Commerce Changeset

Landing page with login
CIBA Guardian push approval notification
Dashboard with changeset draft showing field-level diffs
Execution receipt with OBO delegation chain and SHA-256 audit hash
Living Workspace with product tile grid and intent bar

Inspiration

Commerce teams make high-stakes catalog changes daily--repricing hundreds of SKUs before a launch, toggling promos, adjusting inventory flags. One bad bulk update costs real money. I wanted to see what happens when you put Auth0's Token Vault and CIBA between an AI agent and a production spreadsheet.

What it does

You describe catalog changes in natural language or voice. An orchestrator agent breaks the request into discrete operations. A json-rules-engine assigns risk tiers (0–3). Tier 2+ writes trigger a CIBA push notification to your phone via Guardian and you approve or deny before anything writes.

The writer agent executes against Google Sheets through Token Vault. A reader agent verifies every change by reading it back. A notifier agent emails a receipt through Gmail, also via Token Vault OBO. The receipt includes per-agent delegation records, token exchange IDs, and a SHA-256 audit hash.

Every changeset is reversible. Rollbacks flow through the same policy engine, a reversed 30% price swing can escalate to Tier 3 on its own.

How we built it

Next.js 16 App Router with React 19 server components. Claude Sonnet 4 powers the orchestrator and reader agents. Writers and notifiers are deterministic--no LLM in the mutation path, so every write is reproducible.

Auth0 AI SDK (@auth0/ai-vercel) handles Token Vault integration, CIBA flows, and OBO delegation chains. The policy engine runs 7 json-rules-engine rules across 4 risk tiers, including two that factor in voice stress level and session fatigue.

Voice uses a dual-model setup: Gemini 3.1 Flash Live for conversation, Gemini 2.5 Native Audio as a silent sidecar doing affective analysis. High stress (> 0.7) or long sessions (> 60 min) automatically escalate writes to Tier 3.

Challenges we ran into

CIBA timing was the hardest part. Guardian push notifications have real-world latency, and we had to handle expiry, denial, and missing enrollment without leaving the UI stuck.

Token Vault scope configuration across Sheets read, Sheets write, and Gmail send through a single Connected Account took more iteration than expected.

Streaming PCM audio to two Gemini models simultaneously without feedback loops was tricky.

Accomplishments that we're proud of

The execution receipt pattern. Every agent action--writer, reader, notifier--gets its own delegation record with tools granted, context received, token exchange ID, operations performed, and duration. A SHA-256 hash seals the whole thing. It's a real audit trail, not a log dump.

Rollback parity. Reversed changesets run through the same policy engine as originals. Inverting a big price change can itself trigger CIBA approval. That wasn't planned and it fell out of the architecture, and it's exactly how it should work.

Deterministic writers. Keeping LLMs out of the mutation path means every write is reproducible and auditable. The orchestrator plans, the writer executes. Clean separation.

What we learned

Authorization isn't a checkbox--it's an architecture. Token Vault + CIBA + OBO chains give you a composable layer where every agent action is scoped, delegated, and auditable.

The dual-model voice pattern (conversation + silent affective analysis) opens up policy decisions that aren't possible with text-only input. Stress detection as a security signal is underexplored.

What's next for Commerce Changeset

Unit and E2E test coverage (Vitest + Playwright). Support for additional commerce backends beyond Google Sheets. A proper rollback execution UI instead of the current API-only flow. And exploring whether the execution receipt pattern generalizes into a standalone library for other agentic systems.

Bonus Blog Post

Building Trust Surfaces for AI Agents: What Token Vault Taught Us About Authorization at the Speed of Autonomy

Built With

anthropic
anthropic-claude-sdk
auth0
auth0-ciba-guardian
auth0-for-vercel
auth0-guardian
base-ui
ciba
class-variance-authority
claude
cmdk
connected-accounts
cva
eslint
gemini
gmail-api
google
google-gemini-sdk
google-sheets
google-sheets-api
husky
json-rules-engine
lint-staged
lucide-react
next-themes
next.js
next.js-16
node.js
react
react-19
react-markdown
remark-gfm
sdk
shadcn
sheets
sonner
tailwind
token-vault
vercel
vercel-ai-sdk
vitest
zod
zod-v4

Updates

Jeff Green posted an update — Apr 07, 2026 02:25 AM EDT

Thank you for coming to my project page. Hope you enjoyed Commerce Changset! If you have any questions or comments, please leave them below. You can also reach me through the GitHub link.

Log in or sign up for Devpost to join the conversation.

Jeff Green started this project — Apr 07, 2026 02:23 AM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.