Platform IntelligencePlatform Intelligence

Sample Platform Intelligence Reports

Four report formats showing how codebase evidence becomes engineering insight, architecture risk, and executive decision support

Detailed engineering assessment

Engineering Health Report

Northstar Orders requires targeted stabilisation before growth work accelerates

This is the closest level to the current sample report. It keeps the engineering evidence and adds sharper hotspot ranking, remediation costing, and risk prioritisation.

Architecture quality
62 / 100
Maintainability
58 / 100
Security
66 / 100
Performance
71 / 100
Test coverage
49 / 100
Technical debt
54 / 100

Included analysis

  • Complexity
  • Security
  • Dependencies
  • Quality metrics
  • Technical debt
  • Code hotspots

Engineering decision support

  • Critical/high/medium/low prioritisation
  • Estimated remediation hours
  • Approximate remediation cost
  • Affected workflow context

Recommended sequence

  • Protect critical workflows with tests
  • Resolve high-risk dependencies
  • Isolate permission policy checks
  • Reduce order fulfilment coupling

Findings

Order fulfilment is tightly coupled to billing and inventory

Critical

The order path calls billing, inventory reservation, tax calculation, customer notifications, and fulfilment synchronously from a single service.

Complexity is concentrated in revenue-critical workflows

High

Discounting, entitlement checks, and backorder handling change frequently but have limited automated coverage.

Dependency risk is accumulating in the API layer

Medium

Request validation, authentication middleware, and queue processing packages are behind current releases.

Code Hotspot Ranking

FilePriorityReason
PaymentController.csCriticalRevenue path, weak input validation, high change rate
[HttpPost("payment")]
public async Task<IActionResult> ProcessPayment(PaymentRequest request)
{
    var result = await _paymentService.Process(request);
    return Ok(result);
}
UserService.csHighPermission logic is duplicated across account and admin workflows
public bool CanUpdateUser(User currentUser, User targetUser)
{
    if (currentUser.Role == "Admin") return true;
    if (currentUser.Id == targetUser.Id) return true;
    return false;
}
public bool CanViewAccount(User currentUser, Account account)
{
    if (currentUser.Role == "Admin") return true;
    if (account.OwnerId == currentUser.Id) return true;
    return false;
}
AuthMiddleware.csHighSecurity-sensitive dependency and inconsistent role enforcement
if (context.User.IsInRole("Admin") || context.Request.Path.StartsWithSegments("/internal"))
{
    await _next(context);
    return;
}
OrderService.tsHighHigh fan-out orchestration with limited regression coverage
async placeOrder(order: OrderRequest) {
  const customer = await this.customerService.getCustomer(order.customerId);
  const payment = await this.billingService.charge(order.payment);
  const stock = await this.inventoryService.reserve(order.items);
  const tax = await this.taxService.calculate(order);
  await this.notificationService.sendOrderConfirmation(order);
  return this.fulfilmentService.createShipment(order, payment, stock, tax);
}

Technical Debt Costing

AreaEffortApprox. Cost
Critical workflow tests80 engineering hours$12,000
Auth and permission cleanup60 engineering hours$9,000
Order service decomposition100 engineering hours$15,000
Total first remediation tranche240 engineering hours$36,000

Recommended next step

This report identifies several areas that may warrant further investigation. Before significant platform investment, modernisation, or strategic roadmap decisions are made, an Architecture Risk Assessment is recommended to identify root causes, evaluate architectural dependencies, and quantify the potential impact of change.

How to Read This Report

This Engineering Health Report provides a detailed assessment of the maintainability, quality, security, and structural health of the software platform.

The findings are derived from automated analysis of the source code, dependency relationships, engineering patterns, testing practices, and technical debt indicators. The report is designed to help engineering leaders understand where risk exists today and where future engineering effort is likely to be concentrated.

Understanding the Scores

Each section contains one or more health indicators scored between 0 and 100.

These scores are intended to provide a consistent view of engineering quality across multiple dimensions and should be interpreted together rather than in isolation.

ScoreAssessment
80-100Healthy
60-79Moderate Risk
40-59Elevated Risk
Below 40Significant Risk

A low score does not necessarily indicate poor engineering. Mature systems often accumulate complexity as they evolve. The purpose of these metrics is to identify areas where maintenance effort, delivery risk, or operational risk may be increasing.

Focus on Hotspots

Not all findings carry the same level of risk.

This report highlights engineering hotspots where multiple indicators converge, such as:

  • High complexity combined with low test coverage
  • Frequently modified files with elevated technical debt
  • Critical dependencies with known vulnerabilities
  • Architectural components with excessive coupling

These hotspots often represent the highest-value opportunities for improvement.

Understanding Technical Debt

Technical debt is not inherently negative. In many cases, it represents deliberate trade-offs made to deliver business value quickly.

The concern arises when technical debt begins to affect:

  • Delivery velocity
  • Platform stability
  • Team productivity
  • Operational costs
  • Change risk

Where possible, this report estimates both the scale and likely impact of identified debt.

What This Report Covers

This report evaluates:

  • Code quality and maintainability
  • Dependency health
  • Security indicators
  • Complexity hotspots
  • Technical debt patterns
  • Testing maturity
  • Engineering risk areas

The findings are intended to support engineering planning, prioritisation, and investment decisions.

What This Report Does Not Cover

This report does not include:

  • Detailed architecture redesign recommendations
  • Modernisation strategies
  • Domain modelling assessments
  • Organisational capability reviews
  • Technical due diligence
  • Executive investment planning

These activities are typically addressed through a dedicated Architecture Risk Assessment or Architecture Review engagement.

Recommended Next Step

Use this report to identify where engineering effort should be focused over the next three to six months.

Where significant structural issues, architectural concerns, or concentrated technical debt are identified, a deeper Architecture Risk Assessment can provide root-cause analysis, dependency mapping, and a prioritised remediation strategy.

This report is intended to help answer one question: "What are the most significant engineering risks within this software platform, and where should we focus our attention first?"

Back to Platform Intelligence AI