Rovo Compliance Guard

An AI agent for Rovo that automatically finds and redacts sensitive compliance data (PII, HIPAA) in Jira and Confluence, preventing costly security breaches.

Comment

šŸŽļø Inspiration: Speed Need-to-Know

In Formula 1, speed is everything. But speed without safety checks leads to disaster. It's the same in software development. Teams using Jira and Confluence move incredibly fast, but in regulated industries like finance, healthcare, and banking, a single mistakeā€”a piece of PII (Personally Identifiable Information) or patient data accidentally pasted into a ticketā€”can lead to massive compliance fines and data breaches.

Our inspiration was to build the safety harness for these high-speed teams. We wanted to create a tool that doesn't slow developers down but automatically protects the company from risk.

šŸ¤– What It Does: The "Rovo Compliance Guard"

Rovo Compliance Guard is an intelligent AI agent built on the Atlassian Forge platform. It gives Atlassian Rovo a critical new superpower: automated compliance auditing and remediation.

Here's how it works:

  1. A manager, developer, or compliance officer can ask Rovo: @Rovo, audit this Confluence space for PII risks.
  2. Our app's Rovo Action Module is triggered. It securely scans all pages, tickets, and comments in the specified scope.
  3. Using AI-powered pattern matching, it identifies sensitive data (Social Security numbers, credit card numbers, HIPAA-related terms, etc.).
  4. It doesn't just find problemsā€”it fixes them. The app automatically redacts the sensitive text in the ticket or page, replacing it with [REDACTED].
  5. Simultaneously, it creates a private, secure ticket in a Jira Service Management queue, tagging the Compliance team with the full details of the finding (what was found, where it was, and who posted it) for their records.

This keeps the development workflow clean and fast, while ensuring all compliance events are securely logged and handled by the right people.

šŸš€ How We Built It

We built this as a Forge-native app to ensure it's secure and scalable. The core of the project is the Rovo Action Module. This allowed us to "teach" Rovo a new skill, moving it from a passive chatbot to an active agent that can perform complex, multi-step tasks (scan, identify, redact, create ticket).

The backend logic runs on Forge's serverless platform, listening for webhooks and processing the content. The frontend (for configuration) is built using the Forge UI Kit.

šŸ Challenges We Faced & What We Learned

Our biggest challenge was precision. We needed to avoid "false positives" (redacting text that wasn't sensitive) while ensuring we never missed a real piece of PII. This required fine-tuning our detection logic.

Building with Rovo Agents taught us the next-generation of app development. It's not just about building UIs; it's about building skills for AI to use. This hackathon was a fantastic hands-on experience with the future of Atlassian's AI platform.

Built With

  • atlassian-forge
  • confluence-api
  • forge
  • jira-api
  • jira-service-management-api
  • node.js
  • rovo
  • rovo-action-modules
  • rovo-agents
  • typescript
  • ui
Share this project:

Updates