-
-
architecture diagram of Sentinel-AI-Remediator
Inspiration
Manual code reviews are slow, and standard security scanners only provide a list of problems without offering solutions. I wanted to build a tool that doesn't just act as a 'whistleblower' but as a 'fixer'—leveraging AI to turn complex vulnerability reports into secure, production-ready code patches instantly.
What it does
Sentinel AI Remediator is an end-to-end security suite. It uses Bandit for deep static analysis of Python code to find vulnerabilities (like CWE-78 and CWE-327). Once detected, it sends the context to OpenAI's GPT-4o mini, which generates a secure code replacement. The tool features a secure Auth0 login and allows users to export full security audit reports in PDF format.
How we built it
The backend is powered by Python and Flask. We integrated the Bandit library for auditing and the OpenAI API for the remediation engine. For the frontend, we used HTML/CSS with a focus on a clean, actionable dashboard. Security is handled via Auth0, and report generation is managed using the FPDF library.
Challenges we ran into
One major challenge was ensuring the AI didn't hallucinate or provide insecure 'fixes'. We overcame this by implementing strict prompt engineering and validation rules to ensure the generated patches follow OWASP and CWE industry standards. Integrating a smooth PDF export for complex code blocks also required significant fine-tuning.
Accomplishments that we're proud of
We are incredibly proud of building a bridge between static code analysis and real-time AI remediation. Successfully generating precise, secure code patches for complex vulnerabilities like Command Injection—without breaking the code's logic—was a major technical milestone for us.
What we learned
This project taught us how to effectively harness Large Language Models (LLMs) for cybersecurity. We gained deep insights into prompt engineering to avoid AI hallucinations, learned the intricacies of the Bandit auditing framework, and mastered secure identity management with Auth0.
What's next for Sentinel AI Remediator
The future is bright! We plan to expand Sentinel's capabilities by adding support for more programming languages like JavaScript and Java. We also aim to integrate this tool directly into CI/CD pipelines as a GitHub Action, providing developers with automated 'Security Pull Request' comments.
Log in or sign up for Devpost to join the conversation.