Inspiration

Traditional cloud-based DevSecOps platforms compromise data privacy by requiring entrepreneurs to upload proprietary codebases and sensitive credentials to third-party servers. Overloaded with passive alert dashboards, security teams suffer from monitoring fatigue. Inspired by sovereign cloud infrastructure, we built an environment where the repository security lifecycle is fully autonomous, private, and action-oriented—alerting developers where they actually collaborate: their native mobile messaging channels.

What it does

InnerSpark DevSecOps Swarm is an autonomous, sovereign multi-agent infrastructure that intercepts GitLab repository events in real time to run localized security audits.

  • Real-Time Hook Interception: It captures push, merge request, and issue events via secure reverse proxies, processing data strictly within self-hosted hardware.
  • GitLab Orbit Integration: Instead of standard parsing, it invokes the local native GitLab CLI (glab) to query GitLab's repository graph and dynamically extract file-level diffs.
  • Sovereign Threat Mitigation: Localized AI agents audit the code for credentials exposure or SQL injections, delivering immediate, actionable vulnerability reports to the administrator's WhatsApp device via the Evolution API.

How we built it

The architecture is engineered for strict data privacy and zero-friction alerting:

  1. Event & Core Layer: Built using Python 3.10 and FastAPI to expose highly performant webhooks and an asynchronous Server-Sent Events (SSE) telemetry pipeline.
  2. GitLab CLI & API Gateway: Integrated natively with the /home/rlopez/projects/gitlab-transcend/bin/glab binary, mapping remote repository structures back to the local engine.
  3. Sovereign Inference Engine: Powered by private server hardware running a self-hosted qwen2.5:14b model via Ollama, utilizing precise system prompt pinning for deterministic vulnerability detection.
  4. Mobile Bridge Layer: Managed through a dedicated connection with the Evolution API, translating raw AI JSON analysis into markdown-formatted mobile notifications.

Challenges we ran into

We faced severe context drift and environment amnesia when managing multi-workspace sessions on remote nodes from different development interfaces. The agent occasionally defaulted execution scripts back to the client host instead of our remote target server (192.168.1.4). We solved this by engineering an absolute routing matrix using dynamic headers detection (window.location.origin) and a sovereign anchor state engine (.ai_state.json) to enforce Dinamic Host Routing, completely neutralizing network asymmetry over public tunnels.

Accomplishments that we're proud of

We successfully closed the loop on data-sovereign code auditing. We established an asynchronous multi-threaded system where a real GitLab Cloud push event automatically triggers an isolated local inference session on a heavy 14B model, resulting in an instant, highly detailed threat evaluation delivered directly to a mobile device—all while keeping the source code 100% private.

What we learned

We deeply explored event-driven asynchronous agentic frameworks. We proved that for critical tasks like DevSecOps, deploying highly structured inference profiles with micro-context constraints via local SLMs yields faster execution, fewer hallucinations, and superior cost efficiency compared to relying on bloated, cloud-dependent commercial LLM APIs.

What's next for InnerSpark DevSecOps Swarm

The next milestone is optimization and infrastructure scaling. We are prepping the local codebase to offload mass-scale analytical telemetry workloads to enterprise-grade cluster topologies. Our main target is optimizing our sovereign agent communication protocols to run natively on high-throughput private clusters using AMD Instinct™ accelerators via vLLM and ROCm software stacks.


🔗 Project Access Links

Built With

  • api
  • asynchronous
  • docker
  • evolution
  • fastapi
  • gitlab
  • i/o
  • playwright
  • python
  • webhooks
Share this project:

Updates