A public status page should explain service health, incident impact, and recovery progress. It should not expose secrets, raw response bodies, headers, probe locations, or internal dependency names by default.

• Publish scenario state and human-readable incident context.
• Hide check internals unless a team intentionally discloses them.
• Design status copy for customers, not only infrastructure operators.

The current page makes no claim that hosted auth or tenant storage is live. Future Console work should define account access, team roles, credential storage, audit logs, and data retention before public launch.

• Use roadmap language for OIDC, team invites, RBAC, and billing access.
• Store integration secrets only in the managed backend when implemented.
• Keep static landing analytics disabled unless the privacy policy changes.