ISSCA Learning Centre — Feedback Audit Report

Target: https://dev.issca.com (authenticated course-delivery platform) Method: Live browser drive (Playwright + headless Chromium 1.59), desktop 1440×900 and mobile 390×844, light + dark themes. 35 screenshots, full DOM/console/network capture on every route. Account: admin@issca.com (Student + Admin surfaces). Date: 27 Jun 2026. Stack detected: Next.js + NextAuth/authjs v5 (__Secure-authjs.session-token).

Evidence note: the inline PDF uses the browser-native PDFium viewer, which does not render in headless Chromium — every "blank PDF box" in a screenshot is a capture artifact, not a platform bug. The PDF file itself was verified over HTTP (200, application/pdf, 31 KB). Findings that depend on PDF rendering are flagged as such.

1. Executive summary

ISSCA Learning Centre is a clean, well-built, low-defect course platform. The core learning loop — enrol → watch video → take private notes → track progress → earn a verifiable certificate — works end to end and is visually polished. Engineering hygiene is genuinely strong: zero console errors and zero 4xx/5xx network failures on every page tested, proper auth gating with callbackUrl, and a responsive layout with no horizontal scroll at 390px anywhere.

The gaps are completeness and communication, not stability. Two of three lesson types are unfinished ("Reading coming soon", "Assessment coming soon"), so a certification product currently cannot assess or certify competence through the platform. Logout is a dead control. And the stakeholder's #1 ask — a moderated comment/community layer — does not exist at all; the only communication surface is private, single-user Notes.

Health score: 68 / 100. Polished, stable core (+), but a certification platform that can't run a quiz, can't log you out, and can't let two clinicians talk to each other is materially incomplete.

Top 5 blockers / high-severity

1. Logout does nothing — "Sign out" fires no request, clears no session cookie, no redirect; the session stays valid. Security/shared-device risk on a paid product. (B1)
2. No assessment engine — the "Final Quiz" is a "Assessment coming soon" placeholder. A certification cannot be earned by demonstrated competence. (B2)
3. No public communication layer — stakeholder P0. Only private Notes exist; no comments, threads, moderation, reactions, or DMs. (I4 / Known #5)
4. Reading lessons are empty — every non-video "Reading" lesson renders "Reading coming soon". A large share of curriculum has no content. (B3)
5. No completion gating / prerequisites / passing grade — any lesson is freely reachable; certificates are not tied to passing anything, weakening credential integrity. (Feature gap)

Top 5 quick wins (≤ ~1 day each)

1. Wire signOut() — one-handler fix; restores logout + redirect. (B1)
2. Replace the bare top-right ✕ with a labelled menu (hamburger → Exit / Course outline / Profile / Sign out). Reuses the drawer pattern already built for the mobile dashboard. (Known #1)
3. Promote the mobile "Course content" trigger from a grey breadcrumb to a real button (filled/bordered, list icon, "Course outline · 51 lessons"). (Known #2)
4. Reveal the note-delete button without hover (always-visible low-emphasis icon) so it's reachable on touch, and add a confirm/undo. (B4)
5. Replace placeholder PDF content (git_vps_cheatsheet_ru.pdf inside a peptide lesson) and cap note height with a "show more" clamp. (B6 / I7)

2. Broken / incomplete-interaction log

Note: B2/B3 are well-designed empty states (icon + heading + subtext), so they read as "intentionally unfinished" rather than crashed — good hygiene, but functionally absent.

3. Feature-gap matrix — ISSCA vs. 100-feature / 10-platform benchmark

Scored live against the evidence brief by 10 independent agents (one per competitor), one consistent rubric. "Partial" almost always means foundation present, completion pending (e.g. certificates issue with serial + Verified badge + PDF, but aren't grade-gated or template-customisable) — so ISSCA is meaningfully further along than the raw Missing count implies. Enterprise/LMS-bloat that does not fit a niche paid clinical-cert business (SCORM/xAPI/cmi5, multi-tenant sub-portals, content marketplaces, website/funnel builders, native checkout) is scored N/A by design, not as a deficiency.

Coverage: 2 Present · 18 Partial · 61 Missing · 19 N/A (of 100). Priority of gaps: 13 P0 · 17 P1 · 35 P2 · 17 P3.

3.1 P0 community/communication roll-up (stakeholder-weighted items)

Per stakeholder weighting, these map directly to the P0 community/comments ask. 18 of 18 weighted items are Missing/Partial — confirming the communication layer is the single biggest gap.

3.2 Full 100-feature matrix

Teachable

Thinkific

Kajabi

LearnWorlds

Podia

LearnDash

TalentLMS

Docebo

Moodle

Circle

3a. P0 build spec — moderated comments / community layer

Stakeholder's #1 priority ("communication is key"). All 18 weighted benchmark items (9, 10, 12–16, 25, 43–44, 49, 73, 91–96) are Missing/Partial today. This is the spec to close them.

Placement (works with the player that exists today)

The lesson player already has a center column (video → Resources/PDF) and a right-hand Notes panel (textarea + list, max-h≈44vh). Add discussion without a redesign:

• Desktop: turn the right panel header into tabs — Notes (private) · Discussion (public) — each with a count badge. Notes stays exactly as-is; Discussion renders the thread in the same column. Add a "Expand" affordance that widens Discussion into a full-width section below Resources for long threads.
• Mobile: the right panel already stacks below content; surface the same Notes · Discussion tab strip there. This also fixes the "notes buried under the PDF" problem by giving the panel a clear, compact header.
• Why tabs (not a separate page): keeps the conversation in the lesson context, reuses the panel chrome already built, and lets a clinician switch between a private note and a public question without losing their place.

Data model (Next.js + authjs v5 + Prisma/Postgres — matches the cuid2 IDs already in use)

Comment        id, lessonId, courseId, authorId, parentId(nullable→thread),
               body(text, escaped), isInstructorReply(bool), status(visible|hidden|flagged|deleted),
               editedAt, createdAt, updatedAt
Reaction       id, commentId, userId, type(like|insightful|...)   // unique(commentId,userId,type)
Mention        id, commentId, mentionedUserId                      // drives notifications
Flag           id, commentId, reporterId, reason, resolvedBy, createdAt

Reuse the existing User/role and Lesson/Course relations. Server actions for create/edit/delete/react/flag; revalidate the lesson path. Escape on render (Notes already does this correctly — reuse it).

Scope

v1 (ship first): threaded comments per lesson · instructor/moderator reply (visually badged) · like reaction · sort (Newest / Top) · edit + soft-delete own comment · moderator hide/restore + delete any · empty state · count badge. Open to any enrolled user (the paying audience), gated by the same auth that gates the lesson. v2: @mentions + notifications · multiple reaction types · report/flag queue in /admin · pin a comment · per-course "Discussion" digest email · resolved/answered marking for Q&A.

Build vs. integrate — recommendation: BUILD natively

For a niche, paid, clinical audience where moderation, data ownership, and a single seamless identity matter, native wins. The app already has the identity, the per-lesson context, the DB, and the escaping pattern — the marginal cost over Notes is small. Use a hosted option (Circle) only if a broader community hub (events, spaces, DMs — items 91–96) becomes a strategic product in its own right; then run it alongside, not instead of, native lesson comments.

Benchmark items this closes

Directly: 9 (lesson comments/messaging), 25 (built-in community), 43–44 (gated community + member chat — partial via threads/DMs in v2), 49 (topic spaces — per-course), 73 (social learning / Q&A), 91–96 (Circle-class community — v1 covers comments+reactions+moderation; events/streams/DMs are v2/strategic).

4. Interface-adjustment list (annotated, before → after)

Each item names the element, states the problem in one line, gives the fix.

1. Lesson top-right ✕ ("Exit to dashboard") — Problem: a bare ✕ is the universal "close/dismiss" affordance, not "open navigation"; there is no general menu in the lesson view. Fix: replace with a hamburger that opens a menu (Course outline · Exit to dashboard · Profile · Sign out); keep an explicit "Exit" item inside it. Reuse the dashboard's existing slide-in drawer. (Known #1 — 11,30,21)
2. Mobile "Course content · 0%" trigger — Problem: styled as passive grey breadcrumb text with a tiny right chevron; users don't realise it opens all 51 lessons. Fix: make it a real button — bordered/filled, list icon, label "Course outline · 51 lessons", sticky under the header. (Known #2 — 30,31)
3. Inline PDF viewer (native iframe, 72vh) — Problem: delegates to the browser's PDFium viewer → uncontrolled internal zoom/horizontal-scroll on narrow screens, and reserves a tall empty band that buries Notes on mobile. Fix: render with PDF.js fit-to-width, lock the PDF pane to its own scroll, collapse to a thumbnail/"Open PDF" until requested. (Known #3 — 11,32)
4. Notes vs. Comments — Problem: the only communication channel is private Notes; clinicians can't talk to faculty or each other. Fix: add a "Notes | Discussion" tabbed panel (spec in §3a) — threaded, moderated comments. (Known #5 — P0)
5. Note delete (hover-only) + no edit + no clamp — Problem: trash icon hidden until hover (no touch), destructive with no undo, no edit, and long notes grow unbounded. Fix: always-visible low-emphasis delete with undo toast; inline edit; clamp long notes with "show more". (B4/B5/I7 — 42,41)
6. Dark-mode note contrast & top-bar progress hairline — Problem: note rows/Add-note button wash out in dark; the progress track is an unlabeled faint line. Fix: invert note surfaces via theme tokens; label progress with % and raise fill contrast. (B8/B9 — 22,11)
7. "Student" vs "Admin" role pill — Observed, not a bug: the pill is contextual (Student on /dashboard, Admin on /admin). No change needed; documented to prevent a false report.

5. Confirmed known-issues table (Part F)

6. Prioritised roadmap

P0 — communication & integrity (do first)

• Threaded, moderated Comments per lesson (Notes|Discussion tabs): replies, likes/reactions, sort, @mentions, edit/delete, moderator hide/report. — L (Known #5; maps to benchmark 9, 25, 43–44, 49, 73, 91–96)
• Fix logout (signOut wiring). — S (B1)
• Assessment engine (MC/short-answer, auto-grade, passing grade) + certificate tied to a pass. — L (B2; benchmark 3, 53–54, 58)

P1 — finish the product

• Reading/rich-text lesson renderer; hide or label empty lessons. — M (B3)
• Completion gating / prerequisites (require pass/complete before next). — M (benchmark 5, 24, 56, 87)
• Lesson hamburger menu + mobile "Course outline" button. — S (Known #1, #2)
• PDF.js fit-to-width viewer + scroll-isolation/lazy-open. — M (Known #3/#4)
• Note edit + touch-reachable delete with undo + clamp. — S (B4/B5/I7)

P2 — polish & growth

• Dark-mode note contrast; top-bar progress label; pin video locale; replace placeholder PDFs/serials. — S (B6–B9)
• In-course search; transcripts/caption controls; survey/feedback lesson type; drip scheduling; per-student admin analytics; certificate templates. — M (benchmark 5–6, 16, 35, 99)

7. Artifacts

All screenshots in qa-audit/shots/; raw DOM/console/network captures in qa-audit/data/. Key files by finding:

Visual evidence — all 35 screenshots

Click any image to open full size. Captured live, desktop 1440 + mobile 390, light + dark.