AuditVault

Landing Page
Landing Page
Sign in Google Auth
Adding a Server
Dashboard with AI generated data on our system
Servers on personal dashboard
Pending instructions

Inspiration

43% of cyberattacks target small businesses, yet every security tool out there is built for enterprise teams with dedicated security staff. Small businesses, clinics, schools, and regular day people hold just as much sensitive data. But they can't afford a $50k audit or read a 40-page technical report. The problem isn't that the tools don't exist. It's that no one translated them for the people who need them most. AuditVault doesn't require you to have a PHD, it requires only a couple of seconds to understand.

What it does

One curl command on your server. 90 seconds later, you have a full security report in plain English. Our lightweight agent scans your server and sends that data to Gemini AI, which generates a 0–100 security score, prioritized issues with plain-English explanations, specific fix instructions, and an action plan. Everything a non-technical person needs to understand to protect their data.

How we built it

Frontend: React + Tailwind - dashboard, auth flow, and report viewer AI: Gemini API - structured prompt returns JSON parsed into the report UI Auth: Firebase Google Sign-In - one-click, no passwords Backend: Node.js API - receives agent data, calls Gemini, stores results Infrastructure: DigitalOcean - managed Postgres for report storage Agent: Bash script - read-only, zero persistence, self-destructs after scan

Challenges we ran into

The hardest part was the communication between the bash agent and the backend - getting the scan data to POST correctly, match to the right user token, and trigger the Gemini call in the right sequence. Firebase auth setup had its own issues with redirect flows across environments.

Accomplishments that we're proud of

Getting the full pipeline working end-to-end: from a single curl command on a real server, through the agent, Gemini API, and into a polished dashboard . The UI/UX looks and feels like a real product.

What we learned

We learned a lot about bash scripting for system introspection, token-based agent auth, and a lot of debugging and troubleshooting our code.

What's next for AuditVault

We are hoping to add more features such as: Continuous monitoring: agent runs on a schedule, alerts you when something changes Multi-server dashboard: manage 10 servers from one view Remediation guides: more detailed step-by-step fix instructions built into the report

Built With

Submitted to

HenHacks 2026

Created by

I worked on the Audit vault agent that collects security data from the server and sends it to database, as well as dynamically rendering remediation tips to the screen.

Alexander Mena
I worked on the front end mainly, working on the landing page, dashboards, and designing the Google Sign in page.

Shing Rue Lin
I worked on the backend, the user account system, database, and setting up Google authentication.

Hairum Qureshi
I worked on the installation script and the agent, as well as the hosting of the application and configuration of DigitalOcean.

Hamza Nasher-Alneam
Check out my website!

Updates

Shing Rue Lin started this project — Mar 01, 2026 10:58 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.