# DoNotAct Monthly Incident Reports

DoNotAct monthly incident reports are offline operator/customer reports generated from exported diagnostic ledger rows.

They answer operational questions:

- how many diagnostic calls were made in a month;
- how many responses failed closed as `DO_NOT_ACT` or `INSUFFICIENT_EVIDENCE`;
- which venues, endpoints, source integrations, and reason codes appeared most often;
- which evidence gaps or blocking diagnostics should be reviewed with the operator.

## Offline Flow

Static example: `/examples/monthly-incident-report-v0.md`.

1. Export diagnostic rows with a dry run first:

```bash
python scripts/closeedge_export_diagnostic_events.py \
  --month 2026-06 \
  --output exports/diagnostic-events-2026-06.json
```

2. Execute only in an authorized operator environment:

```bash
DATABASE_URL=... python scripts/closeedge_export_diagnostic_events.py \
  --month 2026-06 \
  --output exports/diagnostic-events-2026-06.json \
  --execute
```

3. Generate Markdown:

```bash
python scripts/closeedge_monthly_incident_report.py \
  --input exports/diagnostic-events-2026-06.json \
  --month 2026-06 \
  --output reports/do-not-act-incident-report-2026-06.md \
  --account-label customer
```

## Boundaries

The report is not a monetary savings report, not outcome predictions, not a trading-performance report, and not advice.

It is a conservative accounting of diagnostic calls, fail-closed responses, source attribution, and reason-code distribution.

## Verification

When cryptographic attestation is needed, preserve diagnostic receipts and verify them with:

```bash
python scripts/closeedge_verify_receipt.py \
  --response response.json \
  --public-key closeedge-receipt-key.json
```

Public receipt key: `/.well-known/closeedge-receipt-key.json`.