One adopter, one risky action, one proof packet.
This is the waitlist-safe buyer path: pick the framework or CI lane the team already uses, prove one meaningful boundary locally, then convert that artifact set into a private pilot workspace after approval.
Framework wrapper, strict tool list, install command, and certification lane result.Allowed call, blocked call, halt state, decision headers, and proof digest.GitLab or Vercel hosted run when applicable; otherwise a local scanner artifact.Glasshouse provider lifecycle, attestation, model workload, artifact digests, and zeroized cleanup when compute is in scope.One markdown or JSON packet the security reviewer can inspect without logging into a console.LangChain, OpenAI Agents, Vercel AI SDK, Dify, Flowise, Botpress, MCP, GitLab CI, or Vercel CI.
Choose one action that can deploy, transfer, refund, mutate a database, export data, or call production infrastructure.
Run SDK certification and scanner artifacts without asking the buyer to create a public account.
Move the same artifact set into a private pilot workspace only after the design partner is approved.
Dify, Flowise, n8n, Zapier MCP, and Botpress have hosted proof artifacts with one allowed body call and zero body calls on the blocked path.The buyer-flow packet includes allowed and blocked runtime evidence, scanner output, and DB sandbox proof once an approved pilot workspace exists.Local MCP client and Claude/Cursor/Windsurf config lanes passed; remote HTTP MCP remains an additional hosted endpoint proof.# Pick the closest adopter path
imladri init --framework <framework> --ci-provider <gitlab|vercel>
# Certify the wrapper and scan the repo locally
imladri sdk certify --real --target <framework>
imladri scan --path . --fail-on new
# Export the review packet for the private pilot
imladri proof export --format json --output imladri-proof.jsonThe public site does not create customer accounts. That stays private until an approved design partner has a real side effect to prove.