Shadow and Shield / Reporting

Reporting and export outputs.

Shadow and Shield generates structured report and export outputs from supported case, evidence, and tool execution records, with consolidated reporting still under development.

Under construction · work in progress

This page will continue to change as the hardware, software, and release materials are finalized.

At a Glance

Current report outputs, included records, and release boundaries.

This page covers current report scope, available output formats, tool execution records, translated content, and integrity claims that depend on release validation.

01 / Scope

Current report scope.

The reporting module can create report records and generate current outputs from selected case and workflow data. Broader consolidated reporting is still under development and should be described carefully.

  • Current case-scoped reports can include available case header data and selected session or evidence context
  • Broader forensic data exists in the platform but should not be described as comprehensively included in every generated report
  • Some report types exist in the UI or database but may share fallback rendering paths
  • Detailed settings controls should not be described as generally available until wired and validated

02 / Outputs

Report outputs.

Current reporting and export paths can support HTML and CSV outputs, with PDF and JSON treated as release-dependent unless the target build verifies those paths.

  • HTML report output where supported
  • CSV output for selected export workflows
  • PDF and JSON should remain release-dependent until validated
  • Case header, session context, tool execution records, file listings, and report metadata where available

03 / Tool Records

Tool records.

Reports can draw from supported execution records: tool name, status, timing, actor, case context, configuration, and workflow-specific results where those records exist.

  • Tool execution records and status
  • Case and actor context where recorded
  • Hashes, verification records, acquisition records, keyword results, and hash comparison results where included by the validated report path
  • Report content should stay tied to records the current workflow actually includes

04 / Translation

Translated content.

AI-based filename translation can preserve original filenames alongside translated values. Report-level translation language should be scoped to implemented and verified report behavior.

  • Original and translated filename values where supported
  • Translation model context where implemented
  • Do not claim every report includes translated evidence content
  • Do not claim report-level translation model attribution unless verified

05 / Generation

Generation and storage.

Current report generation is on-demand and tied to available case or workflow records. Generated outputs and generation status should be described only where the target release validates the path.

  • On-demand generation where supported
  • Generation process and output storage where implemented
  • Regeneration behavior only where validated
  • Report records, errors, and status retained where available

06 / Integrity

Integrity boundaries.

The platform can retain report records and generation status, but public copy should not promise output hashing, signatures, formal regeneration lineage, or complete chain-of-custody reports unless the target release verifies them.

  • Report records and generation status where available
  • Output storage and error status where recorded
  • Output hashing and report signatures only if verified
  • Regeneration lineage only if implemented and validated
  • Chain-of-custody report language must stay scoped

Do not claim complete report templates, universal chain-of-custody reports, report signatures, output hashes, regeneration lineage, or report-level translation attribution unless verified in the target release.