# AI Change Consequence Certificate install guide

Use this guide to run the paid-pilot certificate on one GitHub repository and up to ten real pull requests.

## What gets installed

- One GitHub Actions workflow: `.github/workflows/change-consequence-certificate.yml`
- One PR certificate artifact: `change-consequence.json`
- One reviewer-facing markdown summary: `change-consequence.md`
- One merge passport artifact: `change-merge-passport.json`
- One merge passport summary: `change-merge-passport.md`
- Optional PR comments when `comment-pr: true`
- Optional Semgrep and OSV scanner evidence

## Fast install

1. Download `install-workflow.yml`.
2. Copy it to `.github/workflows/change-consequence-certificate.yml` in the pilot repository.
3. Open a pull request that changes real application code.
4. Confirm the workflow uploads `change-consequence.json`, `change-consequence.md`, `change-merge-passport.json`, and `change-merge-passport.md`.
5. Ask the reviewer whether the certificate made the merge decision faster, safer, or clearer.

## Required repository permissions

The workflow uses:

- `contents: read` to inspect the repository checkout.
- `pull-requests: write` to post a PR comment when comments are enabled.
- `issues: write` because GitHub PR comments use the issues comment API.

Disable `comment-pr` if the team wants artifact-only mode.

## Scanner behavior

The sample workflow installs Semgrep and OSV Scanner. If a scanner is unavailable or times out, the certificate should still run and record the missing evidence as an explicit unknown. Missing scanner evidence is not hidden.

## Merge passport

The certificate is evidence. The merge passport is the decision layer. It turns
that evidence into a merge status such as `block_merge`,
`requires_explicit_exception`, `review_with_known_unknowns`, `standard_review`,
or `auto_merge_candidate`, plus failed policy rules, required human actions,
rollback requirements, and post-merge observation evidence.

## Success criteria for the paid pilot

The 30-day pilot is worth expanding when ten real PRs produce at least three faster or safer review decisions, such as:

- a missing test found before merge;
- an owner routed earlier than the normal review path;
- a security finding or model-loading risk surfaced in the reviewer summary;
- reduced back-and-forth because the certificate made the affected surface clear.

## Uninstall

Remove `.github/workflows/change-consequence-certificate.yml`, delete generated artifacts if desired, and revoke any custom tokens that were created for the pilot.

## Claim boundary

This install guide is a buyer-readable pilot setup guide. It does not prove that a customer has installed the workflow, paid for the pilot, or accepted the security review.
