# Console Risk UI (Overview)

This document describes how risk and explainability concepts should surface in the Console.

## Concepts to Surface

- **Verdict and “why”:** a short, narrative explanation above the fold.
- **Evidence rail:** links to proofs that justify each fact (SBOM, VEX, reachability, policy explain trace).
- **Risk signals:** severity, exploit signals, exposure context, and confidence/uncertainty indicators.

## Explainability Expectations

- Every blocking decision must link to the policy gate and the evidence inputs that triggered it.
- Uncertainty must remain explicit (avoid false safety when evidence is missing or conflicts exist).

## References

- Risk model overview: `docs/risk/overview.md`
- Policy explainability: `docs/risk/explainability.md`
- Vulnerability Explorer guide: `docs/20_VULNERABILITY_EXPLORER_GUIDE.md`