1. Readiness scorecard reviewDoes the Private Beta Readiness Scorecard show green/acceptable categories with no unexplained blockers?Expected evidence: Open /private-beta-readiness-scorecard and verify the scorecard summary, category rows, QA markers and human-gated release language.
HOLD if missing
2. Audit evidence timeline reviewCan the operator trace permission, tenant, branch, redaction and QA decisions through audit evidence?Expected evidence: Open /audit-evidence-timeline and confirm synthetic local events include audit evidence for pass/block/redact decisions.
HOLD if missing
3. Tenant/branch guard reviewAre cross-tenant and cross-branch examples denied before data is exposed?Expected evidence: Open /tenant-branch-scope-guard and confirm same-branch allow plus cross-branch/cross-tenant block examples.
HOLD if missing
4. Sensitive data redaction reviewAre sensitive fields masked or omitted before operator-visible evidence is shown?Expected evidence: Open /sensitive-data-redaction and /public-receipt-redaction to confirm redaction examples use placeholders only.
HOLD if missing
5. Permission/role reviewDo owner/admin/manager/cashier/waiter permissions match the expected role boundaries?Expected evidence: Open /owner-admin-permission-matrix and /permission-adapter-preview to confirm allow/deny rows and role scope notes.
HOLD if missing
6. QA/build evidence reviewCan the operator find build proof, QA markers and route smoke evidence for this pack?Expected evidence: Run npm run build and scripts/qa/run-private-beta-operator-handoff-pack-v1.ps1; review /release-evidence and /route-smoke-index.
HOLD if missing
7. Public flow smoke reviewDo public QR, order status, receipt and abuse-guard previews remain read-only and mock-only?Expected evidence: Review QR/order/receipt routes and confirm no real backend, payment capture, provider send or customer data dependency appears.
review
8. Owner/admin panel reviewCan owner/admin preview pages demonstrate setup, role and operational visibility without secrets?Expected evidence: Open /owner-admin and /owner-admin-permission-matrix; confirm local/mock assumptions and no secret values.
review
9. POS/local/offline assumptions reviewAre POS and Local Hub offline assumptions stated and testable in local/mock review?Expected evidence: Open /pos-desktop, /pos-offline and /local-hub; confirm LAN/offline assumptions are documented as preview evidence, not production guarantees.
HOLD if missing
10. QR/order/receipt flow reviewCan QR intake, order confirmation/status and receipt previews be followed end-to-end in mock mode?Expected evidence: Open /qr-website-order-intake, /public-order-confirmations, /public-order-status and /public-customer-receipts.
review
11. Risk and HOLD decision reviewHas every P0/P1 risk been mapped to a required action and GO/HOLD impact?Expected evidence: Review this handoff pack risk register and record whether a safe GO recommendation or HOLD recommendation is appropriate.
HOLD if missing