Skip to main content

What this page is

A working prototype gives an honest reading of itself. This page summarises the gaps between what CADi does today and what a production deployment would require. The canonical inventory lives in the docs/PRODUCTION-GAPS.md file in the public GitHub repository.

Prototype scope

What's prototype, what would be production

CADi is a working prototype. Inputs are simulated, scoring weights are hand-tuned, and each causal claim is labelled with its current rigor level. What works is the architecture: a decision-governance control layer with a 9-step pipeline, four analytical lenses, hash-chained audit, and a robustness gate that refuses to automate fragile decisions.

The short version

CADi is a working prototype with 2,745 tests, a 9-step decision pipeline, session-scoped governance and audit behaviour, simulator tooling, and a passing local quality gate (lint, test, build). Everything works as a prototype. Nothing should be treated as production-ready without the controls listed below.

Where the gaps are

  1. 01

    All weights are hand-tuned

    Lens weights, lambda weights, SCM edge weights, and safeguard thresholds were chosen by domain knowledge, not estimated from outcome data. The formulas are sensible; the numbers are guesses.

  2. 02

    Rigor levels are heuristic, not validated

    Every method declares its rigor level. Most lens scores and confidence values are labelled `heuristic`. Cinelli-Hazlett sensitivity and the Cholesky copula are `analytical_approximation`. Nothing in the codebase is labelled `statistically_defensible` or `production_grade`.

  3. 03

    The causal graph is assumed

    The 13-node, 12-edge SCM was defined by domain knowledge. No causal discovery (PC, FCI, GES) was run on observational data. Plausible but unvalidated.

  4. 04

    Session-scoped state resets on reload

    Audit records, SCM edge updates, decision-monitoring metrics, and cultural-drift scores live in memory. Datasets and templates persist; the in-memory state does not. A regulated deployment needs tamper-evident, persistent audit trails.

  5. 05

    No production infrastructure

    No authentication, no rate limiting, no CI/CD, no APM, no alerting, no error tracking, no automated backups, no environment isolation. Public API routes currently have no access control.

  6. 06

    Synthetic data is not real data

    The 10k records are generated by a known-formula outcome generator. Running causal estimators on it would estimate what we coded, not discover anything. The pipeline is ready for real data; only the source changes.

  7. 07

    Advanced causal estimators not yet built

    Advanced causal estimators (DML, TMLE, AIPW) are specified but not built. They could be implemented as analytical approximations on synthetic data for demo purposes; production deployment needs the full ML pipeline.

  8. 08

    The cost model is hardcoded

    The per-contact cost model (PROTECT £8.20, AUGMENT £4.10, AUTOMATE £0.35) is fixed in code today. A production system would make business logic like this customer-configurable.