WebRiskOps

Missing evidence

Use Missing evidence to restore screenshots, HTML snapshots, console/network evidence and report artifact references without inventing or requesting private data.

Customers, agencies and report reviewers

Feature availability

Product, package, provider and deployment boundaries for this page.

Available from
Current documentation
Providers
reportsevidence
Deployment modes
cloud

Before replacing evidence

Use this page when a report, finding, scan page or export says evidence is missing. Missing evidence should lead back to the scan artifact that should have produced it, not to invented screenshots, private customer data or unsupported manual proof.

  • Open the report evidence panel
  • Check `screenshot_path`, `html_snapshot_path`, `artifact_path` and `evidence_status` for the affected finding or page.
  • Keep private, account-only, unsupported and redaction-blocked artifacts out of the report.

Trace the missing artifact

Follow the path `Report → Evidence panel → Scan page artifact → Retry, regenerate or stop`.

  1. Open `/reports/{report}` and choose the affected finding or page in the evidence panel. Result: `report_id`, `issue_id`, `scan_page_id` and current `evidence_status` are visible before any retry.
  2. Read `screenshot_path`, `html_snapshot_path`, `artifact_path` and `evidence` for the affected item. Result: the page shows whether screenshot, HTML, console, network or finding text is missing.
  3. Match the item to `scan_run_id` and open `/scans/{scanRun}`. Result: missing report evidence is tied back to the scan run that should produce it.
  4. If `EVIDENCE_ARTIFACT_MISSING` appears, check whether the scan page has any safe artifact before regenerating the report. Result: the report does not invent a screenshot or cite a file that does not exist.
  5. If `SCREENSHOT_CAPTURE_FAILED` appears, inspect browser render status, viewport limits and `capture_attempted_at`. Result: screenshot recovery stays in the scan/browser workflow.
  6. If `HTML_SNAPSHOT_MISSING` appears, inspect capture storage and redaction state before retrying. Result: HTML evidence is restored only when it can be stored safely.
  7. If console or network evidence is missing, review console/network counts and deterministic issue evidence. Result: deterministic findings can remain visible without pretending a missing artifact exists.
  8. Retry from `/scans/{scanRun}/retry` only when the page is public, in accepted scope and safe to render. Result: private, account-only or unsupported pages stay excluded.
  9. Regenerate report output from `/scans/{scanRun}/report` only after artifacts exist and `redaction_status` is ready. Result: `publication_status` stays blocked until evidence references are real.
  10. Continue to Scan failures and blocked pages, Screenshots and HTML snapshots, Console and network evidence or Publication gates based on the owner that remains. Result: the customer lands on the workflow that can fix or stop the evidence issue.

Evidence artifact reasons

Use the code to decide whether the page needs a scan retry, report regeneration or a stop condition.

  • `EVIDENCE_ARTIFACT_MISSING` means the report references evidence that is absent, expired, deleted or not attached to the scan page.
  • `SCREENSHOT_CAPTURE_FAILED` means the browser could not capture a safe screenshot during the scan.
  • `HTML_SNAPSHOT_MISSING` means the scan did not store an HTML snapshot that can be shown safely.
  • `CONSOLE_EVIDENCE_MISSING` and `NETWORK_EVIDENCE_MISSING` mean browser-observed counts or request details are missing, incomplete or redacted.
  • `REPORT_PUBLICATION_BLOCKED` means the report cannot be shared while evidence references are unsafe, missing or redaction-blocked.

Regenerate or stop rules

Regenerate only from product workflows that can recreate safe artifacts.

  • Use `/scans/{scanRun}/retry` when the page is public, inside accepted scope and the scan failure reason is clear.
  • Use `/scans/{scanRun}/report` after fresh scan artifacts exist and the report can cite real paths.
  • Stop when the page is private, outside accepted scope, account-only, blocked by provider policy, missing ownership proof or unsafe to store.
  • Keep `redaction_status` active before report publication, export, ticket creation, public link or PDF output.

Ready and blocked evidence states

Evidence is ready when the report can point to real, safe artifacts or deterministic text evidence.

  • Ready: `screenshot_path`, `html_snapshot_path`, `artifact_path`, console/network evidence or finding evidence is present, redacted as needed and attached to the correct `scan_page_id`.
  • Still blocked: artifact path missing, scan page unavailable, private data risk, redaction pending, report regenerated before artifacts exist or `publication_status` is blocked.
  • Acceptable fallback: deterministic issue evidence can remain visible when a screenshot is unavailable, as long as the report says which artifact is missing.

Continue after evidence triage

Use the linked guide for the workflow that still owns the block.

  • Scan failures and blocked pages explains failed scan runs, skipped URLs and browser-rendering issues before evidence can exist.
  • Screenshots and HTML snapshots explains how scan artifacts are captured, stored and shown.
  • Console and network evidence explains browser-observed counts and request details.
  • Data collected and excluded explains why private pages, secrets and account-only content stay out of artifacts.
  • Publication gates explains why public links, PDFs and exports stay blocked while evidence is unsafe or missing.

Related documentation

Scan failures and blocked pagesScreenshots and HTML snapshotsConsole and network evidenceData collected and excludedPublication gatesResolve blocked or failed states

Was this page helpful?

Feedback goes into the product documentation review queue.