The free witness shows one finding. The $49 Risk Packet is the full evidence file for 5–10 high-risk pages. Here is exactly what is inside and why each piece is there.
A Risk Packet is a structured evidence file, not a score. Every exhibit in it follows the same shape: one public claim, one observation, one timestamp. The goal is that a non-engineer — a founder, a lawyer, a compliance lead — can read any single exhibit and understand it without a screenshot tour.
Paired overlay-on / overlay-off captures
For each tested page, the packet holds both axe-core result sets side by side — the same page, the same moment, with the overlay on and off. This pairing is what makes a finding defensible: it is not "your site is bad," it is "this specific rule behaved this specific way under both conditions."
Your statement quoted back
Where your site publishes a specific accessibility claim, the packet pulls that exact sentence in and places it next to the finding it relates to. The claim and the observation live in the same exhibit, so the gap — if there is one — is visible without cross-referencing.
Each capture records the UTC time it ran and a content hash of the DOM snapshot. You can show when the test ran and verify the page state at that exact moment.
A state on every finding
Held up, did not hold up, or not testable. These are observations about one run, not legal conclusions. The packet is explicit about that boundary on every page, because the value is in the evidence being clean — not in pretending it is a compliance certificate.
The OverlayRiskWitness engineering team builds the two-pass witness runner, the axe-core diff pipeline, and the Risk Packet composer. Every post is grounded in what the engine actually observes on live pages.