Skip to content

bhuv1436/compliance-guard

BranchesTags

Repository files navigation

🛡️ ComplianceGuard

The security safety net for AI Coding Agents—auditing generated code before it reaches the data center.

Built with Gemini Tech Stack Status

🚨 The Problem

We have entered the era of AI Coding Agents (Cursor, Devin, Copilot). Code is being generated at superhuman speeds, often faster than humans can review it. While AI is powerful, it often "hallucinates" security vulnerabilities:

  • Hardcoding API keys for convenience.
  • Ignoring logic-based compliance rules (e.g., GDPR data leaks).
  • Importing insecure or deprecated libraries.

Humans can't review AI code fast enough. We need an automated safety layer.

💡 The Solution: ComplianceGuard

ComplianceGuard is an intelligent Pre-Commit Hook and Audit Dashboard that acts as a semantic firewall for your codebase.

It sits between the AI Agent and your repository, acting as the "Senior Engineer" that reviews every line of code for security, financial risk, and compliance before it ever gets committed.

Key Features

1. 🧠 Hybrid "Rust + Gemini" Engine

  • Rust Core (The Speed Layer): Scans thousands of lines in milliseconds using high-performance Regex to catch deterministic threats (AWS Keys, Credit Cards).
  • Gemini 3 Flash Preview (The Brain): When a complex issue is suspected, the context is sent to Gemini. It analyzes logic flows (e.g., "Is this unencrypted data transfer risky?") and provides reasoning that standard linters miss.

2. 💸 Financial Risk Assessment

Developers speak code; Stakeholders speak risk. ComplianceGuard detects a vulnerability and instantly calculates the Financial Risk (e.g., "$20M Potential GDPR Fine"). This creates immediate urgency for fixes.

3. 🎓 The "AI Mentor"

Instead of just blocking code with a generic error, ComplianceGuard explains why the code was rejected. It generates a "Micro-Lesson" with real-world examples (like the Uber hack) to teach the developer how to write secure code.

4. 👁️ Multimodal Architecture Review

Upload a whiteboard sketch of your system architecture. Gemini Vision scans the diagram for systemic flaws—like single points of failure or exposed databases—that no code scanner can see.

🚀 Quick Start (Demo)

Try the full experience locally:

Prerequisites

  • Rust (Cargo) installed
  • Node.js (v18+)
  • PowerShell (Windows)
  • Gemini API Key (Set GEMINI_API_KEY in your environment or create a .env file in the root directory)

Run the Demo Script

We have provided a one-click setup script that builds the Rust core, starts the Next.js dashboard, and initiates a test scan.

Windows (PowerShell)

.\start_demo.ps1

Mac / Linux (Bash)

chmod +x start_demo.sh
./start_demo.sh

Manual Setup

If you prefer running components manually:

  1. Run the Rust Scan:

    cargo run -- . --json --output dashboard/public/clean-data.json

  2. Start the Dashboard:

    cd dashboard
npm install
npm run dev

    Open http://localhost:3000.

🛠️ Built With

  • Core Engine: Rust (Speed & Regex)
  • AI Model: Google Gemini 3 Flash Preview (Reasoning & Vision)
  • Dashboard: Next.js 14, React, Tailwind CSS
  • Database: SQLite

About

The security safety net for AI Coding Agents auditing generated code before it reaches the repository.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages