Compliance evidence collector

EvidenceBot gathers the related artifacts and assembles them into a tamper-evident bundle as your personalized compliance evidence collector (powered by Composio's AI).

Comment

Inspiration

Incident response and compliance audits require reliable, auditable collections of evidence. Teams waste hours gathering scattered logs, PR diffs, chat threads and transcripts after incidents. EvidenceBot uses LLM-driven automation and authenticated tool access to assemble tamper-evident evidence bundles so teams can move faster and reduce post-incident friction.

What it does

  • Connects to user-scoped tools (GitHub, Slack, PagerDuty, Drive) via Composio.
  • Listens to triggers (commits, alerts, messages) and normalizes events.
  • Collects artifacts (diffs, logs, threads, files) using authenticated tool calls or proxy requests.
  • Assembles a signed evidence bundle (manifest + ZIP + HMAC) and stores it securely.
  • Presents a polished UI for onboarding, incident review, artifact preview, and bundle download.

How we built it

  • Frontend: React + Vite + TypeScript + Tailwind for a clean, startup-grade UI.
  • Backend: Node.js + TypeScript, modular services for Composio integration, webhook handling, worker queue, collector and assembler jobs.
  • Storage & DB (demo): JSON-backed local persistence; recommended production stack is Supabase (free tier) for Postgres + Storage.
  • Local dev: mock Composio implementation to iterate without real credentials; demo seed data and simple worker loop for end-to-end flow.

Challenges we ran into

  • Securely handling per-user OAuth flows while keeping the demo friction low; solved with Composio and a mock mode.
  • Normalizing heterogeneous trigger payloads into a canonical event model for consistent downstream processing.
  • Managing large artifacts and file transfers; demo uses inline storage but production needs streaming and retention policies.

Accomplishments that we're proud of

  • End-to-end demoable flow: onboarding, webhook ingestion, artifact collection and evidence storage in demo mode.
  • Robust Composio wrapper with a mock implementation enabling rapid development and safe demos.
  • Clean, minimal API and job worker design that can be extended to production services (Supabase/S3, Redis, background workers).

What we learned

  • Composable tool-auth layers (Composio) dramatically reduce integration complexity and security surface for agentic actions.
  • Building strong normalization early prevents downstream edge cases and simplifies templates for artifact collection.
  • Demo-mode mocks are essential to iterate on UI/UX and stakeholder demos before provisioning cloud resources.

What's next for Compliance Evidence Collector

  • Implement assembler: manifest generation, zip creation, HMAC signing, and presigned download endpoints.
  • Replace local JSON persistence with Supabase Postgres + Storage and add RBAC and audit logs.
  • Add additional connectors (Datadog/CloudWatch via proxy, Google Drive transcripts) and improve large file streaming.
  • Harden security: token rotation, least-privilege scopes, audit search and evidence retention policies.
  • Complete frontend demo: ConnectCard, dashboard, event detail with artifact previews and signature verification.

Built With

Share this project:

Updates