.ts created to close sub-page auth gap on /operations/* and /finance/*.

Portal	Pages fixed	Key changes
Student	12	Phase 6 auth, mock-test autosave/recovery, cert PDF download, readiness/practice APIs
Vendor	13	Handover DB persistence (P1), OTP-before-auth ordering (P2), dispatched status migration
School	8	Two-step join cert download API, ChatAgentWidget, null guard on issued_at
Parent	9	ChatAgentWidget, learning gaps empty state
Finance	11	Auth rebuild away from ActorPortalShell, #EEF0FF removal
Academic	8	Auth rebuild, teacher controls canonical colors
Content / Analytics / Support	23	Layout BG gradient (1 change per layout covers all children)
Operations	27	Auth on dashboard, color fixes, ChatAgentWidget; middleware closes sub-page auth gap
Finance sub-pages (×10)	10	4-stop BG + ChatAgentWidget added to finance/layout.tsx; middleware guards /finance/*
auth/reset-password	1	Full CSS rewrite: dark theme → canonical light glass (4-stop BG, glass card, #1042FF)
privacy/dpdp (en + hi)	2	Off-spec Tailwind → canonical inline styles, glass card, correct chip tokens
exam/online	1	Phase 6 stub replaced with redirect("/student/mock-tests")
Marketing pages (×5)	5	CSS modules verified design-compliant; Nav fully wired
Coordinator, Teacher, AI Ops, Exam/check, Register/student	5	BG gradient, session auth, canonical colors, palette replacement

2026-05-29

Staff Portal Stub Conversion + Agent Tool Registry (76 Tools)

1249/1249 tests ✓

Three sequential workstreams completed in one session: (1) all 33 staff portal stub pages converted to real data-wired UI using createPageReadModelClient and role-gated Supabase queries; (2) 76 tools built across 7 tool files covering all staff roles; (3) all 8 target BaseFinverseAgent subclasses wired with their tool arrays. ChatAgent upgraded from advisory-only to operational. Approval gate auto-handled by BaseFinverseAgent.executeTool — zero per-agent plumbing required.

Sprint	Pages / items	What was built
11A — Ops core	12	Schools index; Finance (9): reconciliation, collections, ledger, ledger/review, P&L, GST, balance-sheet, trial-balance, audit, reports
11B — Analytics	7	Analytics sidebar layout + 6 pages: overview, schools, academic, exams, revenue, export
11C — Academic + Content	5+6	Academic: results, rankings, certificates, reevaluation, publication; Content: review, answer-keys, governance, leakage, ip-rights, translations
11E — Support	8	Support sidebar layout + 7 pages: helpdesk, tickets, students, schools, parents, escalations, diagnostics
Sprint 12	5	Staff OTP login UI, verify-staff-otp API, audit log viewer /operations/audit-log, ops nav link

Schema corrections found and fixed during Sprint 11:

Wrong assumption	Correct value
payments.payment_date	payments.received_date
payments.status = "confirmed"	payments.status = "received"
schools(school_name)	schools(canonical_name)
payments.invoice_id (doesn't exist)	Removed; match via school_id
audit.audit_events (doesn't exist)	audit.audit_logs (real table)
exceptions.notes	exceptions.message + exceptions.resolution_notes
students.name	students.full_name
percentile display value	Stored 0–1 → multiply ×100
result_records.school_id	No direct column — join via student_id
academic.question_items columns	stem, grade, review_status, item_type
workflows.approval_requests columns	decided_at, decided_by (not approved_at/approver_id)

76 tools built across 7 files:

File	Role served	Tools
group12/operations-tools.ts	ops_admin	13 (8 read + 5 mutation)
group3/finance-tools.ts	finance_user + CA	18 (11 + 7)
group4/exam-ops-tools.ts	exam_ops	10 (6 read + 4 mutation)
group6/academic-tools.ts	academic_reviewer	10 (6 read + 4 mutation)
group10/content-tools.ts	content_reviewer	10 (6 read + 4 mutation)
support/support-tools.ts	support_user	9 (6 read + 3 mutation)
group13/analytics-tools.ts	viewer	6 (all read-only)

Approval gate levels: low/medium → executes immediately + writes audit_logs; high → approval_modal block + waits for /approve; critical → same as high + mandatory audit_note parameter (handler rejects if absent or <20 chars).

2026-05-30

Production Readiness Sprint + Journey Audit

1388/1388 tests ✓

9 tasks completed: Zod validation on 6 high-risk POST routes, audit logging for Phase 3/4 mutation routes and 15 vendor mutation routes, content reviewer portal with real data, academic portal sub-pages verified, invigilator stub pages fixed, 17 remaining lorem/stub pages cleaned, payment receipt PDF (with IDOR fix), and score card PDF verified. Journey audit against all 5 journey docs found 11 missing pages — all created. Migration 0076 added missing staff roles (content_reviewer, academic_reviewer) to the role enum.

New page	Data source
/operations/exams/production	ops.production_batches
/operations/exams/vendors	ops.vendors
/operations/exams/logistics	ops.shipments with school name join
/operations/exams/attendance	ops.attendance_records + exam_sessions
/operations/exams/omr	ops.omr_packets
/operations/exams/evaluation	ops.omr_packets (scan/eval pipeline)
/parent/awards	ops.result_records scoped to parent's studentIds
/school/report-cards	Student report cards with PDF download link
/settings/team	authz.user_roles staff role management
/student/doubts	Form → POST /api/student/learn/doubts
/student/learn/retry	academic.tutor_interactions wrong answers

Critical bug fixed: schools(school_name) — column doesn't exist, caused payment receipt PDF to show "School". Fixed to schools(canonical_name, display_name).

2026-05-30

Accounting Module Phase 1 — COA, Journals, Approvals, KPI

1613/1613 tests ✓

Chart of accounts, accounting periods, journal entries with balance-check DB trigger, ledger balances, approval queue, KPI snapshots, classification rules engine (AI cannot override), and 8 operator pages. 6 migrations created (0077–0082). Test count grew from 1388 to 1613 (+225 tests).

Migration	Content
0077_acc_chart_of_accounts.sql	acc_accounts — COA with RLS; acc_account_type enum
0078_acc_periods_ledger.sql	acc_periods, acc_ledger_balances
0079_acc_journal_entries.sql	acc_journal_entries, acc_journal_entry_lines; trg_check_je_balance trigger
0080_acc_classification_rules.sql	acc_classification_rules — AI cannot override
0081_acc_approval_queue.sql	acc_approval_queue
0082_acc_kpi_snapshots.sql	acc_kpi_snapshots

Page	Route
COA tree	/finance/accounting/coa
Journal entry list	/finance/accounting/journals
Ledger balance by period	/finance/accounting/ledger
KPI snapshot dashboard	/finance/accounting/kpi
Human approval gate for high-value entries	/finance/accounting/approval-queue
Rule-based + AI-assisted classification	/finance/accounting/classification
Raw transaction import	/finance/accounting/import
Period-locked reports	/finance/accounting/reports

2026-05-30

Accounting Module Phase 2 — GST, TDS, Bank Recon, Asset Valuation, CA Portal

1868/1868 tests ✓

GST engine, TDS engine, bank reconciliation, asset valuation, CA portal (read-only), and multi-currency stub. 5 migrations created (0083–0087). CA Portal rule locked: /auditor/* is strictly read-only — no mutations ever; all CA actions are advisory or escalation-only. Test count grew from 1613 to 1868 (+255 tests).

Migration	Content
0083_acc_reconciliation.sql	acc_reconciliation_batches, acc_reconciliation_matches
0084_acc_gst_engine.sql	acc_gst_transactions, acc_hsn_master
0085_acc_tds_engine.sql	acc_tds_deductions, acc_tds_challans
0086_acc_valuation.sql	acc_asset_valuations
0087_acc_ca_portal.sql	acc_ca_access_log — CA portal audit trail

2026-05-30

Accounting Module Phase 3 — Settings, Statutory, Cash Flow, Anomaly Detection

2100/2100 tests ✓

acc_settings (configurable TDS thresholds: 194T ₹20,000 / 194C ₹30,000 / 194J ₹30,000), acc_gst_config, statutory filings, TDS deposits, cash-flow forecasts, anomaly detection (daily via accounting-processor.ts), vendor payment extension, and board report (Groq AI + deterministic). 7 migrations created (0088–0094). Accounting module rules locked in CLAUDE.md. Test count grew from 1868 to 2100 (+232 tests).

Migration	Content
0088_acc_gst_config.sql	acc_gst_config — gst_enabled flag
0089_acc_tds_deposits.sql	acc_tds_deposits
0090_acc_vendor_payment_ext.sql	Vendor payment accounting extension
0091_acc_settings.sql	acc_settings — configurable TDS thresholds (194T/194C/194J)
0092_acc_statutory_filings.sql	acc_statutory_filings
0093_acc_cash_flow_forecasts.sql	acc_cash_flow_forecasts
0094_acc_anomalies.sql	acc_anomalies — daily detection via accounting-processor.ts

Accounting rules locked in CLAUDE.md: Never hardcode TDS amounts (use acc_settings); locked periods hard-gated in journal-generator.ts; GST check acc_gst_config.gst_enabled before any GST transaction; acc_ledger_balances.closing_balance is computed BIGINT paise (not generated column); CA portal /auditor/* is read-only — no write operations ever.

2026-06-01

H-11 Extended — 269-Agent Completion

~2200/2200 tests ✓

Extension migrations, CEO agent foundation (10 migrations: 0034–0043), AI schema grants, graph checkpoint, tutor schema fix, authz grants, and the complete 269-agent manifest with Durable Object bindings. Final state: 269 governed manifest identities = 269 CF Agent classes in workers/agents/ = 269 DO bindings in wrangler.toml = 269 new_sqlite_classes entries.

Migration range	Content
0034–0043	CEO agent: sessions, query log, tool RPCs, tenant scoping, rate limit, snapshot cycle
0044	AI schema service role grant
0045	Graph run checkpoint
0046	Phase 7 tutor schema fix
0047	Auth service role table grants
0049–0054	School invite links, sub-users, uploads bucket, school/student/OMR portal agents
0055–0075	Online exam platform, LMS content pipeline, adaptive engine, gamification, study groups, platform sprints, staff activation, H2/H4/H5/H9/H12/H13 hardening

151 → 269 agents Full 18-group manifest complete

2026-06-02 → 2026-06-03

Comprehensive Security Audit + Fix — Score 57 → 77/100

2268/2268 tests ✓

Full 8-dimension automated audit of 351 API routes, 259 pages, 42 agent files, 312 worker files, and 293 test files. Overall score moved from 57/100 to 77/100 after a single patch run. 14 mock-read-model files (~1,400 lines) and 4 dead phase scaffolds deleted. 2 new migrations created (0095, 0096, 0097). Test count finalized at 2268/2268 (298 test files).

Service	Fix	Score impact
Test Suite (C-5)	vitest.config.ts: restoreMocks/resetMocks; setup.ts: global afterEach(cleanup); TOTP tests: userEvent.setup() + waitFor(); 5 school test files: afterEach(vi.unstubAllGlobals())	Test Suite 34 → 82
Security Critical (C-3, C-6, H-1)	CA hardcoded salt removed (throws on missing CA_TOKEN_SALT); appendAuditLog fire-and-forget; auth.login_failed in all login failure paths	Security 68 → 84, CERT-In 54 → 68
OWASP (A03, A05, A07)	escapeLike() on LIKE wildcard injection in school-receipts; fallback CSP/X-Content-Type/X-Frame in next.config.ts; ENABLE_DEV_MFA_BYPASS added to env schema with production assertion	OWASP 76 → 88
RLS migration (H-8)	0096_acc_rls_scope_fix.sql: 10 accounting tables changed from USING(TRUE) to role-scoped policies (finance_user, ops_admin, super_admin)	Security 68 → 86
Env/code integrity	All missing process.env vars added to serverEnvSchema; database.types.ts auto-gen header; package.json types:gen script; proxy.ts unsafe non-null assertions fixed	Code Integrity 42 → 58
Dead code	14 mock-read-model.ts files deleted (~1,400 lines); 4 phase12–15 dead scaffolds deleted; @deprecated on bank-statement-parser.ts	Dead Code 62 → 80
Feature stubs	PII logging removed from student-forgot/route.ts; parents support page stub updated	Feature Completeness 64 → 72
CERT-In compliance	workers/cert-in-alert-worker.ts: 30-min cron monitoring 6-hour incident deadline; 0097_audit_logs_retention_and_compliance.sql: retention_until + auth.login_failed.v1 event type	CERT-In 54 → 68

Remaining gaps (infrastructure-level — cannot fix in code):

Gap	Why deferred
402 as any casts in database.types.ts	Requires npm run types:gen after live supabase db push
Razorpay / Brevo / notification delivery	Requires production credentials
Live Supabase RLS proof	Requires live Supabase project
AI provider key (Groq)	Requires production secret

57/100 → 77/100 security score 298/298 test files 2268/2268 tests

2026-06-04

Developer Handover HTML Document

2268/2268 tests ✓

Complete, self-contained 12-section developer handover document built at OS/docs/finverse-agentic-os-handover.html. Replaces a stale prior handover that referenced 152 agents, 1028 tests, 13 migrations, and 9 portals. All counts corrected to current state.

Section	Content
Overview	269 agents, 2268/2268 tests, 15 phases, 12 portals, 97 migrations — stat badges + 5 production gap blockers
Quick Start	5-step setup, env var table, verification commands
Architecture	Stack diagram, 4 architectural rules, portal map, event system, 7 workers
Portals	All 12 portals with base path, roles, key features, CA read-only callout
Database	97 migrations, two-step join pattern, RLS, accounting rules
Agent Reference	All 18 groups, governance model, BaseFinverseAgent
API Routes	8 domain groups, ~100 real routes
Developer Guide	Repo tree, schema-first rule, patterns, testing, feature workflow
Deployment	Env vars, Supabase + CF + Vercel steps
Security	OWASP, CERT-In, DPDP, RBI compliance
Production Readiness	10 done ✅ + 10 blockers ⚠️
Pre-Prod Checklist	25 items across 4 groups

Sprint Summary

Date	Sprint	Tests	Agents	Key deliverable
2026-05-14	Initial Audit (Read-Only)	—	140 stubs	7-step audit; 8 critical gaps identified; no code changed
2026-05-18–19	Sprints 1–4: CF Runtime + Security	—	140 wired	@cloudflare/agents installed; AgentSessionDO created; wrangler.toml; all 140 agents wired to LLM; RLS fixes in migration 0032
2026-05-21	School Portal Sprint	793	140	Full school portal — invite links, 5 data-wired sub-pages, 7 agent tools, team management
2026-05-21	School FAQ Interceptor + 5 Agents	845	145	40-entry FAQ; 5 Group 9 agents; 4 schema bugs locked in CLAUDE.md
2026-05-21	Cloudflare Agent SDK — School Workers	845	145	5 full CF Worker DO classes with 11 tools; wrangler-additions.toml DO bindings
2026-05-21	Workers TypeScript Zero-Error Debt	845	145	14 TypeScript errors fixed across 7 worker files; ScheduledController type fix; skipLibCheck
2026-05-22	Student User Journey	894	148	8 pages, 12 API routes, 3 agents, 25-entry FAQ, AI Tutor SQLite DO memory
2026-05-22	Student Portal Agent CF-Readiness	894	148	6 student portal tools built; 3 agents upgraded from stubs to full implementations
2026-05-22	Parent User Journey	929	150	9 pages, 7 API routes, 20-entry FAQ, dark-glass sidebar, 2 new CF agents
2026-05-22	Design UI/UX Audit	929	150	15 ChatAgentWidget CSS fixes; 8 school pages + 7 student pages migrated to canonical tokens
2026-05-22	Staff User Journey	948	151	9 roles, 28-entry staff FAQ, 5 portal shells, ContentPublishApprovalAgent
2026-05-22	Student Journey Gap Fix	960	151	10 gaps closed: Phase 6 auth, mock test runner, certificate download, exam check navigation
2026-05-23	7-Dimension Full-Portal Audit & Fix	1028	151	128/128 pages audited and fixed; src/middleware.ts created; 7 dimensions × all portals
2026-05-29	Staff Portal Stub Conversion + 76 Tools	1249	151	33 stubs → real data-wired UI; 76 tools across 7 files; 8 agents wired; 11 schema corrections
2026-05-30	Production Readiness + Journey Audit	1388	151	11 new pages; Zod on 6 routes; audit logging on vendor routes; migration 0076 (role enum)
2026-05-30	Accounting Module Phase 1	1613	151	6 migrations (0077–0082); COA, journal engine with balance trigger, approval queue, KPI, 8 pages
2026-05-30	Accounting Module Phase 2	1868	151	5 migrations (0083–0087); GST engine, TDS engine, bank reconciliation, CA portal (read-only)
2026-05-30	Accounting Module Phase 3	2100	151	7 migrations (0088–0094); acc_settings, statutory filings, cash flow, anomaly detection
2026-06-01	H-11 Extended — 269-Agent Completion	~2200	269	CEO agent (0034–0043), all remaining DO bindings; 269 CF Worker classes + 269 DO entries
2026-06-02–03	Comprehensive Security Audit + Fix	2268	269	Score 57 → 77/100; 2 new migrations (0096–0097); 14 dead files deleted; RLS + CERT-In fixes
2026-06-04	Developer Handover HTML	2268	269	12-section self-contained handover document; all counts corrected (269 agents, 97 migrations)

OlympiadOS — Agentic ERP Platform

What was built

Tech stack

Production gap — top blockers

Agent Directory

Search & Filter

Quick Start

1 · Clone and navigate

2 · Configure environment

3 · Install and run

4 · Apply database migrations (first time only)

5 · Verify everything passes

Architecture

Stack diagram

Architectural rules (non-negotiable)

Portal map

Event system

Worker topology

Portals

Operator / Super Admin — /operations/*

Ops Workflows — /ops/*

School Coordinator — /school/*

Student — /student/*

Parent — /parent/*

CA / Auditor — /auditor/*

Vendor — /vendor/*

Invigilator — /invigilator/*

Teacher — /teacher/*

Online Exam — /student/exam/[id]

Coordinator — /coordinator/*

AI Ops / CEO Agent — /ai-ops/*

Database

Migration reference

⚠️ Two-step join pattern — mandatory for school-scoped queries

RLS summary

Accounting module rules

Agent Reference

Core groups (1–18)

Governance model

Full agent directory

BaseFinverseAgent pattern

API Routes

Registration & Leads

Internal Batch Processing

Finance & Production

Exam Production & Results

Online Exam Platform (Phase 6)

School Portal

Vendor Portal

AI, Agents & Platform

Developer Guide

Repo structure

Documentation hub

⚠️ Schema-first rule — read before every query

Coding patterns

Testing strategy

Adding a new feature

Deployment

Environment variables

1 · Supabase setup

2 · Cloudflare Workers deploy

3 · Vercel deployment

Security

Security architecture

OWASP hardening

CERT-In compliance

DPDP Act 2023

RBI Payment Data compliance

Key security files

Production Readiness

✅ Done — locally complete

🔲 Required before production go-live

Pre-Production Checklist

User Journeys & Data Flows

Operator / Staff Journey

Staff Role Registry

Stage 1 — Login & MFA

Stage 2 — Operations Manager Journey (/operations)

Stage 3 — Finance Officer Journey (/finance)

Stage 4 — Chartered Accountant Journey (/finance/ledger)

Operator / Super Admin — `/operations/*`

Ops Workflows — `/ops/*`

School Coordinator — `/school/*`

Student — `/student/*`

Parent — `/parent/*`

CA / Auditor — `/auditor/*`

Vendor — `/vendor/*`

Invigilator — `/invigilator/*`

Teacher — `/teacher/*`

Online Exam — `/student/exam/[id]`

Coordinator — `/coordinator/*`

AI Ops / CEO Agent — `/ai-ops/*`

Stage 2 — Operations Manager Journey (`/operations`)

Stage 3 — Finance Officer Journey (`/finance`)

Stage 4 — Chartered Accountant Journey (`/finance/ledger`)

Stage 5 — Exam Operations Journey (`/operations/exams`)

Stage 6 — Academic / Results Journey (`/academic`)

Stage 7 — Content Reviewer Journey (`/content`)

Stage 8 — Support Staff Journey (`/support`)

Stage 9 — Viewer / Analyst Journey (`/analytics`)

Stage 3 — Dashboard (`/student`)

Stage 4 — Learning & Preparation (`/student/learn`)

Stage 5 — Mock Tests (`/student/mock-tests`)

Stage 6 — Official Online Exam (`/exam/check` → `/exam/online`)

Stage 8 — Results (`/student/results`)

Stage 9 — Certificates (`/student/certificates`)

Notification Preferences (`/api/parent/notification-prefs`)

Stage 2 — Dashboard (`/invigilator`)

Stage 3 — Room View (`/invigilator/room/[sessionId]`)

Stage 4 — Digital Attendance (`/invigilator/attendance/[sessionId]`)

Stage 5 — Question Paper Access (`/invigilator/question-paper/[sessionId]`)

Stage 6 — OMR Collection (`/invigilator/omr/[sessionId]`)

Stage 7 — Incident Reporting (`/invigilator/incidents/[sessionId]`)

Stage 8 — Post-Exam Dispatch (`/invigilator/dispatch/[sessionId]`)