whl-dashboard is the operator console over the WHL governed execution stack. 7 subsystems, 7 route modules, port 8600. Proposals, gate audits, receipt chains, telemetry, anomalies, compliance evidence, alerts — one console, one auth surface, one forensic record. Approximately one-day reattach to runtime plus mock cloud tests required.
Control Tower does not invent a new event source. It reads from the WHL runtime, the gate evaluator, and the receipt chain — the same surfaces your governance stack already produces — and presents the auditor, GRC officer, and platform engineer the operator console they need. One auth boundary, one navigational frame, seven first-class views.
Live and historical execution proposals. Filter by caller, gate outcome, severity. Inspect the proposal envelope, the bound evidence bundle, and the downstream dispatch result in one screen.
Per-gate evaluation timeline. Allow / deny / escalate counts, controlling reasons, and the policy configuration in force at the moment of decision. Reproducible from the audit chain alone.
Hash-chained, append-only receipt ledger viewer. Walk forward from any anchor. Verify integrity on demand. Export forensic ranges for regulator submission or internal audit work.
Operational metrics from runtime, gates, adapter dispatch, and persistence backends. Latency percentiles, queue depth, error counts, integration health — without leaving the operator console.
Detected deviations against the expected operating envelope — gate-rate shifts, receipt-rate gaps, adapter error spikes, policy-config drift. Drill from anomaly to the controlling receipts in two clicks.
SOC2, EU AI Act, GRC-style evidence presentation. Pre-built views aligned to common audit workpaper requirements. Export packages scoped to a control, a time window, or a specific high-risk system.
Alert routing for circuit breakers, gate denials at threshold, audit-chain verification failures, and adapter outages. Outbound to Slack, PagerDuty, SIEM. All alert actions captured into the same chained record.
Hosted on a single port behind your existing identity surface. No new auth system, no new directory, no new vendor identity provider. Console permissions ride your existing role assignments.
Remaining productization work is reattaching the dashboard to the current runtime interface and exercising the mock cloud test fixtures. Approximately one day of engineering before customer pilot deployment.
The same console serves the audit team building the workpaper, the GRC officer running the control program, and the platform engineer responsible for the runtime staying healthy. They see different views; they share the same underlying record.
SOC2, EU AI Act, internal audit. Pre-shaped evidence views, range exports, integrity verification tooling. The console is the workpaper source — not a screenshot pile.
Live posture: gate denial trend, override count, policy drift, anomaly state. The console is the live control panel, with the receipt chain as the underlying source of truth.
Runtime telemetry, adapter health, integration latency, alert routing. The console is the operations surface the on-call sees first when the governance stack starts misbehaving.
Control Tower is built for organizations whose AI governance posture has to survive an examiner, an internal audit, or an outage post-mortem — sometimes all three in the same quarter.
Dashboard test status as of 2026-05-16. Core routes pass; cloud-dependent suites are skipped pending re-attach.
$ pytest tests/ -v
collected 83 items
tests/test_routes.py::test_health_endpoint PASSED
tests/test_routes.py::test_metrics_endpoint PASSED
tests/test_routes.py::test_proposals_view PASSED
tests/test_routes.py::test_receipt_chain_view PASSED
tests/test_subsystems.py::test_alerts SKIPPED (requires cloud)
tests/test_subsystems.py::test_anomaly_detection SKIPPED (requires cloud)
...
================ 4 passed, 79 skipped (cloud endpoints) in 1.12s =================Honest status: 4 of 83 active; remaining suites are integration tests against cloud endpoints (Firestore, BigQuery) that need to be reattached. Estimated 1 day of work.
Demos cover all seven subsystems against representative fixtures. Pilot deployment reattaches Control Tower to your runtime and your audit chain and walks your audit team through the resulting evidence views.