Internal tooling built to stay internal
Scope Out is accessible only to explicitly approved team members. There is no public sign-up, no discovery surface, and no path in for uninvited users. Here is exactly what controls that.
ACCESS GATE / AUTH-01
Two names on the list. Everyone else is turned away.
Sign-in is gated by a hardcoded email allowlist. Any authentication attempt from an address that isn't on the list is rejected at the server — not just hidden in the UI — with a clear 'access restricted' response. There is no public sign-up route, no invitation-request flow, and no way to enumerate accounts. The allowlist is the primary and only key.
Server-side allowlist check on every authentication attempt
Rejected attempts receive an explicit 'access restricted' message
No public sign-up — the root URL redirects straight to sign-in
Middleware enforces the redirect on every request before any page renders

CONTROLS / ACTIVE
What the platform actually enforces
Allowlist authentication
Authentication is checked against a hardcoded approved-email list on every sign-in. No match — no access, regardless of password correctness.
Redirect-first routing
Authenticated users land on the dashboard. Unauthenticated requests are redirected to sign-in before any application data is exposed. Middleware handles this on every route.
No public discovery surface
There is no marketing funnel, no landing page, and no sign-up form. The product cannot be found or trialled by anyone outside the approved list.
DATA HANDLING / CRAWL-02
Crawlers that know their limits
Every web crawl Scope Out performs operates within a compliance layer: it reads and respects robots.txt before touching any domain, identifies itself with a declared user-agent, defaults to a 1 request/second rate limit, and backs off exponentially on 429 or 503 responses. Blocked domains are logged to the crawl record — not silently skipped.
robots.txt parsed and honoured before every crawl begins
Declared user-agent on all requests — no impersonation
Configurable per-domain rate limits (default: 1 req/sec)
Exponential back-off on rate-limit and server-error responses
Blocked domains logged with status code and reason to the crawl run record

DATA RETENTION / POLICY-03
Scraped data doesn't live forever
Raw scrape data has a configurable retention period (default: 90 days), after which it is purged. A minimum re-scrape interval (default: 7 days) prevents redundant re-collection. These are not UI labels — they are enforced in the background job layer via a last_scraped_at guard before any scrape job runs.
90-day default retention
Raw scraped product data is purged after 90 days by default. Admins can adjust the window in settings.
7-day re-scrape guard
A last_scraped_at check prevents redundant data collection within the minimum interval — enforced at the job layer, not just the UI.
Structured data model
All collected data is stored in typed, indexed Drizzle schema tables with clear separation between raw scrapes, scores, and generated dossiers.
OBSERVABILITY / OPS-04
Every crawl is a logged, auditable record
Crawl history tracks every run: which directory URL was crawled, when it ran, how many products were discovered and scored, how long it took, and whether it completed, failed, or ran partially. Scrape failures surface the actual error — status code, message, robots.txt block — not a silent gap in the data.
Full crawl history with timestamp, URL, product counts and status
Scrape errors show status code, error message and block reason
Failed products surfaced in dashboard with retry option
AI cost tracked per crawl run with configurable spend alerts
Dossier version history records every re-score — changes are traceable

HONEST LIMITS / TRUST-05
What we can say and what we can't
Scope Out is an internal intelligence tool, not a regulated data processor or enterprise SaaS product. The controls that exist are real and enforced. We do not claim SOC 2, ISO 27001, GDPR certification, or any third-party audit we haven't completed. If your team needs specifics not described here, email us at sf-core-org-support-agentos-scope-out@saas-factory.ai and we will give you a straight answer.
FAQ / SECURITY
Common questions
Questions about access or data handling?
Scope Out is built for a small, known team. If something about the controls above isn't clear, reach out directly at sf-core-org-support-agentos-scope-out@saas-factory.ai. We will give you a plain answer, not a sales pitch.