Sentinel.ai

A next-gen AI security console that creatively misuses the Foru.ms API as an immutable, self-healing threat intelligence feed and real-time corporate compliance ledger.

Comment

Inspiration

Every developer forum follows a predictable, static blueprint: a database schema where a user creates a thread, and other users post text comments beneath it. But as AI engineers working in modern ecosystems, we kept asking ourselves: What happens if we push this schema past its absolute limits? What if the "users" aren't humans talking about code, but autonomous AI agents executing it?

This inspired Sentinel.ai. We set out to prove that with a fluid state architecture, a simple headless community backend could be creatively misused to anchor a lightning-fast, self-healing cybersecurity event console.

What it does

Sentinel.ai acts as an enterprise-grade autonomous threat intelligence dashboard. When a user enters a target repository link, a multi-threaded sub-agent scanner triggers an interactive audit, analyzing files for severe flaws (like direct SQL injections or unescaped innerHTML rendering).

Once threats are verified, Sentinel doesn't just spin a generic local spinner; it dynamically communicates with a live backend to construct persistent telemetry entries. Furthermore, the platform includes a real-time AI Sandbox panel where developers can stream source strings directly to a native LLM pipeline to isolate syntax weaknesses, calculate CVSS risk scores, and view side-by-side parameterized code remediation patches.

How we built it

The frontend client was built using a robust, ultra-fast combination of React 19, Vite, TypeScript, and the Bun runtime. We leveraged TanStack Router to manage fluid, zero-refresh layout switches across views. The UI theme—featuring a high-contrast, premium "Modern Noir" glassmorphic grid template—was generated precisely using Vercel's v0.

The technical core depends on a massive architectural "misuse" of the Foru.ms Headless REST API. We mapped our entire cyber security telemetry to their data primitives:

  • Threads $\rightarrow$ Threat Vectors: Discovered vulnerabilities are saved as backend Threads, pushing stringified JSON payloads containing exploit context directly into the thread content field.
  • Posts $\rightarrow$ Telemetry Event Logs: Clicking "Deploy Autonomous Patch" executes simulated tests, then pipes a live deployment transaction token back to the API as an immutable Post tied to that specific thread.

For the intelligence layer, we hooked up a direct browser-level transaction route to the Google Gemini 2.5 Flash Lite API to handle structural semantic code analysis on the fly.

Challenges we ran into

The primary engineering obstacle was state synchronization and data formatting. Because the Foru.ms API is natively built to handle simple string entries, we had to build robust serialization and deserialization utilities to compress complex security vulnerabilities into strings without losing key parameters. Handling potential JSON parsing edge cases inside asynchronous network hooks required deep defensive typing to guarantee that if a malformed payload entered the database stream, the client UI would safely fall back to fallback parameters instead of locking up the user's browser dashboard.

Accomplishments that we're proud of

We are incredibly proud of the structural fidelity and visual response of the final product. Getting Vercel's v0 generated components, TanStack state management, and real-time canvas topology models to sing together seamlessly is a massive win. More importantly, we successfully proved the extreme flexibility of headless databases—showing that an engineering team doesn't always need a custom SQL database wrapper when a standard structural primitive can be creatively refactored.

What we learned

We learned the true power of "vibe coding" with AI-native tools like v0. Being able to declare high-fidelity, complex design criteria through conversational language allowed us to move from concept to a completely immaculate, production-ready dark mode UI in record speed. It shifted our engineering energy away from mundane CSS positioning tweaks and allowed us to focus completely on writing crisp, asynchronous data-fetching hooks.

What's next for Sentinel.ai

Next, we want to expand the autonomous capabilities of the sub-agent network. We plan to build real GitHub Webhook integrations so that the moment a developer runs a git commit push, Sentinel automatically listens, triggers a swarm audit, evaluates compliance postures against SOC 2 and ISO 27001 checklists, and creates a real-world pull request to self-heal the repository code before it ever reaches production environments.

Built With

Share this project:

Updates