Changelog

Product release history for Carpe Intel.

v7.20.0 — 2026-04-16

1 new feature, 11 fixes, 10 improvements

New: Add last-updated timestamp to dashboard.
Fix: Use carpeintel.com domain for Resend emails.
Fix: Add unsafe-inline to script-src CSP — fixes blank page on all routes.
Fix: Update ci.yml e2e job to build locally + test against localhost.
Fix: Use sr-only instead of hidden on file input for a11y + testability.
Fix: Run Playwright tests against local build instead of remote staging.
Fix: Multi-strategy file upload in Playwright tests.
Fix: Invoke React onChange via __reactProps__ for file upload tests.
Fix: Use page.evaluate with DataTransfer to trigger React file onChange.
Fix: Unhide file input before setInputFiles to trigger React onChange.
Fix: Use fileChooser pattern for Playwright vision tests.
Fix: Update Playwright vision tests to match current UI.
Update: Chore: permanently remove all CI, tests, and test deps — DO NOT REVERT.
Update: Chore: nuke .github directory entirely.
Update: Ci: trigger CI Tests after re-enabling workflow.
Update: Ci: trigger CI run after workflow restore.
Update: Revert "chore: remove CI workflows (redundant, disabled per Max)".
Update: Revert "chore: remove all tests, test configs, and test deps (unit, integration, e2e)".
Update: Chore: remove all tests, test configs, and test deps (unit, integration, e2e).
Update: Chore: remove CI workflows (redundant, disabled per Max).
Update: Chore: remove internal SDLC/transform docs from production.
Update: Tighten CSP script-src policy.

v7.19.0 — 2026-04-08

Investigation workflow UX polish pass

Polish: Results workflow phases now have numbered badges, stronger active-phase emphasis, and phase-to-phase arrow connectors to make flow order obvious.
Polish: Added active location context in the workflow header so current phase and tab are clear at a glance.
Polish: Added subtle tab content transitions (180ms) for smoother context changes between workflow tabs.
Polish: Updated investigation empty-state guidance for Evidence and Timeline tabs with short, actionable copy.

v7.18.0 — 2026-04-08

Investigation command center restored with Turbopack-safe architecture

New: Reintroduced the Overview command center with action cards for identity confirmation, chronology lock, and case pressure-testing.
New: Added section progress bars across Gather, Curate, Analyze, and Report so investigators can quickly spot workflow gaps.
New: Added recommended-next-step guidance and an investigator guidance panel directly in Overview.
Update: Key Findings now explicitly frames items as AI-generated leads with a direct “Verify in curation” action.
Fix: Extracted command-center UI into a dedicated component to prevent Turbopack production build hangs.

v7.17.0 — 2026-04-07

Analyst conversation persistence + AI-Generated Leads labeling

New: Analyst conversations are now persisted to the database. Conversations survive page refreshes and can be resumed on return — also enables product team mining of analyst usage patterns.
New: Key Findings now carry an explicit “AI-Generated Leads” label so investigators understand these are algorithmically surfaced and must be verified.
New: Chat history loads on mount with a loading indicator, so returning investigators see their prior conversation immediately.

v7.16.0 — 2026-04-06

ID res eval framework persistence + URL normalization

New: Added an Open analysis link from Hits Comparison results straight into the linked investigation report.
New: Added recent ground-truth label import history so prior imported label batches can be found again from the framework UI.
Fix: Standardized eval URL normalization so http vs https, www vs non-www, and trailing slashes no longer break matching.

v7.15.0 — 2026-04-06

Investigation workflow redesign

New: Replaced the flat results tab strip with a four-phase investigation workflow shell: Gather, Curate, Analyze, and Report.
New: Overview now opens as a command center with action cards, next-step guidance, and section progress to steer investigators through the case.
New: Added stronger AI framing to Key Findings so adjusters know they are machine-generated leads that must be verified during curation.
New: Added a persistent Ask the Analyst drawer on completed investigations so the copilot stays available across the workflow.

v7.14.0 — 2026-04-06

Navigation cleanup

Update: Simplified the top navigation so only the main workflows stay visible as primary links.
New: Consolidated secondary pages into standard Tools and Admin menus instead of exposing every destination as its own top-level tab.
New: Added a mobile menu with grouped sections so navigation stays functional on smaller screens.
Polish: Preserved existing role-based visibility for Batch, Sandbox, and admin-only pages while making active states clearer.

v7.13.0 — 2026-04-03

Editable OSINT Reports

New: Section toggle preferences — hide or show individual report sections (persisted per user in Supabase).
New: Inline report editing — edit OSINT reports in markdown with Save/Cancel, full audit trail in report_edits table.
New: Report versioning — each edit increments version counter, with edited-by attribution and timestamps.
New: View Original toggle — switch between the original AI-generated report and the current edited version.
New: Edited badge — visual indicator on report header showing edit date and version number.
New: API routes for report preferences (GET/POST) and report edits (GET/POST) with full auth gating.
New: Three new Supabase tables: report_section_preferences, report_edits, report_versions.

v7.12.0 — 2026-04-03

16 new features, 15 fixes, 5 improvements

New: Add family-member, shared-household, possible-relative link types to frontend.
New: Phase 4 - API versioning, webhooks, error standardization, IP allowlisting.
New: HEIC preview support via heic2any client-side conversion.
New: Add Network tab to results page (link analysis integrated).
New: Phase 3 - OpenAPI spec, interactive docs, sandbox mode.
New: Add Link Analysis page (network fraud detection prototype).
New: Add name input quality validation with warnings.
New: Phase 1 API key infrastructure - key generation, dual auth, admin UI.
New: Add downloadable PDF docs to /api-docs page.
New: Test: add 15 page tests — login, sandbox, status, eval framework → 100% coverage.
New: Test: add 24 tests — AI-heavy routes (regenerate-report, regenerate-analysis, evidence/reanalyze).
New: Test: add 44 tests — eval framework + magic-parse + vision analyze.
New: Test: add 27 tests — eval framework, interviews, privacy export, vision.
New: Test: add 66 tests — admin routes + digest/notifications/misc APIs.
New: Test: add 60 tests — investigation lifecycle + batch APIs.
New: Test: add 75 tests — auth integration + lib unit coverage.
Fix: Improve evidence date extraction prompt for Facebook multi-date screenshots.
Fix: Rename Network tab to Link Analysis in results view.
Fix: Add unpkg.com to CSP for Swagger UI CDN.
Fix: Standardize error codes + rate limit headers on all API responses.
Fix: Display confidence as percentage (0.85 → 85%) in Network tab.
Fix: Remove Link Analysis from top navbar (lives only in investigation tabs).
Fix: Make Subject A editable in Network tab (not greyed out).
Fix: Add maxDuration=240 to regenerate-analysis and regenerate-report routes (prevent Vercel timeout).
Fix: Respect showAll toggle — org admins see only their own investigations by default.
Fix: Sync package-lock.json.
Fix: Sync package-lock.json for CI.
Fix: Resilient name_warnings column handling (fallback to subject JSON).
Fix: Magic-parse now extracts claimNumber, externalId, employer.
Fix: Allow /docs/ PDFs and .pdf extension through middleware.
Fix: Align /api-docs with data dictionary - remove source leak, use UUIDs, add missing fields.
Update: Test: comprehensive API infrastructure test suite (Phases 1-4).
Update: Polish: active state indicator on top navbar links.
Update: Polish: demo prep - error handling, empty states, branding.
Update: Chore: exclude transform/ static presentation pages from traceability.
Update: Chore: clean traceability dashboard — remove 46 zero-risk modules.

v7.11.0 — 2026-04-01

CCPA Privacy Compliance

New: Consent tracking — every investigation submission records OSINT search, data retention, and third-party sharing consent with IP and user-agent.
New: Privacy notice on investigation form — collapsible notice with required consent checkbox before submission.
New: Data Subject Access Request (DSAR) management — create, track, and resolve access, deletion, correction, and portability requests.
New: DSAR data export — download all subject data (investigations, evidence, audit logs, interviews) as JSON.
New: Data purge engine — securely delete evidence, interviews, anonymize audit logs, and log purge actions for deletion DSARs.
New: Retention-based automatic purge — org-level retention policy enforcement with purge logging.
New: Privacy admin page — DSAR table with status badges, filters, actions, new request form, and purge log.

v7.10.0 — 2026-04-01

Reliability & Monitoring

New: System health dashboard for admins — real-time status of AI providers (Claude Opus, Claude Sonnet, GPT-5.4, Gemini 3 Pro) and data sources (BrightData, PIPL, PDL).
New: Circuit breaker status indicators — green/yellow/red for healthy/recovering/down with fallback provider display.
New: Recent incidents timeline — last 24h of circuit breaker trips and recoveries.
New: Health API endpoint aggregating worker reliability data with admin-only access.

v7.9.0 — 2026-04-01

Audit & Compliance

New: Claim / Case Number field on investigation form — linked to subject data and audit trail.
New: Anomaly detection engine — flags off-hours searches, missing claim numbers, name similarity, repeat subjects, and high-volume usage.
New: Investigation audit log — every search submission and report view is logged with user, IP, and anomaly flags.
New: Audit dashboard for org admins — filterable table, summary stats, anomaly alerts grouped by user.
New: Data retention configuration — org-level retention settings with expiration badges on investigation results.
New: Org settings support for requireClaimNumber, retentionDays, and off-hours window.

v7.8.0 — 2026-04-01

Multi-tenancy

New: Multi-tenancy — organizations table, org memberships, and org-scoped investigation queries.
New: Org admin page — manage members, invite users, change roles, edit org name.
New: Super admin routes — create orgs, list all orgs (Carpe staff only).
New: Role-based access — admin, investigator, and viewer roles per org with seat limits.
New: Database migration with backward-compatible org_id columns and data backfill.

v7.7.0 — 2026-03-31

4 new features, 2 fixes

New: Redesign contradiction analysis section - consolidate claim, remove labels, tighter layout.
New: Report): add Captured Evidence section with inline screenshots.
New: Ci: add GitHub Actions workflow for Playwright regression tests.
New: Test: add Playwright regression tests for Vision module.
Fix: Increase vision analyze maxDuration to 120s for PDF analysis.
Fix: Duplicate flag labels in Vision results.

v7.6.0 — 2026-03-27

20 new features, 12 fixes, 2 improvements

New: Enrich S. Florida, NYC, and Philadelphia networks with full OSINT data.
New: Carpe branding on all OSINT modules, litigation funding flag, headline alerts.
New: Federal screening, license verification, and lien analysis modules for networks.
New: Review intelligence module with cross-platform review mining for network evidence.
New: Evidence tier system with Minerva Carpe Exclusive intelligence for networks.
New: Replace seed networks with real OSINT from Uber's 4 RICO lawsuits.
New: Referral network intelligence module for provider-attorney steering detection.
New: Benchmark tracking tab for vision API accuracy stats.
New: Add correct/wrong feedback buttons to court record cards.
New: Suppressed results bucket for court records confirmed different person.
New: Cluster low-confidence web results by identity for disambiguation.
New: Handle ManTraNet analysis module from backend.
New: Handle Fourier/moiré and JPEG ghost modules from backend.
New: Handle VLM analysis module from Vision backend.
New: Inject text_forensics module from vision API into frontend response.
New: Vision): verdict-first UI — Clear/Review/Flag replaces numeric score.
New: Classify court record domains as high tier automatically.
New: Merge news results into web results section.
New: Raise web results display cap from 50 to 100.
New: Add CLAUDE.md for coding agent context.
Fix: Networks): remove misleading Minerva flags per Tom's review.
Fix: Court record feedback now persists — store in web_results instead of missing court_records column.
Fix: Frontend: handle PDF integrity module from backend response.
Fix: Vision): apply verdict UI to actual page.tsx ResultsView (was editing wrong file).
Fix: Vision): remove fast-track language from verdicts per Tom feedback.
Fix: Vision: fix scale labels showing Low Risk/Critical next to risk badge.
Fix: Make '+ New Analysis' button neutral instead of bright red.
Fix: Extract courtRecords from web_results for frontend display.
Fix: Court record tier driven by PII score, not auto-promoted.
Fix: Add court_records mapping to data layer.
Fix: Show website domain instead of search source on web results.
Fix: Include subject/tier in status polling so name shows during investigation.
Update: Replace Google/DuckDuckGo/Bing with generic search labels in UI.
Update: Revert: web results cap back to 50.

March 26, 2026

NEW: Evidence Tier System (Confirmed vs Carpe Exclusive) — Evidence cards now show two intelligence tiers: blue "Confirmed" badges for publicly-known findings, and green-glowing "Carpe Exclusive" badges for unique Minerva intelligence not available elsewhere. Additive cards feature green glow effects and pulse animations to visually distinguish proprietary intelligence.
NEW: Minerva Business Intelligence for LA Network — 5 new Carpe Exclusive evidence cards for the LA Rideshare Fraud Ring, sourced from Minerva: DTLA Law Group pre-litigation fraud flag, Emrani visibility-reputation disconnect, GSK Spine walk-in clinic classification anomaly, shared commercial building analysis, and Emrani insurance-recommended paradox.
UPDATE: Intelligence Tier Legend & Stats — Added tier legend at page top, per-network evidence counts (confirmed vs exclusive), Minerva enrichment status indicators, and "pending" notices for networks not yet in the Carpe business database.
NEW: Referral Network Intelligence — New "Networks" module detects provider↔attorney steering patterns using OSINT analysis. Surfaces hidden referral networks through review mining, litigation analysis, corporate registry data, and cross-entity pattern matching. Portfolio-level view shows risk scores, evidence trails, and estimated claims impact.
UPDATE: Real OSINT Data for Networks — Replaced seed data with 4 real fraud networks from Uber's 2025 RICO lawsuits (S.D. Fla., C.D. Cal., E.D.N.Y., E.D. Pa.). All data sourced from public federal court filings, news coverage, and open-source intelligence. Added case references, confirmed status badges, and legal disclaimer.

v7.5.0 — 2026-03-23

9 new features, 28 fixes, 1 improvement

New: Vision): add product specifications page.
New: Clickable recent analyses — click to review previous results.
New: Chore: add sample PI claim PDF for Vision testing.
New: Add court records & arrest records to ID Eval Framework backlog (P1).
New: Vision): add complete API surface + docs page.
New: Correlate source pages to image findings + social media badges.
New: Vision sidebar layout + fix New Analysis reset + HEIC preview fallback.
New: Pass X-API-Key header to vision backend.
New: Add Carpe Vision fraud detection tab.
Fix: Shorten Supported Formats stat to '5+' to prevent text wrap.
Fix: Pre-flight size check before upload — fail fast with clear message instead of cryptic network error.
Fix: Robust image compression for large uploads — fallback to Image element, more aggressive quality/dimension reduction.
Fix: Remove hardcoded test defaults from claim context fields.
Fix: Clear claim context + results when dragging new image (match New Analysis behavior).
Fix: Use sync base64 decode for file reconstruction from prior analyses.
Fix: Clear claim fields on New Analysis + allow re-run from prior analyses.
Fix: Also strip partial/similar flags from web_search module (not just matched_urls).
Fix: Restore image preview + claim context when clicking recent analyses.
Fix: Aggressive compression + fetch timeout + tiered reverse image results.
Fix: Suppress noisy PDF modules + click-to-zoom on visualizations.
Fix: Robust image compression — progressive resize + clear error instead of silent fallback.
Fix: PDF analysis crash + x-raw-image CSP errors.
Fix: Page specificity scoring — slug-like article paths beat index pages.
Fix: Client-side image compression for >4MB files + smarter page matching.
Fix: Zero-score 'no issues' state, broken heatmap URLs, copy-move viz.
Fix: Bigger thumbnails (64px/56px) + copy-link button on all matched sources.
Fix: Vision page web search results - 3 bugs + thumbnails.
Fix: Merge matched sources inline with findings + make URLs clickable.
Fix: Add break-anywhere global CSS class for URL overflow.
Fix: Add min-w-0 to grid column containing results — fixes overflow.
Fix: Force overflow containment with inline styles on vision results.
Fix: Return 401 JSON for unauthenticated API requests instead of 307 redirect.
Fix: Add 401 auth inside vision API route + fix overflow at ResultsView root.
Fix: Auth-gate /api/vision + fix URL overflow in vision results.
Fix: Vision text overflow + require auth for /vision page.
Fix: Add maxDuration=60 to vision analyze route to prevent Vercel timeout.
Fix: Transform backend modules object to array for Vision UI.
Update: Chore: gitignore vercel build output.

v7.4.0 — 2026-03-20

Travelers Deck, Profile Enrichment Carry-Forward & Directory Classifier

Profile Enrichment Carry-Forward: Profile images, bios, and headlines from prior investigation runs now carry forward into re-runs — no more losing enrichment data on re-investigation.
URL Normalization Fix: Query parameters now stripped during URL normalization to prevent duplicate entries for the same page.
Known-Feedback Propagation Fix: Fixed async race condition in setData that could lose feedback on load. URLs normalized before matching. Feedback now merges instead of replacing existing data.
Web Result Feedback on Rerun: Confirm/reject feedback now preserved across re-runs. Known-feedback endpoint wired into results page load.
Directory Classifier Expansion: 30+ new directory, data-broker, and B2B lead-gen domains added to the classifier. Improved detection of people-search URLs and "people living at" snippets.

v7.3.0 — 2026-03-19

Chrome Extension, Timeline Redesign, Evidence Cards & Risk Dashboard

Chrome Extension — Carpe Intel Capture: Downloadable extension at /downloads/carpe-intel-capture.zip for capturing screenshots and evidence from web pages. CORS + API key auth, dedicated /api/ext/* endpoints, Evidence tab with download link and setup instructions.
Evidence Tab & Capture API: New Evidence tab (before Timeline) for viewing captured screenshots and evidence. Evidence capture API for Chrome Extension integration with Supabase storage.
Risk Score Dashboard: Animated SVG score ring on Overview tab — color-coded (green/yellow/orange/red) with key findings auto-extracted from claims flags, severity breakdown bar, and quick stats.
Timeline Workspace Redesign: Rebuilt as horizontal left-to-right scrolling timeline with events alternating above/below the line. Date of Loss shown as prominent red vertical marker with diamond. Year markers, filter bar (Social Posts, News, Claims Flags, Key Dates, Web Results), and mobile-responsive compact fallback.
Timeline Data Sources: Social posts, news dates, LinkedIn experience/education dates (parsed from duration strings), web result date extraction (text month URLs, day-first dates, ISO dates in snippets). Only confirmed (✓) data shown — rejected items filtered out.
Evidence Cards: Redesigned to match Carpe report format — table layout with context, video capture detection, multiple reason codes, days-since-DOL calculation, and evidence summary. AI calculates relative dates from capture timestamp.
Evidence Preservation: "Preserve" button on social profile and web result cards — SHA-256 hash + timestamp for chain of custody, stored in Supabase preserved_evidence table.
Transform Pages: Made public (no CI auth required), password-gated (transform), CI navbar hidden to avoid confusion with login page.
Investigation Filtering: Filter investigations by user email with better dropdown labels (name + claim + date).

v7.2.0 — 2026-03-18

PDF Export, Session Persistence & Neo SFR Comparison

PDF Export: Print-optimized HTML export for investigation reports — includes screenshots, company logo, clean page layout for PDF generation.
Scoped Feedback Fix: Feedback lookup now correctly scoped to the current subject name instead of pulling global top-20 results.
Session Persistence: Fixed cookie domain configuration, login redirect flow, and www canonicalization for reliable session handling across subdomains.
Neo SFR vs Carpe Intel Comparison: New docs page at /docs/neo-sfr-comparison with tabbed layout (summary + technical details) comparing Carpe's Search-Fetch-Rate pipeline with Carpe Intel's OSINT engine, plus a prioritized backlog.
Product Spec Page: Publicly accessible product specification at /docs/product-spec — no authentication required.

v7.1.0 — 2026-03-17

PII Scoring, Performance Optimizations & Interview Voice

PII Scoring & Low-Confidence Bucketing: Web results now scored by PII match quality — low-confidence results bucketed separately instead of polluting the main results. Fixed piiScore 0 bug that was incorrectly bucketing all results.
Confirmed Profile Auto-Promotion: Web results from confirmed profile domains automatically promoted out of low-confidence bucket. Handle-level matching tightened for accuracy.
Web Result Feedback Fixes: Fixed broken confirm/reject buttons — switched from reference equality to URL-based index lookup, added bounds checking, error logging, and guard against index -1 for low-confidence results.
Interview Voice Fix: Resolved voice garbling — switched to Adam voice with multilingual_v2 model, higher stability (0.55), and OpenRouter provider for reliable generation.
Performance Optimizations: Added database indexes for common query patterns, dashboard column filtering with pagination, lightweight status polling endpoint, and in-memory LRU session cache in middleware.
Search Strategy Docs: Complete rewrite of search strategy documentation — multi-engine pipeline, identity resolution, confidence scoring, enrichment layers. New one-pager at /docs/search-strategy with pipeline workflow diagram and improvement backlog.
ID Resolution Eval Docs: Updated with PII scoring methodology, salience calculations, consensus logic, handle propagation, name rarity scoring, and bucketing rules.
Product Roadmap: Added 110 shipped features to the roadmap page.

v7.0.0 — 2026-03-16

Product Roadmap, Persistent Feedback & Label Memory

Product Roadmap: New database-backed /roadmap page with full CRUD — board view (Kanban) and list view, category filtering, admin inline editing, drag-and-drop prioritization.
Persistent Feedback: Profile and web result feedback now saves immediately on click (no more lost labels on refresh). Feedback hydrated from DB on page load.
Label Memory: Auto-populate eval labels from previous investigation runs — no need to re-label profiles you've already reviewed.
Known-Feedback Merge: Server-side merge of known feedback into investigation data for faster initial loads.
Status Page: /status now public (no auth required). Health endpoint response normalized.

v6.9.0 — 2026-03-13

Weekly Digest, Privacy & Terms Pages

Weekly Digest: AI-generated weekly summary email with commit highlights, feature summaries, and correct week boundaries. Subscribers managed in Supabase with unsubscribe endpoint.
Privacy Policy & Terms: New /privacy and /terms pages — publicly accessible (no login required).
Digest Template (v12): Final template with GitHub API for commit data, AI summaries, 3 curated highlights, professional email layout.

v6.8.0 — 2026-03-12

Eval Framework, PDF Vision, Search Categorization

Eval Framework: Comprehensive ID resolution evaluation system — ground truth CSV import, comparison views, tabbed docs layout (Overview, Search Strategy, QA, Tools), live search variance tracking.
PDF Vision Fallback: Scanned PDFs now processed via Claude document API instead of broken WASM. Auto-detects low-text PDFs and falls back to vision analysis.
Search Categorization: Web results tagged by category (athletic/news/social/general) instead of blanket auto-promotion. Athletic domains added as high-tier sources.
Directory Blocklist: 7 new people-search domains blocked (RocketReach, ZoomInfo, ContactOut, Adapt.io, FamilyTreeNow, OfficialUSA, Unmask).
Magic Pre-fill: Fixed file upload 400 errors on claim document pre-fill.

v6.7.0 — 2026-03-10 – 2026-03-11

Batch Investigations, Smart Curation, Dismissal Analytics

Batch Investigations: Upload a CSV to run multiple investigations at once. Bulk workflow for claims teams.
Email Notifications: Get notified when an investigation completes — configurable per user.
Shareable Links: Read-only investigation links for sharing results with colleagues or clients.
Auto-Curation: Images and web results automatically curated — removes manual review burden. News results auto-filtered for subject relevance. Web results cross-referenced against rejected social profiles.
Dismissal Analytics: New analytics views — not-a-match metrics by type/source, query-level dismissal rates, URL provenance tracking (where every web result comes from), source quality metrics per discovery source.
Regenerate Analysis: New button to re-run claims flags and contradiction analysis after excluding rejected profiles. Report generation excludes low-confidence profiles.
Eval Labels: Toggle eval labels on social and web tabs — result type badges, summary bar, interactive inline editing of status and type.
Profile Reactivity: Timeline, Online Presence Score, and Evidence Collected all update instantly when profiles are confirmed or denied.
UI Polish: Profiles sorted by confidence score, tab reorder (Web Data before Analysis/Report), dark mode text legibility fixes, multiple button/styling consistency fixes.
SDLC Action Plan: New /action-plan page with collapsible sections, version history, build contracts.

v6.6.0 — 2026-03-09

Complete Color System Redesign

Design System: Replaced 1,200+ hardcoded hex values across 26 files with a unified CSS custom properties token system.
Dark Mode First: Richer deep navy-black palette (#0B1120 base) — feels like a premium intelligence terminal, not a generic SaaS app.
Semantic Tokens: surface-base/raised/elevated/hover, border-subtle/medium, text-primary/secondary/muted, status colors (success/warning/danger/info).
Visual Polish: Brand-red glow on CTA buttons, card-glow hover effects, gradient hero sections, dot-grid backgrounds.
Light Mode Premium: Warm blue-gray tinted surfaces (#FAFBFD base), consistent badge styling (bg-50/border-200/text-700 pattern), refined card shadows, cooler borders — professional and cohesive.

v6.5.0 — 2026-03-06

API Sandbox for ClaimsX Monitoring + Investigation

API Sandbox: New interactive sandbox at /sandbox for testing ClaimsX Monitoring and Investigation API endpoints with simulated responses.
Monitoring API: All 6 endpoints — start, update, get alerts, stop, resume, and trigger scenario — with scenario-based responses (empty, standard alert, standard + prior alerts).
Investigation API: All 3 endpoints — start, order, get report — with scenario-based responses (empty, standard report, standard + prior reports).
Callback Reference: Read-only tab showing monitoring and investigation callback payload structures with multiple examples (default, with content, no-hit).
Developer Tools: Auto-generated cURL commands, copy-to-clipboard, sample API keys, JSON syntax highlighting, status code badges, simulated response times.
Access Control: Sandbox nav link and page restricted to authorized Carpe Data users only.

v6.4.0 — 2026-03-06

UI Overhaul — Dark Mode Fix, Color System, Analysis Redesign

🌙 Dark mode fixed: Root cause was Tailwind v4 requiring @custom-variant dark in CSS — now properly configured. All dark mode classes work correctly.
🎨 Color system: Replaced all custom hex values with standard Tailwind slate palette across all result components. Consistent, maintainable.
📊 Analysis tab redesigned: New stat bar summary (flags count, contradictions, image flags, overall risk), compact list layout replacing noisy 2-column grids, tighter information density for claims investigators.
🔍 Raw Data tab: People search / lead gen / public records sites now filtered by default. Relabeled "People Search & Lead Gen" with explanatory note. 20+ additional domains added to blocklist.
🧭 Navbar: Cleaner slate palette styling, improved dark mode styling.
🗂️ Tabs: Simplified underline-style tab bar, proper dark mode contrast.

v6.3.0 — 2026-03-06

AI Claimant Interview (VAPI Phone Calls)

📞 VAPI Claimant Interview: New section on investigation results page. Investigator clicks "Call Claimant" to initiate an AI-conducted outbound phone call via VAPI (+1-805-622-2737).
OSINT-Derived Questions: AI generates 3 targeted questions per call — 1 baseline claim question, 1 OSINT-informed probing question (based on social media findings and claims flags), and 1 consistency check. Questions are generated fresh per investigation before each call.
Automated Interview: Judah (Opus 4.6 via VAPI) conducts the interview, asks questions conversationally, admits it's a bot if asked directly, and ends politely after 3 questions.
Call Outcomes Stored: Full audio recording + transcript saved. Post-call AI analysis compares claimant answers against OSINT findings, flags contradictions, and rates credibility (High / Medium / Low).
UI: 4-state collapsible card — no interview, in progress (polls every 10s), completed (transcript + audio player + AI analysis), failed. Phone number pre-filled from investigation subject, investigator-overridable.
Webhook Handler: VAPI end-of-call-report webhook triggers AI analysis automatically when the call ends. Status updates tracked in real time.
Supabase: New interviews table stores all call data (investigation_id, vapi_call_id, phone, questions, status, transcript, recording_url, ai_analysis).

v6.2.0 — 2026-03-05

User-Scoped Dashboard

Scoped Investigations: Dashboard now shows only YOUR investigations by default.
Admin Toggle: Admins can toggle "Show All" to view all users' searches.
User Column: New "User" column visible in admin view showing who ran each search.
Ownership Tracking: Investigation ownership tracked automatically on creation.

v6.1.0 — 2026-03-05

Data Checkboxes, Platform Tier Split & Re-Run Repopulate

✓/✗ Feedback on All Data: Checkboxes (correct / wrong) added to every data element — education entries, work history, addresses, email addresses, phone numbers, and individual web results. Feedback stored via the existing feedback API with a new type + index schema for granular data-item tracking.
Primary / Secondary Social Profile Split: Social profiles section now groups by platform tier instead of confidence level. Primary platforms (LinkedIn, Instagram, Twitter/X, Facebook, YouTube, TikTok) shown prominently with full cards. All other platforms collapsed by default under "Other Profiles (N)" toggle.
Re-Run Repopulate (In-Place): "Re-run with discovered details" now updates the investigation in place instead of redirecting to a new form. Calls the rerun API with enriched subject data, resets the UI to processing view, and polls for completion — new results appear automatically when done.
Emails & Phones in Subject Summary: Subject summary card now displays all email addresses and phone numbers with per-item feedback buttons.
Rerun API Enhancement: /api/investigations/[id]/rerun now accepts an optional subject field to update the subject with discovered data before re-processing.

v6.0.0 — 2026-03-04

Identity Resolution: Browser API + Facial Recognition + Security Hardening

🌐 Bright Data Browser API: Second-pass enrichment using Bright Data's Scraping Browser (Playwright over CDP). Profiles missing bio, headline, location, or photos after Datasets API enrichment are now fetched via a full headless browser — bypassing anti-bot protections on LinkedIn, Instagram, Twitter/X, and Facebook. Extracts OG tags, JSON-LD, and platform-specific selectors (name, headline, bio, location, profile image, website). Cost-controlled: top 3 candidates only.
📸 Facial Recognition Matching: Optional subject photo upload on investigate form. Vision AI (Claude Opus 4.6) compares reference photo against discovered profile photos. Score adjustments: face match +0.25, face mismatch -0.30, uncertain no change. Results shown as badges on each profile: ✅ Face Match, ❌ No Match, ⚠️ Uncertain. Photos stored in Supabase Storage, client-side resized to 1024px.
🔒 CSP Hardening: Fixed all critical/high Content-Security-Policy findings from CISO audit. Removed unsafe-eval, replaced wildcard https: in img-src with explicit allowed domains, scoped Google Maps to specific API paths (JSONP bypass fix), added upgrade-insecure-requests and report-uri directives.
🛡️ Database Security: Enabled Row-Level Security (RLS) on all 6 public Supabase tables. Added service_role_all policies. Anon access now blocked on all tables.
📷 Subject Photo Upload: New file input on investigate form (image/jpeg, image/png, image/webp, max 5MB). Canvas API resize, preview thumbnail, Supabase Storage upload to subject-photos bucket. Non-blocking — investigation starts immediately while photo uploads in background.
🎯 Profile Photo Extraction: Browser API reliably fetches profile image URLs from LinkedIn (CDN direct links), Twitter/X, Instagram, and Facebook — enabling facial matching on profiles that previously had no photo data.

v5.9.0 — 2026-03-03

Ian's Six: Deep Fraud Intelligence

🕵️ Synthetic ID Detection: Heuristic-based identity fabrication analysis. Checks digital footprint age, identity DB consistency (PIPL + PDL), employment/education gaps, profile age indicators, and public records presence. Scores 0-100 with risk levels. No SSN required.
🌐 Dark Web / Breach Search: Checks subject emails against known data breach databases (HIBP, breach directories) via free Serper-based search. Flags breach count, names, and exposed data types.
🔗 Association Mapping: Maps connections between claimant and other parties — legal/attorney connections, address co-residents, lawsuit co-parties, and social media tagged contacts. Flags suspicious relationships (same address, shared legal proceedings).
💰 High Net Worth Flag: Detects executive titles, high-value industries, wealth indicators, business affiliations. Confidence levels: unlikely → possible → likely → confirmed with estimated range.
👤 Public Figure Flag: Checks Wikipedia presence, news footprint, follower counts, verified accounts, political/government roles. Categorizes as politician, executive, media, athlete, or other.
🔍 People Data Labs (PDL) Integration: Third identity resolution source running in parallel with PIPL + Serper. Returns full work history with dates/companies/industries, education details, social profiles, skills, and interests.
📊 Admin Analytics Dashboard: New /admin/analytics page with source performance, enrichment hit rates, social platform discovery, claims flags by type/severity, performance by tier, input quality metrics, AI summary stats, score distribution, and user activity tracking.
📖 Investigator How-To Guide: Collapsible onboarding guide on /investigate explaining what Carpe Intel searches, how AI analyzes data, what you get, and investigation tier descriptions.
🪄 Magic Upload Fix: PDF/image upload now surfaces errors instead of silently failing. Added addresses[] and claimDescription extraction.
📅 Date of Incident: Moved from Subject Information to Claim Details section where it belongs.
💼 LinkedIn Cleanup: Work experience deduped by title+company, filters out snippet-garbage (sentences in company names), capped at 2 most recent entries.
📈 Source Tracking: Every investigation now logs which sources (PIPL, PDL, Serper, Bright Data, IDCrawl) contributed profiles and high-confidence matches.

v5.7.3 — 2026-03-03

Multi-Address Input + Masked Discovery Safety

📮 Multiple Addresses: Create-investigation form now supports entering multiple addresses (primary + additional). Persisted as subject.addresses: string[] while keeping subject.address for backwards compatibility.
🧾 Results Address Summary: Subject Summary shows primary address plus a "+N more" expandable list for additional addresses.
🛡️ Re-run Discovery Redaction: "Re-run with discovered details" now never auto-prefills masked/redacted values (anything containing ***/**** or xxx/XXX). Masked discovered emails like sarahjoh****@gmail.com are ignored for prefill.

v5.6.0 - 2026-03-03

Quality Hardening & Markdown Tables

🐛 Claims Flags Fixed: Root cause: Claude returns JSON inside markdown code fences - parser was only looking for bare arrays. Now strips fences, extracts objects, and handles all response formats. Claims flags verified working (7 flags on test investigation).
📊 Markdown Tables: AI dossier tables now render as proper styled HTML tables with headers, hover rows, and responsive overflow. Previously showed raw pipe syntax.
🔄 Re-run with Discoveries: After investigation completes, "Re-run with discovered details" button feeds back discovered emails, handles, and employers for higher accuracy on a second pass.
🎯 Confidence v2: Common name penalty - Sarah Johnson, John Smith etc. capped at 0.55 confidence when no corroborating email/phone/DOB provided. Reduces false positives.
🔢 Float Precision: Fixed 0.35000000000000003 appearing in confidence scores. Root cause: JS floating-point arithmetic in Bright Data minimal fallback path.
🚫 Reddit NSFW Filter: Rejects adult content, NSFW, and OnlyFans snippets. Requires subject's last name in snippet or URL.
🖼️ Image Analysis (Beta): Vision AI analyzes social media photos for physical activity contradictions. Shown below Claims Flags with Beta badge.
🔍 Deeper Serper Queries: Added GoFundMe, arrest/fraud/lawsuit, condition-specific, DOB year, and address searches. Enhanced news with criminal keywords.
🏠 Hero Simplified: Dropped "Carpe Intel" title text. Fixed subtitle wrapping. Cleaner, more enterprise look.

v5.5.0 - 2026-03-02

Timeline, Interview Prep & Claim Context

📅 Activity Timeline: Visual timeline plotting social media posts against claim dates. Posts after Date of Incident highlighted in red. DOI marker prominently displayed.
📋 Interview Preparation: AI-generated interview questions tailored to investigation findings. 10 targeted questions with evidence citations and red flags to listen for.
⚠️ Evidence Preservation Banner: Warns when public profiles are detected that could be deleted. "Preserve Evidence" CTA for future archival feature.
📝 Claim Description Field: New optional text area in Claim Details - free-form claim narrative that feeds directly into AI analysis for more targeted dossiers.
📊 Score Renamed: "Risk Score" → "Online Presence Score" with coverage-based interpretation. Prevents confusion with fraud risk scoring (coming in v6).
🔍 QA Cycle: 3 diverse subjects tested (common name, known person, celebrity). Identified and fixed confidence scoring gaps and score interpretation issues.

v5.4.0 - 2026-03-02

Ask the Analyst + Full Dossier Mode

💬 Ask the Analyst: Chat with a senior OSINT analyst about any completed investigation. AI has full context of all social profiles, web results, claims flags, public records, and the intelligence brief. Suggested starter questions included.
📋 Full Dossier Mode: AI intelligence brief expanded from 3-4 paragraphs to a 10-section deep-dive investigation report: Executive Summary, Subject Profile, Digital Footprint Analysis (per-platform), Public Records, Claims-Relevant Findings, Claims Flags, Identity Verification, Risk Assessment, Recommendations (with interview questions), and Evidence Appendix.
📄 Professional Report: HTML report completely redesigned - branded Carpe Data header, executive summary box with score, structured sections, public records breakdown, print-ready with CONFIDENTIAL watermark.
🏠 Landing Page: Enterprise-grade hero section, stats bar, how-it-works visual. Looks like a product Travelers would pay for.
🎯 Results Polish: Cleaner confidence badges, section icons, collapsed web/news/images by default, status bar with completion time.

v5.3.0 - 2026-03-02

Deep Enrichment & Intelligence Upgrade

🔧 Bright Data Fix: Found and fixed the root cause - discover_by=url param was being rejected by Datasets API. Profiles now return real followers, bios, posts, profile images.
🎯 Real Confidence Scoring: Name matching + URL validation replaces fake 100% scores. LinkedIn with matching slug = 0.9, unrelated Twitter handle = 0.15. Profiles now grouped by actual match quality.
📊 Confidence Badges: GREEN (HIGH ≥70%), YELLOW (MEDIUM ≥40%), GRAY (LOW <40%) badges on every profile card. Low-confidence matches collapsed by default.
📝 AI Summary Upgrade: Collapsible report with gradient fade, correct report date, horizontal rules, blockquote support. Public records (alumni, business, property, relatives) now fed into the intelligence brief.
🔍 URL Validation: Rejects search/directory pages masquerading as profiles (e.g., Facebook "People named X" pages filtered out).
🏠 Public Records → AI: Alumni history, business affiliations, property records, and relatives now included in AI summary prompt for richer analysis.

v5.2.2 - 2026-03-02

Results Page Polish

Confidence-based grouping - social profiles split into High (full cards), Medium (compact list), and Low (collapsed toggle) tiers to reduce noise
AI Summary formatting - replaced broken markdown renderer with proper line-by-line parser supporting headers, lists, bold/italic, code, and links
Risk Score explanation - color-coded description below score circle with breakdown of scoring components
Best profile photo - hero avatar displayed at top of Subject Summary card when available
Download/print report - View Report and Print Report buttons restored above results

v5.2.1 - 2026-03-02

Results & Report Enhancements

Public Records section on results page - alumni, business affiliations, relatives, property, discovered emails
LinkedIn experience & education timeline display on results page
Profile avatar images from Bright Data in social profile cards
Confidence score display fix - correct 0-1 → percentage conversion
Branded PDF/HTML report with public records, LinkedIn details, confidential watermark

v5.2.0 - 2026-03-02

Deep Enrichment & Public Records

Bright Data Structured APIs - Instagram, LinkedIn, Facebook, Twitter/X, YouTube profiles now return full structured JSON (followers, bios, posts, experience, education)
Public Records Enrichment - IDCrawl aggregator, business affiliations, news/media, property records, court/legal, alumni history, relatives, nonprofits
8 parallel public record searches per investigation
Instagram Posts + Facebook Posts - recent posts pulled via dedicated APIs
AI Summary timeout fix - extended to 150s for Opus 4.6 detailed reports

v5.1.0 - 2026-03-02

UX & Pipeline Upgrades

Logo fix - dual PNG/SVG for light and dark mode visibility
Red favicon - Carpe “C” on red background
Magic Upload - PDF, images, and document file upload (not just text paste)
Re-run with tier selection - dashboard dropdown: re-run as Instant, Thinking, or Pro
Upgrade banners - completed Instant investigations offer “Upgrade to Thinking”; Thinking offers “Upgrade to Pro”
Beefed-up search queries - 5+ query variations per investigation, quoted names, name+city, name+employer
Deeper Bright Data extraction - nitter fallback for Twitter, mobile Facebook, snippet fallback
New scoring formula - composite: web presence + profiles + richness + claims flags + images
7 social platforms - added YouTube, Reddit, TikTok discovery

v5.0.0 - 2026-03-02

Clean Rebuild

Complete architecture rebuild with Codex 5.3
Railway worker for background investigation processing (no timeouts)
Supabase Realtime queue architecture
4 investigation tiers: Score, Instant, Thinking, Pro
16-step investigation pipeline
Parallel social profile processing
Google Places autocomplete for address input
Magic pre-fill from pasted text (AI extraction)
Dark mode with persistent toggle
PDF/HTML report export
Professional claims flag analysis
AI Intelligence Brief (concise + detailed modes)