Flow 1: Initial Setup
Creating a publisher → uploading an extension → assigning roles.

I designed a mission-critical compliance system for a developer marketplace used by 10,000+ organizations. The redesign introduced a unified trust language, improved triage speed by 40–50%, and drove 70% certification adoption within 90 days.
Marketplace compliance had become difficult to interpret at scale. Signals were inconsistent, rules were scattered across disconnected tools, and certification status was not clearly visible at the extension level, where developers and admins needed it most.
I redesigned the compliance experience around a clearer trust model: distinct publisher and extension signals, plain-language states, automated routing, risk-based prioritization, accessible indicators, and guidance that worked across dense marketplace surfaces.
Compliance had become brittle and inconsistent, creating systemic failures across publisher verification, extension certification, admin triage, and reviewer workflows.
“With hundreds of extensions, everything looks risky. I can’t tell what to fix first.”
I partnered across PM, engineering, accessibility, legal, and compliance to ship a scalable, standards-aligned system.
I interviewed marketplace admins, engineers, PMs, and compliance reviewers to understand why trust decisions felt inconsistent, slow, and difficult to explain. Four insights shaped the redesign.
Flat, dense list: every extension looked equally risky.
Prioritized, trust-first design: high-risk items rise to the top.
I replaced legacy risk language with four plain-language states that made compliance status easier to recognize, compare, and act on across dense marketplace surfaces.
Meets all requirements.
Next steps are shown inline.
High risk. May be disabled until resolved.
Temporarily turned off as a safety fallback.
I designed a layered trust language that separated publisher identity from extension safety while still allowing both signals to read as one cohesive system across the marketplace.
Indicates whether a publisher meets verified identity and domain requirements.
Publisher identity uses a verification badge (✔︎), while extension trust uses shield-based compliance states.
These signals work together but represent different layers of trust.
Shows whether an extension has passed signing, permission, and update-safety checks.
Key decisions
“The shield makes it obvious. I know exactly what is safe.” Admin Tester
I introduced severity-based ordering so high-risk items rose to the top instead of getting buried in dense extension lists. Priority was communicated through labels, iconography, and supporting text so the system did not rely on color alone.
Compliant
Disabled
Action Required
Non-compliant
The system identifies publisher type automatically and routes users into the correct path. This made naming rules, domain verification, certification options, and trust signals more predictable across 1P and 3P publisher flows.
Compliance checks previously surfaced late in the publishing flow, creating rework, blocked approvals, and back-and-forth with reviewers. I shifted guidance earlier in the lifecycle so publishers could catch issues during authoring and pre-submission instead of discovering them after upload.
Moving checks earlier reduced late-stage rework, cut down back-and-forth, and made approvals more predictable for both publishers and reviewers.
I tested two high-friction compliance flows to evaluate comprehension, confidence, and decision-making at critical points. Sessions used scenario tasks, live observation, think-aloud feedback, and post-task reflection to identify where the model broke down.
Creating a publisher → uploading an extension → assigning roles.
Resolving issues or opting out of certification, with downstream impact checks.
Publisher vs extension certification blurred.
Copy separates publisher vs extension certification.
“Action Required” and “Non-Compliant” lacked clear outcomes.
States now show consequences and next steps.
Shield meaning unclear without labels.
Shield is paired with evergreen labels and helper text.
1P vs 3P paths felt unexpected.
Inline explanations for 1P and 3P paths.
100+ flagged extensions with no prioritization.
High-risk items surface first through severity-based ordering.
Clearer language, visible routing, labeled trust signals, and risk-first ordering reduced cognitive load and helped users make faster, more accurate decisions.
Early versions used similar trust signals for both publishers and extensions, which blurred the distinction between verified identity and extension-level compliance. High-urgency extensions also disappeared inside dense publisher lists. Through multiple rounds of testing, I separated the signal types and restructured the UI around how admins actually scan for risk.
“I can finally tell what needs action. It used to take 20+ minutes just to scan.”
“Separating publisher badges from extension shields made the model click instantly and cut our documentation overhead.”
Clarity beats control.
Clear states → faster cognition → fewer errors.
Consistent words create consistent decisions.
Embedding with engineering ensured scalability, not just polish.
Evergreen icons outperformed color-only cues for every user.
This project changed how I approach complex systems. I learned that trust at scale does not come from adding more controls; it comes from making decisions easier to understand, explain, and repeat. By designing a shared mental model instead of just another interface, we helped thousands of organizations move through compliance with more confidence.