| auth-on-new-public-endpoints | security | fail | blocker | SOC2-CC6.1, OWASP-ASVS-V1 | The new `/admin/dump-patients` endpoint lacks an explicit authentication or authorization decorator, making it publicly accessible. |
| changed-method-coverage | quality | fail | error | SOC2-CC8.1, ISO-27001-A.14.2.8 | The new `dump_all_patients` method in `app/routes/admin.py` has no corresponding tests in the diff. |
| contract-has-spec-link | contract_spec | fail | warning | CDPD-§3, ISO-27001-A.14.2.1 | MR description states "No spec issue — small addition." |
| error-budget-impact-declared | operational | fail | warning | SOC2-CC4.1 | The MR description does not declare the expected error-budget impact for the new `/admin/dump-patients` endpoint. |
| integration-boundaries-explicit | contract_spec | fail | warning | CDPD-§6, ISO-27001-A.14.2.5 | The new `/admin/dump-patients` REST endpoint does not include an OpenAPI fragment or schema definition in the diff. |
| kill-switch-path | contract_spec | fail | warning | CDPD-§9, SOC2-CC7.5 | The new `/admin/dump-patients` endpoint is enabled unconditionally without a feature flag or documented rollback procedure. |
| observability-on-new-endpoints | operational | fail | warning | SOC2-CC7.2, ISO-27001-A.12.4.1 | The new `/admin/dump-patients` endpoint does not include structured logging for request details (ID, latency, status) or metrics (counter/histogram). |
| dependency-advisory-check | security | pass | blocker | SOC2-CC7.1, ISO-27001-A.12.6.1, NIST-SA-11 | No dependency changes (additions or upgrades) detected in the diff. |
| no-commented-out-code | quality | pass | info | SOC2-CC8.1 | No blocks of commented-out code (3+ consecutive lines) detected in the diff. |
| no-secrets-in-diff | security | pass | blocker | SOC2-CC6.1, ISO-27001-A.9.4.3, OWASP-ASVS-V2 | No secret patterns (API keys, tokens, private keys, connection strings with passwords) detected in the diff. |
| no-skipped-tests-introduced | quality | pass | error | SOC2-CC8.1 | No new test skips (e.g., `pytest.skip`, `xfail`, `@Ignore`) detected in the diff. |
| rollback-documented-for-migrations | operational | pass | error | SOC2-CC7.5, ISO-27001-A.14.2.2 | No database migration files detected in the diff. |
| acceptance-criteria-testable | contract_spec | skip | warning | CDPD-§5, SOC2-CC8.1 | No spec linked in MR description, so no acceptance criteria to evaluate against tests. |
| mutation-resilience-critical-paths | quality | skip | warning | SOC2-CC8.1 | No information provided regarding `critical_path` labels or mutation test results for the affected files. |
| spec-implementation-match | contract_spec | skip | error | CDPD-§7 | No spec linked in MR description, so cannot compare implementation against a spec. |