SF
ShimmerFrame · Quiet Signal
Governance Receipt
Portable proof of a controlled non-execution at the policy gate.
An AI-assisted clinical act was requested in a standards-based clinical context. The policy gate evaluated the request under validated human authority and credentials, and denied execution before any model invocation. No AI output was generated. The denial decision, authorized user context, and governing policy state were bound into a portable, auditable signed receipt.
Trust Summary
✓AI Execution Denied
✓Authorization Not Granted
✓AI Did Not Execute
✓No Machine Output Generated
✓Human Path Preserved
✓Policy State Bound
✓Signature Valid at Export
✓Export Logged
Denial
Execution blocked before model invocation
The requested AI model was not on the tenant’s approved list under the governing policy in force at decision time. The policy gate denied execution before any model invocation. No AI output was generated and no clinical content was produced. The attempt, the authorized user, and the governing policy state are preserved on the record.
Integrity Statement
This receipt is a tamper-evident, auditable proof object. It binds the denial decision, denial reason, authorized user context, governing policy state, and the request parameters that were evaluated, all at the moment the gate fired, into a signed canonical payload. No model output exists because no model ran. Denial is treated as a first-class proof object, not a reduced fallback; a controlled non-execution is as much a part of the governance record as a controlled execution. Unauthorized alteration of a bound field invalidates verification.